Dečija posla

1

Dečija posla

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1793

Dečiji računar, nema čega nema.

Vrlo usporen rad računara.
Kad god nešto kliknem u pretraživaču, redirektuje me ko zna gde
Ne mogu da izbrišem neke programa poput SavePass 1.1, GoHD, Cinem Plus 2.4cV30.07 i ko zna šta sve još Smile

Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-07-2015
Ran by Vasilije (2015-07-31 01:19:03)
Running from C:\Users\Vasilije\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1760121238-282637544-2622143497-500 - Administrator - Disabled)
Guest (S-1-5-21-1760121238-282637544-2622143497-501 - Limited - Disabled)
Vasilije (S-1-5-21-1760121238-282637544-2622143497-1000 - Administrator - Enabled) => C:\Users\Vasilije

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

adblocker (HKLM-x32\...\{D4764E74-A105-4D6A-8811-BAAF6FE4423C}) (Version: 1.1.0.31 - adblocker) <==== ATTENTION
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Age of Empires II: HD Edition (HKLM-x32\...\{1194343F-ACFE-4AB4-B1C0-C1E913B729BF}_is1) (Version: 3.8.2662 - Microsoft Studios, Tolyak26)
Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Benchwarmer Dribbble for Chrome Tabs (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
bestadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== ATTENTION
Bully Scholarship Edition (HKLM-x32\...\InstallShield_{A724605D-B399-4304-B8C7-33B3EF7D4677}) (Version: 1.00.0154 - Rockstar Games)
Bully Scholarship Edition (x32 Version: 1.00.0154 - Rockstar Games) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Cinem Plus 2.4cV30.07 (HKLM-x32\...\Cinem Plus 2.4cV30.07) (Version: 1.36.01.22 - Cinema Plus ProV30.07) <==== ATTENTION
CinemaPlus-3.2cV29.07 (HKLM-x32\...\CinemaPlus-3.2cV29.07) (Version: 1.36.01.22 - Cinema PlusV29.07) <==== ATTENTION
Company of Heroes (HKLM-x32\...\{BA801B94-C28D-46EE-B806-E1E021A3D519}) (Version: 1.0.0.78 - THQ Inc.)
CoupExxtensioonn (HKLM-x32\...\{6933C2BA-C67D-42C7-8C77-1FF4B364AF54}) (Version: - "") <==== ATTENTION
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DeaLExxpreess (HKLM-x32\...\{25F259ED-12F6-429F-5783-527C3E2F8586}) (Version: - "") <==== ATTENTION
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version: - Codemasters Racing Studio)
EExstraiCoupOn (HKLM-x32\...\{98449C67-C7AF-BB53-112D-26C916814611}) (Version: - "") <==== ATTENTION
EZDownloader (HKLM-x32\...\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1) (Version: 1.0 - EZDownloader) <==== ATTENTION
Facebook Invite Them All (HKLM-x32\...\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}) (Version: - "")
Friendly Error (HKLM-x32\...\FriendlyError) (Version: - )
GoHD (HKLM-x32\...\GoHD) (Version: 1.36.01.22 - InstallMoon) <==== ATTENTION
Harry Potter and the Goblet of Fire™ (HKLM-x32\...\{9799BD05-5F89-484C-008E-F50592F53440}) (Version: - )
HP LaserJet Pro MFP M125-M126 (HKLM-x32\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 8.0.14087.1054 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM126DSService (x32 Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (x32 Version: 3.0.26.59 - HP) Hidden
HPLJDXPHelper (x32 Version: 060.048.005 - HP) Hidden
HPLJProMFPM125M126 (HKLM-x32\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (x32 Version: 008.000.0001 - HP) Hidden
HPLJUTM125_126 (x32 Version: 008.000.0001 - HP) Hidden
hppLaserJetService (x32 Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM125LaserJetService (x32 Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM125-M126 (x32 Version: 080.046.00113 - Hewlett-Packard) Hidden
IsavuEr (HKLM-x32\...\{F1422DAA-0829-09A1-7536-73936CAB8FFA}) (Version: - "") <==== ATTENTION
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
LEGO Marvel Super Heroes (HKLM-x32\...\LEGO Marvel Super Heroes_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
LEGO® Batman™ DEMO (HKLM-x32\...\InstallShield_{0B9F8BEE-59F2-43D5-A890-65F649D887A2}) (Version: 1.00.0000 - Warner Bros. Interactive Entertainment)
LEGO® Batman™ DEMO (x32 Version: 1.00.0000 - Warner Bros. Interactive Entertainment) Hidden
LEGO® MARVEL Super Heroes DEMO (HKLM-x32\...\{B61BC343-F4F2-40F8-8F85-E6AF3828CBA5}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LindtPorter (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f6d5a24}) (Version: - LindtPorter) <==== ATTENTION
LS-USBMX 1/2/3 Steering... (HKLM-x32\...\{FEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - GASIA)
LJDXPHelperUI (x32 Version: 060.048.005 - HP) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - )
Mozilla Firefox 39.0 (x86 sr) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 sr)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need For Speed Underground (HKLM-x32\...\{A99968BE-C155-474C-0089-33239DEE1CE2}) (Version: - )
Network Play System (Patching) (HKLM-x32\...\Network Play System (Patching)) (Version: - )
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
PricaeMMinus (HKLM-x32\...\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}) (Version: - ) <==== ATTENTION
Pro Evolution Soccer 2013 DEMO2 (HKLM-x32\...\{E244E649-B7FB-4644-B387-CA882AEC7577}) (Version: 1.00.0000 - KONAMI)
qBittorrent 3.2.0 (HKLM-x32\...\qBittorrent) (Version: 3.2.0 - The qBittorrent project)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
SavePass 1.1 (HKLM-x32\...\SavePass 1.1) (Version: 1.36.01.22 - OB) <==== ATTENTION
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TERA (HKLM-x32\...\Steam App 323370) (Version: - Bluehole Inc.)
The Sims (HKLM-x32\...\The Sims) (Version: - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
Unity Web Player (HKU\S-1-5-21-1760121238-282637544-2622143497-1000\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: 6.6.220 - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

21-07-2015 23:52:17 Windows Update
25-07-2015 14:06:32 Installed Steam
25-07-2015 20:23:45 Installed DirectX
28-07-2015 23:33:36 Windows Update
30-07-2015 23:30:55 Removed SPORE™ Creature Creator Trial Edition
31-07-2015 00:25:39 Configured EA Download Manager

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00491A85-D34E-40BC-914A-9AAF057EEB8A} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {01D2BFBE-F1CB-4B12-9AAB-823FCFA5847D} - System32\Tasks\{A4F57217-B916-4D06-939B-682A401DEA1E} => pcalua.exe -a C:\Users\Vasilije\Downloads\LEGOBatmanDemoSetup.exe -d C:\Users\Vasilije\Downloads
Task: {0BB3CC43-F4A7-4748-A1F9-5373DDBF23B8} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {111E5AA3-F5B8-46B8-9F49-CA3E0DA97FBC} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-10_user => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-10.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {17B9498A-FA45-4049-94CF-5BFA6BAECC0D} - System32\Tasks\{94D5624B-793F-407B-B949-B73106924541} => pcalua.exe -a "E:\Need for Speed Undergraund 1\setup.exe" -d "E:\Need for Speed Undergraund 1"
Task: {1868360F-2D87-4F29-97CA-9D6D16F08499} - System32\Tasks\Tempo Runner soc6hen => C:\ProgramData\DhmReu\socahen.exe [2015-07-15] ()
Task: {201A53B1-F68F-4640-BA86-9BF64CB0226D} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5 => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {21D01146-700A-4605-9717-8E44A467EB6E} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {23EC0499-1F8F-49A6-8527-7CF571A29FD5} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-4 => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-4.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {24AF697A-B59F-4BC4-82B7-4155DD93437A} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {276D2C7E-4532-46FB-9100-FC41C9AEC6C2} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-4 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-4.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {29260BC4-1489-48EF-A13E-CBDE7A9659A9} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)
Task: {2B3AFBD8-7F6A-46C1-97E1-050ED4DDC77D} - System32\Tasks\{FC5BC4C8-C09B-43FD-9E73-10CC76E3A9A2} => pcalua.exe -a C:\Users\Vasilije\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cmi
Task: {2C5652C4-AE70-4A5A-A590-64DE0D5242F2} - System32\Tasks\{05815020-C9EF-49C8-9F33-A6F0F3A11AD5} => pcalua.exe -a "C:\Program Files (x86)\FriendlyError\tmp5716.bat"
Task: {5B86BCD1-EDBA-4AB6-A222-308F40FB11E4} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {68C02022-107D-4F82-8D2A-220E0325BAAD} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5_user => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.exe [2015-07-30] (OB) <==== ATTENTION
Task: {6B9D66FB-1033-413B-BF80-5632E31CD2BB} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-4 => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-4.exe [2015-07-30] (OB) <==== ATTENTION
Task: {71F3A570-40E1-4308-92EF-37A1ED416955} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {7A85D79C-544A-40B5-BF59-37F8594BB789} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6 => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {85111494-140F-424B-A149-01E69051C5CE} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {8B9A79A2-CCED-4228-9419-447298041C2C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {8F571998-0C69-42C1-B8AE-E5AF5809807C} - System32\Tasks\dtB0yMku => C:\Users\Vasilije\AppData\Roaming\dtB0yMku.exe [2015-04-20] () <==== ATTENTION
Task: {9C8C12EE-FA93-4D42-AB51-AB76D1C2F188} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {9E11F9AA-1B9B-4946-8E4C-5E6D98E0D61E} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-10_user => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-10.exe [2015-07-30] (OB) <==== ATTENTION
Task: {9E1A6434-9BEE-448A-8824-97E92568AFF6} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-30] (globalUpdate) <==== ATTENTION
Task: {AFDD7F51-F5FC-4474-97E7-EC7CF614FE8C} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {B053C213-9151-423D-A23D-E19FB5537894} - System32\Tasks\Portable Device Enumerator Service 1.0.30 => C:\Users\Vasilije\AppData\Local\PortableDevice\portable.exe [2015-07-30] ()
Task: {B769DB47-7F94-4D94-8819-CEA7E5A7C620} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-10_user => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-10.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {BCEA189F-D033-409D-A2B1-F7F698896E7C} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {C2469BC4-DA31-48FF-B010-006FB6B77683} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7 => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7.exe [2015-07-30] (OB) <==== ATTENTION
Task: {C3A2FDA8-7B1D-4566-B715-7A92EAABA8F9} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7 => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {C5EA0EAA-4B93-4E35-907B-3AEB973156FD} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5_user => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {C66A7F22-14F5-4673-9FDB-84D681DC94F0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {D523336F-6EFC-4473-8698-CC2675FCAC65} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6 => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6.exe [2015-07-30] (OB) <==== ATTENTION
Task: {D68EE89D-4207-4F71-8A85-249462E9737F} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5_user => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {D93EA612-B54A-464D-9C74-D2F12E9C4610} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10_user => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {DA00507B-1CF2-4DC5-B364-C5AF4E0C436D} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2013-01-28] (Hewlett Packard)
Task: {DC1099A5-68C9-4FD1-8036-1FD79BCB86C5} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-30] (globalUpdate) <==== ATTENTION
Task: {DDB8EBBB-1359-4FEF-BB03-3BC19156BA87} - System32\Tasks\0BiKudy => C:\Users\Vasilije\AppData\Roaming\0BiKudy.exe [2015-04-20] () <==== ATTENTION
Task: {E1AD2BC1-2F61-4906-A9BB-BFB96DCA3B6C} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5 => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.exe [2015-07-30] (OB) <==== ATTENTION
Task: {E1BF72E1-F62B-4B50-90C1-48CF2A3CA687} - System32\Tasks\PPU24kMKL70 => C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70.exe [2015-04-20] () <==== ATTENTION
Task: {E3A14053-19A4-4BBC-A8DC-974446050FF5} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-11 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-11.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {E5239300-9E44-4AE9-AFC6-E3B686C8AFC7} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {FEB2EF04-C251-49ED-906E-1737CB578ECF} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6.exe [2015-07-30] (InstallMoon) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-10_user.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-4.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5_user.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\0BiKudy.job => C:\Users\Vasilije\AppData\Roaming\0BiKudy.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-10_user.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-11.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-4.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5_user.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-10_user.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-4.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5_user.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\dtB0yMku.job => C:\Users\Vasilije\AppData\Roaming\dtB0yMku.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\PPU24kMKL70.job => C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-02-04 00:00 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-15 20:42 - 2015-07-15 20:42 - 00124880 _____ () C:\ProgramData\DhmReu\socahen.exe
2015-07-30 18:26 - 2015-07-30 18:26 - 00161792 _____ () C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F\hnsqAC2A.tmp
2015-07-30 18:26 - 2015-07-30 18:26 - 00034304 _____ () C:\Users\Vasilije\AppData\Local\EncryptingFile\encrypting.exe
2015-01-21 04:06 - 2015-01-21 04:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-2074.dll
2015-07-30 18:26 - 2015-07-30 18:26 - 00209920 _____ () C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F\jnsf9158.tmp
2015-07-15 20:42 - 2015-07-15 20:42 - 00124880 _____ () C:\ProgramData\DhmReu\socwhen.exe
2015-06-18 13:01 - 2015-06-18 13:01 - 08016783 _____ () C:\Program Files (x86)\Sparkling Mother\Sparkling Mother.exe
2015-07-15 20:42 - 2015-07-15 20:42 - 00382976 _____ () C:\ProgramData\DhmReu\socdhen.exe
2015-07-15 20:43 - 2015-07-15 20:43 - 00118272 _____ () C:\ProgramData\DhmReu\soc6hen.exe
2015-07-15 20:43 - 2015-07-15 20:43 - 01441792 _____ () c:\programdata\dhmreu\soc6hen.dll
2015-07-31 00:32 - 2015-05-25 12:32 - 00068432 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2015-07-31 00:32 - 2015-01-13 06:31 - 00179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
2015-07-15 20:42 - 2015-07-15 20:42 - 00591360 _____ () c:\programdata\dhmreu\soc3hen.dll
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2014-08-30 17:12 - 2015-02-04 08:31 - 00332584 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2014-08-30 17:12 - 2015-02-04 08:31 - 00459048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-08-30 17:12 - 2015-02-04 08:31 - 00587048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2015-07-15 12:26 - 2015-07-15 12:26 - 17448624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
2015-07-15 20:42 - 2015-07-15 20:42 - 00098816 _____ () C:\ProgramData\DhmReu\soc3hen.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1760121238-282637544-2622143497-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Vasilije\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 52.17.204.69 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Vasilije^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^crossbrowse.lnk => C:\Windows\pss\crossbrowse.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EA Core => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent
MSCONFIG\startupreg: GoogleChromeAutoLaunch_AB95C26369556A3E43E50B5F84F36855 => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: SoftonicAssistant => "C:\Users\Vasilije\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe"
MSCONFIG\startupreg: StatusAlerts => "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{277F388F-45AD-45ED-B473-6113ACCEDE67}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{01177A7B-FA4A-4A4C-BC9B-94B3AC5247ED}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{51B728B5-8A5D-4412-B773-49846F0D61F3}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{28722E05-C6E6-4B69-8809-D4215BD73064}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe
FirewallRules: [TCP Query User{8C1A5E76-61D4-46EF-B39E-0FBEE619B416}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{667E3E62-2AF3-489C-8A3B-2E700B54B340}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{7B9A5E2B-4571-4661-B0C3-F8677E9883CF}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{5D405172-B147-4954-9436-6C65E62228DA}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{6723F5B0-3CB4-49BD-9DC8-9DE96C159100}C:\program files (x86)\call of duty modern warfare 2\iw4masterserver.dat] => (Block) C:\program files (x86)\call of duty modern warfare 2\iw4masterserver.dat
FirewallRules: [UDP Query User{395F5964-8F91-46F4-A93B-6129CF353072}C:\program files (x86)\call of duty modern warfare 2\iw4masterserver.dat] => (Block) C:\program files (x86)\call of duty modern warfare 2\iw4masterserver.dat
FirewallRules: [TCP Query User{AF0A7AB7-A2A9-4944-8108-DCD627C3E00A}C:\program files (x86)\call of duty modern warfare 2\com.dat] => (Allow) C:\program files (x86)\call of duty modern warfare 2\com.dat
FirewallRules: [UDP Query User{33AF5E52-ED51-4ED4-BC72-10C77A7632C0}C:\program files (x86)\call of duty modern warfare 2\com.dat] => (Allow) C:\program files (x86)\call of duty modern warfare 2\com.dat
FirewallRules: [TCP Query User{ED0016C0-3063-4C13-8AAD-147ABC459A92}C:\program files (x86)\call of duty modern warfare 2\iw4mp.dat] => (Block) C:\program files (x86)\call of duty modern warfare 2\iw4mp.dat
FirewallRules: [UDP Query User{4E7836AA-52F0-4E0F-9804-C08AAC13110B}C:\program files (x86)\call of duty modern warfare 2\iw4mp.dat] => (Block) C:\program files (x86)\call of duty modern warfare 2\iw4mp.dat
FirewallRules: [{C21A35C8-0D03-4CF3-8933-FDFFEA370282}] => (Allow) C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\dtuser.exe
FirewallRules: [{6032D58C-C15F-4E82-9CE3-9668A479A364}] => (Allow) C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\dtuser.exe
FirewallRules: [{10139287-1847-4416-947C-C9322C0ABF08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E8151384-97D6-4CFD-8D52-5D56D3C0D351}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{330AC4A3-C1DE-4988-8C47-AAFF9308BF18}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4B0E1F4A-69DB-4C32-99DC-AB75A9B9EE6B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3D81F71D-9140-4EB6-9FE4-C4C211C41D80}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{E1EBBE8F-6A4E-4DFE-A95C-B6AD60CC5458}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{69C45779-4417-4084-84A0-56211F11EF46}] => (Allow) C:\ProgramData\DhmReu\socahen.exe
FirewallRules: [{A1A4C6DA-492B-4964-AC1F-168ADFE40E41}] => (Allow) C:\ProgramData\DhmReu\socahen.exe
FirewallRules: [{D04D747C-E7EE-4983-A873-D959595D3715}] => (Allow) C:\ProgramData\DhmReu\socahen.exe
FirewallRules: [{2E7EA4D6-C7B3-4A17-B123-FE22E7126B8A}] => (Allow) C:\ProgramData\DhmReu\socahen.exe
FirewallRules: [{9A6A5CAC-939A-466E-966E-5EEDFDE50B1A}] => (Allow) C:\ProgramData\DhmReu\socahen.exe
FirewallRules: [{8EC31B7E-DD01-43A0-83DF-EA10A6E3386D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A63F96F6-EFC7-46A7-8710-70A1EDE8B659}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/31/2015 01:21:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 39.0.0.5659, time stamp: 0x55934d06
Faulting module name: mozalloc.dll, version: 39.0.0.5659, time stamp: 0x55933a83
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x1058
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (07/31/2015 01:21:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 39.0.0.5659, time stamp: 0x55934d06
Faulting module name: mozalloc.dll, version: 39.0.0.5659, time stamp: 0x55933a83
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x102c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (07/31/2015 01:21:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 39.0.0.5659, time stamp: 0x55934d06
Faulting module name: mozalloc.dll, version: 39.0.0.5659, time stamp: 0x55933a83
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0xfbc
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (07/31/2015 01:20:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 39.0.0.5659, time stamp: 0x55934d06
Faulting module name: mozalloc.dll, version: 39.0.0.5659, time stamp: 0x55933a83
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x1f8
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (07/31/2015 01:11:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2015 12:34:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 39.0.0.5659, time stamp: 0x55934d06
Faulting module name: mozalloc.dll, version: 39.0.0.5659, time stamp: 0x55933a83
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x104c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (07/31/2015 12:34:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 39.0.0.5659, time stamp: 0x55934d06
Faulting module name: mozalloc.dll, version: 39.0.0.5659, time stamp: 0x55933a83
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x1300
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (07/31/2015 12:34:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 39.0.0.5659, time stamp: 0x55934d06
Faulting module name: mozalloc.dll, version: 39.0.0.5659, time stamp: 0x55933a83
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x438
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (07/31/2015 12:33:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 39.0.0.5659, time stamp: 0x55934d06
Faulting module name: mozalloc.dll, version: 39.0.0.5659, time stamp: 0x55933a83
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x1ff0
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (07/31/2015 12:22:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 5.2.0.5101 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 169c

Start Time: 01d0cb14a88cf960

Termination Time: 1794

Application Path: C:\Program Files\CCleaner\CCleaner64.exe

Report Id: 556a2851-3709-11e5-a3e5-002421f0d38f


System errors:
=============
Error: (07/31/2015 01:15:43 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (07/31/2015 01:10:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Datamngr Coordinator service failed to start due to the following error:
%%1053

Error: (07/31/2015 01:10:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Datamngr Coordinator service to connect.

Error: (07/31/2015 01:09:23 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:08:02 on ‎31.‎7.‎2015 was unexpected.

Error: (07/31/2015 12:13:11 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (07/31/2015 12:07:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Datamngr Coordinator service failed to start due to the following error:
%%1053

Error: (07/31/2015 12:07:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Datamngr Coordinator service to connect.

Error: (07/30/2015 11:59:32 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}5{06622D85-6856-4460-8DE1-A81921B41C4B}

Error: (07/30/2015 11:59:20 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\SysWOW64\DllHost.exe /Processid:{FCC74B77-EC3E-4DD8-A80B-008A702075A9}5{FCC74B77-EC3E-4DD8-A80B-008A702075A9}

Error: (07/30/2015 11:59:12 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Microsoft Office:
=========================
Error: (07/31/2015 01:21:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa1105801d0cb1d01ee9f10C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllaa5e4a50-3711-11e5-9d6e-002421f0d38f

Error: (07/31/2015 01:21:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa1102c01d0cb1d01db9410C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllaa54fb80-3711-11e5-9d6e-002421f0d38f

Error: (07/31/2015 01:21:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa1fbc01d0cb1d0198ed90C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllaa54d470-3711-11e5-9d6e-002421f0d38f

Error: (07/31/2015 01:20:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa11f801d0cb1d1268a390C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla240f570-3711-11e5-9d6e-002421f0d38f

Error: (07/31/2015 01:11:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2015 12:34:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa1104c01d0cb1698b6eb20C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll1422efb0-370b-11e5-a3e5-002421f0d38f

Error: (07/31/2015 12:34:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa1130001d0cb169e8dcaa0C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll141c8710-370b-11e5-a3e5-002421f0d38f

Error: (07/31/2015 12:34:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa143801d0cb175872fe90C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll141979d0-370b-11e5-a3e5-002421f0d38f

Error: (07/31/2015 12:33:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa11ff001d0cb169c149ce0C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll0f6a70b0-370b-11e5-a3e5-002421f0d38f

Error: (07/31/2015 12:22:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: CCleaner64.exe5.2.0.5101169c01d0cb14a88cf9601794C:\Program Files\CCleaner\CCleaner64.exe556a2851-3709-11e5-a3e5-002421f0d38f


CodeIntegrity:
===================================
Date: 2015-02-13 11:06:41.675
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-13 11:06:41.598
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-06 11:28:12.991
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-06 11:28:12.835
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X2 250 Processor
Percentage of memory in use: 65%
Total physical RAM: 2047.24 MB
Available physical RAM: 702.04 MB
Total Virtual: 4094.48 MB
Available Virtual: 1792.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:117.09 GB) (Free:9.33 GB) NTFS
Drive d: () (Fixed) (Total:180.9 GB) (Free:101.6 GB) NTFS
Drive e: (DiRT Showdown) (CDROM) (Total:6.12 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: A815A815)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=180.9 GB) - (Type=07 NTFS)

==================== End of log ============================
https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Jeste da nedostaje FRST.txt izvještaj, no prvo probaj da deinstaliraš:

adblocker
Benchwarmer Dribbble for Chrome Tabs
bestadblocker
Cinem Plus 2.4cV30.07
CinemaPlus-3.2cV29.07
CoupExxtensioonn
DeaLExxpreess
EExstraiCoupOn
EZDownloader
Friendly Error
GoHD
IsavuEr
LindtPorter
PricaeMMinus
SavePass 1.1
YAC(Yet Another Cleaner!)




KAda to sve završiš, restartuj računar i postavi mi FRST.txt i novi Addition.txt

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1793

Napisano: 31 Jul 2015 9:42

Uspeo sam da deinstaliram adblocker i YAC. Ostalo ni da mrdne. Znaci kako pokusam uninstal jeddnostavno ne reaguje uopste a neke cak i nemam na listi za uninstal

Dopuna: 31 Jul 2015 10:18

Evo first text izvestaja

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-07-2015
Ran by Vasilije (administrator) on VASILIJE-PC (31-07-2015 10:08:46)
Running from C:\Users\Vasilije\Desktop
Loaded Profiles: Vasilije (Available Profiles: Vasilije)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F\hnsqAC2A.tmp
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(InstallMoon) C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6.exe
(Cinema PlusV29.07) C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10.exe
(OB) C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6.exe
(InstallMoon) C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-10.exe
(OB) C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-10.exe
(Cinema Plus ProV30.07) C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-10.exe
(Cinema PlusV29.07) C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.exe
(Cinema Plus ProV30.07) C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Users\Vasilije\AppData\Local\EncryptingFile\encrypting.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
() C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F\jnsf9158.tmp
(XTab system) C:\Program Files (x86)\MiuiTab\ProtectService.exe
(SearchProtect) C:\Program Files (x86)\MiuiTab\CmdShell.exe
(XTab system) C:\Program Files (x86)\MiuiTab\HPNotify.exe
() C:\Program Files (x86)\Sparkling Mother\Sparkling Mother.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\wmi64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1760121238-282637544-2622143497-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=14382.....C757490&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=14382.....C757490&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=14382.....C757490&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=14382.....C757490&q={searchTerms}
HKU\S-1-5-21-1760121238-282637544-2622143497-1000\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
HKU\S-1-5-21-1760121238-282637544-2622143497-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1760121238-282637544-2622143497-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1760121238-282637544-2622143497-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2&q={searchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-02-04] (Kaspersky Lab ZAO)
BHO: IsAver -> {349180EB-2ABD-4BCD-85F9-BA22F226DA8B} -> C:\Program Files (x86)\IsAver\P16dsmmB3udg1J.x64.dll [2015-06-14] ()
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-02-04] (Kaspersky Lab ZAO)
BHO: Movies Search App (Dist. by Bandoo Media, Inc.) -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll [2014-07-03] (IAC Search and Media, Inc.)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-02-04] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-02-04] (Kaspersky Lab ZAO)
BHO-x32: GoodTab Class -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-07-23] (Thinkgood Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-18] (Oracle Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-02-04] (Kaspersky Lab ZAO)
BHO-x32: Movies Search App (Dist. by Bandoo Media, Inc.) -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx.dll [2014-07-03] (IAC Search and Media, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-18] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-02-04] (Kaspersky Lab ZAO)
Toolbar: HKLM - Movies Search App (Dist. by Bandoo Media, Inc.) - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll [2014-07-03] (IAC Search and Media, Inc.)
Toolbar: HKLM-x32 - Movies Search App (Dist. by Bandoo Media, Inc.) - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx.dll [2014-07-03] (IAC Search and Media, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{35A6B7F2-F9C8-47C5-B927-CF7E3851B0F8}: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default
FF NewTab: chrome://quick_start/content/index.html
FF Homepage: ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-18] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-04] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-02-04] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-04] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-30] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-30] (globalUpdate)
FF Plugin HKU\S-1-5-21-1760121238-282637544-2622143497-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Vasilije\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\user.js [2015-07-31]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pogodakyu.xml [2015-07-01]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vokabular.xml [2015-07-01]
FF Extension: PRIceMinus - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\088T@3c.org [2015-05-18]
FF Extension: SavePass 1.1 - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com [2015-07-30]
FF Extension: Cinem Plus 2.4cV30.07 - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.com [2015-07-30]
FF Extension: Isauver - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\9@tb.net [2015-06-14]
FF Extension: The AdBlocker - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\avpv_dibs_yuv@cjjs_sjxrueibhbbnkn.org [2015-05-25]
FF Extension: CinemaPlus-3.2cV29.07 - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-07-30]
FF Extension: GoHD - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\f8783004-c434-4bd0-9f81-9a39dd64baaa@08ad07c4-3f21-451d-9045-9e0d5dc8aa9e.com [2015-07-30]
FF Extension: PricaeMMinus - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\K09@oM.org [2015-05-18]
FF Extension: CoupExxtensioonn - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\mX@pco4lSoF.edu [2015-05-26]
FF Extension: bestadblocker - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\VQlEw@I.edu [2015-05-18]
FF Extension: Noia Fox - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-04]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-04]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-02-04]

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 comyninu; C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F\hnsqAC2A.tmp [161792 2015-07-30] () [File not signed]
S2 DatamngrCoordinator; C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe [3204296 2015-06-22] (Bandoo Media Inc.)
R2 FHHK27; C:\Users\Vasilije\AppData\Local\EncryptingFile\encrypting.exe [34304 2015-07-30] () [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-30] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-30] (globalUpdate) [File not signed] <==== ATTENTION
S2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 hyverumu; C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F\jnsf9158.tmp [209920 2015-07-30] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-07-23] (XTab system)
R2 Sparkling Mother; C:\Program Files (x86)\Sparkling Mother\Sparkling Mother.exe [8016783 2015-06-18] () [File not signed] <==== ATTENTION

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-02-05] (Disc Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-02-04] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-14] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-02-04] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-31 08:43 - 2015-07-31 10:06 - 00000224 _____ C:\Windows\setupact.log
2015-07-31 08:43 - 2015-07-31 08:43 - 00000000 _____ C:\Windows\setuperr.log
2015-07-31 08:35 - 2015-07-31 08:42 - 00000260 _____ C:\Windows\Tasks\Tempo Runner soc6hen.job
2015-07-31 08:35 - 2015-07-31 08:42 - 00000260 _____ C:\Windows\Tasks\Tempo Runner soc3hen.job
2015-07-31 01:42 - 2015-07-31 08:42 - 00000260 _____ C:\Windows\Tasks\Tempo Runner socdhen.job
2015-07-31 01:12 - 2015-07-31 10:08 - 00017984 _____ C:\Users\Vasilije\Desktop\FRST.txt
2015-07-31 01:11 - 2015-07-31 01:12 - 00002400 _____ C:\Windows\System32\Tasks\Tempo Runner soc6hen
2015-07-31 01:10 - 2015-07-31 01:10 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-07-31 01:06 - 2015-07-31 00:58 - 02168832 _____ (Farbar) C:\Users\Vasilije\Desktop\FRST64.exe
2015-07-31 01:01 - 2015-07-31 10:08 - 00000000 ____D C:\FRST
2015-07-31 00:57 - 2015-07-31 00:58 - 02168832 _____ (Farbar) C:\Users\Vasilije\Downloads\FRST64.exe
2015-07-31 00:33 - 2015-07-31 00:33 - 00000000 ____D C:\Windows\system32\log
2015-07-31 00:29 - 2015-07-31 00:29 - 00000000 ____D C:\Users\Vasilije\AppData\Roaming\Elex-tech
2015-07-31 00:27 - 2015-07-31 00:28 - 00867672 _____ () C:\Users\Vasilije\Downloads\yet_another_cleaner_sk_6480278.exe
2015-07-31 00:22 - 2015-07-31 00:22 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-31 00:22 - 2015-07-31 00:22 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-30 23:39 - 2015-07-30 23:39 - 00003106 _____ C:\Windows\System32\Tasks\{05815020-C9EF-49C8-9F33-A6F0F3A11AD5}
2015-07-30 23:36 - 2015-07-30 23:36 - 00000000 ____D C:\Users\Vasilije\SupTab
2015-07-30 23:17 - 2015-07-30 23:17 - 00000000 ____D C:\Windows\pss
2015-07-30 22:56 - 2015-07-30 22:56 - 00003170 _____ C:\Windows\System32\Tasks\{FC5BC4C8-C09B-43FD-9E73-10CC76E3A9A2}
2015-07-30 22:35 - 2015-07-30 22:35 - 00000000 ____D C:\Users\Vasilije\AppData\Roaming\ASP
2015-07-30 20:29 - 2015-07-30 23:41 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-30 20:29 - 2015-07-30 22:37 - 00000000 ____D C:\Users\Vasilije\AppData\Local\Google
2015-07-30 19:50 - 2015-07-30 19:50 - 00613255 _____ (CMI Limited) C:\Users\Vasilije\AppData\Local\nsh9617.tmp
2015-07-30 19:12 - 2015-07-31 10:07 - 00000998 _____ C:\Windows\Tasks\0BiKudy.job
2015-07-30 19:12 - 2015-07-30 19:12 - 00004036 _____ C:\Windows\System32\Tasks\0BiKudy
2015-07-30 19:10 - 2015-07-30 19:10 - 00000000 ____D C:\ProgramData\FWinManProF
2015-07-30 18:49 - 2015-07-31 10:07 - 00001006 _____ C:\Windows\Tasks\PPU24kMKL70.job
2015-07-30 18:49 - 2015-07-30 22:34 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-07-30 18:49 - 2015-07-30 22:34 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-07-30 18:49 - 2015-07-30 20:12 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-07-30 18:49 - 2015-07-30 18:49 - 00004044 _____ C:\Windows\System32\Tasks\PPU24kMKL70
2015-07-30 18:48 - 2015-07-31 10:07 - 00003480 _____ C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7.job
2015-07-30 18:48 - 2015-07-31 10:07 - 00002452 _____ C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5_user.job
2015-07-30 18:48 - 2015-07-31 10:07 - 00002452 _____ C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.job
2015-07-30 18:48 - 2015-07-31 10:06 - 00003144 _____ C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.job
2015-07-30 18:48 - 2015-07-30 19:12 - 00006172 _____ C:\Windows\System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6
2015-07-30 18:48 - 2015-07-30 19:12 - 00005482 _____ C:\Windows\System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5
2015-07-30 18:48 - 2015-07-30 19:11 - 00006510 _____ C:\Windows\System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7
2015-07-30 18:47 - 2015-07-31 10:07 - 00004500 _____ C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4.job
2015-07-30 18:47 - 2015-07-30 19:11 - 00007530 _____ C:\Windows\System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4
2015-07-30 18:47 - 2015-07-30 18:47 - 00000000 ____D C:\Windows\SysWOW64\Flash
2015-07-30 18:46 - 2015-07-31 10:07 - 00005190 _____ C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11.job
2015-07-30 18:46 - 2015-07-31 10:06 - 00002118 _____ C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10_user.job
2015-07-30 18:46 - 2015-07-30 23:06 - 00000000 ____D C:\Program Files (x86)\CinemaPlus-3.2cV29.07
2015-07-30 18:46 - 2015-07-30 19:11 - 00008220 _____ C:\Windows\System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11
2015-07-30 18:45 - 2015-07-30 18:45 - 00613255 _____ (CMI Limited) C:\Users\Vasilije\AppData\Local\nsnAE4A.tmp
2015-07-30 18:45 - 2015-07-30 18:45 - 00000000 __SHD C:\Users\Vasilije\AppData\Roaming\AnyProtectEx
2015-07-30 18:44 - 2015-07-31 10:07 - 00004466 _____ C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-4.job
2015-07-30 18:44 - 2015-07-31 10:07 - 00003446 _____ C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7.job
2015-07-30 18:44 - 2015-07-31 10:07 - 00002418 _____ C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5_user.job
2015-07-30 18:44 - 2015-07-31 10:07 - 00002418 _____ C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.job
2015-07-30 18:44 - 2015-07-31 10:06 - 00003110 _____ C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6.job
2015-07-30 18:44 - 2015-07-30 18:44 - 00007496 _____ C:\Windows\System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-4
2015-07-30 18:44 - 2015-07-30 18:44 - 00006476 _____ C:\Windows\System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7
2015-07-30 18:44 - 2015-07-30 18:44 - 00006138 _____ C:\Windows\System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6
2015-07-30 18:44 - 2015-07-30 18:44 - 00005448 _____ C:\Windows\System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5
2015-07-30 18:43 - 2015-07-31 10:07 - 00005156 _____ C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-11.job
2015-07-30 18:43 - 2015-07-31 10:06 - 00002084 _____ C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-10_user.job
2015-07-30 18:43 - 2015-07-30 23:06 - 00000000 ____D C:\Program Files (x86)\GoHD
2015-07-30 18:43 - 2015-07-30 18:43 - 00008186 _____ C:\Windows\System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-11
2015-07-30 18:42 - 2015-07-30 23:23 - 00000000 ____D C:\Users\Vasilije\AppData\Roaming\systweak
2015-07-30 18:42 - 2015-07-02 14:14 - 00020248 _____ () C:\Windows\system32\roboot64.exe
2015-07-30 18:40 - 2015-07-30 18:41 - 00000000 ____D C:\ProgramData\vWinManProv
2015-07-30 18:38 - 2015-07-31 10:06 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-30 18:36 - 2015-07-30 19:11 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-30 18:36 - 2015-07-30 18:36 - 00000000 ____D C:\ProgramData\XWinManProX
2015-07-30 18:36 - 2015-07-30 18:36 - 00000000 _____ C:\Windows\prleth.sys
2015-07-30 18:36 - 2015-07-30 18:36 - 00000000 _____ C:\Windows\hgfs.sys
2015-07-30 18:35 - 2015-07-30 18:35 - 00000000 ____D C:\Users\Vasilije\AppData\Local\F6755810-8568-4800-9C34-F19EC0875C21
2015-07-30 18:28 - 2015-07-31 10:07 - 00002452 _____ C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5_user.job
2015-07-30 18:28 - 2015-07-31 10:07 - 00002452 _____ C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.job
2015-07-30 18:28 - 2015-07-31 10:07 - 00002434 _____ C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5_user.job
2015-07-30 18:28 - 2015-07-31 10:07 - 00002434 _____ C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.job
2015-07-30 18:28 - 2015-07-31 10:07 - 00001000 _____ C:\Windows\Tasks\dtB0yMku.job
2015-07-30 18:28 - 2015-07-30 18:28 - 00006154 _____ C:\Windows\System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6
2015-07-30 18:28 - 2015-07-30 18:28 - 00005482 _____ C:\Windows\System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5
2015-07-30 18:28 - 2015-07-30 18:28 - 00005464 _____ C:\Windows\System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5
2015-07-30 18:28 - 2015-07-30 18:28 - 00004038 _____ C:\Windows\System32\Tasks\dtB0yMku
2015-07-30 18:27 - 2015-07-31 10:07 - 00004500 _____ C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-4.job
2015-07-30 18:27 - 2015-07-31 10:07 - 00004146 _____ C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-4.job
2015-07-30 18:27 - 2015-07-31 10:07 - 00003480 _____ C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7.job
2015-07-30 18:27 - 2015-07-31 10:07 - 00003126 _____ C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7.job
2015-07-30 18:27 - 2015-07-31 10:06 - 00003144 _____ C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6.job
2015-07-30 18:27 - 2015-07-31 10:06 - 00003126 _____ C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6.job
2015-07-30 18:27 - 2015-07-31 10:06 - 00000976 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-07-30 18:27 - 2015-07-31 08:37 - 00000980 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-07-30 18:27 - 2015-07-30 23:36 - 00000000 ____D C:\Users\Vasilije\AppData\Roaming\Opera Software
2015-07-30 18:27 - 2015-07-30 23:36 - 00000000 ____D C:\Users\Vasilije\AppData\Local\Opera Software
2015-07-30 18:27 - 2015-07-30 19:11 - 00003978 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-07-30 18:27 - 2015-07-30 19:11 - 00003724 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-07-30 18:27 - 2015-07-30 18:28 - 00007530 _____ C:\Windows\System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-4
2015-07-30 18:27 - 2015-07-30 18:28 - 00006510 _____ C:\Windows\System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7
2015-07-30 18:27 - 2015-07-30 18:28 - 00006172 _____ C:\Windows\System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6
2015-07-30 18:27 - 2015-07-30 18:28 - 00006156 _____ C:\Windows\System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7
2015-07-30 18:27 - 2015-07-30 18:28 - 00000000 ____D C:\ProgramData\lWinManProl
2015-07-30 18:27 - 2015-07-30 18:27 - 00007176 _____ C:\Windows\System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-4
2015-07-30 18:27 - 2015-07-30 18:27 - 00000000 ____D C:\Users\Vasilije\AppData\Local\globalUpdate
2015-07-30 18:27 - 2015-07-30 18:27 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-07-30 18:26 - 2015-07-31 10:06 - 00002118 _____ C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-10_user.job
2015-07-30 18:26 - 2015-07-31 10:06 - 00002100 _____ C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-10_user.job
2015-07-30 18:26 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F
2015-07-30 18:26 - 2015-07-30 23:37 - 00000000 ____D C:\Users\Vasilije\AppData\Local\00000000-1438280810-0000-0000-002421F0D38F
2015-07-30 18:26 - 2015-07-30 23:14 - 00000000 ____D C:\Program Files (x86)\SavePass 1.1
2015-07-30 18:26 - 2015-07-30 23:06 - 00000000 ____D C:\Program Files (x86)\Cinem Plus 2.4cV30.07
2015-07-30 18:26 - 2015-07-30 22:45 - 00000000 ____D C:\Program Files\chk32
2015-07-30 18:26 - 2015-07-30 18:26 - 00003214 _____ C:\Windows\System32\Tasks\Portable Device Enumerator Service 1.0.30
2015-07-30 18:26 - 2015-07-30 18:26 - 00000000 ____D C:\Users\Vasilije\AppData\Local\PortableDevice
2015-07-30 18:26 - 2015-07-30 18:26 - 00000000 ____D C:\Users\Vasilije\AppData\Local\EncryptingFile
2015-07-30 18:26 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-30 18:25 - 2015-07-30 23:36 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-30 17:28 - 2015-07-30 18:10 - 573241736 _____ (Warner Bros. Interactive Entertainment) C:\Users\Vasilije\Downloads\LEGOHarry2(2).exe
2015-07-28 14:52 - 2015-07-28 14:52 - 00270201 _____ C:\Users\Vasilije\Downloads\GTA_IV_Drunk_cam_fix.zip
2015-07-28 14:47 - 2015-07-28 14:48 - 33954645 _____ C:\Users\Vasilije\Downloads\Patch-1-0-1-0-pour-GTA-4(1).zip
2015-07-28 14:01 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 14:01 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 14:01 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 14:01 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 14:01 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 14:01 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 14:01 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 14:01 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-25 20:26 - 2015-07-25 20:26 - 00000000 ____D C:\ProgramData\Codemasters
2015-07-25 20:25 - 2015-07-25 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
2015-07-25 20:25 - 2015-07-25 20:25 - 00000000 ____D C:\Program Files (x86)\BRS
2015-07-25 20:25 - 2011-09-05 20:57 - 01306624 _____ (Blue Ripple Sound Limited) C:\Windows\SysWOW64\rapture3d_oal.dll
2015-07-25 20:25 - 2010-09-22 14:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\Windows\SysWOW64\mkl_blueripple.dll
2015-07-25 20:15 - 2015-07-25 20:15 - 00000222 _____ C:\Users\Vasilije\Desktop\DiRT Showdown.url
2015-07-25 16:54 - 2015-07-25 20:15 - 00000000 ____D C:\Users\Vasilije\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-25 16:54 - 2015-07-25 16:54 - 00000222 _____ C:\Users\Vasilije\Desktop\TERA.url
2015-07-25 14:15 - 2015-07-25 14:15 - 00000000 ____D C:\Users\Vasilije\AppData\Local\Steam
2015-07-25 14:15 - 2015-07-25 14:15 - 00000000 ____D C:\Users\Vasilije\AppData\Local\CEF
2015-07-25 14:07 - 2015-07-31 01:47 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-25 14:07 - 2015-07-25 14:07 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2015-07-25 14:07 - 2015-07-25 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-21 13:36 - 2015-07-21 13:42 - 144361560 _____ (GIANTS Software ) C:\Users\Vasilije\Downloads\FarmingSimulator2013Patch2-1ESb.exe
2015-07-21 12:28 - 2015-07-21 12:28 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-07-21 12:27 - 2015-07-31 00:28 - 00006344 _____ C:\Windows\SysWOW64\ealregsnapshot1.reg
2015-07-21 12:26 - 2015-07-21 12:26 - 00000000 ____D C:\Users\Vasilije\AppData\Local\Downloaded Installations
2015-07-21 12:07 - 2015-07-21 12:17 - 215659728 _____ (Macrovision Corporation) C:\Users\Vasilije\Downloads\scc_trial_na.exe
2015-07-21 11:35 - 2015-07-21 11:36 - 33954645 _____ C:\Users\Vasilije\Downloads\Patch-1-0-1-0-pour-GTA-4.zip
2015-07-21 10:41 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 10:41 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 10:41 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 10:41 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 10:41 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 10:41 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 10:41 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 10:41 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 10:41 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 10:41 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-19 13:41 - 2015-07-19 13:42 - 55957936 _____ C:\Users\Vasilije\Downloads\spider3.zip
2015-07-18 12:51 - 2015-07-18 12:51 - 00001115 _____ C:\Users\Vasilije\Desktop\PS(R) Gamepad Adaptor - Shortcut.lnk
2015-07-18 12:03 - 2015-07-18 12:03 - 00000000 ____D C:\Users\Vasilije\AppData\Roaming\InstallShield
2015-07-18 12:03 - 2015-07-18 12:03 - 00000000 ____D C:\Program Files\VID_0E8F&PID_0003
2015-07-18 12:03 - 2015-07-18 12:03 - 00000000 ____D C:\Program Files (x86)\VID_0E8F&PID_0003
2015-07-15 13:18 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 13:18 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 13:18 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 13:18 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 13:18 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 13:18 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 13:18 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 13:18 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 13:18 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 13:18 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 13:18 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 13:18 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 13:18 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 13:18 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 13:18 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 13:18 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 13:18 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 13:18 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 13:18 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 13:18 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 13:18 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 13:18 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 13:18 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 13:18 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 13:18 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 13:18 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 13:18 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 13:18 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 13:18 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 13:18 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 13:18 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 13:18 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 13:18 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 13:18 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 13:18 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 13:18 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 13:18 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 13:18 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 13:18 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 13:18 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 13:18 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 13:18 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 13:18 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 13:18 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 13:18 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 13:18 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 13:18 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 13:18 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 13:18 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 13:18 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 13:18 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 13:18 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 13:18 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 13:18 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 13:17 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 13:17 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 13:17 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 13:17 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 13:17 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 13:17 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 13:17 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 13:17 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 13:17 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 13:17 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 13:17 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 13:17 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 13:17 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 13:17 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 13:17 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 13:17 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 13:17 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 13:17 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 13:17 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 13:17 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 13:17 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 13:17 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 13:17 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 13:17 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 13:17 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 13:17 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 13:17 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 13:16 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 13:16 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 13:16 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 13:16 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 13:16 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 13:16 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 13:16 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 13:16 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 13:16 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 13:16 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 13:16 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 13:16 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 13:16 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 13:16 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 13:16 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 13:16 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 13:16 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 13:16 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 13:16 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 13:16 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 13:16 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 13:16 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 13:16 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 13:16 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 13:16 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 13:16 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 13:16 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 13:16 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 13:16 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 13:16 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 13:16 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 13:16 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 13:16 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 13:16 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 13:16 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 13:16 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 13:16 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 13:16 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 13:16 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 13:16 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 13:16 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 13:16 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 13:16 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 13:16 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 13:16 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 13:16 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 13:16 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 13:16 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 13:16 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 13:16 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 13:16 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 13:16 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 13:16 - 2015-06-11 19:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 13:16 - 2015-06-11 19:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-15 13:16 - 2015-06-11 19:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-15 13:16 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 13:16 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 13:16 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 13:16 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 13:16 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 13:16 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 13:16 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 13:16 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-14 09:59 - 2015-07-14 10:17 - 573241736 _____ (Warner Bros. Interactive Entertainment) C:\Users\Vasilije\Downloads\LEGOHarry2.exe
2015-07-13 12:54 - 2015-07-13 13:08 - 618889056 _____ C:\Users\Vasilije\Downloads\LEGO_Worlds(3).zip
2015-07-11 15:24 - 2015-07-11 15:24 - 00001306 _____ C:\Users\Vasilije\Desktop\LEGO Marvel Super Heroes.lnk
2015-07-11 15:24 - 2015-07-11 15:24 - 00000000 ____D C:\Users\Vasilije\AppData\Roaming\LEGO Marvel Super Heroes
2015-07-11 15:24 - 2015-07-11 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-07-11 15:04 - 2015-07-11 15:04 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-07-10 23:15 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-07-10 23:15 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-07-10 23:15 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-07-10 23:15 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-07-10 23:15 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-07-10 23:15 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-07-10 22:08 - 2015-07-10 22:43 - 690604896 _____ (Warner Bros. Interactive Entertainment) C:\Users\Vasilije\Downloads\LEGOMarvelDemo.exe
2015-07-10 20:04 - 2015-07-10 20:04 - 00000000 ____D C:\Users\Vasilije\AppData\Local\Warner Bros. Interactive Entertainment
2015-07-10 14:13 - 2015-07-10 14:13 - 33954645 _____ C:\Users\Vasilije\Downloads\file.htm
2015-07-10 14:12 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-07-10 14:11 - 2015-07-10 23:12 - 00000000 ____D C:\Program Files (x86)\Warner Bros. Interactive Entertainment
2015-07-10 14:08 - 2015-07-10 14:08 - 00000193 _____ C:\Windows\WORDPAD.INI
2015-07-10 14:04 - 2015-07-10 14:04 - 00003170 _____ C:\Windows\System32\Tasks\{A4F57217-B916-4D06-939B-682A401DEA1E}
2015-07-10 13:48 - 2015-07-10 14:00 - 463405080 _____ (Warner Bros. Interactive Entertainment ) C:\Users\Vasilije\Downloads\LEGOBatmanDemoSetup.exe
2015-07-10 13:11 - 2015-07-10 13:38 - 618889056 _____ C:\Users\Vasilije\Downloads\LEGO_Worlds(2).zip
2015-07-10 11:29 - 2015-07-10 11:42 - 618889056 _____ C:\Users\Vasilije\Downloads\LEGO_Worlds(1).zip
2015-07-10 10:16 - 2015-07-11 15:40 - 00000000 ____D C:\Users\Vasilije\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-07-10 09:59 - 2015-07-10 10:13 - 618889056 _____ C:\Users\Vasilije\Downloads\LEGO_Worlds.zip
2015-07-10 09:54 - 2015-07-10 09:54 - 16260072 _____ (Konami Digital Entertainment Co., Ltd.) C:\Users\Vasilije\Downloads\PES2011Patch103(1).exe
2015-07-10 09:41 - 2015-07-10 09:42 - 16260072 _____ (Konami Digital Entertainment Co., Ltd.) C:\Users\Vasilije\Downloads\PES2011Patch103.exe.part
2015-07-10 09:41 - 2015-07-10 09:41 - 00000000 _____ C:\Users\Vasilije\Downloads\PES2011Patch103.exe
2015-07-09 00:21 - 2015-07-15 12:25 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-08 15:23 - 2015-07-08 15:23 - 05009736 _____ (Adobe Systems Inc.) C:\Users\Vasilije\Downloads\Shockwave_Installer_Slim(1).exe
2015-07-08 15:23 - 2015-07-08 15:23 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2015-07-08 15:22 - 2015-07-08 15:22 - 05009736 _____ (Adobe Systems Inc.) C:\Users\Vasilije\Downloads\Shockwave_Installer_Slim.exe
2015-07-08 15:21 - 2015-07-08 15:21 - 00561248 _____ (Oracle Corporation) C:\Users\Vasilije\Downloads\jxpiinstall(2).exe
2015-07-07 23:45 - 2015-07-31 00:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-05 18:34 - 2015-07-09 15:04 - 00000000 ____D C:\ProgramData\NFS Underground
2015-07-05 18:28 - 2015-07-05 18:28 - 00002179 _____ C:\Users\Public\Desktop\Need For Speed Underground.lnk
2015-07-05 18:28 - 2015-07-05 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-07-05 18:26 - 2015-07-05 18:26 - 00000000 ____D C:\Program Files (x86)\EA GAMES
2015-07-05 16:41 - 2015-07-05 16:41 - 00003166 _____ C:\Windows\System32\Tasks\{94D5624B-793F-407B-B949-B73106924541}
2015-07-04 12:46 - 2015-07-04 12:48 - 89718168 _____ (Acresso Software Inc.) C:\Users\Vasilije\Downloads\AssassinsCreed3Updater1-02_WW.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-31 10:07 - 2015-02-04 08:25 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-07-31 10:06 - 2015-02-04 00:00 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-31 10:06 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-31 10:05 - 2015-02-04 07:14 - 01689266 _____ C:\Windows\WindowsUpdate.log
2015-07-31 09:53 - 2009-07-14 06:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-31 09:53 - 2009-07-14 06:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-31 09:21 - 2015-02-04 22:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-31 01:47 - 2015-02-16 05:29 - 00000000 ____D C:\Windows\Minidump
2015-07-31 01:47 - 2015-02-05 00:39 - 00000000 ____D C:\Users\Vasilije\AppData\Roaming\DAEMON Tools Lite
2015-07-31 01:09 - 2015-02-03 22:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-31 00:29 - 2015-05-11 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2015-07-31 00:29 - 2015-02-04 08:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-31 00:29 - 2015-02-04 08:58 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2015-07-31 00:08 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-31 00:07 - 2015-02-03 22:17 - 00001413 _____ C:\Users\Vasilije\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-30 23:36 - 2015-02-03 22:17 - 00000000 ____D C:\Users\Vasilije
2015-07-30 22:32 - 2015-06-14 10:44 - 00000000 ____D C:\Program Files (x86)\IsavuEr
2015-07-30 22:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-30 22:24 - 2015-03-14 00:46 - 00002330 _____ C:\Users\Vasilije\Desktop\Безбедан новац.lnk
2015-07-30 18:15 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-28 23:34 - 2015-02-04 02:42 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-26 16:50 - 2009-07-14 07:08 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-25 20:26 - 2015-02-05 01:23 - 00000000 ____D C:\Users\Vasilije\Documents\My Games
2015-07-25 12:04 - 2015-04-05 02:49 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 11:55 - 2015-05-03 20:13 - 00000000 ____D C:\Program Files (x86)\Call of Duty Modern Warfare 2
2015-07-22 12:30 - 2009-07-14 06:45 - 00267672 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 20:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-19 11:34 - 2015-03-01 16:29 - 00000000 ____D C:\Users\Vasilije\AppData\Roaming\.minecraft
2015-07-19 00:00 - 2015-03-15 01:23 - 00032768 _____ C:\Windows\system32\persistent_q.db-shm
2015-07-19 00:00 - 2015-03-15 01:23 - 00032520 _____ C:\Windows\system32\persistent_q.db-wal
2015-07-18 11:39 - 2015-02-04 22:35 - 00000000 ____D C:\ProgramData\Oracle
2015-07-18 11:31 - 2015-02-04 22:35 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-18 11:30 - 2015-02-04 22:36 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-16 11:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 11:26 - 2015-02-04 02:42 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 11:14 - 2015-02-03 23:26 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 12:27 - 2015-02-04 22:25 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 12:26 - 2015-02-04 22:25 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 12:26 - 2015-02-04 22:25 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 23:48 - 2015-04-05 02:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-11 21:41 - 2015-02-04 09:34 - 00000000 ____D C:\Users\Vasilije\AppData\Roaming\qBittorrent
2015-07-11 15:24 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-05 18:28 - 2015-02-04 10:49 - 00000000 ____D C:\Users\Vasilije\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-07-03 08:43 - 2015-02-03 23:26 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 22:25 - 2015-05-18 18:32 - 00000000 ____D C:\Program Files (x86)\SoftwarePlus
2015-07-01 10:40 - 2015-02-04 08:54 - 00000000 __SHD C:\Users\Vasilije\AppData\Local\EmieUserList
2015-07-01 10:40 - 2015-02-04 08:54 - 00000000 __SHD C:\Users\Vasilije\AppData\Local\EmieSiteList
2015-07-01 10:40 - 2015-02-04 08:54 - 00000000 __SHD C:\Users\Vasilije\AppData\Local\EmieBrowserModeList

==================== Files in the root of some directories =======

2015-05-03 20:27 - 2015-05-03 20:27 - 0000037 _____ () C:\Program Files (x86)\alterIWnet.ini
2015-05-25 14:04 - 2015-05-25 14:04 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-05-03 20:13 - 2013-11-10 12:24 - 0000218 _____ () C:\Program Files (x86)\update-mw2.bat
2015-05-03 20:13 - 2013-11-06 14:28 - 0000732 _____ () C:\Program Files (x86)\visit-www.nosteam.ro.html
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Vasilije\AppData\Roaming\0BiKudy
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Vasilije\AppData\Roaming\0BiKudy.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Vasilije\AppData\Roaming\dtB0yMku
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Vasilije\AppData\Roaming\dtB0yMku.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70.exe
2015-07-30 19:50 - 2015-07-30 19:50 - 0613255 _____ (CMI Limited) C:\Users\Vasilije\AppData\Local\nsh9617.tmp
2015-07-30 18:45 - 2015-07-30 18:45 - 0613255 _____ (CMI Limited) C:\Users\Vasilije\AppData\Local\nsnAE4A.tmp

Some files in TEMP:
====================
C:\Users\Vasilije\AppData\Local\Temp\1042.exe
C:\Users\Vasilije\AppData\Local\Temp\1121.exe
C:\Users\Vasilije\AppData\Local\Temp\121.exe
C:\Users\Vasilije\AppData\Local\Temp\159.exe
C:\Users\Vasilije\AppData\Local\Temp\23.exe
C:\Users\Vasilije\AppData\Local\Temp\241.exe
C:\Users\Vasilije\AppData\Local\Temp\3125.exe
C:\Users\Vasilije\AppData\Local\Temp\3149.exe
C:\Users\Vasilije\AppData\Local\Temp\3213.exe
C:\Users\Vasilije\AppData\Local\Temp\334.exe
C:\Users\Vasilije\AppData\Local\Temp\3553.exe
C:\Users\Vasilije\AppData\Local\Temp\54C47BC4B7FD438C151DD96668F0CB68.exe
C:\Users\Vasilije\AppData\Local\Temp\6822.exe
C:\Users\Vasilije\AppData\Local\Temp\9627.exe
C:\Users\Vasilije\AppData\Local\Temp\9827.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD16CA.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD1728.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD1BBA.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD7F7B.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD8DBD.exe
C:\Users\Vasilije\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-23 21:02

==================== End of log ============================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Nisi postavio Addition.txt izvještaj. Ponovo pokreni FRST, označi opciju Addition.txt i klikni na Scan. Kada završi, prikači samo Addition.txt. Dobićeš dalja uputstva kada dođem kući.

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1793

Izvini, evo i Additon texta.
https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start

CreateRestorePoint:
CloseProcesses:

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=14382.....C757490&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=14382.....C757490&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=14382.....C757490&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=14382.....C757490&q={searchTerms}
HKU\S-1-5-21-1760121238-282637544-2622143497-1000\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1760121238-282637544-2622143497-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1760121238-282637544-2622143497-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2&q={searchTerms}
BHO: IsAver -> {349180EB-2ABD-4BCD-85F9-BA22F226DA8B} -> C:\Program Files (x86)\IsAver\P16dsmmB3udg1J.x64.dll [2015-06-14] ()
BHO: Movies Search App (Dist. by Bandoo Media, Inc.) -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll [2014-07-03] (IAC Search and Media, Inc.)
BHO-x32: GoodTab Class -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-07-23] (Thinkgood Co. Limited)
BHO-x32: Movies Search App (Dist. by Bandoo Media, Inc.) -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx.dll [2014-07-03] (IAC Search and Media, Inc.)
Toolbar: HKLM - Movies Search App (Dist. by Bandoo Media, Inc.) - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll [2014-07-03] (IAC Search and Media, Inc.)
Toolbar: HKLM-x32 - Movies Search App (Dist. by Bandoo Media, Inc.) - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx.dll [2014-07-03] (IAC Search and Media, Inc.)
FF NewTab: chrome://quick_start/content/index.html
FF Homepage: ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-30] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-30] (globalUpdate)
FF user.js: detected! => C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\user.js [2015-07-31]
FF Extension: PRIceMinus - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\088T@3c.org [2015-05-18]
FF Extension: SavePass 1.1 - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com [2015-07-30]
FF Extension: Cinem Plus 2.4cV30.07 - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.com [2015-07-30]
FF Extension: Isauver - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\9@tb.net [2015-06-14]
FF Extension: The AdBlocker - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\avpv_dibs_yuv@cjjs_sjxrueibhbbnkn.org [2015-05-25]
FF Extension: CinemaPlus-3.2cV29.07 - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-07-30]
FF Extension: GoHD - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\f8783004-c434-4bd0-9f81-9a39dd64baaa@08ad07c4-3f21-451d-9045-9e0d5dc8aa9e.com [2015-07-30]
FF Extension: PricaeMMinus - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\K09@oM.org [2015-05-18]
FF Extension: CoupExxtensioonn - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\mX@pco4lSoF.edu [2015-05-26]
FF Extension: bestadblocker - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\VQlEw@I.edu [2015-05-18]
R2 comyninu; C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F\hnsqAC2A.tmp [161792 2015-07-30] () [File not signed]
S2 DatamngrCoordinator; C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe [3204296 2015-06-22] (Bandoo Media Inc.)
R2 FHHK27; C:\Users\Vasilije\AppData\Local\EncryptingFile\encrypting.exe [34304 2015-07-30] () [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-30] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-30] (globalUpdate) [File not signed] <==== ATTENTION
R2 hyverumu; C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F\jnsf9158.tmp [209920 2015-07-30] () [File not signed]
R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-07-23] (XTab system)
R2 Sparkling Mother; C:\Program Files (x86)\Sparkling Mother\Sparkling Mother.exe [8016783 2015-06-18] () [File not signed] <==== ATTENTION
Task: {00491A85-D34E-40BC-914A-9AAF057EEB8A} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {01D2BFBE-F1CB-4B12-9AAB-823FCFA5847D} - System32\Tasks\{A4F57217-B916-4D06-939B-682A401DEA1E} => pcalua.exe -a C:\Users\Vasilije\Downloads\LEGOBatmanDemoSetup.exe -d C:\Users\Vasilije\Downloads
Task: {0BB3CC43-F4A7-4748-A1F9-5373DDBF23B8} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {111E5AA3-F5B8-46B8-9F49-CA3E0DA97FBC} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-10_user => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-10.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {17B9498A-FA45-4049-94CF-5BFA6BAECC0D} - System32\Tasks\{94D5624B-793F-407B-B949-B73106924541} => pcalua.exe -a "E:\Need for Speed Undergraund 1\setup.exe" -d "E:\Need for Speed Undergraund 1"
Task: {1868360F-2D87-4F29-97CA-9D6D16F08499} - System32\Tasks\Tempo Runner soc6hen => C:\ProgramData\DhmReu\socahen.exe
Task: {201A53B1-F68F-4640-BA86-9BF64CB0226D} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5 => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {21D01146-700A-4605-9717-8E44A467EB6E} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {23EC0499-1F8F-49A6-8527-7CF571A29FD5} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-4 => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-4.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {24AF697A-B59F-4BC4-82B7-4155DD93437A} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {276D2C7E-4532-46FB-9100-FC41C9AEC6C2} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-4 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-4.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {2B3AFBD8-7F6A-46C1-97E1-050ED4DDC77D} - System32\Tasks\{FC5BC4C8-C09B-43FD-9E73-10CC76E3A9A2} => pcalua.exe -a C:\Users\Vasilije\AppData\Roaming\mystartsearch\UninstallManager.exe -c  -ptid=cmi
Task: {2C5652C4-AE70-4A5A-A590-64DE0D5242F2} - System32\Tasks\{05815020-C9EF-49C8-9F33-A6F0F3A11AD5} => pcalua.exe -a "C:\Program Files (x86)\FriendlyError\tmp5716.bat"
Task: {5B86BCD1-EDBA-4AB6-A222-308F40FB11E4} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {68C02022-107D-4F82-8D2A-220E0325BAAD} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5_user => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.exe [2015-07-30] (OB) <==== ATTENTION
Task: {6B9D66FB-1033-413B-BF80-5632E31CD2BB} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-4 => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-4.exe [2015-07-30] (OB) <==== ATTENTION
Task: {71F3A570-40E1-4308-92EF-37A1ED416955} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {7A85D79C-544A-40B5-BF59-37F8594BB789} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6 => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {85111494-140F-424B-A149-01E69051C5CE} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {8F571998-0C69-42C1-B8AE-E5AF5809807C} - System32\Tasks\dtB0yMku => C:\Users\Vasilije\AppData\Roaming\dtB0yMku.exe [2015-04-20] () <==== ATTENTION
Task: {9C8C12EE-FA93-4D42-AB51-AB76D1C2F188} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {9E11F9AA-1B9B-4946-8E4C-5E6D98E0D61E} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-10_user => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-10.exe [2015-07-30] (OB) <==== ATTENTION
Task: {9E1A6434-9BEE-448A-8824-97E92568AFF6} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-30] (globalUpdate) <==== ATTENTION
Task: {AFDD7F51-F5FC-4474-97E7-EC7CF614FE8C} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {B053C213-9151-423D-A23D-E19FB5537894} - System32\Tasks\Portable Device Enumerator Service 1.0.30 => C:\Users\Vasilije\AppData\Local\PortableDevice\portable.exe [2015-07-30] ()
Task: {B769DB47-7F94-4D94-8819-CEA7E5A7C620} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-10_user => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-10.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {BCEA189F-D033-409D-A2B1-F7F698896E7C} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {C2469BC4-DA31-48FF-B010-006FB6B77683} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7 => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7.exe [2015-07-30] (OB) <==== ATTENTION
Task: {C3A2FDA8-7B1D-4566-B715-7A92EAABA8F9} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7 => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {C5EA0EAA-4B93-4E35-907B-3AEB973156FD} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5_user => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {D523336F-6EFC-4473-8698-CC2675FCAC65} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6 => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6.exe [2015-07-30] (OB) <==== ATTENTION
Task: {D68EE89D-4207-4F71-8A85-249462E9737F} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5_user => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {D93EA612-B54A-464D-9C74-D2F12E9C4610} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10_user => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {DDB8EBBB-1359-4FEF-BB03-3BC19156BA87} - System32\Tasks\0BiKudy => C:\Users\Vasilije\AppData\Roaming\0BiKudy.exe [2015-04-20] () <==== ATTENTION
Task: {E1AD2BC1-2F61-4906-A9BB-BFB96DCA3B6C} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5 => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.exe [2015-07-30] (OB) <==== ATTENTION
Task: {E1BF72E1-F62B-4B50-90C1-48CF2A3CA687} - System32\Tasks\PPU24kMKL70 => C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70.exe [2015-04-20] () <==== ATTENTION
Task: {E3A14053-19A4-4BBC-A8DC-974446050FF5} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-11 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-11.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {E5239300-9E44-4AE9-AFC6-E3B686C8AFC7} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {FEB2EF04-C251-49ED-906E-1737CB578ECF} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-10_user.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-4.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5_user.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\0BiKudy.job => C:\Users\Vasilije\AppData\Roaming\0BiKudy.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-10_user.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-11.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-4.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5_user.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-10_user.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-4.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5_user.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\dtB0yMku.job => C:\Users\Vasilije\AppData\Roaming\dtB0yMku.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\PPU24kMKL70.job => C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70.exe <==== ATTENTION

C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F
C:\Program Files (x86)\GoHD
C:\Program Files (x86)\CinemaPlus-3.2cV29.07
C:\Program Files (x86)\SavePass 1.1
C:\Program Files (x86)\Cinem Plus 2.4cV30.07
C:\Users\Vasilije\AppData\Local\EncryptingFile
C:\Program Files (x86)\MiuiTab
C:\Program Files (x86)\Sparkling Mother
C:\Program Files (x86)\IsAver
C:\Program Files (x86)\Movies App
C:\Program Files (x86)\globalUpdate
C:\ProgramData\IHProtectUpDate
C:\Users\Vasilije\Downloads\yet_another_cleaner_sk_6480278.exe
C:\Users\Vasilije\SupTab
C:\Users\Vasilije\AppData\Local\nsh9617.tmp
C:\ProgramData\FWinManProF
C:\Users\Vasilije\AppData\Local\nsnAE4A.tmp
C:\Users\Vasilije\AppData\Roaming\AnyProtectEx
C:\Users\Vasilije\AppData\Roaming\systweak
C:\Windows\system32\roboot64.exe
C:\ProgramData\vWinManProv
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
C:\ProgramData\XWinManProX
C:\Windows\prleth.sys
C:\Windows\hgfs.sys
C:\Users\Vasilije\AppData\Local\F6755810-8568-4800-9C34-F19EC0875C21
C:\ProgramData\lWinManProl
C:\Users\Vasilije\AppData\Local\globalUpdate
C:\Program Files\chk32
C:\Users\Vasilije\AppData\Local\PortableDevice
C:\Windows\system32\Drivers\etc\hp.bak
C:\Users\Vasilije\Downloads\LEGOHarry2(2).exe
C:\Program Files (x86)\IsavuEr
C:\Program Files (x86)\alterIWnet.ini
C:\Program Files (x86)\prefs.js
C:\Program Files (x86)\update-mw2.bat
C:\Program Files (x86)\visit-www.nosteam.ro.html
C:\Users\Vasilije\AppData\Roaming\0BiKudy
C:\Users\Vasilije\AppData\Roaming\0BiKudy.exe
C:\Users\Vasilije\AppData\Roaming\dtB0yMku
C:\Users\Vasilije\AppData\Roaming\dtB0yMku.exe
C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70
C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70.exe
C:\Users\Vasilije\AppData\Local\Temp\1042.exe
C:\Users\Vasilije\AppData\Local\Temp\1121.exe
C:\Users\Vasilije\AppData\Local\Temp\121.exe
C:\Users\Vasilije\AppData\Local\Temp\159.exe
C:\Users\Vasilije\AppData\Local\Temp\23.exe
C:\Users\Vasilije\AppData\Local\Temp\241.exe
C:\Users\Vasilije\AppData\Local\Temp\3125.exe
C:\Users\Vasilije\AppData\Local\Temp\3149.exe
C:\Users\Vasilije\AppData\Local\Temp\3213.exe
C:\Users\Vasilije\AppData\Local\Temp\334.exe
C:\Users\Vasilije\AppData\Local\Temp\3553.exe
C:\Users\Vasilije\AppData\Local\Temp\54C47BC4B7FD438C151DD96668F0CB68.exe
C:\Users\Vasilije\AppData\Local\Temp\6822.exe
C:\Users\Vasilije\AppData\Local\Temp\9627.exe
C:\Users\Vasilije\AppData\Local\Temp\9827.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD16CA.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD1728.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD1BBA.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD7F7B.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD8DBD.exe
C:\Users\Vasilije\AppData\Local\Temp\Uninstall.exe
C:\ProgramData\DhmReu
C:\Program Files (x86)\FriendlyError
C:\Program Files (x86)\AnyProtectEx
Task: C:\Windows\Tasks\Tempo Runner soc3hen.job => 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Task: C:\Windows\Tasks\Tempo Runner soc6hen.job => 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Task: C:\Windows\Tasks\Tempo Runner socdhen.job => 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

EmptyTemp:

End


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.



Arrow Korak 2

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1793

Fix result of Farbar Recovery Scan Tool (x64) Version:30-07-2015
Ran by Vasilije (2015-07-31 12:13:34) Run:1
Running from C:\Users\Vasilije\Desktop
Loaded Profiles: Vasilije (Available Profiles: Vasilije)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CreateRestorePoint:
CloseProcesses:

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=14382.....C757490&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=14382.....C757490&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=14382.....C757490&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=14382.....C757490&q={searchTerms}
HKU\S-1-5-21-1760121238-282637544-2622143497-1000\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1760121238-282637544-2622143497-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1760121238-282637544-2622143497-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2&q={searchTerms}
BHO: IsAver -> {349180EB-2ABD-4BCD-85F9-BA22F226DA8B} -> C:\Program Files (x86)\IsAver\P16dsmmB3udg1J.x64.dll [2015-06-14] ()
BHO: Movies Search App (Dist. by Bandoo Media, Inc.) -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll [2014-07-03] (IAC Search and Media, Inc.)
BHO-x32: GoodTab Class -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-07-23] (Thinkgood Co. Limited)
BHO-x32: Movies Search App (Dist. by Bandoo Media, Inc.) -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx.dll [2014-07-03] (IAC Search and Media, Inc.)
Toolbar: HKLM - Movies Search App (Dist. by Bandoo Media, Inc.) - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll [2014-07-03] (IAC Search and Media, Inc.)
Toolbar: HKLM-x32 - Movies Search App (Dist. by Bandoo Media, Inc.) - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx.dll [2014-07-03] (IAC Search and Media, Inc.)
FF NewTab: chrome://quick_start/content/index.html
FF Homepage: ?type=hppp&ts=1438274325&from=xtab&uid=AB5D8B3739764bb78640CE27795DE3B2
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-30] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-30] (globalUpdate)
FF user.js: detected! => C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\user.js [2015-07-31]
FF Extension: PRIceMinus - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\088T@3c.org [2015-05-18]
FF Extension: SavePass 1.1 - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com [2015-07-30]
FF Extension: Cinem Plus 2.4cV30.07 - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.com [2015-07-30]
FF Extension: Isauver - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\9@tb.net [2015-06-14]
FF Extension: The AdBlocker - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\avpv_dibs_yuv@cjjs_sjxrueibhbbnkn.org [2015-05-25]
FF Extension: CinemaPlus-3.2cV29.07 - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-07-30]
FF Extension: GoHD - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\f8783004-c434-4bd0-9f81-9a39dd64baaa@08ad07c4-3f21-451d-9045-9e0d5dc8aa9e.com [2015-07-30]
FF Extension: PricaeMMinus - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\K09@oM.org [2015-05-18]
FF Extension: CoupExxtensioonn - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\mX@pco4lSoF.edu [2015-05-26]
FF Extension: bestadblocker - C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\VQlEw@I.edu [2015-05-18]
R2 comyninu; C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F\hnsqAC2A.tmp [161792 2015-07-30] () [File not signed]
S2 DatamngrCoordinator; C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe [3204296 2015-06-22] (Bandoo Media Inc.)
R2 FHHK27; C:\Users\Vasilije\AppData\Local\EncryptingFile\encrypting.exe [34304 2015-07-30] () [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-30] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-30] (globalUpdate) [File not signed] <==== ATTENTION
R2 hyverumu; C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F\jnsf9158.tmp [209920 2015-07-30] () [File not signed]
R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-07-23] (XTab system)
R2 Sparkling Mother; C:\Program Files (x86)\Sparkling Mother\Sparkling Mother.exe [8016783 2015-06-18] () [File not signed] <==== ATTENTION
Task: {00491A85-D34E-40BC-914A-9AAF057EEB8A} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {01D2BFBE-F1CB-4B12-9AAB-823FCFA5847D} - System32\Tasks\{A4F57217-B916-4D06-939B-682A401DEA1E} => pcalua.exe -a C:\Users\Vasilije\Downloads\LEGOBatmanDemoSetup.exe -d C:\Users\Vasilije\Downloads
Task: {0BB3CC43-F4A7-4748-A1F9-5373DDBF23B8} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {111E5AA3-F5B8-46B8-9F49-CA3E0DA97FBC} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-10_user => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-10.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {17B9498A-FA45-4049-94CF-5BFA6BAECC0D} - System32\Tasks\{94D5624B-793F-407B-B949-B73106924541} => pcalua.exe -a "E:\Need for Speed Undergraund 1\setup.exe" -d "E:\Need for Speed Undergraund 1"
Task: {1868360F-2D87-4F29-97CA-9D6D16F08499} - System32\Tasks\Tempo Runner soc6hen => C:\ProgramData\DhmReu\socahen.exe
Task: {201A53B1-F68F-4640-BA86-9BF64CB0226D} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5 => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {21D01146-700A-4605-9717-8E44A467EB6E} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {23EC0499-1F8F-49A6-8527-7CF571A29FD5} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-4 => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-4.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {24AF697A-B59F-4BC4-82B7-4155DD93437A} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {276D2C7E-4532-46FB-9100-FC41C9AEC6C2} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-4 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-4.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {2B3AFBD8-7F6A-46C1-97E1-050ED4DDC77D} - System32\Tasks\{FC5BC4C8-C09B-43FD-9E73-10CC76E3A9A2} => pcalua.exe -a C:\Users\Vasilije\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cmi
Task: {2C5652C4-AE70-4A5A-A590-64DE0D5242F2} - System32\Tasks\{05815020-C9EF-49C8-9F33-A6F0F3A11AD5} => pcalua.exe -a "C:\Program Files (x86)\FriendlyError\tmp5716.bat"
Task: {5B86BCD1-EDBA-4AB6-A222-308F40FB11E4} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {68C02022-107D-4F82-8D2A-220E0325BAAD} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5_user => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.exe [2015-07-30] (OB) <==== ATTENTION
Task: {6B9D66FB-1033-413B-BF80-5632E31CD2BB} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-4 => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-4.exe [2015-07-30] (OB) <==== ATTENTION
Task: {71F3A570-40E1-4308-92EF-37A1ED416955} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {7A85D79C-544A-40B5-BF59-37F8594BB789} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6 => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {85111494-140F-424B-A149-01E69051C5CE} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {8F571998-0C69-42C1-B8AE-E5AF5809807C} - System32\Tasks\dtB0yMku => C:\Users\Vasilije\AppData\Roaming\dtB0yMku.exe [2015-04-20] () <==== ATTENTION
Task: {9C8C12EE-FA93-4D42-AB51-AB76D1C2F188} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {9E11F9AA-1B9B-4946-8E4C-5E6D98E0D61E} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-10_user => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-10.exe [2015-07-30] (OB) <==== ATTENTION
Task: {9E1A6434-9BEE-448A-8824-97E92568AFF6} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-30] (globalUpdate) <==== ATTENTION
Task: {AFDD7F51-F5FC-4474-97E7-EC7CF614FE8C} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {B053C213-9151-423D-A23D-E19FB5537894} - System32\Tasks\Portable Device Enumerator Service 1.0.30 => C:\Users\Vasilije\AppData\Local\PortableDevice\portable.exe [2015-07-30] ()
Task: {B769DB47-7F94-4D94-8819-CEA7E5A7C620} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-10_user => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-10.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {BCEA189F-D033-409D-A2B1-F7F698896E7C} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {C2469BC4-DA31-48FF-B010-006FB6B77683} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7 => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7.exe [2015-07-30] (OB) <==== ATTENTION
Task: {C3A2FDA8-7B1D-4566-B715-7A92EAABA8F9} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7 => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {C5EA0EAA-4B93-4E35-907B-3AEB973156FD} - System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5_user => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.exe [2015-07-30] (Cinema Plus ProV30.07) <==== ATTENTION
Task: {D523336F-6EFC-4473-8698-CC2675FCAC65} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6 => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6.exe [2015-07-30] (OB) <==== ATTENTION
Task: {D68EE89D-4207-4F71-8A85-249462E9737F} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5_user => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {D93EA612-B54A-464D-9C74-D2F12E9C4610} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10_user => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {DDB8EBBB-1359-4FEF-BB03-3BC19156BA87} - System32\Tasks\0BiKudy => C:\Users\Vasilije\AppData\Roaming\0BiKudy.exe [2015-04-20] () <==== ATTENTION
Task: {E1AD2BC1-2F61-4906-A9BB-BFB96DCA3B6C} - System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5 => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.exe [2015-07-30] (OB) <==== ATTENTION
Task: {E1BF72E1-F62B-4B50-90C1-48CF2A3CA687} - System32\Tasks\PPU24kMKL70 => C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70.exe [2015-04-20] () <==== ATTENTION
Task: {E3A14053-19A4-4BBC-A8DC-974446050FF5} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-11 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-11.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: {E5239300-9E44-4AE9-AFC6-E3B686C8AFC7} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5 => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe [2015-07-30] (Cinema PlusV29.07) <==== ATTENTION
Task: {FEB2EF04-C251-49ED-906E-1737CB578ECF} - System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6 => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6.exe [2015-07-30] (InstallMoon) <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-10_user.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-4.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5_user.job => C:\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\0BiKudy.job => C:\Users\Vasilije\AppData\Roaming\0BiKudy.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-10_user.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-11.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-4.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5_user.job => C:\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-10_user.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-4.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5_user.job => C:\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\dtB0yMku.job => C:\Users\Vasilije\AppData\Roaming\dtB0yMku.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\PPU24kMKL70.job => C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70.exe <==== ATTENTION

C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F
C:\Program Files (x86)\GoHD
C:\Program Files (x86)\CinemaPlus-3.2cV29.07
C:\Program Files (x86)\SavePass 1.1
C:\Program Files (x86)\Cinem Plus 2.4cV30.07
C:\Users\Vasilije\AppData\Local\EncryptingFile
C:\Program Files (x86)\MiuiTab
C:\Program Files (x86)\Sparkling Mother
C:\Program Files (x86)\IsAver
C:\Program Files (x86)\Movies App
C:\Program Files (x86)\globalUpdate
C:\ProgramData\IHProtectUpDate
C:\Users\Vasilije\Downloads\yet_another_cleaner_sk_6480278.exe
C:\Users\Vasilije\SupTab
C:\Users\Vasilije\AppData\Local\nsh9617.tmp
C:\ProgramData\FWinManProF
C:\Users\Vasilije\AppData\Local\nsnAE4A.tmp
C:\Users\Vasilije\AppData\Roaming\AnyProtectEx
C:\Users\Vasilije\AppData\Roaming\systweak
C:\Windows\system32\roboot64.exe
C:\ProgramData\vWinManProv
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
C:\ProgramData\XWinManProX
C:\Windows\prleth.sys
C:\Windows\hgfs.sys
C:\Users\Vasilije\AppData\Local\F6755810-8568-4800-9C34-F19EC0875C21
C:\ProgramData\lWinManProl
C:\Users\Vasilije\AppData\Local\globalUpdate
C:\Program Files\chk32
C:\Users\Vasilije\AppData\Local\PortableDevice
C:\Windows\system32\Drivers\etc\hp.bak
C:\Users\Vasilije\Downloads\LEGOHarry2(2).exe
C:\Program Files (x86)\IsavuEr
C:\Program Files (x86)\alterIWnet.ini
C:\Program Files (x86)\prefs.js
C:\Program Files (x86)\update-mw2.bat
C:\Program Files (x86)\visit-www.nosteam.ro.html
C:\Users\Vasilije\AppData\Roaming\0BiKudy
C:\Users\Vasilije\AppData\Roaming\0BiKudy.exe
C:\Users\Vasilije\AppData\Roaming\dtB0yMku
C:\Users\Vasilije\AppData\Roaming\dtB0yMku.exe
C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70
C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70.exe
C:\Users\Vasilije\AppData\Local\Temp\1042.exe
C:\Users\Vasilije\AppData\Local\Temp\1121.exe
C:\Users\Vasilije\AppData\Local\Temp\121.exe
C:\Users\Vasilije\AppData\Local\Temp\159.exe
C:\Users\Vasilije\AppData\Local\Temp\23.exe
C:\Users\Vasilije\AppData\Local\Temp\241.exe
C:\Users\Vasilije\AppData\Local\Temp\3125.exe
C:\Users\Vasilije\AppData\Local\Temp\3149.exe
C:\Users\Vasilije\AppData\Local\Temp\3213.exe
C:\Users\Vasilije\AppData\Local\Temp\334.exe
C:\Users\Vasilije\AppData\Local\Temp\3553.exe
C:\Users\Vasilije\AppData\Local\Temp\54C47BC4B7FD438C151DD96668F0CB68.exe
C:\Users\Vasilije\AppData\Local\Temp\6822.exe
C:\Users\Vasilije\AppData\Local\Temp\9627.exe
C:\Users\Vasilije\AppData\Local\Temp\9827.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD16CA.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD1728.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD1BBA.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD7F7B.exe
C:\Users\Vasilije\AppData\Local\Temp\EAD8DBD.exe
C:\Users\Vasilije\AppData\Local\Temp\Uninstall.exe
C:\ProgramData\DhmReu
C:\Program Files (x86)\FriendlyError
C:\Program Files (x86)\AnyProtectEx
Task: C:\Windows\Tasks\Tempo Runner soc3hen.job => 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Task: C:\Windows\Tasks\Tempo Runner soc6hen.job => 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Task: C:\Windows\Tasks\Tempo Runner socdhen.job => 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

EmptyTemp:

End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-1760121238-282637544-2622143497-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-1760121238-282637544-2622143497-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1760121238-282637544-2622143497-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{349180EB-2ABD-4BCD-85F9-BA22F226DA8B}" => key removed successfully
"HKCR\CLSID\{349180EB-2ABD-4BCD-85F9-BA22F226DA8B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a}" => key removed successfully
"HKCR\CLSID\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F91A9A1-01BA-4c81-863D-3BA0751E1419}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{1F91A9A1-01BA-4c81-863D-3BA0751E1419}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} => value removed successfully
HKCR\CLSID\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} => value removed successfully
HKCR\Wow6432Node\CLSID\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} => key not found.
Firefox newtab removed successfully
Firefox homepage removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10" => key removed successfully
C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll => moved successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4" => key removed successfully
C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll not found.
C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\user.js => moved successfully.
C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\088T@3c.org => moved successfully.
C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com => moved successfully.
C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.com => moved successfully.
C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\9@tb.net => moved successfully.
C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\avpv_dibs_yuv@cjjs_sjxrueibhbbnkn.org => moved successfully.
C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com => moved successfully.
C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\f8783004-c434-4bd0-9f81-9a39dd64baaa@08ad07c4-3f21-451d-9045-9e0d5dc8aa9e.com => moved successfully.
C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\K09@oM.org => moved successfully.
C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\mX@pco4lSoF.edu => moved successfully.
C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default\Extensions\VQlEw@I.edu => moved successfully.
comyninu => Service stopped successfully.
comyninu => service removed successfully
DatamngrCoordinator => service removed successfully
FHHK27 => service removed successfully
globalUpdate => service removed successfully
globalUpdatem => service removed successfully
hyverumu => service removed successfully
IHProtect Service => service removed successfully
Sparkling Mother => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{00491A85-D34E-40BC-914A-9AAF057EEB8A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00491A85-D34E-40BC-914A-9AAF057EEB8A}" => key removed successfully
C:\Windows\System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01D2BFBE-F1CB-4B12-9AAB-823FCFA5847D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01D2BFBE-F1CB-4B12-9AAB-823FCFA5847D}" => key removed successfully
C:\Windows\System32\Tasks\{A4F57217-B916-4D06-939B-682A401DEA1E} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A4F57217-B916-4D06-939B-682A401DEA1E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BB3CC43-F4A7-4748-A1F9-5373DDBF23B8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BB3CC43-F4A7-4748-A1F9-5373DDBF23B8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{111E5AA3-F5B8-46B8-9F49-CA3E0DA97FBC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{111E5AA3-F5B8-46B8-9F49-CA3E0DA97FBC}" => key removed successfully
C:\Windows\System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-10_user => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\997e5cf5-daed-4e10-8e01-c12481edaf1d-10_user" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17B9498A-FA45-4049-94CF-5BFA6BAECC0D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17B9498A-FA45-4049-94CF-5BFA6BAECC0D}" => key removed successfully
C:\Windows\System32\Tasks\{94D5624B-793F-407B-B949-B73106924541} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{94D5624B-793F-407B-B949-B73106924541}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1868360F-2D87-4F29-97CA-9D6D16F08499}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1868360F-2D87-4F29-97CA-9D6D16F08499}" => key removed successfully
C:\Windows\System32\Tasks\Tempo Runner soc6hen => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Tempo Runner soc6hen" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{201A53B1-F68F-4640-BA86-9BF64CB0226D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{201A53B1-F68F-4640-BA86-9BF64CB0226D}" => key removed successfully
C:\Windows\System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\997e5cf5-daed-4e10-8e01-c12481edaf1d-5" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21D01146-700A-4605-9717-8E44A467EB6E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21D01146-700A-4605-9717-8E44A467EB6E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{23EC0499-1F8F-49A6-8527-7CF571A29FD5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23EC0499-1F8F-49A6-8527-7CF571A29FD5}" => key removed successfully
C:\Windows\System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-4 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\997e5cf5-daed-4e10-8e01-c12481edaf1d-4" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{24AF697A-B59F-4BC4-82B7-4155DD93437A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24AF697A-B59F-4BC4-82B7-4155DD93437A}" => key removed successfully
C:\Windows\System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{276D2C7E-4532-46FB-9100-FC41C9AEC6C2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{276D2C7E-4532-46FB-9100-FC41C9AEC6C2}" => key removed successfully
C:\Windows\System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-4 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\257a3e89-09f4-4349-8e18-5559ce6b1de7-4" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B3AFBD8-7F6A-46C1-97E1-050ED4DDC77D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B3AFBD8-7F6A-46C1-97E1-050ED4DDC77D}" => key removed successfully
C:\Windows\System32\Tasks\{FC5BC4C8-C09B-43FD-9E73-10CC76E3A9A2} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FC5BC4C8-C09B-43FD-9E73-10CC76E3A9A2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C5652C4-AE70-4A5A-A590-64DE0D5242F2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C5652C4-AE70-4A5A-A590-64DE0D5242F2}" => key removed successfully
C:\Windows\System32\Tasks\{05815020-C9EF-49C8-9F33-A6F0F3A11AD5} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{05815020-C9EF-49C8-9F33-A6F0F3A11AD5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B86BCD1-EDBA-4AB6-A222-308F40FB11E4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B86BCD1-EDBA-4AB6-A222-308F40FB11E4}" => key removed successfully
C:\Windows\System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5_user => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5_user" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{68C02022-107D-4F82-8D2A-220E0325BAAD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68C02022-107D-4F82-8D2A-220E0325BAAD}" => key removed successfully
C:\Windows\System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5_user => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0785051e-533e-49fc-8f98-64d0e4dc69c8-5_user" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B9D66FB-1033-413B-BF80-5632E31CD2BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B9D66FB-1033-413B-BF80-5632E31CD2BB}" => key removed successfully
C:\Windows\System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-4 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0785051e-533e-49fc-8f98-64d0e4dc69c8-4" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{71F3A570-40E1-4308-92EF-37A1ED416955}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71F3A570-40E1-4308-92EF-37A1ED416955}" => key removed successfully
C:\Windows\System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7A85D79C-544A-40B5-BF59-37F8594BB789}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A85D79C-544A-40B5-BF59-37F8594BB789}" => key removed successfully
C:\Windows\System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{85111494-140F-424B-A149-01E69051C5CE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85111494-140F-424B-A149-01E69051C5CE}" => key removed successfully
C:\Windows\System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8F571998-0C69-42C1-B8AE-E5AF5809807C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F571998-0C69-42C1-B8AE-E5AF5809807C}" => key removed successfully
C:\Windows\System32\Tasks\dtB0yMku => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dtB0yMku" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9C8C12EE-FA93-4D42-AB51-AB76D1C2F188}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C8C12EE-FA93-4D42-AB51-AB76D1C2F188}" => key removed successfully
C:\Windows\System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9E11F9AA-1B9B-4946-8E4C-5E6D98E0D61E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E11F9AA-1B9B-4946-8E4C-5E6D98E0D61E}" => key removed successfully
C:\Windows\System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-10_user => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0785051e-533e-49fc-8f98-64d0e4dc69c8-10_user" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E1A6434-9BEE-448A-8824-97E92568AFF6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E1A6434-9BEE-448A-8824-97E92568AFF6}" => key removed successfully
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AFDD7F51-F5FC-4474-97E7-EC7CF614FE8C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFDD7F51-F5FC-4474-97E7-EC7CF614FE8C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B053C213-9151-423D-A23D-E19FB5537894}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B053C213-9151-423D-A23D-E19FB5537894}" => key removed successfully
C:\Windows\System32\Tasks\Portable Device Enumerator Service 1.0.30 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Portable Device Enumerator Service 1.0.30" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B769DB47-7F94-4D94-8819-CEA7E5A7C620}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B769DB47-7F94-4D94-8819-CEA7E5A7C620}" => key removed successfully
C:\Windows\System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-10_user => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\257a3e89-09f4-4349-8e18-5559ce6b1de7-10_user" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BCEA189F-D033-409D-A2B1-F7F698896E7C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCEA189F-D033-409D-A2B1-F7F698896E7C}" => key removed successfully
C:\Windows\System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\257a3e89-09f4-4349-8e18-5559ce6b1de7-5" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C2469BC4-DA31-48FF-B010-006FB6B77683}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2469BC4-DA31-48FF-B010-006FB6B77683}" => key removed successfully
C:\Windows\System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C3A2FDA8-7B1D-4566-B715-7A92EAABA8F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3A2FDA8-7B1D-4566-B715-7A92EAABA8F9}" => key removed successfully
C:\Windows\System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C5EA0EAA-4B93-4E35-907B-3AEB973156FD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5EA0EAA-4B93-4E35-907B-3AEB973156FD}" => key removed successfully
C:\Windows\System32\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5_user => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\997e5cf5-daed-4e10-8e01-c12481edaf1d-5_user" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D523336F-6EFC-4473-8698-CC2675FCAC65}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D523336F-6EFC-4473-8698-CC2675FCAC65}" => key removed successfully
C:\Windows\System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D68EE89D-4207-4F71-8A85-249462E9737F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D68EE89D-4207-4F71-8A85-249462E9737F}" => key removed successfully
C:\Windows\System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5_user => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\257a3e89-09f4-4349-8e18-5559ce6b1de7-5_user" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D93EA612-B54A-464D-9C74-D2F12E9C4610}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D93EA612-B54A-464D-9C74-D2F12E9C4610}" => key removed successfully
C:\Windows\System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10_user => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10_user" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DDB8EBBB-1359-4FEF-BB03-3BC19156BA87}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDB8EBBB-1359-4FEF-BB03-3BC19156BA87}" => key removed successfully
C:\Windows\System32\Tasks\0BiKudy => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0BiKudy" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E1AD2BC1-2F61-4906-A9BB-BFB96DCA3B6C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1AD2BC1-2F61-4906-A9BB-BFB96DCA3B6C}" => key removed successfully
C:\Windows\System32\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0785051e-533e-49fc-8f98-64d0e4dc69c8-5" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E1BF72E1-F62B-4B50-90C1-48CF2A3CA687}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1BF72E1-F62B-4B50-90C1-48CF2A3CA687}" => key removed successfully
C:\Windows\System32\Tasks\PPU24kMKL70 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PPU24kMKL70" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3A14053-19A4-4BBC-A8DC-974446050FF5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3A14053-19A4-4BBC-A8DC-974446050FF5}" => key removed successfully
C:\Windows\System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-11 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\257a3e89-09f4-4349-8e18-5559ce6b1de7-11" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E5239300-9E44-4AE9-AFC6-E3B686C8AFC7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5239300-9E44-4AE9-AFC6-E3B686C8AFC7}" => key removed successfully
C:\Windows\System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FEB2EF04-C251-49ED-906E-1737CB578ECF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEB2EF04-C251-49ED-906E-1737CB578ECF}" => key removed successfully
C:\Windows\System32\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6" => key removed successfully
C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6.job => moved successfully.
C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7.job => moved successfully.
C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-10_user.job => moved successfully.
C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-4.job => moved successfully.
C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.job => moved successfully.
C:\Windows\Tasks\0785051e-533e-49fc-8f98-64d0e4dc69c8-5_user.job => moved successfully.
C:\Windows\Tasks\0BiKudy.job => moved successfully.
C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6.job => moved successfully.
C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7.job => moved successfully.
C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-10_user.job => moved successfully.
C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-11.job => moved successfully.
C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-4.job => moved successfully.
C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.job => moved successfully.
C:\Windows\Tasks\257a3e89-09f4-4349-8e18-5559ce6b1de7-5_user.job => moved successfully.
C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6.job => moved successfully.
C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7.job => moved successfully.
C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-10_user.job => moved successfully.
C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-4.job => moved successfully.
C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.job => moved successfully.
C:\Windows\Tasks\997e5cf5-daed-4e10-8e01-c12481edaf1d-5_user.job => moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\Tasks\APSnotifierPP1.job => moved successfully.
C:\Windows\Tasks\APSnotifierPP2.job => moved successfully.
C:\Windows\Tasks\APSnotifierPP3.job => moved successfully.
C:\Windows\Tasks\dtB0yMku.job => moved successfully.
C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.job => moved successfully.
C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7.job => moved successfully.
C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10_user.job => moved successfully.
C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11.job => moved successfully.
C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4.job => moved successfully.
C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.job => moved successfully.
C:\Windows\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5_user.job => moved successfully.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\PPU24kMKL70.job => moved successfully.
C:\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F => moved successfully.
C:\Program Files (x86)\GoHD => moved successfully.
C:\Program Files (x86)\CinemaPlus-3.2cV29.07 => moved successfully.
C:\Program Files (x86)\SavePass 1.1 => moved successfully.
C:\Program Files (x86)\Cinem Plus 2.4cV30.07 => moved successfully.
C:\Users\Vasilije\AppData\Local\EncryptingFile => moved successfully.
C:\Program Files (x86)\MiuiTab => moved successfully.
C:\Program Files (x86)\Sparkling Mother => moved successfully.
C:\Program Files (x86)\IsAver => moved successfully.
C:\Program Files (x86)\Movies App => moved successfully.
C:\Program Files (x86)\globalUpdate => moved successfully.
C:\ProgramData\IHProtectUpDate => moved successfully.
C:\Users\Vasilije\Downloads\yet_another_cleaner_sk_6480278.exe => moved successfully.
C:\Users\Vasilije\SupTab => moved successfully.
C:\Users\Vasilije\AppData\Local\nsh9617.tmp => moved successfully.
C:\ProgramData\FWinManProF => moved successfully.
C:\Users\Vasilije\AppData\Local\nsnAE4A.tmp => moved successfully.
C:\Users\Vasilije\AppData\Roaming\AnyProtectEx => moved successfully.
C:\Users\Vasilije\AppData\Roaming\systweak => moved successfully.
C:\Windows\system32\roboot64.exe => moved successfully.
C:\ProgramData\vWinManProv => moved successfully.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.
C:\ProgramData\XWinManProX => moved successfully.
C:\Windows\prleth.sys => moved successfully.
C:\Windows\hgfs.sys => moved successfully.
C:\Users\Vasilije\AppData\Local\F6755810-8568-4800-9C34-F19EC0875C21 => moved successfully.
C:\ProgramData\lWinManProl => moved successfully.
C:\Users\Vasilije\AppData\Local\globalUpdate => moved successfully.
C:\Program Files\chk32 => moved successfully.
C:\Users\Vasilije\AppData\Local\PortableDevice => moved successfully.
C:\Windows\system32\Drivers\etc\hp.bak => moved successfully.
C:\Users\Vasilije\Downloads\LEGOHarry2(2).exe => moved successfully.
C:\Program Files (x86)\IsavuEr => moved successfully.
C:\Program Files (x86)\alterIWnet.ini => moved successfully.
C:\Program Files (x86)\prefs.js => moved successfully.
C:\Program Files (x86)\update-mw2.bat => moved successfully.
C:\Program Files (x86)\visit-www.nosteam.ro.html => moved successfully.
C:\Users\Vasilije\AppData\Roaming\0BiKudy => moved successfully.
C:\Users\Vasilije\AppData\Roaming\0BiKudy.exe => moved successfully.
C:\Users\Vasilije\AppData\Roaming\dtB0yMku => moved successfully.
C:\Users\Vasilije\AppData\Roaming\dtB0yMku.exe => moved successfully.
C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70 => moved successfully.
C:\Users\Vasilije\AppData\Roaming\PPU24kMKL70.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\1042.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\1121.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\121.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\159.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\23.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\241.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\3125.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\3149.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\3213.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\334.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\3553.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\54C47BC4B7FD438C151DD96668F0CB68.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\6822.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\9627.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\9827.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\EAD16CA.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\EAD1728.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\EAD1BBA.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\EAD7F7B.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\EAD8DBD.exe => moved successfully.
C:\Users\Vasilije\AppData\Local\Temp\Uninstall.exe => moved successfully.
"C:\ProgramData\DhmReu" => File/Folder not found.
"C:\Program Files (x86)\FriendlyError" => File/Folder not found.
"C:\Program Files (x86)\AnyProtectEx" => File/Folder not found.
C:\Windows\Tasks\Tempo Runner soc3hen.job => moved successfully.
C:\Windows\Tasks\Tempo Runner soc6hen.job => moved successfully.
C:\Windows\Tasks\Tempo Runner socdhen.job => moved successfully.
EmptyTemp: => 2.5 GB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 12:18:58 ====
https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Odlično. Kakvo je sada stanje?



Arrow

Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

filesrcm;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1793

Evorezultata skeniranja ZOEK-om. Inace sad je sasvim u redu koliko mogu da primetim, jedino sto Kaspersky s vremena na vreme "ahvata" po nekog virusa.



Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Vasilije on pet 31.07.2015 at 20:49:07,19.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vasilije\Desktop\zoek\zoek.com [Scan all users] [Script inserted]

==== System Restore Info ======================

31.7.2015 20:50:39 Zoek.exe System Restore Point Created Successfully.

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-07-31 18:33:50 086FE3664CD3D13055934E67A3ED0019 237103379 ----a-w- C:\Windows\MEMORY.DMP
2015-07-10 12:08:31 72F2D357120F95C1E725C22915FE95E1 193 ----a-w- C:\Windows\WORDPAD.INI
====== C:\Users\Vasilije\AppData\Local\Temp ====
2015-07-31 10:39:46 1D461686B0E32F2DECB587C895A05402 120240 ------w- C:\Users\Vasilije\AppData\Local\Temp\{42FF0C57-53C4-499A-BC8A-2E32715701DD}\ISBEW64.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-07-21 10:27:00 DF087444092F0D75364636ED9822FF74 6344 ----a-w- C:\Windows\SysWOW64\ealregsnapshot1.reg
2015-07-21 08:41:44 D80ECB18D64AE3C2A9D8220ABEBCE40A 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll
2015-07-21 08:41:44 BBA0C61CB01BA4351C41DC36BBEB55B4 299008 ----a-w- C:\Windows\SysWOW64\atmfd.dll
2015-07-21 08:41:44 900DB967084C22C6D83D637529B77E8F 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll
2015-07-21 08:41:44 2DD3D6B44442EF17675554D0482E7BC2 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll
2015-07-21 08:41:44 0A6495A400140B89242268A13C807841 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-07-28 12:01:46 EB59F8712DC56764D88EB495AD5938B3 1085440 ----a-w- C:\Windows\Sysnative\appraiser.dll
2015-07-28 12:01:46 DA2054C50EB38C91322D4EEBCE408C5C 765440 ----a-w- C:\Windows\Sysnative\invagent.dll
2015-07-28 12:01:46 9AFFAF544BA8FBA1ABFCCC07F6AB85B8 726528 ----a-w- C:\Windows\Sysnative\generaltel.dll
2015-07-28 12:01:46 3CDA55D83D5C9EA09DE82C6E5233C65B 433664 ----a-w- C:\Windows\Sysnative\devinv.dll
2015-07-28 12:01:46 3A87269A74F067EB566813619B4F0CC3 67584 ----a-w- C:\Windows\Sysnative\acmigration.dll
2015-07-28 12:01:46 0AC0A45552B403020780DC74FB3BAC95 1145856 ----a-w- C:\Windows\Sysnative\aeinv.dll
2015-07-28 12:01:45 BE03A1A1B4DEEFDE3E58834F7584C31F 17856 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe
2015-07-28 12:01:45 81E937F890B2F1A410547D6EB6A79572 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll
2015-07-21 08:41:44 D57C03D365BC71C7A30504644515F3F8 41984 ----a-w- C:\Windows\Sysnative\lpk.dll
2015-07-21 08:41:44 37C6F4906A4B3F837780AF078A1718BA 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll
2015-07-21 08:41:44 2D0E2C197BA9CD67105DE5BBFBEF72A7 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll
2015-07-21 08:41:44 1C4FF36152EBDF5C10A612FC9B2E1F8A 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll
2015-07-21 08:41:44 08D58C21888BC2DC754F591C23709C33 372224 ----a-w- C:\Windows\Sysnative\atmfd.dll
====== C:\Windows\Sysnative\drivers =====
2015-07-15 11:16:35 C0A6C3D6E02B61B5D100FE17306C276F 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2015-07-15 11:16:35 7A7328E427694CC7244235C3BC299F80 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-07-15 11:16:35 45A03A0B6461EFBEE77E0A6AC2816EDA 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-07-15 11:16:35 21AF322605D8C7F2A627C22634D1C9C9 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-07-15 11:16:35 1877EB1495CFBDAB27D6A32F6DDF3818 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-07-15 11:16:24 065F79543D7999EC28B687F87E96B803 20992 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-07-18 10:03:21 -------- d-----w- C:\Program Files\VID_0E8F&PID_0003
======= C:\PROGRA~2 =====
2015-07-30 18:29:05 -------- d-----w- C:\PROGRA~2\Google
2015-07-30 16:25:37 -------- d-----w- C:\PROGRA~2\Opera
2015-07-25 12:07:14 -------- d-----w- C:\PROGRA~2\COMMON~1\Steam
2015-07-25 12:07:07 -------- d-----w- C:\PROGRA~2\Steam
2015-07-18 10:03:21 -------- d-----w- C:\PROGRA~2\VID_0E8F&PID_0003
2015-07-18 09:31:16 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2015-07-11 13:04:43 -------- d-----w- C:\PROGRA~2\R.G. Mechanics
2015-07-05 16:26:24 -------- d-----w- C:\PROGRA~2\EA GAMES
======= C: =====
====== C:\Users\Vasilije\AppData\Roaming ======
2015-07-31 10:59:22 407AAB8C27CF7081EECE071C90A65B83 17 ----a-w- C:\Users\Vasilije\AppData\Local\resmon.resmoncfg
2015-07-30 20:28:29 -------- d-----w- C:\Users\Vasilije\AppData\Local\ElevatedDiagnostics
2015-07-30 18:29:05 -------- d-----w- C:\Users\Vasilije\AppData\Local\Google
2015-07-30 16:27:40 -------- d-----w- C:\Users\Vasilije\AppData\Roaming\Opera Software
2015-07-30 16:27:40 -------- d-----w- C:\Users\Vasilije\AppData\Local\Opera Software
2015-07-25 14:54:58 -------- d-----w- C:\Users\Vasilije\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-25 12:15:19 -------- d-----w- C:\Users\Vasilije\AppData\Local\CEF
2015-07-25 12:15:18 -------- d-----w- C:\Users\Vasilije\AppData\Local\Steam
2015-07-21 10:26:31 -------- d-----w- C:\Users\Vasilije\AppData\Local\Downloaded Installations
2015-07-18 10:03:06 -------- d-----w- C:\Users\Vasilije\AppData\Roaming\InstallShield
2015-07-10 08:16:16 -------- d-----w- C:\Users\Vasilije\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-07-08 13:25:38 -------- d-----w- C:\Users\Vasilije\AppData\Locallow\Adobe
====== C:\Users\Vasilije ======
2015-07-31 10:24:22 09B6F6FCCC35DBAFCB38CB3751FA7C2F 2248704 ----a-w- C:\Users\Vasilije\Downloads\AdwCleaner.exe
2015-07-30 23:06:33 CAA1B2AEB0F3FDE326EA88DEC7D2A1E2 2168832 ----a-w- C:\Users\Vasilije\Desktop\FRST64.exe
2015-07-25 18:26:55 -------- d-----w- C:\ProgramData\Codemasters
2015-07-25 12:07:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-21 11:36:48 A044F004542DE5CA934923CCA016205F 144361560 ----a-w- C:\Users\Vasilije\Downloads\FarmingSimulator2013Patch2-1ESb.exe
2015-07-21 10:28:03 -------- d-----w- C:\ProgramData\Electronic Arts
2015-07-21 10:07:55 9F5EA9FB54452EF7D55B0E9C0FF9C0FC 215659728 ----a-w- C:\Users\Vasilije\Downloads\scc_trial_na.exe
2015-07-05 16:34:11 -------- d-----w- C:\ProgramData\NFS Underground
2015-07-05 16:28:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES

====== C: exe-files ==
2015-07-31 10:39:46 1D461686B0E32F2DECB587C895A05402 120240 ------w- C:\Users\Vasilije\AppData\Local\Temp\{42FF0C57-53C4-499A-BC8A-2E32715701DD}\ISBEW64.exe
2015-07-31 10:24:22 09B6F6FCCC35DBAFCB38CB3751FA7C2F 2248704 ----a-w- C:\Users\Vasilije\Downloads\AdwCleaner.exe
2015-07-30 23:06:33 CAA1B2AEB0F3FDE326EA88DEC7D2A1E2 2168832 ----a-w- C:\Users\Vasilije\Desktop\FRST64.exe
2015-07-30 18:30:14 93863BFC8FBDFE732A4AC18D19FF906E 42944592 ----a-w- C:\Program Files (x86)\Google\Update\Install\{A4710175-808F-4F48-862D-F4B98858D4B8}\44.0.2403.125_chrome_installer.exe
2015-07-30 18:30:13 93863BFC8FBDFE732A4AC18D19FF906E 42944592 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\44.0.2403.125\44.0.2403.125_chrome_installer.exe
2015-07-30 18:26:59 57D685C79357602DC9B37218F0994EAA 734468 ----a-w- C:\FRST\Quarantine\C\Program Files\chk32\packages\de40ef25-8a31-4b8d-9193-7fef10112437\temp\Chrome.exe
2015-07-30 18:26:46 3E23ADDBDE9D48005F58ED06A8EB5E22 847360 ----a-w- C:\FRST\Quarantine\C\Program Files\chk32\packages\de40ef25-8a31-4b8d-9193-7fef10112437\dchk.exe
2015-07-30 17:10:33 579FD11E112542A0D5D43838CCA08309 708264 ----a-w- C:\FRST\Quarantine\C\ProgramData\FWinManProF\ProtectWindowsManager.exe
2015-07-30 16:48:59 2C3DF2C58C03C0BE9B6149EBF3678F9E 1134672 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe
2015-07-30 16:48:41 C30227311A3B64F28EC7D1F92C56FCB6 985680 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7.exe
2015-07-30 16:48:41 3A437534B42A17288170BD2E3455AC3C 1469008 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.exe
2015-07-30 16:47:38 7BC1A0E2B963A9BFAECD1C3B36C29FAE 1428048 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-4.exe
2015-07-30 16:46:38 789321D365CC8FC5E8BFC2D1BE817A02 1274448 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-11.exe
2015-07-30 16:46:28 2CCC179451E23C95B7789459451362BD 1475664 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10.exe
2015-07-30 16:46:23 A7A3ED8F052EBE3BCD57318D2134A085 118864 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\CinemaPlus-3.2cV29.07\Uninstall.exe
2015-07-30 16:46:23 2CCC179451E23C95B7789459451362BD 1475664 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\CinemaPlus-3.2cV29.07\UninstallBrw.exe
2015-07-30 16:44:59 1ACB730E0EE67B507A51476FAC7EF52A 1092688 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-5.exe
2015-07-30 16:44:41 4338FB67D4324AC8E392E63C8F89A646 1142864 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-7.exe
2015-07-30 16:44:41 1DAEDB339C8F6BDBB84923A151B30B9B 1591888 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-1-6.exe
2015-07-30 16:44:23 DED9AEB6A9062580980A4AC1FB71EC10 1493584 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-4.exe
2015-07-30 16:43:58 3CBA7AB9D5877DBF9DA64A6283F8E91A 1474640 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-11.exe
2015-07-30 16:43:47 A111FB18016D6B7AB504ABD83B54EC3C 1306192 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7-10.exe
2015-07-30 16:43:44 A111FB18016D6B7AB504ABD83B54EC3C 1306192 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\GoHD\UninstallBrw.exe
2015-07-30 16:43:44 2526FBE0049E3EC6DC52622DFA6292AF 107600 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\GoHD\Uninstall.exe
2015-07-30 16:42:48 2BEA1E558FB94D19F9028D41A47C1E33 20248 ----a-w- C:\Windows\System32\roboot64.exe
2015-07-30 16:40:54 AC8776D69312891773BCEB821DEA1F2D 435880 ----a-w- C:\FRST\Quarantine\C\ProgramData\vWinManProv\ProtectWindowsManager.exe
2015-07-30 16:36:53 6E7F568BD0C0E422E852AE6A23571AC6 125161 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\MiuiTab\uninstall.exe
2015-07-30 16:36:38 AC8776D69312891773BCEB821DEA1F2D 435880 ----a-w- C:\FRST\Quarantine\C\ProgramData\XWinManProX\ProtectWindowsManager.exe
2015-07-30 16:35:27 B1D21013E91A57B0469651C82355E265 1957976 ----a-w- C:\FRST\Quarantine\C\Users\Vasilije\AppData\Local\F6755810-8568-4800-9C34-F19EC0875C21\F6755810-8568-4800-9C34-F19EC0875C21.exe
2015-07-30 16:28:37 B5DF2375F4FAED8CE2A821B1392C4A1F 1090560 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-5.exe
2015-07-30 16:28:33 4E21DD2EFDB9199B2A75B4AE5FE197EA 1153616 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-5.exe
2015-07-30 16:28:10 40E0D7A5E00B8EE2184BC189F7FBDA5E 1140736 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-7.exe
2015-07-30 16:28:10 26654A853961D09F4124394234D01B5C 1589760 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-1-6.exe
2015-07-30 16:27:58 40F6B36E91004AF3AB3A34356B66ED47 1102928 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-7.exe
2015-07-30 16:27:58 2297B7C0F0FC90016DE762A1AFD2362B 1534032 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-1-6.exe
2015-07-30 16:27:19 659DB90DDF986D78902E4290943CEBEC 1491456 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-4.exe
2015-07-30 16:27:13 EFB2F1D5B926D10E74DDE4AA8B374E10 1300560 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-4.exe
2015-07-30 16:27:05 AC8776D69312891773BCEB821DEA1F2D 435880 ----a-w- C:\FRST\Quarantine\C\ProgramData\lWinManProl\ProtectWindowsManager.exe
2015-07-30 16:27:03 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe
2015-07-30 16:27:03 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe
2015-07-30 16:27:03 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\globalupdate.exe
2015-07-30 16:27:02 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe
2015-07-30 16:27:02 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\globalupdate.exe
2015-07-30 16:26:58 B8F6573D952AB1C7A07F0C7963A0BE5A 1304064 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8-10.exe
2015-07-30 16:26:56 4709DDF5FEC966A12FC11BDCEA89E7B5 1456208 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d-10.exe
2015-07-30 16:26:54 B8F6573D952AB1C7A07F0C7963A0BE5A 1304064 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\SavePass 1.1\UninstallBrw.exe
2015-07-30 16:26:54 4C0BB0BB51652F651AB94ED87999E256 115792 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\Cinem Plus 2.4cV30.07\Uninstall.exe
2015-07-30 16:26:54 4709DDF5FEC966A12FC11BDCEA89E7B5 1456208 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\Cinem Plus 2.4cV30.07\UninstallBrw.exe
2015-07-30 16:26:33 67FAE824642FEA7D29BE74DD38DBAAAE 34304 ----a-w- C:\FRST\Quarantine\C\Users\Vasilije\AppData\Local\PortableDevice\portable.exe
2015-07-30 16:26:25 67FAE824642FEA7D29BE74DD38DBAAAE 34304 ----a-w- C:\FRST\Quarantine\C\Users\Vasilije\AppData\Local\EncryptingFile\encrypting.exe
2015-07-30 16:26:15 DB9265820E3E33855BA9C318432FA7EF 368128 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\00000000-1438273564-0000-0000-002421F0D38F\rnsl84A8.exe
2015-07-28 12:01:45 BE03A1A1B4DEEFDE3E58834F7584C31F 17856 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2015-07-25 12:08:05 67384147DD005E54D2C0A20408E28579 1242448 ----a-w- C:\Program Files (x86)\Steam\steamTmp.exe
2015-07-25 12:07:14 7AE700179C4839F657D245319E234A06 838336 ----a-w- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
=== C: other files ==
2015-07-30 16:47:38 DC591F3EEF2387946BA07414BBDF3915 445398 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa.xpi
2015-07-30 16:46:37 9DDFC342E59B8716BC922886FC6A84B0 401576 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa.crx
2015-07-30 16:44:22 383A0A31128FAEF789559E4E58641992 395725 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7.xpi
2015-07-30 16:43:58 0D35D96DBDC86D3552E5C398C55688DD 352935 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\GoHD\257a3e89-09f4-4349-8e18-5559ce6b1de7.crx
2015-07-30 16:27:19 094C137E608904E8E3F340202B2C4A3E 368068 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\SavePass 1.1\0785051e-533e-49fc-8f98-64d0e4dc69c8.xpi
2015-07-30 16:27:13 D57AFBC5EF73A3716D2C704AC30717A0 445979 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\Cinem Plus 2.4cV30.07\997e5cf5-daed-4e10-8e01-c12481edaf1d.xpi
2015-07-28 12:52:11 F69E92054A85BBE2D10D84F20DEEB26C 270201 ----a-w- C:\Users\Vasilije\Downloads\GTA_IV_Drunk_cam_fix.zip
2015-07-28 12:47:57 BE0C2F448851F1438C1A11497AF23100 33954645 ----a-w- C:\Users\Vasilije\Downloads\Patch-1-0-1-0-pour-GTA-4(1).zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1760121238-282637544-2622143497-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EA Core]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EA Core"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Electronic Arts\\EADM\\Core.exe -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_AB95C26369556A3E43E50B5F84F36855]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleChromeAutoLaunch_AB95C26369556A3E43E50B5F84F36855"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Crossbrowse\\Crossbrowse\\Application\\crossbrowse.exe\" --no-startup-window"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HP Software Update"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvBackend"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoftonicAssistant]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SoftonicAssistant"
"hkey"="HKCU"
"command"="\"C:\\Users\\Vasilije\\AppData\\Local\\SoftonicAssistant\\SoftonicAssistant.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StatusAlerts]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StatusAlerts"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\HP\\StatusAlerts\\bin\\HPStatusAlerts.exe\" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Steam\\Steam.exe\" -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Vasilije^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^crossbrowse.lnk]
"path"="C:\\Users\\Vasilije\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\crossbrowse.lnk"
"backup"="C:\\Windows\\pss\\crossbrowse.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\CROSSB~1\\CROSSB~1\\APPLIC~1\\CROSSB~1.EXE "
"item"="crossbrowse"


==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\HPLJCustParticipation" ["C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe"]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com" [04.02.2015 08:37]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default
- Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
- Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
- Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
- Noia Fox - %ProfilePath%\extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Vasilije\AppData\Roaming\Mozilla\Firefox\Profiles\g9g8b1d9.default
9A77557E21CB7F86ECA830AF457DA9F5 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll - Shockwave for Director / Shockwave for Director
FD82108FD60B63010325D9AF6F00AF99 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll - Shockwave Flash
EF3CA2A515FEC970E22D2C424A42401E - C:\Users\Vasilije\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player


==== Chromium Look ======================


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on pet 31.07.2015 at 20:57:43,55 ======================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Vasilije^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^crossbrowse.lnk];r


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.






Arrow Korak 2

Spakuj u ZIP, RAR ili 7Z arhive sljedeće foldere:

C:\FRST\Quarantine

i

C:\AdwCleaner

i pošalji ih preko sljedećeg linka:

http://www.mycity.rs/ambulanta-upload.php


Javi kada to uradiš i sačekaj dalja uputstva.

Ko je trenutno na forumu
 

Ukupno su 726 korisnika na forumu :: 21 registrovanih, 2 sakrivenih i 703 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: amstel, bankulen, bojank, branko7, Doca, dule clio, Krusarac, kuntalo, LUDI, mane123, Nebo_M, nemkea71, Ognjen D., pein, Rakenica, sabros, Srki98, USSVoyager, Vezista, wolf431, zljubomir