Možda tražite i:
Comodo i Avast - problemi nakon updatea Avasta
Da li je ovo avast fake alarm?
Cudna dedekcija-avast

MyCity » Ambulanta -> Arhiva Ambulante » Avast

Avast

Napisano na dan: 10.10.2014

Strana:
1
2
3

Avast

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

Marko Srbin Poslao: 10 Okt 2014 22:25 Idi na vrh
offline Marko Srbin Ugledni građanin Pridružio: 13 Feb 2012 Poruke: 364	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Imao sam viruse u komp,pa sam skenirao avastom i anti-malwerom,avast je naso 2 visoko inficirana fajla,a anti-malwer 110,to sam izbrisao sve i valjda je sad oko komp mi ne baguje,nego ovaj avast ko da je poludeo stalno,na svaka 2-3 minuta mi izbacuje sledece,kako to da iskljucim(u donjem desnom ugulu) Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-10-2014 01 Ran by Markovic (administrator) on MARKOVIC-PC on 10-10-2014 22:17:46 Running from C:\Users\Markovic\Downloads Loaded Profile: Markovic (Available profiles: Markovic) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe (Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [337432 2014-02-03] (Power Software Ltd) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.) HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] () HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-24] (AVAST Software) HKU\S-1-5-21-2763985286-3645719700-1425198300-1001\...\Run: [Viber] => "C:\Users\Markovic\AppData\Local\Viber\Viber.exe" HKU\S-1-5-21-2763985286-3645719700-1425198300-1001\...\Run: [99F46D0887681C29F21B983FA02E70E05C9BFDA1._service_run] => C:\Program Files\Google\Chrome\Application\chrome.exe [852808 2014-09-04] (Google Inc.) HKU\S-1-5-21-2763985286-3645719700-1425198300-1001\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [603648 2012-06-22] (MyCity) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC0319C13CDF2CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-24] Chrome: ======= CHR HomePage: Default -> D16F92851D55D429027FE4D8D7A1654D012B082924EB25DAAF0485F3F6ED0390 CHR Profile: C:\Users\Markovic\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Stylish) - C:\Users\Markovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-08-15] CHR Extension: (Google новчаник) - C:\Users\Markovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-30] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-24] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-24] (AVAST Software) R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [387616 2009-04-19] () R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [178720 2009-04-19] () S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [45184 2012-03-05] (Advanced Micro Devices) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-09-24] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-09-24] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-09-24] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-09-24] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-09-24] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-09-24] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-09-24] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-09-24] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] () S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [83336 2007-04-24] (MCCI Corporation) S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [15112 2007-04-24] (MCCI Corporation) S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [108680 2007-04-24] (MCCI Corporation) S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [100488 2007-04-24] (MCCI Corporation) S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [98696 2007-04-24] (MCCI Corporation) R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114408 2014-02-03] (Power Software Ltd) S3 cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-10 22:15 - 2014-10-10 22:17 - 00018300 _____ () C:\Users\Markovic\Desktop\Addition.txt 2014-10-10 22:14 - 2014-10-10 22:18 - 00011933 _____ () C:\Users\Markovic\Desktop\FRST.txt 2014-10-10 22:14 - 2014-10-10 22:17 - 00000000 ____D () C:\FRST 2014-10-10 22:12 - 2014-10-10 22:13 - 01101312 _____ (Farbar) C:\Users\Markovic\Downloads\FRST.exe 2014-10-10 10:01 - 2014-10-10 10:01 - 00002804 _____ () C:\Users\Markovic\Desktop\JRT.txt 2014-10-10 09:56 - 2014-10-10 09:57 - 01705755 _____ (Thisisu) C:\Users\Markovic\Downloads\JRT.exe 2014-10-10 09:52 - 2014-10-10 09:52 - 01375089 _____ () C:\Users\Markovic\Downloads\AdwCleaner.exe 2014-10-10 09:41 - 2014-10-10 09:57 - 00000000 ____D () C:\Windows\ERUNT 2014-10-10 09:41 - 2014-10-10 09:41 - 00000526 _____ () C:\DelFix.txt 2014-10-09 13:34 - 2014-10-09 13:34 - 00109280 _____ () C:\Users\Markovic\AppData\Local\GDIPFONTCACHEV1.DAT 2014-10-09 13:33 - 2014-10-10 13:56 - 00000224 _____ () C:\Windows\setupact.log 2014-10-09 13:33 - 2014-10-10 10:02 - 00039916 _____ () C:\Windows\PFRO.log 2014-10-09 13:33 - 2014-10-09 13:33 - 00409440 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-09 13:33 - 2014-10-09 13:33 - 00000000 _____ () C:\Windows\setuperr.log 2014-10-09 12:28 - 2014-10-09 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield 2014-10-09 12:27 - 2014-10-10 13:56 - 00000000 ____D () C:\ProgramData\MCShield 2014-10-09 12:27 - 2014-10-09 12:28 - 00000000 ____D () C:\Program Files\MCShield 2014-10-09 12:12 - 2014-10-09 12:12 - 00001031 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-10-09 12:12 - 2014-10-09 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware 2014-10-09 12:12 - 2014-10-09 12:12 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware 2014-10-09 12:12 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-10-09 12:11 - 2014-10-09 12:11 - 00000000 ____D () C:\Users\Markovic\Downloads\MalwareBytes AntiMalware[arMa] 2014-10-06 22:57 - 2014-10-09 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2014-10-03 20:06 - 2014-10-03 20:06 - 00000000 ____D () C:\Users\Markovic\Desktop\Muzika za Mp3 2014-10-01 14:28 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-09-30 20:42 - 2014-10-09 23:12 - 00000000 ____D () C:\Users\Markovic\Desktop\STAMPAC NE BRISI !!! 2014-09-24 16:23 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-24 00:19 - 2014-09-24 00:19 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-09-24 00:19 - 2014-09-24 00:19 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-09-24 00:19 - 2014-09-24 00:19 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-09-24 00:19 - 2014-09-24 00:19 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-09-24 00:19 - 2014-09-24 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-09-24 00:19 - 2014-09-24 00:19 - 00000000 ____D () C:\Program Files\Java 2014-09-24 00:11 - 2014-09-24 00:11 - 00002083 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-09-24 00:11 - 2014-09-24 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-09-24 00:10 - 2014-09-24 00:09 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-09-24 00:10 - 2014-09-24 00:09 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-09-24 00:10 - 2014-09-24 00:09 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-09-24 00:09 - 2014-09-24 00:11 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-09-24 00:09 - 2014-09-24 00:09 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-09-24 00:09 - 2014-09-24 00:09 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-09-24 00:09 - 2014-09-24 00:09 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-09-24 00:09 - 2014-09-24 00:09 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-09-24 00:09 - 2014-09-24 00:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-09-24 00:09 - 2014-09-24 00:09 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-09-24 00:07 - 2014-09-24 00:07 - 00000000 ____D () C:\Program Files\AVAST Software 2014-09-22 23:00 - 2014-09-24 00:11 - 00000000 ____D () C:\Users\Markovic\AppData\Roaming\AVAST Software 2014-09-21 19:19 - 2014-09-21 19:19 - 00000000 ____D () C:\Users\Markovic\AppData\Local\VS Revo Group 2014-09-21 19:19 - 2014-09-21 19:19 - 00000000 ____D () C:\ProgramData\VS Revo Group 2014-09-20 10:47 - 2014-09-22 23:03 - 00000000 ____D () C:\ProgramData\YoutubeeeAdBlocke 2014-09-20 10:47 - 2014-09-22 23:02 - 00000000 ____D () C:\Program Files\YoutubeeeAdBlocke 2014-09-20 10:46 - 2014-09-22 23:02 - 00000394 __RSH () C:\ProgramData\ntuser.pol 2014-09-20 10:46 - 2014-09-22 23:02 - 00000000 ____D () C:\ProgramData\fa90896da6ce4c7f 2014-09-20 10:46 - 2014-09-20 10:46 - 00000000 ____D () C:\Users\Markovic\AppData\Local\Comodo 2014-09-20 10:46 - 2014-09-20 10:46 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-09-20 10:46 - 2014-09-20 10:46 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-09-20 10:46 - 2014-09-20 10:46 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-09-20 10:46 - 2014-09-20 10:46 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google 2014-09-20 10:46 - 2014-09-20 10:46 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo 2014-09-20 10:46 - 2014-09-20 10:46 - 00000000 ____D () C:\Users\Guest 2014-09-20 10:46 - 2014-09-20 10:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-09-20 10:46 - 2014-09-20 10:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-09-20 10:46 - 2014-09-20 10:46 - 00000000 ____D () C:\Users\Administrator 2014-09-15 19:43 - 2014-09-15 22:13 - 03012304 _____ () C:\Users\Markovic\Desktop\New Microsoft Office PowerPoint Presentation.pptx 2014-09-15 19:43 - 2014-09-15 19:43 - 00000165 ____H () C:\Users\Markovic\Desktop\~$New Microsoft Office PowerPoint Presentation.pptx 2014-09-13 22:20 - 2014-09-24 19:08 - 00000000 ____D () C:\Users\Markovic\Desktop\Muzika Najnovije 2014-09-10 09:50 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-10 09:50 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-10 09:50 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-10 09:50 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-10 09:50 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-10 09:50 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-10 09:50 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-10 09:50 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-10 09:50 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-10 09:50 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-10 09:50 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-10 09:50 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-10 09:50 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-10 09:50 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-10 09:50 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-10 09:50 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-10 09:49 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-10 09:49 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-10 09:49 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-10 09:49 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-10 09:49 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-10 09:49 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-10 09:49 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-10 09:49 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-10 09:49 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-10 09:49 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-10 09:49 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-10 09:49 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-10 09:49 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-10 09:49 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-10 09:49 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-10 09:12 - 2014-09-05 03:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-10 09:12 - 2014-09-05 03:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-10 09:12 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-10 09:12 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-10 09:12 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-10 09:12 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-10 22:04 - 2014-03-14 22:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-10 21:26 - 2014-06-30 15:20 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-10 21:26 - 2014-05-20 21:02 - 01768750 _____ () C:\Windows\WindowsUpdate.log 2014-10-10 20:44 - 2014-06-26 15:55 - 00000000 ____D () C:\Users\Markovic\Documents\Euro Truck Simulator 2 2014-10-10 18:44 - 2014-06-30 15:20 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-10 14:03 - 2009-07-14 06:34 - 00020800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-10 14:03 - 2009-07-14 06:34 - 00020800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-10 13:56 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-10 10:02 - 2014-07-05 10:24 - 00000000 ____D () C:\AdwCleaner 2014-10-09 23:40 - 2014-08-25 14:29 - 00000000 ____D () C:\Users\Markovic\Desktop\Slike za stampanje 2014-10-09 20:32 - 2013-12-06 23:53 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-09 13:33 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\TAPI 2014-10-09 12:26 - 2014-06-18 15:21 - 00000000 ____D () C:\ProgramData\Skype 2014-10-09 12:23 - 2014-09-07 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2014-10-09 12:23 - 2014-06-19 17:50 - 00000000 ____D () C:\Users\Markovic\AppData\Roaming\uTorrent 2014-10-09 12:22 - 2014-02-21 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2014-10-09 12:22 - 2013-12-07 16:50 - 00000000 ____D () C:\Windows\Minidump 2014-10-09 12:18 - 2014-06-19 18:06 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-10-09 12:17 - 2013-12-06 23:56 - 00000000 ____D () C:\Users\Markovic\AppData\Local\Google 2014-10-06 22:58 - 2014-02-23 20:51 - 00000000 ___HD () C:\Users\Markovic\Desktop\.picasaoriginals 2014-10-06 22:56 - 2013-12-06 23:56 - 00000000 ____D () C:\Program Files\Google 2014-10-04 14:03 - 2014-01-05 11:16 - 00000000 ____D () C:\Program Files\WinRAR 2014-10-04 13:31 - 2014-01-05 11:16 - 00001112 _____ () C:\Users\Public\Desktop\WinRAR.lnk 2014-10-04 13:31 - 2014-01-05 11:16 - 00000000 ____D () C:\Users\Markovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-10-04 13:31 - 2014-01-05 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-10-02 23:44 - 2013-12-06 23:48 - 00000000 ____D () C:\Users\Markovic 2014-10-02 04:37 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp 2014-10-02 04:37 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration 2014-09-28 13:24 - 2009-07-14 06:53 - 00032650 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-09-25 19:25 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2014-09-25 13:15 - 2014-08-20 22:44 - 00000000 ____D () C:\Users\Markovic\Desktop\slike 2014-09-24 20:04 - 2013-12-06 23:56 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-09-24 20:04 - 2013-12-06 23:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-09-24 00:35 - 2014-08-01 16:56 - 00000000 ____D () C:\Users\Markovic\AppData\Roaming\Dropbox 2014-09-24 00:07 - 2013-12-07 13:41 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-09-24 00:05 - 2009-07-14 04:04 - 00002577 _____ () C:\Windows\system32\config.nt 2014-09-22 23:01 - 2014-09-03 22:48 - 00000000 ____D () C:\Program Files\SystemRequirementsLab 2014-09-21 14:14 - 2014-09-09 21:46 - 00000000 ____D () C:\Users\Markovic\Desktop\Linkovi za S.N 2014-09-20 10:46 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-09-17 13:59 - 2013-12-08 13:25 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-15 22:20 - 2014-06-19 19:20 - 00000000 ____D () C:\Users\Markovic\AppData\Local\Microsoft Help 2014-09-15 22:19 - 2014-09-02 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-09-15 09:06 - 2013-12-07 00:32 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-09-10 21:28 - 2014-06-10 20:52 - 00000000 ____D () C:\Users\Markovic\Desktop\Folder sa slikama 2014-09-10 14:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-09-10 09:49 - 2013-12-15 02:43 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-10 09:47 - 2014-05-05 23:42 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-09-10 09:47 - 2013-12-15 02:43 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-10 09:24 - 2014-06-10 20:53 - 00000000 ____D () C:\Users\Markovic\Desktop\S.W slike Some content of TEMP: ==================== C:\Users\Markovic\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici]

Profil

magna86 Poslao: 11 Okt 2014 10:39 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Korak #1 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: `Start File: C:\Windows\system32\qdvd.dll CloseProcesses: Hosts: GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CMD: bitsadmin /reset /allusers EmptyTemp: C:\Program Files\YoutubeeeAdBlocke End` 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. . Korak #2 Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: `Uninstall-List; ipconfig /flushdns >> %temp%\log.txt;b type C:\DelFix.txt >> %temp%\log.txt;b type C:\AdwCleaner[S0].txt >> %temp%\log.txt;b EmptyFoldersCheck;Delete EmptyCLSID; ResetIEProxy; CHRDefaults; ShortcutFix; AutoClean; Reboot;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

Marko Srbin Poslao: 12 Okt 2014 20:26 Idi na vrh
offline Marko Srbin Ugledni građanin Pridružio: 13 Feb 2012 Poruke: 364	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Zoek.exe v5.0.0.0 Updated 11-October-2014 Tool run by Markovic on ??? 12.10.2014 at 19:38:49,70. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Markovic\AppData\Local\Temp\Rar$DIa0.989\zoek.scr [Scan all users] [Script inserted] ==== System Restore Info ====================== 12.10.2014 20:00:49 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\VS Revo Group deleted successfully C:\Program Files\Webteh deleted successfully C:\Program Files\YoutubeeeAdBlocke deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\YoutubeeeAdBlocke deleted successfully C:\Users\Markovic\AppData\Local\DriverToolkit deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Batch Command(s) Run By Tool====================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. # DelFix v10.8 - Logfile created 10/10/2014 at 09:41:20 # Updated 29/07/2014 by Xplode # Username : Markovic - MARKOVIC-PC # Operating System : Windows 7 Ultimate Service Pack 1 (32 bits) ~ Removing disinfection tools ... Deleted : C:\AdwCleaner Deleted : HKLM\SOFTWARE\OldTimer Tools Deleted : HKLM\SOFTWARE\AdwCleaner ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #355 [Windows Update \| 10/10/2014 07:35:52] New restore point created ! ########## - EOF - ########## ==== Deleting Files \ Folders ====================== C:\Users\Markovic\.android deleted C:\PROGRA~2\InstallMate deleted C:\Users\Markovic\AppData\Local\cache deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\System32\~GLH0025.TMP deleted "C:\PROGRA~2\fa90896da6ce4c7f\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140922230228" deleted "C:\PROGRA~2\fa90896da6ce4c7f\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140920104701" deleted "C:\PROGRA~2\fa90896da6ce4c7f\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140922230211" deleted "C:\PROGRA~2\fa90896da6ce4c7f\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140922230212" deleted "C:\PROGRA~2\fa90896da6ce4c7f\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140922230228" deleted "C:\PROGRA~2\fa90896da6ce4c7f\{64A4ABCA-CF3D-C548-2DC4-72A55DC5882A}.20140920104641" deleted "C:\PROGRA~2\fa90896da6ce4c7f\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20140920104709" deleted "C:\PROGRA~2\fa90896da6ce4c7f\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20140920104651" deleted "C:\PROGRA~2\fa90896da6ce4c7f" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [24.09.2014 00:09] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[24.09.2014 00:09] GoSavei - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold NexTCOup - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn Win by Browsing - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh Win by Browsing - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh GoSavei - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold NexTCOup - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn Win by Browsing - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh GoSavei - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold NexTCOup - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn Win by Browsing - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh Win by Browsing - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh GoSavei - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold NexTCOup - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn Win by Browsing - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh GoSavei - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold NexTCOup - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn Win by Browsing - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh Win by Browsing - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh GoSavei - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold NexTCOup - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn Win by Browsing - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh GoSavei - Markovic\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold NexTCOup - Markovic\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn Win by Browsing - Markovic\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh Stylish - Markovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe GoSavei - Markovic\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold NexTCOup - Markovic\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn Win by Browsing - Markovic\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh ==== Chromium Startpages ====================== C:\Users\Markovic\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.rs/", "startup_urls": [ "http://www.google.rs/", "http://astromenda.com/?f=7&a=ast_aw_14_50_ch&cd=2XzuyEtN2Y1L1QzuyEyEzzyB0F0C0E0E0CyBtDyC0A0CtD0BtN0D0Tzu0SzyyDyCtN1L2XzutAtFtDtFtCtDtFtAtN1L1Czu0S0P0D0YtN1L1G1B1V1N2Y1L1Qzu2SyCyC0C0EtC0BzytBtGyBzy0A0CtG0B0E0EyDtG0DtAtCyDtGyB0FtCzy0E0EtAtD0AyB0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0ByD0A0Czy0CtBtGtB0F0AzztGyE0CtAzytGzy0FtC0DtGtBzz0ByCzz0Bzyzzzz0BtCyE2QtN1B1L1H1Ezu1O2U1M1B&cr=2048581866&ir=", "http://websearch.searchandfly.info/?pid=2457&r=2014/09/20&hid=391059978708877344&lg=EN&cc=RS&unqvl=62", "http://search.gboxapp.com/" ], ==== Chromium Fix ====================== C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn deleted successfully C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn deleted successfully C:\Users\Markovic\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn deleted successfully C:\Users\Markovic\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jolilndmmfimkknammcfhjgokkaamhjn deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh deleted successfully C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh deleted successfully C:\Users\Markovic\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh deleted successfully C:\Users\Markovic\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oiplkfaidhjklglajdpfehoagkmlcakh deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\Markovic\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Markovic\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Markovic\Desktop\Computer - Shortcut.lnk - C:\Users\Markovic\Desktop\Easy MP3 Cutter.lnk - C:\Program Files\Easy MP3 Cutter\mp3_cutter.exe C:\Users\Markovic\Desktop\Euro Truck Simulator 2.lnk - C:\2-click run\Euro Truck Simulator 2 v1.9.22s (Pink Truck Fix)(DLC Going East)\bin\win_x86\eurotrucks2.exe C:\Users\Markovic\Desktop\µTorrent.lnk - ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\avast Free Antivirus.lnk - C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Public\Desktop\Winamp.lnk - C:\Program Files\Winamp\winamp.exe C:\Users\Public\Desktop\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Markovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files\WinRAR\Rar.txt C:\Users\Markovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files\WinRAR\WhatsNew.txt C:\Users\Markovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files\WinRAR\WinRAR.chm C:\Users\Markovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Control Center.lnk - C:\Program Files\MCShield\MCShieldCC.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Real-Time Monitor.lnk - C:\Program Files\MCShield\MCShieldRTM.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Website.lnk - C:\Program Files\MCShield\MCShield website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\All scans.lnk - C:\ProgramData\MCShield\AllScans.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Last scan.lnk - C:\ProgramData\MCShield\LastScan.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Summary.lnk - C:\ProgramData\MCShield\Summary.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Uninstall\Uninstall MCShield.lnk - C:\Program Files\MCShield\MCS-uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files\WinRAR\Rar.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files\WinRAR\WhatsNew.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files\WinRAR\WinRAR.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Markovic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Markovic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Markovic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Markovic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Markovic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Markovic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk - C:\Program Files\Google\Chrome\Application\chrome.exe --remote-debugging-port=9223 C:\Users\Markovic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe --remote-debugging-port=9223 C:\Users\Markovic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Markovic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Uninstall List x86 ====================== æTorrent [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] Adobe Flash Player 15 ActiveX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] Adobe Flash Player 15 Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin] Adobe Reader XI (11.0.09) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AB0000000001}] AMD Accelerated Video Transcoding [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7F644A4B-C9A7-E419-BFD9-75DFA0EE57DB}] AMD APP SDK Runtime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A25FF1C0-80B6-4B8B-A551-DC525697A408}] AMD Catalyst Install Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B448BC74-1CB7-7A57-3313-5E075AFB413E}] AMD Drag and Drop Transcoding [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DBA18992-B9F3-950D-E973-6ED23422EA73}] AMD Fuel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ACEF85BD-2489-BE0E-9965-CE2F661260AA}] AMD Media Foundation Decoders [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3DF7D356-6225-8717-AFC2-91D5C1521036}] AMD VISION Engine Control Center [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EBBD4FE6-91DA-C397-6D56-FE85DBF24FCF}] avast Free Antivirus [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Avast] Catalyst Control Center - Branding [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}] Catalyst Control Center Graphics Previews Common [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D4236B82-213F-679E-09A2-9AEB5EF4CADC}] Catalyst Control Center InstallProxy [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{28164BD8-81EA-639A-85E9-E659E3EE6DA7}] Catalyst Control Center Localization All [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BD96ABD3-D1D4-5513-6C60-11476D6DCFC5}] ccc-utility [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D5B19AA-3D3A-5870-C9A0-346EBC5DB21E}] CCC Help Chinese Standard [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4745F6F8-09DA-CC39-EC19-0E8D764CF2B7}] CCC Help Chinese Traditional [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{25A7270E-1B63-DFD1-ACBC-88852A305398}] CCC Help Czech [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15A05AAA-37E7-D516-5BE9-C960C2170403}] CCC Help Danish [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2E69E784-F84A-9A18-7D8E-4EB8504EEE1E}] CCC Help Dutch [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{58771CF6-F212-CC4D-61B1-45CC70B6375C}] CCC Help English [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{00F14E5B-E07A-2A1E-6788-580773CE1486}] CCC Help Finnish [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B09567CC-E43F-10F1-752D-549AC7FB0C43}] CCC Help French [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C39C7876-4D21-8A38-0A42-B5C8858EC6C7}] CCC Help German [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A7F1628-2126-34A5-852D-2B93328BCF3F}] CCC Help Greek [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{911904DE-EBB6-BC8E-D5BD-762B7DB42C46}] CCC Help Hungarian [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4FA31DE2-B613-24BB-1738-B655C00B1C9D}] CCC Help Italian [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6D5CE5F1-CBB0-9ED4-1A1E-91DDCD6225FD}] CCC Help Japanese [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{362614E4-9ABB-E7A7-CDDC-239AB168060A}] CCC Help Korean [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{812B956B-37AB-24B9-4527-78A6D3ECE7F8}] CCC Help Norwegian [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B170B91D-E8E3-A6A3-D129-D8E36FEA8A0B}] CCC Help Polish [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83293709-B863-0EF6-00DA-B026D486E8B5}] CCC Help Portuguese [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9903011B-5F1D-A2A1-8078-EE62B3324CCE}] CCC Help Russian [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AE6C422B-DADB-D547-411C-E9E56DF03D16}] CCC Help Spanish [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{707210B0-29F1-C550-BA96-6ECDA245CF24}] CCC Help Swedish [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FCEFDA6B-63CD-BB17-B845-478A42E24D39}] CCC Help Thai [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{21E9850E-58C2-FA88-D5AD-B64D253B8F82}] CCC Help Turkish [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0A036215-0A8D-6FBE-7EA3-7AED4F9E162A}] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] DriverToolkit version 8.3.5.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1] Easy MP3 Cutter 3.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Easy MP3 Cutter_is1] Euro Truck Simulator 2 v1.9.22s (Pink Truck Fix)(DLC Going East) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Euro Truck Simulator 2 v1.9.22s (Pink Truck Fix)(DLC Going East)1.9.22s] Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Drive [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C6640705-7479-4EE5-BC86-879F05F65E74}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] Java 7 Update 67 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F03217067FF}] Malwarebytes Anti-Malware version 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1] MCShield ::Anti-Malware Tool:: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MCShield] Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4903D172-DCCB-392F-93A3-34CA9D47FE3D}] Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033] Microsoft Office Enterprise 2007 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ENTERPRISE] Microsoft Office XP - ???-?????????? [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{90260419-6000-11D3-8CFE-0150048383C9}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] My Program version 1.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\My Program_is1] NVIDIA Drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA Drivers] NVIDIA ForceWare Network Access Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}] NVIDIA ForceWare Network Access Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}] PowerISO [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PowerISO] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] Winamp [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp] WinRAR 5.11 (32-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] ==== Empty IE Cache ====================== C:\Users\Markovic\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Markovic\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Markovic\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=190 folders=65 4020174 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Markovic\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Markovic\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ??? 12.10.2014 at 20:17:57,91 ======================

Profil

magna86 Poslao: 12 Okt 2014 21:59 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Postavio si sam FixList umesto FixLog izvestaja. Zoek je odradio dosta toga i sam log izgleda vrlo dobro. Avast! upozorenja vise ne bi trebao da dobijas. Ostalo je jos da resetujes Google Chrome podesavanja na default podesavanja. Evo kako to da uradis: [Link mogu videti samo ulogovani korisnici] Potom ... zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... Klikni na More Options dugme i stikliraj polje ispred sledece opcije: Do a QuickScan Napomena: Stikliraj samo navedenu opciju, ostale opcije ne dirati ! ! Klikni na dugme i pričekaj da se skeniranje završi. zoek ce na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

Marko Srbin Poslao: 13 Okt 2014 16:56 Idi na vrh
offline Marko Srbin Ugledni građanin Pridružio: 13 Feb 2012 Poruke: 364	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pozdrav , [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Zoek.exe v5.0.0.0 Updated 11-October-2014 Tool run by Markovic on ??? 13.10.2014 at 16:44:35,68. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Markovic\AppData\Local\Temp\Rar$DIa0.331\zoek.scr [Scan all users] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-10-12-181757.log 28005 bytes ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-09-23 22:09:48 357CEBBCD99C8928A2D1A61A6CACC168 43152 ----a-w- C:\Windows\avastSS.scr ====== C:\Users\Markovic\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-10-10 20:50:06 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\Windows\System32\javaws.exe 2014-10-10 20:49:57 49E203776C2ACB289385168A9058EE9E 96680 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll 2014-10-10 20:49:57 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\Windows\System32\javaw.exe 2014-10-10 20:49:57 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\Windows\System32\java.exe 2014-10-09 11:33:30 086DC1E9FBDA256653EDEF87885ACA45 409440 ----a-w- C:\Windows\System32\FNTCACHE.DAT 2014-10-01 12:28:23 BBA80D3CAB22620A6AC9BB603386EE33 519680 ----a-w- C:\Windows\System32\qdvd.dll ====== C:\Windows\system32\drivers ===== 2014-10-09 10:12:47 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-09-23 22:10:01 83378AE48209388D0F9BD16A44D19EEC 71944 ----a-w- C:\Windows\System32\drivers\aswStm.sys 2014-09-23 22:10:00 90BEE0170D70D6744CEF2355EEAF8086 192352 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2014-09-23 22:10:00 51FDE588D860857A97E4C4B560E40C9B 779536 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2014-09-23 22:09:59 B7750AF7EDFD95674EB7CA92BCDD3358 49944 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2014-09-23 22:09:59 1AEB8CDB797666AF709A291B47AE81E0 414520 ----a-w- C:\Windows\System32\drivers\aswsp.sys 2014-09-23 22:09:58 C3014C735F450FE822C97FFBB0627113 67824 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2014-09-23 22:09:58 A4614218584E41C31C7D1CBFF0432ED5 81768 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2014-09-23 22:09:58 3BFBB5DAE801CB893B8B46345FED6437 24184 ----a-w- C:\Windows\System32\drivers\aswHwid.sys ====== C:\Windows\Tasks ====== 2014-09-23 22:10:58 9D3C8BF2998A1B03011DE73F586031EE 4182 ----a-w- C:\Windows\system32\Tasks\avast! Emergency Update ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-10-10 20:50:11 -------- d-----w- C:\Program Files\Common Files\Java 2014-10-10 20:49:44 -------- d-----w- C:\Program Files\Java 2014-10-09 10:27:59 -------- d-----w- C:\Program Files\MCShield ======= C: ===== 2014-10-10 07:41:20 A73D39C73EA3B581EF3EF3CBAE34C220 526 ----a-w- C:\DelFix.txt ====== C:\Users\Markovic\AppData\Roaming ====== 2014-10-12 18:16:00 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-10-12 18:16:00 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-10-12 18:16:00 -------- d-----w- C:\Users\Markovic\AppData\Local\Temp 2014-10-12 18:16:00 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-10-12 18:16:00 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-10-09 11:34:42 4662A6B0BF34BD6C56E0C031CCFB592A 109280 ----a-w- C:\Users\Markovic\AppData\Local\GDIPFONTCACHEV1.DAT 2014-10-09 11:32:17 6CD73FE949574C94D093950D78F69BFF 227728 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2014-09-21 17:19:34 -------- d-----w- C:\Users\Markovic\AppData\Local\VS Revo Group 2014-09-20 08:46:41 -------- d-----w- C:\Users\Markovic\AppData\Local\Comodo 2014-09-20 08:46:41 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-09-20 08:46:41 -------- d-----w- C:\Users\Guest\AppData\Local\Comodo 2014-09-20 08:46:41 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo 2014-09-20 08:46:40 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Google 2014-09-20 08:46:40 -------- d-----w- C:\Users\Guest\AppData\Local\Google 2014-09-20 08:46:40 -------- d-----w- C:\Users\Administrator\AppData\Local\Google ====== C:\Users\Markovic ====== 2014-10-10 20:49:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-10 20:44:44 9473F655CAE1A13C311C3FF1134D79DC 918440 ----a-w- C:\Users\Markovic\Downloads\chromeinstall-7u67.exe 2014-10-10 20:12:35 3F5204C5362F62A0B8CC566C6E00E007 1101824 ----a-w- C:\Users\Markovic\Desktop\FRST.exe 2014-10-10 20:12:35 14E5CEB671AF0613BF5004CE880F58A9 1101824 ----a-w- C:\Users\Markovic\Downloads\FRST.exe 2014-10-10 07:56:47 7BC1685F75F0A1FC33E060B19F761AA5 1705755 ----a-w- C:\Users\Markovic\Downloads\JRT.exe 2014-10-10 07:52:07 12EFD5FA51597F188E5DB50BE20EE597 1375089 ----a-w- C:\Users\Markovic\Downloads\AdwCleaner.exe 2014-10-09 10:28:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield 2014-10-09 10:27:59 -------- d-----w- C:\ProgramData\MCShield 2014-10-06 20:57:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2014-09-23 22:11:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-09-21 17:19:27 -------- d-----w- C:\ProgramData\VS Revo Group 2014-09-20 08:46:41 6A8A1724945F50E63B006F8490F12D5F 394 --sha-r- C:\ProgramData\ntuser.pol 2014-09-20 08:46:40 -------- d-----w- C:\Users\HomeGroupUser$\AppData 2014-09-20 08:46:40 -------- d-----w- C:\Users\Guest\AppData 2014-09-20 08:46:40 -------- d-----w- C:\Users\Administrator\AppData ====== C: exe-files == 2014-10-13 14:45:40 3F5204C5362F62A0B8CC566C6E00E007 1101824 ----a-w- C:\Users\Markovic\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC1S5BEP\FRST[1].exe 2014-10-10 20:50:06 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\Windows\System32\javaws.exe 2014-10-10 20:49:57 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\Windows\System32\javaw.exe 2014-10-10 20:49:57 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\Windows\System32\java.exe 2014-10-10 20:49:48 F67D9621616CB31217A497FEDE4913F5 16296 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe 2014-10-10 20:49:48 CEEFA72555A8FAD52C29BA17AE3E6DEF 16296 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe 2014-10-10 20:49:48 C3F55C9B02A22EC0B345E20AE9AE9B71 16296 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe 2014-10-10 20:49:48 A788E5ED0454307CBCFB95CC33E5F717 16808 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe 2014-10-10 20:49:48 A6B7A388547C4CDF4D8F2AF55D79AC85 145832 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe 2014-10-10 20:49:48 8B986C008892DB58928BC72483ADF7B9 16808 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe 2014-10-10 20:49:48 7ED5C21F9F29B5278FFF39718C667235 16296 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe 2014-10-10 20:49:48 7DC9A0127F850997B4CFD9923C680D7D 16296 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe 2014-10-10 20:49:48 7BDCC29DDFBB355761A018A74D4A1E8C 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe 2014-10-10 20:49:48 7A17013ABD895DFBD61A5AF9996D0E5E 50088 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe 2014-10-10 20:49:48 48442596BFEB26E56898A0E4D2596A95 16296 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe 2014-10-10 20:49:48 34CEC403ED594B55D55DED61A3A53DAF 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe 2014-10-10 20:49:48 0371CFD6228F89B5B9E20F67807987FE 16296 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe 2014-10-10 20:49:47 F69D8BDC202973592D710BC913D01919 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe 2014-10-10 20:49:47 EC4C47AADE6606AFCDEAB28E29654ECE 75688 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe 2014-10-10 20:49:47 C8883F91C31CAC40890AC8B668E05F61 16296 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe 2014-10-10 20:49:47 BF918C9473D64BBD53C22C47045883F5 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe 2014-10-10 20:49:47 8B657BA869AE7D3C6A29792C986E0DD5 68008 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe 2014-10-10 20:49:47 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe 2014-10-10 20:49:47 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\Program Files\Java\jre7\bin\java.exe 2014-10-10 20:49:47 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe 2014-10-10 20:49:17 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Markovic\AppData\LocalLow\Sun\Java\jre1.7.0_67\lzma.exe 2014-10-10 20:44:44 9473F655CAE1A13C311C3FF1134D79DC 918440 ----a-w- C:\Users\Markovic\Downloads\chromeinstall-7u67.exe 2014-10-10 20:12:35 3F5204C5362F62A0B8CC566C6E00E007 1101824 ----a-w- C:\Users\Markovic\Desktop\FRST.exe 2014-10-10 20:12:35 14E5CEB671AF0613BF5004CE880F58A9 1101824 ----a-w- C:\Users\Markovic\Downloads\FRST.exe 2014-10-10 20:12:35 0E42A3E48C00DBE76F26140232178891 1101312 ----a-w- C:\Users\Markovic\Desktop\FRST-OlderVersion\FRST.exe 2014-10-10 07:56:47 7BC1685F75F0A1FC33E060B19F761AA5 1705755 ----a-w- C:\Users\Markovic\Downloads\JRT.exe 2014-10-10 07:52:07 12EFD5FA51597F188E5DB50BE20EE597 1375089 ----a-w- C:\Users\Markovic\Downloads\AdwCleaner.exe 2014-10-09 10:28:01 172A84AF9FC23D7AE96691DB9A822E48 212139 ----a-w- C:\Program Files\MCShield\MCS-uninstall.exe 2014-10-09 10:28:00 AE4BCAE40575D3F1A729A0F7598600F0 2090059 ----a-w- C:\ProgramData\MCShield\MCShield-Setup.exe 2014-10-09 10:11:22 0DF3D43C5FE1495BEB3B6739379EF2B9 1385808 ----a-w- C:\Users\Markovic\AppData\Roaming\uTorrent\updates\3.4.2_34309.exe === C: other files == 2014-10-10 20:49:49 F3EABF8A2AF5C0D8BAE022EE6C17FD91 18650 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip 2014-10-09 10:12:47 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2763985286-3645719700-1425198300-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Viber"="C:\Users\Markovic\AppData\Local\Viber\Viber.exe" "99F46D0887681C29F21B983FA02E70E05C9BFDA1._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service" "MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE -startup" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "AMD AVT"="Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Viber"="C:\Users\Markovic\AppData\Local\Viber\Viber.exe" "99F46D0887681C29F21B983FA02E70E05C9BFDA1._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service" "MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [24.09.2014 20:04] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2763985286-3645719700-1425198300-1001" [C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe] "C:\Windows\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2763985286-3645719700-1425198300-1001" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2763985286-3645719700-1425198300-1001" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2763985286-3645719700-1425198300-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2763985286-3645719700-1425198300-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [24.09.2014 00:09] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[24.09.2014 00:09] GoSavei - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold GoSavei - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold GoSavei - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold GoSavei - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold GoSavei - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold GoSavei - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold GoSavei - Markovic\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold Stylish - Markovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe Google Wallet - Markovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda GoSavei - Markovic\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eokgpaaebfecebhhpbnnnhhdaclibold ==== C:\zoek_backup content ====================== C:\zoek_backup (files=190 folders=65 4020174 bytes) ==== EOF on ??? 13.10.2014 at 16:49:19,61 ======================

Profil

magna86 Poslao: 13 Okt 2014 19:05 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ja i ti spentez nikako da se sporazumemo oko ovih novih FRST logova al' dobro, nema veze. Molim te startuj Google Chrome browser (ako ga ne koristis), klik na tarabu (settings dugme sa gornje desne strane) i klik na About Google Chrome. Uslikaj mi (screenshot) taj prozor, treba nesto da proverim.

Profil

Marko Srbin Poslao: 13 Okt 2014 19:19 Idi na vrh
offline Marko Srbin Ugledni građanin Pridružio: 13 Feb 2012 Poruke: 364	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mislis ovako za log: [ edit by magna86: uklonjen izvestaj ]

Profil

magna86 Poslao: 13 Okt 2014 19:50 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imas novu vrstu adware koje su nase kolege sa bleepingcomputer foruma skoro otkrili. Ovaj adware zaobilazi sve internal provere koju Google Chrome vrsi. Da ne objasnjavam sada detalje, strpi se i sacekaj moj odgovor, moram nesto da proverim. Hocu da znas da znamo resenje za ovo, ali cilj nam je da prikupimo sto vise informacija koje mozemo. Tu ti nastupas! Molim te, pazljivo razmisli i reci mi sta si tacno skidao, preuzimao, radio pre nego sto su pocela ova upozorenja od avast!-a. Linkovi takodje znace. Ovo mozes da uradis i preko privatne poruke ako ti je tako lakse. Voleo bih da nadjem izvor infekcije, sam installer (droper) ako je to ikako moguce.

Profil

magna86 Poslao: 13 Okt 2014 19:59 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: `Start CMD: type "C:\Users\Markovic\AppData\Local\Google\Chrome\User Data\Default\Preferences" CMD: type "C:\Users\Markovic\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences" End` 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga okacis uz poruku koristeci opciju Prikači fajl! Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. ==================== ponovo pokreni FRST, kada se alat pokrene klikni Yes na disclaimer prozor; pričekati koji trenutak dok alat proverava postoji li novija verzija; klikni na dugme Scan; po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj FRST.txt izveštaja u poruku;

Profil

magna86 Poslao: 13 Okt 2014 20:11 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Takodje, zapakuj (zip/rar-uj) C:\zoek_backup folder i uploaduj mi preko ove forme: [Link mogu videti samo ulogovani korisnici] Javi mi kada to uradis.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Avast

Ko je trenutno na forumu

Ukupno su 800 korisnika na forumu :: 52 registrovanih, 4 sakrivenih i 744 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Aleksandar Tomić, Andrija357, AS, Avalon015, bigfoot, bojank, bpop, BrcakRS, brufen, CikaKURE, DeerHunter, Deki Duga Devetka, desmeki, dj.ape, g_g, Giskard, goxin, Imperator_Aleksandr_lll, Jelly4183, JOntra, K2, Kajzer Soze, kybonacci, manda87, Marko00, mačković, mercedesamg, mihajlot2013, milbos, mile79, nikoladim, nikolapetkovic, nuke92, Pancevac, pasko2025, Perudin_92, precan, RajkoB, Shinobi, shlauf, skok, Sky diver 29, sonico, taomaster, Titan, Tumansky, USSVoyager, vathra, Velizar Laro, Vlada76, Zvonkozvonko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by