upsss

2

upsss

offline
  • Pridružio: 27 Jun 2009
  • Poruke: 525
  • Gde živiš: Prijepolje-Srbija

Ikonica mozille na desktopu je i dalje bleda.
U start meniju i dalje stoje duple ikonice od IE i Chroma (mada sam u medjuvremenu opet instalirao chrom pa sad ne znam koja je viska)



mada neke druge simptome ja ne primecujem... al ne znam dal se iza toga krije neki drugi veci bezbednosni problem :/

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
C:\Users\Mx2qi7\AppData\Roaming\SPI
C:\Users\Mx2qi7\AppData\Local\Chromium
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

----------------------------------

Arrow Postavi novi FRST i Addition log.

offline
  • Pridružio: 27 Jun 2009
  • Poruke: 525
  • Gde živiš: Prijepolje-Srbija

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-11-2016
Ran by Mx2qi7 (29-11-2016 10:26:40) Run:2
Running from C:\Users\Mx2qi7\Desktop\New folder (2)
Loaded Profiles: Mx2qi7 (Available Profiles: Mx2qi7)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
C:\Users\Mx2qi7\AppData\Roaming\SPI
C:\Users\Mx2qi7\AppData\Local\Chromium
EmptyTemp:
*****************

Restore point was successfully created.
"C:\Users\Mx2qi7\AppData\Roaming\SPI" => not found.
C:\Users\Mx2qi7\AppData\Local\Chromium => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24372866 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 1250833 B
Edge => 0 B
Chrome => 307436407 B
Firefox => 375688663 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 3194 B
NetworkService => 0 B
Mx2qi7 => 14448723 B

RecycleBin => 0 B
EmptyTemp: => 701.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:27:32 ====
https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2016
Ran by Mx2qi7 (administrator) on KIKICOMI (29-11-2016 10:33:35)
Running from C:\Users\Mx2qi7\Desktop\New folder (2)\FRST-OlderVersion
Loaded Profiles: Mx2qi7 (Available Profiles: Mx2qi7)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(McAfee, Inc.) C:\Praogram Files\TrueKey\McAfee.TrueKey.Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Dell) C:\Users\Mx2qi7\AppData\Local\Apps\2.0\O6PXON18.5NK\7WJ3YK4K.BRR\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(AB Team) C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13915888 2016-11-22] (Zemana Ltd.)
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-28] (ABBYY Production LLC)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-17] (AVAST Software)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2015-07-23] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [EaseUS Cleanup] => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.9\bin\CleanUpUI.exe" 10 300
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132736 2013-09-04] (Qualcomm®Atheros®)
HKU\S-1-5-21-2226422450-3240431047-2392391502-1001\...\Run: [uTorrent] => C:\Users\Mx2qi7\AppData\Roaming\uTorrent\uTorrent.exe [1693024 2015-08-01] (BitTorrent Inc.)
HKU\S-1-5-21-2226422450-3240431047-2392391502-1001\...\Run: [DellSystemDetect] => C:\Users\Mx2qi7\AppData\Local\Apps\2.0\O6PXON18.5NK\7WJ3YK4K.BRR\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe [276776 2015-01-30] (Dell)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-30] (AVAST Software)
Startup: C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-03-25]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{1C92EB8A-175B-4E9D-975A-480752D00D66}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2226422450-3240431047-2392391502-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKU\S-1-5-21-2226422450-3240431047-2392391502-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2226422450-3240431047-2392391502-1001 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2226422450-3240431047-2392391502-1001 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-26] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-26] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-26] (Oracle Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security)

FireFox:
========
FF DefaultProfile: 3jqdq9h0.default
FF ProfilePath: C:\Users\Mx2qi7\AppData\Roaming\Mozilla\Firefox\Profiles\3jqdq9h0.default [2016-11-29]
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\3jqdq9h0.default -> hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\3jqdq9h0.default -> Avast Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\3jqdq9h0.default -> Avast Search
FF Keyword.URL: Mozilla\Firefox\Profiles\3jqdq9h0.default -> hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF SearchPlugin: C:\Users\Mx2qi7\AppData\Roaming\Mozilla\Firefox\Profiles\3jqdq9h0.default\searchplugins\avast-search.xml [2016-08-30]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-30]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-30]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2226422450-3240431047-2392391502-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mx2qi7\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-13] (Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default [2016-11-29]
CHR Extension: (Google Slides) - C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-27]
CHR Extension: (Google Docs) - C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-27]
CHR Extension: (Google Drive) - C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-27]
CHR Extension: (YouTube) - C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-27]
CHR Extension: (Avast SafePrice) - C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-27]
CHR Extension: (Google Sheets) - C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-27]
CHR Extension: (Google Docs Offline) - C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-27]
CHR Extension: (Avast Online Security) - C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-27]
CHR Extension: (Gmail) - C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-27]
CHR Extension: (Chrome Media Router) - C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-09-04] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-30] (AVAST Software)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [990656 2016-10-28] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-10-28] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-10-28] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13915888 2016-11-22] (Zemana Ltd.)
S2 0133851480343226mcinstcleanup; C:\Windows\TEMP\013385~1.EXE -cleanup -nolog [X]
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
S2 Update Fact Fire; "C:\Program Files (x86)\Fact Fire\updateFactFire.exe" [X]
S2 Util Fact Fire; "C:\Program Files (x86)\Fact Fire\bin\utilFactFire.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-12-15] (Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [19456 2014-04-14] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-03-28] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-03-28] (LG Electronics Inc.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-14] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-04] (Qualcomm Atheros)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-11-22] (Synaptics Incorporated)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [132120 2016-11-21] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-11-27] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-11-27] (Zemana Ltd.)
S3 andnetndis; \SystemRoot\system32\DRIVERS\lgandnetndis64.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-29 10:30 - 2016-11-29 10:30 - 00000000 ___RD C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-11-29 10:24 - 2016-11-29 10:27 - 00000000 ____D C:\Users\Mx2qi7\Desktop\New folder (2)
2016-11-27 18:13 - 2016-11-27 18:13 - 00002291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-27 18:13 - 2016-11-27 18:13 - 00002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-27 18:12 - 2016-11-29 10:29 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-27 18:12 - 2016-11-29 10:17 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-27 18:12 - 2016-11-27 18:12 - 00003888 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-11-27 18:12 - 2016-11-27 18:12 - 00003652 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-11-27 18:11 - 2016-11-27 18:11 - 01065376 _____ (Google Inc.) C:\Users\Mx2qi7\Downloads\ChromeSetup.exe
2016-11-27 17:23 - 2016-11-27 17:23 - 00004643 _____ C:\Users\Mx2qi7\Desktop\2016.11.27-17.08.05-i0-t92-d10.txt
2016-11-27 17:07 - 2016-11-29 10:34 - 00045161 _____ C:\Windows\ZAM.krnl.trace
2016-11-27 17:07 - 2016-11-29 10:34 - 00016702 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-11-27 17:07 - 2016-11-27 17:07 - 05431336 _____ ( ) C:\Users\Mx2qi7\Downloads\Zemana.AntiMalware.Setup.exe
2016-11-27 17:07 - 2016-11-27 17:07 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2016-11-27 17:07 - 2016-11-27 17:07 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2016-11-27 17:07 - 2016-11-27 17:07 - 00001164 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-11-27 17:07 - 2016-11-27 17:07 - 00000000 ____D C:\Users\Mx2qi7\AppData\Local\Zemana
2016-11-27 17:07 - 2016-11-27 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-11-27 17:07 - 2016-11-27 17:07 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-11-26 22:15 - 2016-11-26 22:17 - 00000000 ____D C:\Users\Mx2qi7\Downloads\FRST
2016-11-26 22:06 - 2016-11-26 22:06 - 00027997 _____ C:\Users\Mx2qi7\Desktop\bookmarks.html
2016-11-26 21:02 - 2016-11-26 21:02 - 00039962 _____ C:\Users\Mx2qi7\Desktop\Addition.txt
2016-11-26 21:00 - 2016-11-26 21:01 - 00039959 _____ C:\Users\Mx2qi7\Downloads\Addition.txt
2016-11-26 20:58 - 2016-11-26 20:58 - 02412032 _____ (Farbar) C:\Users\Mx2qi7\Downloads\FRST64(1).exe.part
2016-11-26 19:51 - 2016-11-26 19:51 - 00015305 _____ C:\Users\Mx2qi7\Desktop\AdwCleaner[C0].txt
2016-11-26 19:30 - 2016-11-26 19:39 - 00000000 ____D C:\AdwCleaner
2016-11-26 19:29 - 2016-11-26 19:29 - 03910208 _____ C:\Users\Mx2qi7\Desktop\AdwCleaner.exe
2016-11-26 18:52 - 2016-11-29 10:33 - 00000000 ____D C:\FRST
2016-11-26 18:52 - 2016-11-26 21:01 - 00026074 _____ C:\Users\Mx2qi7\Downloads\FRST.txt
2016-11-26 18:24 - 2016-11-26 18:24 - 00002039 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Аvаst SаfеZone Browsеr.lnk
2016-11-26 18:24 - 2016-11-26 18:24 - 00001463 ____N C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Еxрlоrer.lnk
2016-11-26 18:24 - 2016-11-26 18:24 - 00001184 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gоogle Сhrоmе.lnk
2016-11-26 18:24 - 2016-11-26 18:24 - 00001169 ____N C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gооgle Chrome.lnk
2016-11-26 18:14 - 2016-11-26 18:14 - 00000000 _____ C:\Windows\BcdLog.txt
2016-11-26 18:09 - 2016-11-26 18:09 - 00000000 ____D C:\Program Files (x86)\EaseUS
2016-11-26 18:07 - 2016-11-26 18:08 - 53242944 _____ (EaseUS ) C:\Users\Mx2qi7\Downloads\epm_trial.exe
2016-11-26 17:58 - 2016-11-26 17:58 - 08578600 _____ (Piriform Ltd) C:\Users\Mx2qi7\Downloads\ccsetup524pro.exe
2016-11-26 17:58 - 2016-11-26 17:58 - 00000000 ____D C:\Users\Mx2qi7\.oracle_jre_usage
2016-11-26 17:14 - 2016-11-26 17:14 - 00000000 ____D C:\Users\Mx2qi7\VirtualBox VMs
2016-11-26 17:09 - 2016-11-26 17:11 - 123014112 _____ (Oracle Corporation) C:\Users\Mx2qi7\Downloads\VirtualBox-5.1.10-112026-Win.exe
2016-11-22 17:51 - 2016-11-25 16:36 - 00009860 _____ C:\Users\Mx2qi7\Documents\igrica.xlsx
2016-11-21 17:44 - 2016-11-21 17:44 - 00206416 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2016-11-21 17:44 - 2016-11-21 17:44 - 00132120 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2016-11-04 18:01 - 2016-11-04 18:01 - 00002109 _____ C:\Users\Mx2qi7\Desktop\Popcorn-Time.lnk
2016-11-04 17:58 - 2016-11-04 17:58 - 00000000 ____D C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn-Time
2016-11-04 17:57 - 2016-11-04 18:01 - 00000000 ____D C:\Users\Mx2qi7\AppData\Local\Popcorn-Time
2016-11-04 17:55 - 2016-11-04 17:56 - 61757061 _____ (Popcorn Time) C:\Users\Mx2qi7\Downloads\Popcorn-Time-0.3.10-Setup.exe
2016-11-04 17:48 - 2016-11-04 17:48 - 00000000 ____D C:\Users\Mx2qi7\AppData\Local\dummy.txt
2016-11-03 22:05 - 2016-10-30 18:50 - 209778720 _____ C:\Users\Mx2qi7\Desktop\Quantico.S01E14.720p.HDTV.x265.ShAaNiG.mkv
2016-11-03 22:04 - 2016-10-30 18:47 - 209777017 _____ C:\Users\Mx2qi7\Desktop\Quantico.S01E13.720p.HDTV.x265.ShAaNiG.mkv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-29 10:31 - 2015-03-01 21:04 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-29 10:28 - 2016-09-26 12:14 - 00000000 ____D C:\Program Files\TrueKey
2016-11-29 10:28 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-29 10:03 - 2015-01-30 21:54 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2226422450-3240431047-2392391502-1001
2016-11-28 15:27 - 2016-09-26 12:25 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2016-11-28 15:24 - 2016-05-16 10:17 - 00002309 _____ C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-27 19:52 - 2016-04-09 16:25 - 00001516 ____H C:\Users\Mx2qi7\Desktop\Firefox - Mozilla.lnk
2016-11-27 18:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-11-27 18:13 - 2015-01-30 21:59 - 00000000 ____D C:\Users\Mx2qi7\AppData\Local\Google
2016-11-27 18:13 - 2015-01-30 21:59 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-27 17:08 - 2015-01-30 21:48 - 00000000 ____D C:\Users\Mx2qi7
2016-11-26 22:19 - 2015-11-20 16:30 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-11-26 22:19 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-11-26 22:17 - 2015-03-09 15:44 - 00000000 ____D C:\Users\Mx2qi7\AppData\LocalLow\Temp
2016-11-26 22:16 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-11-26 19:39 - 2015-11-18 12:56 - 00000000 ____D C:\Windows\system32\log
2016-11-26 19:39 - 2015-01-30 21:49 - 00001003 _____ C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-26 19:30 - 2015-01-30 21:52 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-26 18:25 - 2015-02-08 00:18 - 00000000 ____D C:\Users\Mx2qi7\AppData\Local\CrashDumps
2016-11-26 18:16 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-11-26 18:01 - 2015-04-01 13:34 - 00000000 ____D C:\Windows\Minidump
2016-11-26 18:01 - 2015-03-10 18:20 - 00000000 ____D C:\Program Files (x86)\ABBYY FineReader 11
2016-11-26 18:01 - 2015-03-10 17:01 - 00000000 ____D C:\Users\Mx2qi7\AppData\Roaming\uTorrent
2016-11-26 18:01 - 2015-01-31 06:32 - 00000000 ____D C:\Windows\Panther
2016-11-26 18:00 - 2015-08-08 22:58 - 00000000 ____D C:\ProgramData\MCShield
2016-11-22 20:31 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-22 20:31 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-11-09 16:45 - 2015-01-30 23:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-08 18:31 - 2015-03-01 21:04 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 18:31 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 18:31 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-04 10:51 - 2016-09-26 12:24 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-11-03 22:07 - 2016-09-13 20:27 - 00000000 ____D C:\Users\Mx2qi7\Desktop\Subs
2016-10-30 19:39 - 2015-03-28 20:58 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-10-30 18:10 - 2016-09-26 12:14 - 00000000 ____D C:\ProgramData\McAfee

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\SIntf16.dll
C:\Windows\SysWOW64\SIntf32.dll
C:\Windows\SysWOW64\SIntfNT.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-11-26 20:18

==================== End of FRST.txt ============================

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
C:\Users\Mx2qi7\AppData\Roaming\Browsers\exe.erolpxei.bat
C:\Users\Mx2qi7\AppData\Roaming\Browsers\exe.emorhc.bat
C:\Users\Mx2qi7\AppData\Roaming\Browsers\exe.rehcnual.bat
C:\Users\Mx2qi7\AppData\Roaming\Browsers\exe.xoferif.bat
Folder:C:\Users\Mx2qi7\AppData\Roaming\Browsers
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 27 Jun 2009
  • Poruke: 525
  • Gde živiš: Prijepolje-Srbija

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-11-2016
Ran by Mx2qi7 (30-11-2016 22:41:20) Run:3
Running from C:\Users\Mx2qi7\Desktop\New folder (2)
Loaded Profiles: Mx2qi7 (Available Profiles: Mx2qi7)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
C:\Users\Mx2qi7\AppData\Roaming\Browsers\exe.erolpxei.bat
C:\Users\Mx2qi7\AppData\Roaming\Browsers\exe.emorhc.bat
C:\Users\Mx2qi7\AppData\Roaming\Browsers\exe.rehcnual.bat
C:\Users\Mx2qi7\AppData\Roaming\Browsers\exe.xoferif.bat
Folder:C:\Users\Mx2qi7\AppData\Roaming\Browsers
EmptyTemp:
*****************

Restore point was successfully created.
"C:\Users\Mx2qi7\AppData\Roaming\Browsers\exe.erolpxei.bat" => not found.
"C:\Users\Mx2qi7\AppData\Roaming\Browsers\exe.emorhc.bat" => not found.
"C:\Users\Mx2qi7\AppData\Roaming\Browsers\exe.rehcnual.bat" => not found.
"C:\Users\Mx2qi7\AppData\Roaming\Browsers\exe.xoferif.bat" => not found.

========================= Folder:C:\Users\Mx2qi7\AppData\Roaming\Browsers ========================

not found.

====== End of Folder: ======


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19094687 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 586943 B
Edge => 0 B
Chrome => 434872317 B
Firefox => 311704155 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 4790 B
NetworkService => 0 B
Mx2qi7 => 30589980 B

RecycleBin => 4898922 B
EmptyTemp: => 772.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:42:12 ====

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Da li ima jos nekih problema, osim tih ikonica?

offline
  • Pridružio: 27 Jun 2009
  • Poruke: 525
  • Gde živiš: Prijepolje-Srbija

Napisano: 30 Nov 2016 23:54

Za sada nisam primetio nista sem toga... :/

Dopuna: 30 Nov 2016 23:58

to mi nije toliki problem, nego brinem da se iza toga ne krije neki veci problem ( da mi "odu" sifre i mail-ovi)

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Da probamo da sredimo te ikonice...

Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

createsrpoint;
emptyalltemp;
autoclean;
emptyclsid;
emptyfolderscheck;delete
shortcutfix;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.

offline
  • Pridružio: 27 Jun 2009
  • Poruke: 525
  • Gde živiš: Prijepolje-Srbija

Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Mx2qi7 on pet. 02.12.2016. at 18:42:45,34.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Mx2qi7\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

2.12.2016. 18:46:46 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\47.0.17.184 deleted successfully
C:\PROGRA~2\47.0.21.188 deleted successfully
C:\PROGRA~2\Fact Fire deleted successfully
C:\PROGRA~2\Quadriga Games deleted successfully
C:\Users\Mx2qi7\AppData\Local\dummy.txt deleted successfully
C:\Users\Mx2qi7\AppData\Local\Skype deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\0133851480343226mcinstcleanup deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Fact Fire deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Fact Fire deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Fact Fire deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Fact Fire deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Mx2qi7\AppData\Roaming\Mozilla\Firefox\Profiles\3jqdq9h0.default

user.js not found
---- Lines Fact Fire removed from prefs.js ----
user_pref("extensions.Fact Fire.asul", "1452168516090");
user_pref("extensions.Fact Fire.aul", "1452168577286");
user_pref("extensions.Fact Fire.irl", true);
user_pref("extensions.Fact Fire.is", "isgipub13RS");
user_pref("extensions.Fact Fire.ug", "C628A237-0BB5-4CC4-B739-F700A3C4C688");
---- Lines searchengine removed from prefs.js ----
user_pref("browser.search.searchengine.alias", "");
user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
user_pref("browser.search.searchengine.ptid", "ient07021");
user_pref("browser.search.searchengine.ref", "");
user_pref("browser.search.searchengine.ts", "1463390428");
user_pref("browser.search.searchengine.type", "");
user_pref("browser.search.searchengine.uid", "wdcxwd7500bpvt-75a1yt0_wx21a9298485a9298485");
---- Lines extensions.A4VSjsaB0SNZ3ah1 removed from prefs.js ----
user_pref("extensions.A4VSjsaB0SNZ3ah1.epoch", "1");
user_pref("extensions.A4VSjsaB0SNZ3ah1.scode", "void(0);");
user_pref("extensions.A4VSjsaB0SNZ3ah1.url", "http://tractive.info/sync/?q=C6qUojr5rda4qTr9pdCHqdg9qHk9pjaMAyVUojw6qdU5pdwErTr8rdg6qHsHrdrGtNtVh7n0rjk
---- Lines extensions.gS7wN03DvMUb2R0G removed from prefs.js ----
user_pref("extensions.gS7wN03DvMUb2R0G.epoch", "1");
user_pref("extensions.gS7wN03DvMUb2R0G.scode", "void(0);");
user_pref("extensions.gS7wN03DvMUb2R0G.url", "http://veteranted.org/sync/?q=C6qUojr5rda4qTr9pdCHqdg9qHk9pjaMAyVUojw6qdU5pdwErTr8rdg6qHsHrdrGtNtVh7n0rj
---- FireFox user.js and prefs.js backups ----

prefs_02.12.2016._1900_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\47.0.17.184 not found
C:\PROGRA~2\47.0.21.188 not found
C:\PROGRA~2\Fact Fire not found
C:\PROGRA~2\Quadriga Games not found
C:\Users\Mx2qi7\AppData\Local\Quadriga Games deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Mx2qi7\AppData\Local\Unity deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Mx2qi7\AppData\LocalLow\Unity deleted
C:\windows\SysNative\drivers\{35a55ce6-eae8-40c7-a487-ca1ed6a64287}Gw64.sys deleted
C:\windows\SysNative\drivers\{679505bf-5d41-4208-be75-41654d5bcc5d}Gw64.sys deleted
C:\windows\SysNative\drivers\{77c03b85-8239-448c-86a3-1544af445977}Gw64.sys deleted
C:\windows\SysNative\drivers\{b4874625-5b9d-4bca-b0af-4b3587e6c6d2}Gw64.sys deleted
C:\windows\SysNative\drivers\{b8b93792-c76a-4cbd-b107-100ae575ca27}Gw64.sys deleted
C:\windows\SysNative\drivers\{c5e6162e-f8e0-40ea-9237-d0aef65508e4}Gw64.sys deleted
C:\windows\SysNative\drivers\{d6e5b4cb-4df8-4cdf-9716-c4567a2c09b7}Gw64.sys deleted
C:\windows\SysNative\drivers\{d7144955-56fd-442a-8677-572a933499db}Gw64.sys deleted
C:\Windows\Syswow64\tem28B5.tmp deleted
C:\Users\Mx2qi7\AppData\Roaming\Mozilla\Firefox\Profiles\3jqdq9h0.default\searchplugins\avast-search.xml deleted
C:\Users\Mx2qi7\AppData\Roaming\Mozilla\Firefox\Profiles\3jqdq9h0.default\SnapMyScreen_bf deleted

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Mx2qi7\AppData\Roaming\Mozilla\Firefox\Profiles\3jqdq9h0.default
user_pref("browser.search.defaulturl", "https://search.avast.com/AV772/search/web?q={searchTerms}");
user_pref("browser.search.defaultengine", "Avast Search");
user_pref("browser.search.selectedEngine", "Avast Search");
user_pref("keyword.URL", "https://search.avast.com/AV772/search/web?q={searchTerms}");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [30.08.2016. 19:37]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [30.08.2016. 19:37]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Mx2qi7\AppData\Roaming\Mozilla\Firefox\Profiles\3jqdq9h0.default
83FCFA3C1E0D7523C21CCFBF336D2687 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll - Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]

Avast SafePrice - Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Avast Online Security - Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Media Router - Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Search Page"="https://search.avast.com/AV772/search/web?q={searchTerms}"
"Search Bar"="https://search.avast.com/AV772/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://search.avast.com/AV772/"
"Search Page"="https://search.avast.com/AV772/search/web?q={searchTerms}"
"Search Bar"="https://search.avast.com/AV772/"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://search.avast.com/AV772/"
"Search Page"="https://search.avast.com/AV772/search/web?q={searchTerms}"
"Search Bar"="https://search.avast.com/AV772/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{425ED333-6083-428a-92C9-0CFC28B9D1BF}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{8C31F27B-BE8A-4e4b-A478-17760AF1F5D9}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} - https://search.avast.com/AV772/search/web?q={searchTerms}
HKCU\SearchScopes "DefaultScope"="{8C31F27B-BE8A-4e4b-A478-17760AF1F5D9}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} - https://search.avast.com/AV772/search/web?q={searchTerms}

==== shortcuts on Users Desktops ======================

C:\Users\Mx2qi7\Desktop\Farming Simulator 2013 .lnk - C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe
C:\Users\Mx2qi7\Desktop\Firefox - Mozilla.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Mx2qi7\Desktop\HCP Fiscal.lnk - C:\Program Files (x86)\HCP\HCP Fiscal SRB\HCP Fiscal.exe
C:\Users\Mx2qi7\Desktop\Isoplex.lnk - C:\Program Files (x86)\Isoplex\Isoplex\Isoplex.exe
C:\Users\Mx2qi7\Desktop\Popcorn-Time.lnk - C:\Users\Mx2qi7\AppData\Local\Popcorn-Time\Popcorn-Time.exe
C:\Users\Mx2qi7\Desktop\TS3 - Shortcut.lnk - C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Public\Desktop\Battlefield 2.lnk - C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe +menu 1 +fullscreen 1
C:\Users\Public\Desktop\Command & Conquer Generals Zero Hour .lnk - C:\Program Files (x86)\EA Games\Command & Conquer Generals Zero Hour\generals.exe
C:\Users\Public\Desktop\Command & Conquer Generals.lnk - C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe
C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk - C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
C:\Users\Public\Desktop\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Play BF2 Online Now.lnk -
C:\Users\Public\Desktop\PowerISO.lnk - C:\Program Files (x86)\PowerISO\PowerISO.exe
C:\Users\Public\Desktop\Zemana AntiMalware.lnk - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\G??gle Chrome.lnk -
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Int?rn?t ?x?l?rer.lnk -
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HCP Fiscal SRB 2.30\HCP Fiscal.lnk - C:\Program Files (x86)\HCP\HCP Fiscal SRB\HCP Fiscal.exe
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HCP Fiscal SRB 2.30\Uninstall.lnk - C:\Program Files (x86)\HCP\HCP Fiscal SRB\Uninstall.exe
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn-Time\Popcorn-Time.lnk - C:\Users\Mx2qi7\AppData\Local\Popcorn-Time\Popcorn-Time.exe
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn-Time\Uninstall Popcorn-Time.lnk - C:\Users\Mx2qi7\AppData\Local\Popcorn-Time\Uninstall.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk - C:\Program Files\AVAST Software\SZBrowser\launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G?ogle ?hr?m?.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk - C:\Program Files\Intel Security\True Key\application\truekey.exe --open-source=startmenu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?v?st S?f?Zone Brows?r.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Battlefield 2\L?unch ?F2 Stand?l?n? S?rv?r.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command & Conquer Generals\Command & Conquer Generals Readme.lnk - C:\Program Files (x86)\EA Games\Command and Conquer Generals\support\readme.doc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command & Conquer Generals\Command & Conquer Generals Worldbuilder.lnk - C:\Program Files (x86)\EA Games\Command and Conquer Generals\worldbuilder.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command & Conquer Generals\Command & Conquer Generals.lnk - C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command & Conquer Generals\EAsy System Info.lnk - C:\Program Files (x86)\EA Games\Command and Conquer Generals\support\go_ez.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command & Conquer Generals\Electronic Registration.lnk - C:\Program Files (x86)\EA Games\Command and Conquer Generals\support\Generals_eReg.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command & Conquer Generals\Technical Support Europe and UK.lnk - C:\Program Files (x86)\EA Games\Command and Conquer Generals\support\en-uk_eahelp.hlp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command & Conquer Generals\Technical Support North America.lnk - C:\Program Files (x86)\EA Games\Command and Conquer Generals\support\en-us_eahelp.hlp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command & Conquer Generals\Uninstall Command & Conquer Generals.lnk - C:\Program Files (x86)\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command and ConquerTM Generals Zero Hour\Command and ConquerTM Generals Zero Hour Readme.lnk - C:\Program Files (x86)\EA Games\Command & Conquer Generals Zero Hour\support\readme.doc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command and ConquerTM Generals Zero Hour\Command and ConquerTM Generals Zero Hour Worldbuilder.lnk - C:\Program Files (x86)\EA Games\Command & Conquer Generals Zero Hour\worldbuilder.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command and ConquerTM Generals Zero Hour\Command and ConquerTM Generals Zero Hour.lnk - C:\Program Files (x86)\EA Games\Command & Conquer Generals Zero Hour\generals.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command and ConquerTM Generals Zero Hour\EAsy System Info.lnk - C:\Program Files (x86)\EA Games\Command & Conquer Generals Zero Hour\support\go_ez.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command and ConquerTM Generals Zero Hour\Electronic Registration.lnk - C:\Program Files (x86)\EA Games\Command & Conquer Generals Zero Hour\support\Command and Conquer Generals Zero Hour_eReg.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command and ConquerTM Generals Zero Hour\Technical Support Europe and UK.lnk - C:\Program Files (x86)\EA Games\Command & Conquer Generals Zero Hour\support\en-uk_eahelp.hlp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command and ConquerTM Generals Zero Hour\Technical Support North America.lnk - C:\Program Files (x86)\EA Games\Command & Conquer Generals Zero Hour\support\en-us_eahelp.hlp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Command and ConquerTM Generals Zero Hour\Uninstall Command and ConquerTM Generals Zero Hour.lnk - C:\Program Files (x86)\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe /M{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2013\Farming Simulator 2013 .lnk - C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2013\Manual.lnk - C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013_EN.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\Uninstall.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware\Zemana AntiMalware.lnk - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G??gle Chr?m?.lnk -
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HCP Fiscal.lnk - C:\Program Files (x86)\HCP\HCP Fiscal SRB\HCP Fiscal.exe
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\L?unch Int?rn?t Explor?r ?r?wser.lnk -
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\fc055bbd87c30a9d\Guntony.lnk - C:\Program Files (x86)\Guntony\Guntony\chrome.exe --profile-directory=Default
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\fc055bbd87c30a9d\Gunt?ny.lnk -
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Fir?f?x - ?ozill?.lnk -
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GOM.EXE.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Mx2qi7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sims 3.lnk - C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3W.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Mx2qi7\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Mx2qi7\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Mx2qi7\AppData\Local\Mozilla\Firefox\Profiles\3jqdq9h0.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Mx2qi7\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Mx2qi7\AppData\Local\Popcorn-Time\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=275 folders=154 50279823 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Mx2qi7\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Mx2qi7\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on pet. 02.12.2016. at 19:06:27,83 ======================

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Kakvo je stanje sa ikonicama i postavi novi FRST i Addition log.

Ko je trenutno na forumu
 

Ukupno su 1086 korisnika na forumu :: 43 registrovanih, 10 sakrivenih i 1033 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., antonije64, Areal84, Asparagus, babaroga, Brana01, Cassius Clay, Centauro, Chainsaw, darkangel, dijica, Dimitrise93, FileFinder, FOX, Goran 0000, hologram, ikan, ILGromovnik, janbo, Karla, laurusri, Lieutenant, ljuba, Luka Blažević, madza, oldtimer, pein, radoznao, S2M, saputnik plavetnila, Singidunumac, stegonosa, Toper, tubular, VJ, vladaa012, vladulns, yufighter, Yugol33, zillbg, |_MeD_|, šumar bk2