MyCity » Ambulanta -> Arhiva Ambulante » Eset skenirao puno prijetnji

Eset skenirao puno prijetnji

Napisano na dan: 7.11.2013
1

Eset skenirao puno prijetnji
Sledeća strana Pagination

Idi na vrh

Poslao: 07 Nov 2013 14:32
Idi na vrh
offline
  • Pridružio: 19 Apr 2012
  • Poruke: 33

Eset je nakon skeniranja pokazao 86 zaraženih fajlova.
Evo podatak toga šta je on ispisao.
Ne znam kako ukloniti sve te viruse.
mycity.rs/must-login.png

Poslao: 07 Nov 2013 14:38
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Pozdrav,



Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt



Preuzmi Farbar Recovery Scan Tool i sacuvaj ga na Desktop

Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom.

Dvoklikom pokreni FRST;
Kada se alat startuje, klikni Yes na disclaimer.
Klikni na dugme Scan;
Alat ce kreirati izvestaj (FRST.txt) u isti direktorijum gde je i FRST.exe sacuvan.
Iskopiraj sadrzaj tog loga u poruku.
Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvestaj (Addition.txt). Taj izvestaj okaci u poruku koristeci opciju "Prikaci file".

Poslao: 07 Nov 2013 15:16
Idi na vrh
offline
  • Pridružio: 19 Apr 2012
  • Poruke: 33

mycity.rs/must-login.png



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Ivišić (administrator) on IVISIC-RACUNALO on 07-11-2013 15:11:11
Running from C:\Users\Ivišić\Desktop\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Croatian
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\System32\pcaui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-01-26] (Alcor Micro Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [976032 2011-09-17] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-09-17] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6330568 2013-03-21] (ESET)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
MountPoints2: F - F:\setup.exe
MountPoints2: {6af4517c-c126-11e1-88f7-047d7b256ee2} - F:\NokiaPCIA_Autorun.exe
MountPoints2: {77654508-f825-11e2-a36b-047d7b256ee2} - E:\Startme.exe
MountPoints2: {bd19fc6f-3ac8-11e2-bc2d-047d7b256ee2} - E:\Startme.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
AppInit_DLLs: C:\PROGRA~2\MOVIES~1\SAFETY~1\x64\SAFETY~2.DLL [154144 2010-07-29] ()
AppInit_DLLs-x32: c:\progra~2\movies~1\safety~1\safety~2.dll [ ] ()
IMEO\bitguard.exe: [Debugger] tasklist.exe
IMEO\bprotect.exe: [Debugger] tasklist.exe
IMEO\browsemngr.exe: [Debugger] tasklist.exe
IMEO\browserdefender.exe: [Debugger] tasklist.exe
IMEO\browsermngr.exe: [Debugger] tasklist.exe
IMEO\browserprotect.exe: [Debugger] tasklist.exe
IMEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IMEO\cltmngsvc.exe: [Debugger] tasklist.exe
IMEO\delta babylon.exe: [Debugger] tasklist.exe
IMEO\delta tb.exe: [Debugger] tasklist.exe
IMEO\delta2.exe: [Debugger] tasklist.exe
IMEO\deltainstaller.exe: [Debugger] tasklist.exe
IMEO\deltasetup.exe: [Debugger] tasklist.exe
IMEO\deltatb.exe: [Debugger] tasklist.exe
IMEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IMEO\iminentsetup.exe: [Debugger] tasklist.exe
IMEO\rjatydimofu.exe: [Debugger] tasklist.exe
IMEO\sweetimsetup.exe: [Debugger] tasklist.exe
IMEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = bing.com
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - {8fe8d013-c3fd-4802-af48-79274e9f969e} URL = search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^YO^xdm084^YY^hr&ptb=3FD866EB-22E8-4E8F-BD02-E6ADAD0AD1F0&psa=&ind=2013071008&st=sb&n=77fd06a0&searchfor={searchTerms}
SearchScopes: HKCU - {00743CE7-3F76-478B-982F-35E26DBEE7FB} URL = searchya.com/?chnl=dcom-100&s=1&cr=.....DyD&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {300FFB7D-8314-439E-A652-48620533F7FD} URL = search.yahoo.com/search?fr=chr-greentree_ie.....453&p={searchTerms}
SearchScopes: HKCU - {54E0E375-DD92-43C0-8483-F76BC45D842D} URL = asksearch.ask.com/redirect?client=ie&sr.....apn_ptnrs=^AHP&apn_dtid=^YYYYYY^YY^HR&apn_dbr=ff_16.0&doi=2012-10-23&q={searchTerms}&
SearchScopes: HKCU - {70BA3E6B-1059-2266-0B2C-40E4A85231B8} URL = ddlstart.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=750&product_id=872&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=HR&install_date=20120718&user_guid=305AE47F8C13446980EE4308A130259B&machine_id=82e6e6069d4f75ff028d8d34e66ec77a&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
SearchScopes: HKCU - {75F7E6C7-20D0-4FBB-A8E1-7EDFEFE3D384} URL = blekko.com/ws/?source=5f97ddbe&tbp=rbox.....f32&q={searchTerms}&r=961
SearchScopes: HKCU - {8fe8d013-c3fd-4802-af48-79274e9f969e} URL = search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^YO^xdm084^YY^hr&ptb=3FD866EB-22E8-4E8F-BD02-E6ADAD0AD1F0&psa=&ind=2013071008&st=sb&n=77fd06a0&searchfor={searchTerms}
SearchScopes: HKCU - {B841E3F9-782D-4356-8AB9-06D04D819E45} URL = mysearchresults.com/search?&c=3501&t=07&q={searchTerms}
SearchScopes: HKCU - {BFCBCF9A-6D6A-4F70-9F6F-9A81274BEF7E} URL = search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=bec708c00000000000007ce9d334bf32&r=860
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {45177936-603b-4261-8d42-df6f7091d5d0} - No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKCU - No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
Toolbar: HKCU - avast! EasyPass Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - No File
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL [2210608 2006-10-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\Profiles\128jq3vx.default
FF Homepage: google.hr
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @ei.VideoDownloadConverter_4z.com/Plugin - C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Ivišić\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Ivišić\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eudict.xml
FF Extension: No Name - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: OneClickDownloader - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com
FF Extension: No Name - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: gophoto - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi
FF Extension: No Name - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\search.sqlite
FF Extension: TorrentHandler - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\TorrentHandler@TorrentHandler.com.xpi
FF Extension: trtv3 - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

==================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1341664 2013-03-21] (ESET)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75064 2013-07-19] ()

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22664 2013-02-28] (AVAST Software)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-02] (AVG Technologies)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-20] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-07-24] (AnchorFree Inc.)
S3 clwvd; system32\DRIVERS\clwvd.sys [x]
S3 NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [x]
S3 UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-07 15:00 - 2013-11-07 15:00 - 00000000 ____D C:\FRST
2013-11-07 14:59 - 2013-11-07 14:59 - 00033749 _____ C:\Users\Ivišić\Desktop\AdwCleaner[S0].txt
2013-11-07 14:53 - 2013-11-07 14:55 - 00000000 ____D C:\AdwCleaner
2013-11-07 14:21 - 2013-11-07 14:21 - 00023408 _____ C:\Users\Ivišić\Desktop\eset no.txt
2013-11-07 05:12 - 2013-11-07 05:12 - 00000000 ____D C:\Users\Ivišić\AppData\Local\ESET
2013-11-07 04:49 - 2013-11-07 04:49 - 00000000 ___RD C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-11-07 04:49 - 2013-11-07 04:49 - 00000000 ____D C:\Users\Ivišić\Documents\Bluetooth Folder
2013-11-07 04:15 - 2013-11-07 04:15 - 00000000 ____D C:\ProgramData\ESET
2013-11-07 04:15 - 2013-11-07 04:15 - 00000000 ____D C:\Program Files\ESET
2013-11-07 01:06 - 2013-11-07 01:06 - 00001057 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-07 01:06 - 2013-11-07 01:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-05 19:28 - 2013-11-07 04:46 - 00019118 _____ C:\Windows\PFRO.log
2013-11-05 18:53 - 2013-11-07 05:17 - 00006361 _____ C:\Windows\WindowsUpdate.log
2013-11-05 10:58 - 2013-11-07 14:56 - 00001102 _____ C:\Windows\setupact.log
2013-11-05 10:58 - 2013-11-05 10:58 - 00000000 _____ C:\Windows\setuperr.log
2013-11-05 04:02 - 2013-11-05 04:04 - 00000032 _____ C:\ProgramData\PS.log
2013-11-05 04:00 - 2013-11-05 04:00 - 00000000 ____D C:\Users\Ivišić\Documents\CyberLink
2013-11-04 06:54 - 2013-11-04 06:54 - 00000000 ____D C:\Users\Ivišić\Documents\KONAMI
2013-10-26 19:00 - 2013-10-26 19:00 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{93AE048C-6810-4DC2-932E-CF455BE87309}
2013-10-20 13:08 - 2013-10-20 13:08 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{196FA975-F282-49C2-AD89-35D1C34AAB8F}
2013-10-18 09:58 - 2013-10-18 09:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-18 09:41 - 2013-10-18 09:41 - 00000000 ____D C:\Users\Ivišić\AppData\Local\2K Games
2013-10-18 09:33 - 2013-10-18 09:33 - 00000000 ____D C:\Program Files (x86)\2K Games
2013-10-17 21:39 - 2013-11-05 12:09 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2013-10-17 21:39 - 2013-11-05 12:09 - 00000000 ____D C:\Program Files (x86)\SmartTweak
2013-10-17 18:25 - 2013-10-17 18:25 - 00000000 ____D C:\ProgramData\Oracle
2013-10-17 18:24 - 2013-10-17 18:24 - 00004746 ____N C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 18:24 - 2013-10-08 06:50 - 00096168 ____N (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-17 18:24 - 2013-10-08 06:46 - 00264616 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-17 18:24 - 2013-10-08 06:46 - 00175016 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-17 18:24 - 2013-10-08 06:46 - 00174504 ____N (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-16 18:13 - 2013-11-01 16:32 - 00000270 __RSH C:\Users\Ivišić\ntuser.pol
2013-10-16 18:13 - 2013-10-16 19:30 - 00000070 _____ C:\Users\Ivišić\daemonprocess.txt
2013-10-16 18:13 - 2013-10-16 18:28 - 00000000 ____D C:\Users\Ivišić\AppData\Local\Mobogenie
2013-10-16 18:13 - 2013-10-16 18:13 - 00000000 ____D C:\Users\Ivišić\AppData\Local\cache
2013-10-16 18:03 - 2013-10-16 18:03 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-10-16 18:03 - 2013-10-16 18:03 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-16 18:03 - 2013-10-16 18:03 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-16 18:03 - 2012-04-08 23:40 - 00079360 ____N C:\Windows\SysWOW64\ff_vfw.dll
2013-10-16 14:43 - 2013-10-16 14:43 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2013-10-13 20:40 - 2013-10-13 20:40 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{BD8B2D5C-CFF8-4735-BF3B-58CFC012A591}
2013-10-13 18:46 - 2013-10-13 18:46 - 00003162 _____ C:\Windows\System32\Tasks\{B565B433-39F9-42D7-AC78-259D6AAF82DE}
2013-10-12 11:53 - 2013-10-26 18:58 - 00011264 ____H C:\Users\Ivišić\Desktop\photothumb.db
2013-10-12 11:48 - 2013-10-12 11:48 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-12 11:45 - 2013-10-12 11:45 - 00001039 _____ C:\Users\Ivišić\Desktop\PhotoScape.lnk
2013-10-12 11:45 - 2013-10-12 11:45 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-10-12 10:37 - 2013-10-12 10:37 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{B6113ABD-E506-4226-B2E7-BE45739AD33F}
2013-10-12 09:10 - 2013-10-12 09:10 - 00000000 ____D C:\ProgramData\Origin
2013-10-11 16:31 - 2013-10-11 16:31 - 00000000 ____D C:\ProgramData\Wincert
2013-10-11 10:24 - 2013-10-11 10:24 - 00381517 _____ C:\AnalysisLog.sr0
2013-10-11 10:12 - 2013-10-11 10:12 - 00000000 ____D C:\Program Files (x86)\2K Sports
2013-10-11 10:11 - 2013-10-11 10:11 - 00748494 ____N C:\Windows\SysWOW64\PerfStringBackup.INI

==================== One Month Modified Files and Folders =======

2013-11-07 15:04 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-07 15:04 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-07 15:00 - 2013-11-07 15:00 - 00000000 ____D C:\FRST
2013-11-07 14:59 - 2013-11-07 14:59 - 00033749 _____ C:\Users\Ivišić\Desktop\AdwCleaner[S0].txt
2013-11-07 14:56 - 2013-11-05 10:58 - 00001102 _____ C:\Windows\setupact.log
2013-11-07 14:56 - 2012-10-06 20:00 - 00000414 ____H C:\Windows\Tasks\OptimizerPro1UpdaterTask{74A0BD14-C854-44F8-BFC0-961F6081708F}.job
2013-11-07 14:56 - 2012-10-06 19:59 - 00000378 ____H C:\Windows\Tasks\WxDFastUpdaterTask{BE3F80B0-F622-4E03-A40D-7B8D2122A7B1}.job
2013-11-07 14:56 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-07 14:55 - 2013-11-07 14:53 - 00000000 ____D C:\AdwCleaner
2013-11-07 14:55 - 2012-05-31 03:43 - 00000763 _____ C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-07 14:21 - 2013-11-07 14:21 - 00023408 _____ C:\Users\Ivišić\Desktop\eset no.txt
2013-11-07 05:17 - 2013-11-05 18:53 - 00006361 _____ C:\Windows\WindowsUpdate.log
2013-11-07 05:12 - 2013-11-07 05:12 - 00000000 ____D C:\Users\Ivišić\AppData\Local\ESET
2013-11-07 05:09 - 2009-07-14 06:13 - 00740028 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-07 04:49 - 2013-11-07 04:49 - 00000000 ___RD C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-11-07 04:49 - 2013-11-07 04:49 - 00000000 ____D C:\Users\Ivišić\Documents\Bluetooth Folder
2013-11-07 04:46 - 2013-11-05 19:28 - 00019118 _____ C:\Windows\PFRO.log
2013-11-07 04:35 - 2012-06-05 13:45 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-07 04:15 - 2013-11-07 04:15 - 00000000 ____D C:\ProgramData\ESET
2013-11-07 04:15 - 2013-11-07 04:15 - 00000000 ____D C:\Program Files\ESET
2013-11-07 03:34 - 2012-10-06 19:59 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-07 03:30 - 2007-07-12 02:49 - 00000000 ____D C:\Windows\Panther
2013-11-07 01:06 - 2013-11-07 01:06 - 00001057 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-07 01:06 - 2013-11-07 01:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-07 01:06 - 2013-10-01 20:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-05 12:12 - 2012-06-03 08:07 - 00000000 ____D C:\Users\Ivišić\AppData\Local\Google
2013-11-05 12:09 - 2013-10-17 21:39 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2013-11-05 12:09 - 2013-10-17 21:39 - 00000000 ____D C:\Program Files (x86)\SmartTweak
2013-11-05 12:09 - 2013-07-16 17:19 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\BitTorrent
2013-11-05 10:58 - 2013-11-05 10:58 - 00000000 _____ C:\Windows\setuperr.log
2013-11-05 10:55 - 2011-10-13 14:28 - 00000000 ____D C:\Program Files (x86)\Acer
2013-11-05 10:55 - 2011-10-13 14:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-05 04:04 - 2013-11-05 04:02 - 00000032 _____ C:\ProgramData\PS.log
2013-11-05 04:04 - 2012-01-26 07:05 - 00000000 ____D C:\ProgramData\CyberLink
2013-11-05 04:02 - 2012-06-06 21:54 - 00000000 ____D C:\Users\Ivišić\AppData\Local\Cyberlink
2013-11-05 04:00 - 2013-11-05 04:00 - 00000000 ____D C:\Users\Ivišić\Documents\CyberLink
2013-11-04 19:41 - 2013-05-09 10:01 - 00000000 ____D C:\Users\Ivišić\Desktop\SLIKE & PISME
2013-11-04 11:09 - 2011-02-20 08:03 - 00421032 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-11-04 11:09 - 2011-02-19 09:40 - 00773800 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-11-04 06:54 - 2013-11-04 06:54 - 00000000 ____D C:\Users\Ivišić\Documents\KONAMI
2013-11-03 16:05 - 2012-07-20 17:58 - 03223552 ___SH C:\Users\Ivišić\Desktop\Thumbs.db
2013-11-02 12:01 - 2013-07-13 10:55 - 00000000 ____D C:\Users\Ivišić\Desktop\Igre
2013-11-01 16:32 - 2013-10-16 18:13 - 00000270 __RSH C:\Users\Ivišić\ntuser.pol
2013-11-01 16:32 - 2012-05-31 03:39 - 00000000 ____D C:\Users\Ivišić
2013-10-26 19:00 - 2013-10-26 19:00 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{93AE048C-6810-4DC2-932E-CF455BE87309}
2013-10-26 18:58 - 2013-10-12 11:53 - 00011264 ____H C:\Users\Ivišić\Desktop\photothumb.db
2013-10-23 13:58 - 2012-06-06 22:13 - 00000000 ____D C:\Users\Ivišić\AppData\Local\CrashDumps
2013-10-23 13:09 - 2012-12-26 01:00 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\vlc
2013-10-20 13:08 - 2013-10-20 13:08 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{196FA975-F282-49C2-AD89-35D1C34AAB8F}
2013-10-18 09:58 - 2013-10-18 09:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-18 09:41 - 2013-10-18 09:41 - 00000000 ____D C:\Users\Ivišić\AppData\Local\2K Games
2013-10-18 09:33 - 2013-10-18 09:33 - 00000000 ____D C:\Program Files (x86)\2K Games
2013-10-17 21:13 - 2012-08-16 09:06 - 00015360 ___SH C:\Users\Ivišić\Documents\Thumbs.db
2013-10-17 18:25 - 2013-10-17 18:25 - 00000000 ____D C:\ProgramData\Oracle
2013-10-17 18:24 - 2013-10-17 18:24 - 00004746 ____N C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 18:24 - 2013-09-02 20:15 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-16 19:30 - 2013-10-16 18:13 - 00000070 _____ C:\Users\Ivišić\daemonprocess.txt
2013-10-16 18:28 - 2013-10-16 18:13 - 00000000 ____D C:\Users\Ivišić\AppData\Local\Mobogenie
2013-10-16 18:13 - 2013-10-16 18:13 - 00000000 ____D C:\Users\Ivišić\AppData\Local\cache
2013-10-16 18:13 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-10-16 18:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2013-10-16 18:03 - 2013-10-16 18:03 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-10-16 18:03 - 2013-10-16 18:03 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-16 18:03 - 2013-10-16 18:03 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-16 14:59 - 2013-10-03 12:45 - 00000000 ____D C:\Users\Ivišić\Documents\Nella - svasta
2013-10-16 14:43 - 2013-10-16 14:43 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2013-10-16 14:28 - 2013-09-17 20:18 - 00000000 ____D C:\Program Files (x86)\The Sea App (Firefox)
2013-10-15 20:48 - 2013-02-16 10:44 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-15 20:48 - 2013-02-16 10:44 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-15 10:17 - 2013-02-16 10:44 - 00003946 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-15 10:17 - 2013-02-16 10:44 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-13 20:40 - 2013-10-13 20:40 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{BD8B2D5C-CFF8-4735-BF3B-58CFC012A591}
2013-10-13 18:46 - 2013-10-13 18:46 - 00003162 _____ C:\Windows\System32\Tasks\{B565B433-39F9-42D7-AC78-259D6AAF82DE}
2013-10-12 21:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-12 12:19 - 2012-07-30 17:30 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-12 11:48 - 2013-10-12 11:48 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-12 11:48 - 2012-07-30 17:31 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\TuneUp Software
2013-10-12 11:45 - 2013-10-12 11:45 - 00001039 _____ C:\Users\Ivišić\Desktop\PhotoScape.lnk
2013-10-12 11:45 - 2013-10-12 11:45 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-10-12 10:37 - 2013-10-12 10:37 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{B6113ABD-E506-4226-B2E7-BE45739AD33F}
2013-10-12 09:10 - 2013-10-12 09:10 - 00000000 ____D C:\ProgramData\Origin
2013-10-11 16:31 - 2013-10-11 16:31 - 00000000 ____D C:\ProgramData\Wincert
2013-10-11 10:24 - 2013-10-11 10:24 - 00381517 _____ C:\AnalysisLog.sr0
2013-10-11 10:12 - 2013-10-11 10:12 - 00000000 ____D C:\Program Files (x86)\2K Sports
2013-10-11 10:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-10-11 10:11 - 2013-10-11 10:11 - 00748494 ____N C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-10 09:36 - 2012-05-31 03:43 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\Atheros
2013-10-08 10:34 - 2013-07-24 12:23 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3748017617-2788098710-4278232957-1000UA.job
2013-10-08 10:34 - 2013-07-24 12:23 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3748017617-2788098710-4278232957-1000Core.job
2013-10-08 10:34 - 2013-06-03 20:28 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-10-08 10:34 - 2012-07-17 13:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-08 06:50 - 2013-10-17 18:24 - 00096168 ____N (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 06:46 - 2013-10-17 18:24 - 00264616 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 06:46 - 2013-10-17 18:24 - 00175016 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 06:46 - 2013-10-17 18:24 - 00174504 ____N (Oracle Corporation) C:\Windows\SysWOW64\java.exe

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3320.dll


Some content of TEMP:
====================
C:\Users\Ivišić\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Ivišić\AppData\Local\Temp\InstHelper.exe
C:\Users\Ivišić\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-31 13:03

==================== End Of Log ============================



mycity.rs/must-login.png

mycity.rs/must-login.png

Poslao: 07 Nov 2013 15:49
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Korak 1.


Otvori Notepad i iskopiraj sledeci tekst koji se nalazi unutar osencenog prostora.

MountPoints2: F - F:\setup.exe
MountPoints2: {6af4517c-c126-11e1-88f7-047d7b256ee2} - F:\NokiaPCIA_Autorun.exe
MountPoints2: {77654508-f825-11e2-a36b-047d7b256ee2} - E:\Startme.exe
MountPoints2: {bd19fc6f-3ac8-11e2-bc2d-047d7b256ee2} - E:\Startme.exe
AppInit_DLLs:  C:\PROGRA~2\MOVIES~1\SAFETY~1\x64\SAFETY~2.DLL  [154144 2010-07-29] ()
AppInit_DLLs-x32: c:\progra~2\movies~1\safety~1\safety~2.dll  [ ] ()
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
IMEO\bitguard.exe: [Debugger] tasklist.exe
IMEO\bprotect.exe: [Debugger] tasklist.exe
IMEO\browsemngr.exe: [Debugger] tasklist.exe
IMEO\browserdefender.exe: [Debugger] tasklist.exe
IMEO\browsermngr.exe: [Debugger] tasklist.exe
IMEO\browserprotect.exe: [Debugger] tasklist.exe
IMEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IMEO\cltmngsvc.exe: [Debugger] tasklist.exe
IMEO\delta babylon.exe: [Debugger] tasklist.exe
IMEO\delta tb.exe: [Debugger] tasklist.exe
IMEO\delta2.exe: [Debugger] tasklist.exe
IMEO\deltainstaller.exe: [Debugger] tasklist.exe
IMEO\deltasetup.exe: [Debugger] tasklist.exe
IMEO\deltatb.exe: [Debugger] tasklist.exe
IMEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IMEO\iminentsetup.exe: [Debugger] tasklist.exe
IMEO\rjatydimofu.exe: [Debugger] tasklist.exe
IMEO\sweetimsetup.exe: [Debugger] tasklist.exe
IMEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - {8fe8d013-c3fd-4802-af48-79274e9f969e} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^YO^xdm084^YY^hr&ptb=3FD866EB-22E8-4E8F-BD02-E6ADAD0AD1F0&psa=&ind=2013071008&st=sb&n=77fd06a0&searchfor={searchTerms}
SearchScopes: HKCU - {00743CE7-3F76-478B-982F-35E26DBEE7FB} URL = http://searchya.com/?chnl=dcom-100&s=1&cr=837630667&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDyD&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {300FFB7D-8314-439E-A652-48620533F7FD} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407453&p={searchTerms}
SearchScopes: HKCU - {54E0E375-DD92-43C0-8483-F76BC45D842D} URL = http://asksearch.ask.com/redirect?client=ie&src=kw&tb=SGT-SAT&itbv=11.1.0.189&o=APN10375&locale=en_EU&apn_uid=9FBA9E98-C5D7-4AC3-A450-D3C1C65B0539&apn_ptnrs=^AHP&apn_dtid=^YYYYYY^YY^HR&apn_dbr=ff_16.0&doi=2012-10-23&q={searchTerms}&
SearchScopes: HKCU - {70BA3E6B-1059-2266-0B2C-40E4A85231B8} URL = http://www.ddlstart.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=750&product_id=872&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=HR&install_date=20120718&user_guid=305AE47F8C13446980EE4308A130259B&machine_id=82e6e6069d4f75ff028d8d34e66ec77a&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
SearchScopes: HKCU - {75F7E6C7-20D0-4FBB-A8E1-7EDFEFE3D384} URL = http://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=bec708c00000000000007ce9d334bf32&q={searchTerms}&r=961
SearchScopes: HKCU - {8fe8d013-c3fd-4802-af48-79274e9f969e} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^YO^xdm084^YY^hr&ptb=3FD866EB-22E8-4E8F-BD02-E6ADAD0AD1F0&psa=&ind=2013071008&st=sb&n=77fd06a0&searchfor={searchTerms}
SearchScopes: HKCU - {B841E3F9-782D-4356-8AB9-06D04D819E45} URL = http://www.mysearchresults.com/search?&c=3501&t=07&q={searchTerms}
SearchScopes: HKCU - {BFCBCF9A-6D6A-4F70-9F6F-9A81274BEF7E} URL = http://search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=bec708c00000000000007ce9d334bf32&r=860
Toolbar: HKLM-x32 - No Name - {45177936-603b-4261-8d42-df6f7091d5d0} -  No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} -  No File
Toolbar: HKCU - No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} -  No File
Toolbar: HKCU - avast! EasyPass Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
FF Extension: No Name - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: No Name - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: No Name - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\search.sqlite
C:\Users\Public\AlexaNSISPlugin.3320.dll
C:\Users\Ivišić\AppData\Local\Temp
cmd: ipconfig /flushdns

U okviru Notepad-a klikni na File --> Save As

Fajl nazovi fixlist.txt i sacuvaj na Desktop

Dvoklikom ponovo pokreni FRST.exe

Klikni na Fix i sacekaj dok program ne završi

Ukoliko program zatraži restart racunara, omoguci mu da to nesmetano obavi.

Nakon završetka rada, otvorice se Notepad, sa sadržajem koji treba da kopiraš u temu.

Takode, na Desktop-u ce se nalaziti fixlog.txt.




Korak 2.


Koji Antivirus ti je primarni? Imas instalirane ESET, Avast i AVG. Drzanje vise od jednog nije preporucljivo i moze imati posledice.



Korak 3.


Preuzmi aswMBR i sacuvaj ga na Desktop.

Dvoklikom pokreni aswMBR.

Ukoliko dobijes sledecu poruku:
Would you like to download latest Avast! virus definitions?
Klikni na dugme Yes i pricekaj da se proces preuzimanja definicija zavrsi.

Proveri da je pod AV Scan: izabrana opcija QuickScan

Klikni na Scan.

Kada zavrsi skeniranje ( Scan finished successfully ) klikni Save log.
Sacuvaj aswMBR log na Desktop.
Sadrzaj tog loga iskopiraj u temi.

Poslao: 07 Nov 2013 16:06
Idi na vrh
offline
  • Pridružio: 19 Apr 2012
  • Poruke: 33

mycity.rs/must-login.png

Eset mi je primarni.Sve sta radim po pitanju sigurnosti, radim preko njega.





Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-10-2013
Ran by Ivišić at 2013-11-07 15:57:30 Run:1
Running from C:\Users\Ivišić\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
MountPoints2: F - F:\setup.exe
MountPoints2: {6af4517c-c126-11e1-88f7-047d7b256ee2} - F:\NokiaPCIA_Autorun.exe
MountPoints2: {77654508-f825-11e2-a36b-047d7b256ee2} - E:\Startme.exe
MountPoints2: {bd19fc6f-3ac8-11e2-bc2d-047d7b256ee2} - E:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\MOVIES~1\SAFETY~1\x64\SAFETY~2.DLL [154144 2010-07-29] ()
AppInit_DLLs-x32: c:\progra~2\movies~1\safety~1\safety~2.dll [ ] ()
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
IMEO\bitguard.exe: [Debugger] tasklist.exe
IMEO\bprotect.exe: [Debugger] tasklist.exe
IMEO\browsemngr.exe: [Debugger] tasklist.exe
IMEO\browserdefender.exe: [Debugger] tasklist.exe
IMEO\browsermngr.exe: [Debugger] tasklist.exe
IMEO\browserprotect.exe: [Debugger] tasklist.exe
IMEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IMEO\cltmngsvc.exe: [Debugger] tasklist.exe
IMEO\delta babylon.exe: [Debugger] tasklist.exe
IMEO\delta tb.exe: [Debugger] tasklist.exe
IMEO\delta2.exe: [Debugger] tasklist.exe
IMEO\deltainstaller.exe: [Debugger] tasklist.exe
IMEO\deltasetup.exe: [Debugger] tasklist.exe
IMEO\deltatb.exe: [Debugger] tasklist.exe
IMEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IMEO\iminentsetup.exe: [Debugger] tasklist.exe
IMEO\rjatydimofu.exe: [Debugger] tasklist.exe
IMEO\sweetimsetup.exe: [Debugger] tasklist.exe
IMEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - {8fe8d013-c3fd-4802-af48-79274e9f969e} URL = search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^YO^xdm084^YY^hr&ptb=3FD866EB-22E8-4E8F-BD02-E6ADAD0AD1F0&psa=&ind=2013071008&st=sb&n=77fd06a0&searchfor={searchTerms}
SearchScopes: HKCU - {00743CE7-3F76-478B-982F-35E26DBEE7FB} URL = searchya.com/?chnl=dcom-100&s=1&cr=.....DyD&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {300FFB7D-8314-439E-A652-48620533F7FD} URL = search.yahoo.com/search?fr=chr-greentree_ie.....453&p={searchTerms}
SearchScopes: HKCU - {54E0E375-DD92-43C0-8483-F76BC45D842D} URL = asksearch.ask.com/redirect?client=ie&sr.....apn_ptnrs=^AHP&apn_dtid=^YYYYYY^YY^HR&apn_dbr=ff_16.0&doi=2012-10-23&q={searchTerms}&
SearchScopes: HKCU - {70BA3E6B-1059-2266-0B2C-40E4A85231B8} URL = ddlstart.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=750&product_id=872&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=HR&install_date=20120718&user_guid=305AE47F8C13446980EE4308A130259B&machine_id=82e6e6069d4f75ff028d8d34e66ec77a&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
SearchScopes: HKCU - {75F7E6C7-20D0-4FBB-A8E1-7EDFEFE3D384} URL = blekko.com/ws/?source=5f97ddbe&tbp=rbox.....f32&q={searchTerms}&r=961
SearchScopes: HKCU - {8fe8d013-c3fd-4802-af48-79274e9f969e} URL = search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^YO^xdm084^YY^hr&ptb=3FD866EB-22E8-4E8F-BD02-E6ADAD0AD1F0&psa=&ind=2013071008&st=sb&n=77fd06a0&searchfor={searchTerms}
SearchScopes: HKCU - {B841E3F9-782D-4356-8AB9-06D04D819E45} URL = mysearchresults.com/search?&c=3501&t=07&q={searchTerms}
SearchScopes: HKCU - {BFCBCF9A-6D6A-4F70-9F6F-9A81274BEF7E} URL = search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=bec708c00000000000007ce9d334bf32&r=860
Toolbar: HKLM-x32 - No Name - {45177936-603b-4261-8d42-df6f7091d5d0} - No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKCU - No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
Toolbar: HKCU - avast! EasyPass Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - No File
FF Extension: No Name - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: No Name - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: No Name - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\search.sqlite
C:\Users\Public\AlexaNSISPlugin.3320.dll
C:\Users\Ivišić\AppData\Local\Temp
cmd: ipconfig /flushdns
*****************

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6af4517c-c126-11e1-88f7-047d7b256ee2} => Key deleted successfully.
HKCR\CLSID\{6af4517c-c126-11e1-88f7-047d7b256ee2} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{77654508-f825-11e2-a36b-047d7b256ee2} => Key deleted successfully.
HKCR\CLSID\{77654508-f825-11e2-a36b-047d7b256ee2} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd19fc6f-3ac8-11e2-bc2d-047d7b256ee2} => Key deleted successfully.
HKCR\CLSID\{bd19fc6f-3ac8-11e2-bc2d-047d7b256ee2} => Key not found.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsemngr.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsermngr.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bundlesweetimsetup.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cltmngsvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\delta babylon.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\delta tb.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\delta2.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\deltainstaller.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\deltasetup.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\deltatb.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\deltatb_2501-c733154b.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iminentsetup.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rjatydimofu.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\sweetimsetup.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\tbdelta.exetoolbar783881609.exe => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8fe8d013-c3fd-4802-af48-79274e9f969e} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{00743CE7-3F76-478B-982F-35E26DBEE7FB} => Key deleted successfully.
HKCR\CLSID\{00743CE7-3F76-478B-982F-35E26DBEE7FB} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{300FFB7D-8314-439E-A652-48620533F7FD} => Key deleted successfully.
HKCR\CLSID\{300FFB7D-8314-439E-A652-48620533F7FD} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{54E0E375-DD92-43C0-8483-F76BC45D842D} => Key deleted successfully.
HKCR\CLSID\{54E0E375-DD92-43C0-8483-F76BC45D842D} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70BA3E6B-1059-2266-0B2C-40E4A85231B8} => Key deleted successfully.
HKCR\CLSID\{70BA3E6B-1059-2266-0B2C-40E4A85231B8} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75F7E6C7-20D0-4FBB-A8E1-7EDFEFE3D384} => Key deleted successfully.
HKCR\CLSID\{75F7E6C7-20D0-4FBB-A8E1-7EDFEFE3D384} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e} => Key deleted successfully.
HKCR\CLSID\{8fe8d013-c3fd-4802-af48-79274e9f969e} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B841E3F9-782D-4356-8AB9-06D04D819E45} => Key deleted successfully.
HKCR\CLSID\{B841E3F9-782D-4356-8AB9-06D04D819E45} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFCBCF9A-6D6A-4F70-9F6F-9A81274BEF7E} => Key deleted successfully.
HKCR\CLSID\{BFCBCF9A-6D6A-4F70-9F6F-9A81274BEF7E} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{45177936-603b-4261-8d42-df6f7091d5d0} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{45177936-603b-4261-8d42-df6f7091d5d0} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Value deleted successfully.
HKCR\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{687578B9-7132-4A7A-80E4-30EE31099E03} => Value deleted successfully.
HKCR\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{724D43A0-0D85-11D4-9908-00400523E39A} => Value deleted successfully.
HKCR\CLSID\{724D43A0-0D85-11D4-9908-00400523E39A} => Key deleted successfully.
C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions => Moved successfully.
C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins => Moved successfully.
C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\search.sqlite => Moved successfully.
C:\Users\Public\AlexaNSISPlugin.3320.dll => Moved successfully.

"C:\Users\Ivišić\AppData\Local\Temp" directory move:

C:\Users\Ivišić\AppData\Local\Temp\9352.tmp => Moved successfully.
Could not move "C:\Users\Ivišić\AppData\Local\Temp\AdobeARM.log" => Scheduled to move on reboot.
C:\Users\Ivišić\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
Could not move "C:\Users\Ivišić\AppData\Local\Temp\aipflib.log" => Scheduled to move on reboot.
C:\Users\Ivišić\AppData\Local\Temp\ArmUI.ini => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\bi_cleaner.exe => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\f8dda233-252d-4624-91d7-020c2920945f.dmp => Moved successfully.
Could not move "C:\Users\Ivišić\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Ivišić\AppData\Local\Temp\InstHelper.exe => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst109.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst1127.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst168B.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst1756.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst1757.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst17D3.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst18AD.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst1A04.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst1C84.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst1D22.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst1DB4.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst21C2.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst223D.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst23BD.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst27C2.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst286E.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst287D.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst288D.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst28DB.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst2929.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst2987.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst2996.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst2A13.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst2A69.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst2A6A.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst2A99.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst2B62.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst2B63.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst2C0E.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst3286.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst35AD.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst39F5.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst3A14.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst3DAA.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst3F0F.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst3F13.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst3F71.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst409F.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst40DE.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst41E7.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst4292.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst431F.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst433E.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst435.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst4797.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst47A7.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst4833.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst4A30.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst4A36.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst4AB3.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst4CD7.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst4D25.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst4D42.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst4EDB.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst52E.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst57C2.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst586B.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst58C7.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst59B1.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst5A6D.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst5D1D.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst5D3B.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst5D7A.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst5E2.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst5E35.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst5F6F.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst60E3.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst6160.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst63EE.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst6816.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst698D.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst6B4E.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst6BAC.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst6CA5.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst6D06.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst6D9F.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst6DB9.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst6E79.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst6EB8.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst6F66.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst7472.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst7489.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst7704.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst78F4.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst7D6A.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst7F62.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst7F9C.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst8009.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst8028.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst80D4.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst84BA.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst9241.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst9756.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst9D7E.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst9D8D.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst9E8.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jst9EEC.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstA378.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstA897.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstA8B6.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstACC2.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstB200.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstB30.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstB31.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstB3E4.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstB7B0.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstB886.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstBAC.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstBE9A.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC053.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC0D4.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC12D.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC18B.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC286.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC2E2.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC2F6.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC39.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC44F.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC62C.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC77.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC8E8.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC90E.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC910.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstC93D.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstCAA7.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstCAC5.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstCAE4.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstCB51.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstCB53.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstCB6F.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstCB72.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstCBCE.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstCBFD.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstCC4C.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstCC80.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstCF02.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstD129.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstD158.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstD8F6.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstDA78.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstDF28.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstE292.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstE352.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstE457.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstE4E2.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstE51.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstE5FC.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstE85B.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstF393.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstF4C1.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstF520.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstF5DA.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstF5DB.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstF609.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstF618.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstF6B4.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jstFF35.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\jusched.log => Moved successfully.
Could not move "C:\Users\Ivišić\AppData\Local\Temp\LManager.log" => Scheduled to move on reboot.
Could not move "C:\Users\Ivišić\AppData\Local\Temp\LMworker.log" => Scheduled to move on reboot.
Could not move "C:\Users\Ivišić\AppData\Local\Temp\MMDUtl.log" => Scheduled to move on reboot.
C:\Users\Ivišić\AppData\Local\Temp\MSIf06b8.LOG => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\toolbar_log.txt => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\Uninstall Log 2013-11-05 #001.txt => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\users00 => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\utt7ED9.tmp => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\utt7ED9.tmp.bat => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\{DD1F1EE9-639B-46FE-A4DF-E95986D09E08}\ISBEW64.exe => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_5280_15130\DECODED_IMAGES => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_5280_15130\DECODED_MESSAGE_CATALOGS => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_5280_15130\TorrentHandler.crx => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_5280_15130\CRX_INSTALL\manifest.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_5280_15130\CRX_INSTALL\js\background.js => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_5280_15130\CRX_INSTALL\js\ex.js => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_5280_15130\CRX_INSTALL\js\jquery.js => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_5280_15130\CRX_INSTALL\images\icon.128.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_5280_15130\CRX_INSTALL\images\icon.16.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_5280_15130\CRX_INSTALL\images\icon.48.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_5280_15130\CRX_INSTALL\html\background.html => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\DECODED_IMAGES => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\DECODED_MESSAGE_CATALOGS => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\dvsYoutubeDownload.crx => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\background.html => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\background.js => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\dvs_freeyoutubedownload.css => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\dvs_freeyoutubedownload.js => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\dvs_logo.ico => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\dvs_logo_128.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\dvs_logo_32.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\dvs_logo_48.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\errorRunProgramm.html => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\manifest.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\np_dvs_plugin.dll => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\options.html => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\options.js => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\page_action.html => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\_locales\zh_TW\messages.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\_locales\zh_CN\messages.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\_locales\ru\messages.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\_locales\pt\messages.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\_locales\pl\messages.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\_locales\nl\messages.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\_locales\ja\messages.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\_locales\it\messages.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\_locales\fr\messages.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\_locales\es\messages.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\_locales\en\messages.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\_locales\de\messages.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\images\backbar.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\images\download.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\images\fs.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\images\headphone.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\images\logo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\images\manager.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\images\YoutubeDownloader.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_27596\CRX_INSTALL\images\YoutubeToMp3.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_14381\DECODED_IMAGES => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_14381\DECODED_MESSAGE_CATALOGS => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_14381\TorrentHandler.crx => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_14381\CRX_INSTALL\manifest.json => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_14381\CRX_INSTALL\js\background.js => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_14381\CRX_INSTALL\js\ex.js => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_14381\CRX_INSTALL\js\jquery.js => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_14381\CRX_INSTALL\images\icon.128.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_14381\CRX_INSTALL\images\icon.16.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_14381\CRX_INSTALL\images\icon.48.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_14381\CRX_INSTALL\html\background.html => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\newtab.crx => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\action.html => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\index.html => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\js\action.js => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\default-wallpaper.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\game.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\google.com.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\headerBg.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\icon128.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\icon16.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\icon48.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\ie_logo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\load.gif => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\main.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\photosload.gif => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\shoping.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\submit_buttion.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\wallpaper_buttion.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\weatherlogo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\webstore.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\wedo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\skin_0\defaultBg.svg => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\skin_0\defaultBgIco.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\skin_0\idialog_s.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\skin_0\ios5_button.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\skin_0\left.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\skin_0\loading.gif => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\skin_0\loading2.gif => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\skin_0\q_bg.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\skin_0\q_left.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\skin_0\q_right.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\skin_0\right.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\skin_0\titleBg.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\skin_0\wedo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\quickSearch\linktype.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\img\quickSearch\logo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\all.css => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\classification.css => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\weather.css => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\skins\download.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\skins\skins.css => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\skins\img\headerBg.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\skins\img\logo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\skins\img\skin_0\categoryBg.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\skins\img\skin_0\icons.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\setup\setup.css => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\setup\img\headerBg.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\setup\img\logo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\setup\img\skin_0\dialBoxStyle.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\setup\img\skin_0\icons.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\quickSearch\quickSearch.css => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\quickSearch\img\baidu.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\quickSearch\img\bing.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\quickSearch\img\google.com.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\quickSearch\img\google.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\quickSearch\img\headerBg.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\quickSearch\img\logo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\quickSearch\img\searchButton.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\quickSearch\img\taobao.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\quickSearch\img\yahoo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\lastVisited\lastVisited.css => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\lastVisited\img\logo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\extensions\extensions.css => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\extensions\img\extensionsbtn.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\extensions\img\logo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\cloud.css => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\buttonBg.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\categoryBg.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\cn_outSideLogo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\cn_uploadLogo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\headerBg.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\icons.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\logo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\outSideLogo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\searchBg.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\searchButton.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\searchLeft.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\selected.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\tabsBg.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\cloud\img\uploadLogo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\bookmarks\bookmarks.css => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\bookmarks\img\headerBg.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\scoped_dir_3880_12215\CRX_INSTALL\css\bookmarks\img\logo.png => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\RoboForm\rfwipeout.exe => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\PCTInstaller\rm_url.txt => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\nro.tmp\Nero\NPS\nero.xml.{9B4E6CB9-E54D-47F7-A414-E2D5740E1033} => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\nro.log\log\nsi.nrd.log.txt => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\Low\_rf.log => Moved successfully.
C:\Users\Ivišić\AppData\Local\Temp\logs\uninst.log => Moved successfully.
Could not move "C:\Users\Ivišić\AppData\Local\Temp" directory. => Scheduled to move on reboot.


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

Poslao: 07 Nov 2013 16:48
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

U redu, onda cemo ukloniti ostatke Avasta i AVG-a


Da pocistis avast, poseti ovaj link --> http://www.avast.com/uninstall-utility


Za uklanjanje AVG-a, preuzmi ovaj alat --> http://download.avg.com/filedir/util/support/avg_remover_stf_x64_2014_4116.exe


I zaboravio si da mi dostavis izvestaj od Aswmbr-a...

Poslao: 07 Nov 2013 18:04
Idi na vrh
offline
  • Pridružio: 19 Apr 2012
  • Poruke: 33

mycity.rs/must-login.png

evo izvjestaj iz prethodnog posta.Sad slobodno mogu napravit deinstalaciju 2 bespotrebna antivirusna programa?



aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-07 17:33:02
-----------------------------
17:33:02.595 OS Version: Windows x64 6.1.7601 Service Pack 1
17:33:02.596 Number of processors: 2 586 0x2A07
17:33:02.596 ComputerName: IVISIC-RACUNALO UserName: Ivišiæ
17:33:03.476 Initialize success
17:39:10.945 AVAST engine defs: 13110601
17:45:23.809 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:45:23.811 Disk 0 Vendor: TOSHIBA_ AX00 Size: 476940MB BusType: 3
17:45:23.914 Disk 0 MBR read successfully
17:45:23.917 Disk 0 MBR scan
17:45:23.924 Disk 0 Windows 7 default MBR code
17:45:23.934 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14336 MB offset 2048
17:45:23.956 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 29362176
17:45:23.971 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 462502 MB offset 29566976
17:45:24.062 Disk 0 scanning C:\Windows\system32\drivers
17:45:46.121 Service scanning
17:46:24.864 Modules scanning
17:46:24.872 Disk 0 trace - called modules:
17:46:24.902 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:46:24.908 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ef7790]
17:46:24.914 3 CLASSPNP.SYS[fffff880013ad43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004963050]
17:46:25.811 AVAST engine scan C:\Windows
17:46:29.489 AVAST engine scan C:\Windows\system32
17:52:03.195 AVAST engine scan C:\Windows\system32\drivers
17:52:39.351 AVAST engine scan C:\Users\Ivišiæ
17:56:28.581 AVAST engine scan C:\ProgramData
17:59:32.908 Scan finished successfully
18:00:02.855 Disk 0 MBR has been saved successfully to "C:\Users\Ivišiæ\Desktop\MBR.dat"
18:00:02.865 The log file has been saved successfully to "C:\Users\Ivišiæ\Desktop\aswMBR.txt"

Poslao: 07 Nov 2013 20:57
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Ok, ako si obrisao Avast i AVG, ponovo pokreni FRST i dostavi mi svez izvestaj...

Poslao: 07 Nov 2013 21:46
Idi na vrh
offline
  • Pridružio: 19 Apr 2012
  • Poruke: 33

mycity.rs/must-login.png



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Ivišić (administrator) on IVISIC-RACUNALO on 07-11-2013 21:41:37
Running from C:\Users\Ivišić\Desktop\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Croatian
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-01-26] (Alcor Micro Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [976032 2011-09-17] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-09-17] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6330568 2013-03-21] (ESET)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = bing.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL [2210608 2006-10-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\Profiles\128jq3vx.default
FF Homepage: google.hr
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @ei.VideoDownloadConverter_4z.com/Plugin - C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Ivišić\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Ivišić\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eudict.xml
FF Extension: OneClickDownloader - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com
FF Extension: gophoto - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi
FF Extension: TorrentHandler - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\TorrentHandler@TorrentHandler.com.xpi
FF Extension: trtv3 - C:\Users\Ivišić\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

==================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1341664 2013-03-21] (ESET)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75064 2013-07-19] ()

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-02] (AVG Technologies)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-20] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-07-24] (AnchorFree Inc.)
S3 clwvd; system32\DRIVERS\clwvd.sys [x]
S3 NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [x]
S3 UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-07 19:26 - 2013-11-07 19:26 - 00000000 ____D C:\Users\Ivišić\AppData\Local\Avg2014
2013-11-07 15:00 - 2013-11-07 21:40 - 00000000 ____D C:\FRST
2013-11-07 14:53 - 2013-11-07 14:55 - 00000000 ____D C:\AdwCleaner
2013-11-07 05:12 - 2013-11-07 05:12 - 00000000 ____D C:\Users\Ivišić\AppData\Local\ESET
2013-11-07 04:49 - 2013-11-07 04:49 - 00000000 ___RD C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-11-07 04:49 - 2013-11-07 04:49 - 00000000 ____D C:\Users\Ivišić\Documents\Bluetooth Folder
2013-11-07 04:15 - 2013-11-07 04:15 - 00000000 ____D C:\ProgramData\ESET
2013-11-07 04:15 - 2013-11-07 04:15 - 00000000 ____D C:\Program Files\ESET
2013-11-07 01:06 - 2013-11-07 01:06 - 00001057 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-07 01:06 - 2013-11-07 01:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-05 18:53 - 2013-11-07 19:52 - 00032169 ____N C:\Windows\WindowsUpdate.log
2013-11-05 04:02 - 2013-11-05 04:04 - 00000032 _____ C:\ProgramData\PS.log
2013-11-05 04:00 - 2013-11-05 04:00 - 00000000 ____D C:\Users\Ivišić\Documents\CyberLink
2013-11-04 06:54 - 2013-11-04 06:54 - 00000000 ____D C:\Users\Ivišić\Documents\KONAMI
2013-10-26 19:00 - 2013-10-26 19:00 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{93AE048C-6810-4DC2-932E-CF455BE87309}
2013-10-20 13:08 - 2013-10-20 13:08 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{196FA975-F282-49C2-AD89-35D1C34AAB8F}
2013-10-18 09:58 - 2013-10-18 09:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-18 09:41 - 2013-10-18 09:41 - 00000000 ____D C:\Users\Ivišić\AppData\Local\2K Games
2013-10-18 09:33 - 2013-10-18 09:33 - 00000000 ____D C:\Program Files (x86)\2K Games
2013-10-17 21:39 - 2013-11-05 12:09 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2013-10-17 21:39 - 2013-11-05 12:09 - 00000000 ____D C:\Program Files (x86)\SmartTweak
2013-10-17 18:25 - 2013-10-17 18:25 - 00000000 ____D C:\ProgramData\Oracle
2013-10-17 18:24 - 2013-10-17 18:24 - 00004746 ____N C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 18:24 - 2013-10-08 06:50 - 00096168 ____N (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-17 18:24 - 2013-10-08 06:46 - 00264616 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-17 18:24 - 2013-10-08 06:46 - 00175016 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-17 18:24 - 2013-10-08 06:46 - 00174504 ____N (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-16 18:13 - 2013-11-01 16:32 - 00000270 __RSH C:\Users\Ivišić\ntuser.pol
2013-10-16 18:13 - 2013-10-16 19:30 - 00000070 _____ C:\Users\Ivišić\daemonprocess.txt
2013-10-16 18:13 - 2013-10-16 18:28 - 00000000 ____D C:\Users\Ivišić\AppData\Local\Mobogenie
2013-10-16 18:13 - 2013-10-16 18:13 - 00000000 ____D C:\Users\Ivišić\AppData\Local\cache
2013-10-16 18:03 - 2013-10-16 18:03 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-10-16 18:03 - 2013-10-16 18:03 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-16 18:03 - 2013-10-16 18:03 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-16 18:03 - 2012-04-08 23:40 - 00079360 ____N C:\Windows\SysWOW64\ff_vfw.dll
2013-10-16 14:43 - 2013-10-16 14:43 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2013-10-13 20:40 - 2013-10-13 20:40 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{BD8B2D5C-CFF8-4735-BF3B-58CFC012A591}
2013-10-13 18:46 - 2013-10-13 18:46 - 00003162 _____ C:\Windows\System32\Tasks\{B565B433-39F9-42D7-AC78-259D6AAF82DE}
2013-10-12 11:53 - 2013-10-26 18:58 - 00011264 ____H C:\Users\Ivišić\Desktop\photothumb.db
2013-10-12 11:48 - 2013-10-12 11:48 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-12 11:45 - 2013-10-12 11:45 - 00001039 _____ C:\Users\Ivišić\Desktop\PhotoScape.lnk
2013-10-12 11:45 - 2013-10-12 11:45 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-10-12 10:37 - 2013-10-12 10:37 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{B6113ABD-E506-4226-B2E7-BE45739AD33F}
2013-10-12 09:10 - 2013-10-12 09:10 - 00000000 ____D C:\ProgramData\Origin
2013-10-11 16:31 - 2013-10-11 16:31 - 00000000 ____D C:\ProgramData\Wincert
2013-10-11 10:24 - 2013-10-11 10:24 - 00381517 _____ C:\AnalysisLog.sr0
2013-10-11 10:12 - 2013-10-11 10:12 - 00000000 ____D C:\Program Files (x86)\2K Sports
2013-10-11 10:11 - 2013-10-11 10:11 - 00748494 ____N C:\Windows\SysWOW64\PerfStringBackup.INI

==================== One Month Modified Files and Folders =======

2013-11-07 21:40 - 2013-11-07 15:00 - 00000000 ____D C:\FRST
2013-11-07 21:37 - 2013-05-09 10:01 - 00000000 ____D C:\Users\Ivišić\Desktop\SLIKE & PISME
2013-11-07 20:57 - 2012-06-06 22:13 - 00000000 ____D C:\Users\Ivišić\AppData\Local\CrashDumps
2013-11-07 20:57 - 2007-07-12 02:49 - 00000000 ____D C:\Windows\Panther
2013-11-07 19:56 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-07 19:56 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-07 19:52 - 2013-11-05 18:53 - 00032169 ____N C:\Windows\WindowsUpdate.log
2013-11-07 19:35 - 2012-10-06 20:00 - 00000414 ____H C:\Windows\Tasks\OptimizerPro1UpdaterTask{74A0BD14-C854-44F8-BFC0-961F6081708F}.job
2013-11-07 19:35 - 2012-10-06 19:59 - 00000378 ____H C:\Windows\Tasks\WxDFastUpdaterTask{BE3F80B0-F622-4E03-A40D-7B8D2122A7B1}.job
2013-11-07 19:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-07 19:26 - 2013-11-07 19:26 - 00000000 ____D C:\Users\Ivišić\AppData\Local\Avg2014
2013-11-07 19:19 - 2012-06-05 13:45 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-11-07 14:55 - 2013-11-07 14:53 - 00000000 ____D C:\AdwCleaner
2013-11-07 14:55 - 2012-05-31 03:43 - 00000763 _____ C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-07 05:12 - 2013-11-07 05:12 - 00000000 ____D C:\Users\Ivišić\AppData\Local\ESET
2013-11-07 05:09 - 2009-07-14 06:13 - 00740028 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-07 04:49 - 2013-11-07 04:49 - 00000000 ___RD C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-11-07 04:49 - 2013-11-07 04:49 - 00000000 ____D C:\Users\Ivišić\Documents\Bluetooth Folder
2013-11-07 04:35 - 2012-06-05 13:45 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-07 04:15 - 2013-11-07 04:15 - 00000000 ____D C:\ProgramData\ESET
2013-11-07 04:15 - 2013-11-07 04:15 - 00000000 ____D C:\Program Files\ESET
2013-11-07 03:34 - 2012-10-06 19:59 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-07 01:06 - 2013-11-07 01:06 - 00001057 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-07 01:06 - 2013-11-07 01:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-07 01:06 - 2013-10-01 20:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-05 12:12 - 2012-06-03 08:07 - 00000000 ____D C:\Users\Ivišić\AppData\Local\Google
2013-11-05 12:09 - 2013-10-17 21:39 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2013-11-05 12:09 - 2013-10-17 21:39 - 00000000 ____D C:\Program Files (x86)\SmartTweak
2013-11-05 12:09 - 2013-07-16 17:19 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\BitTorrent
2013-11-05 10:55 - 2011-10-13 14:28 - 00000000 ____D C:\Program Files (x86)\Acer
2013-11-05 10:55 - 2011-10-13 14:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-05 04:04 - 2013-11-05 04:02 - 00000032 _____ C:\ProgramData\PS.log
2013-11-05 04:04 - 2012-01-26 07:05 - 00000000 ____D C:\ProgramData\CyberLink
2013-11-05 04:02 - 2012-06-06 21:54 - 00000000 ____D C:\Users\Ivišić\AppData\Local\Cyberlink
2013-11-05 04:00 - 2013-11-05 04:00 - 00000000 ____D C:\Users\Ivišić\Documents\CyberLink
2013-11-04 11:09 - 2011-02-20 08:03 - 00421032 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-11-04 11:09 - 2011-02-19 09:40 - 00773800 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-11-04 06:54 - 2013-11-04 06:54 - 00000000 ____D C:\Users\Ivišić\Documents\KONAMI
2013-11-03 16:05 - 2012-07-20 17:58 - 03223552 ___SH C:\Users\Ivišić\Desktop\Thumbs.db
2013-11-02 12:01 - 2013-07-13 10:55 - 00000000 ____D C:\Users\Ivišić\Desktop\Igre
2013-11-01 16:32 - 2013-10-16 18:13 - 00000270 __RSH C:\Users\Ivišić\ntuser.pol
2013-11-01 16:32 - 2012-05-31 03:39 - 00000000 ____D C:\Users\Ivišić
2013-10-26 19:00 - 2013-10-26 19:00 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{93AE048C-6810-4DC2-932E-CF455BE87309}
2013-10-26 18:58 - 2013-10-12 11:53 - 00011264 ____H C:\Users\Ivišić\Desktop\photothumb.db
2013-10-23 13:09 - 2012-12-26 01:00 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\vlc
2013-10-20 13:08 - 2013-10-20 13:08 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{196FA975-F282-49C2-AD89-35D1C34AAB8F}
2013-10-18 09:58 - 2013-10-18 09:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-18 09:41 - 2013-10-18 09:41 - 00000000 ____D C:\Users\Ivišić\AppData\Local\2K Games
2013-10-18 09:33 - 2013-10-18 09:33 - 00000000 ____D C:\Program Files (x86)\2K Games
2013-10-17 21:13 - 2012-08-16 09:06 - 00015360 ___SH C:\Users\Ivišić\Documents\Thumbs.db
2013-10-17 18:25 - 2013-10-17 18:25 - 00000000 ____D C:\ProgramData\Oracle
2013-10-17 18:24 - 2013-10-17 18:24 - 00004746 ____N C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 18:24 - 2013-09-02 20:15 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-16 19:30 - 2013-10-16 18:13 - 00000070 _____ C:\Users\Ivišić\daemonprocess.txt
2013-10-16 18:28 - 2013-10-16 18:13 - 00000000 ____D C:\Users\Ivišić\AppData\Local\Mobogenie
2013-10-16 18:13 - 2013-10-16 18:13 - 00000000 ____D C:\Users\Ivišić\AppData\Local\cache
2013-10-16 18:13 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-10-16 18:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2013-10-16 18:03 - 2013-10-16 18:03 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-10-16 18:03 - 2013-10-16 18:03 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-16 18:03 - 2013-10-16 18:03 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-16 14:59 - 2013-10-03 12:45 - 00000000 ____D C:\Users\Ivišić\Documents\Nella - svasta
2013-10-16 14:43 - 2013-10-16 14:43 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2013-10-16 14:28 - 2013-09-17 20:18 - 00000000 ____D C:\Program Files (x86)\The Sea App (Firefox)
2013-10-15 20:48 - 2013-02-16 10:44 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-15 20:48 - 2013-02-16 10:44 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-15 10:17 - 2013-02-16 10:44 - 00003946 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-15 10:17 - 2013-02-16 10:44 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-13 20:40 - 2013-10-13 20:40 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{BD8B2D5C-CFF8-4735-BF3B-58CFC012A591}
2013-10-13 18:46 - 2013-10-13 18:46 - 00003162 _____ C:\Windows\System32\Tasks\{B565B433-39F9-42D7-AC78-259D6AAF82DE}
2013-10-12 21:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-12 12:19 - 2012-07-30 17:30 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-12 11:48 - 2013-10-12 11:48 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-12 11:48 - 2012-07-30 17:31 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\TuneUp Software
2013-10-12 11:45 - 2013-10-12 11:45 - 00001039 _____ C:\Users\Ivišić\Desktop\PhotoScape.lnk
2013-10-12 11:45 - 2013-10-12 11:45 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-10-12 10:37 - 2013-10-12 10:37 - 00000000 ____D C:\Users\Ivišić\AppData\Local\{B6113ABD-E506-4226-B2E7-BE45739AD33F}
2013-10-12 09:10 - 2013-10-12 09:10 - 00000000 ____D C:\ProgramData\Origin
2013-10-11 16:31 - 2013-10-11 16:31 - 00000000 ____D C:\ProgramData\Wincert
2013-10-11 10:24 - 2013-10-11 10:24 - 00381517 _____ C:\AnalysisLog.sr0
2013-10-11 10:12 - 2013-10-11 10:12 - 00000000 ____D C:\Program Files (x86)\2K Sports
2013-10-11 10:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-10-11 10:11 - 2013-10-11 10:11 - 00748494 ____N C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-10 09:36 - 2012-05-31 03:43 - 00000000 ____D C:\Users\Ivišić\AppData\Roaming\Atheros
2013-10-08 10:34 - 2013-07-24 12:23 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3748017617-2788098710-4278232957-1000UA.job
2013-10-08 10:34 - 2013-07-24 12:23 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3748017617-2788098710-4278232957-1000Core.job
2013-10-08 10:34 - 2013-06-03 20:28 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-10-08 10:34 - 2012-07-17 13:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-08 06:50 - 2013-10-17 18:24 - 00096168 ____N (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 06:46 - 2013-10-17 18:24 - 00264616 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 06:46 - 2013-10-17 18:24 - 00175016 ____N (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 06:46 - 2013-10-17 18:24 - 00174504 ____N (Oracle Corporation) C:\Windows\SysWOW64\java.exe

Some content of TEMP:
====================
C:\Users\Ivišić\AppData\Local\Temp\avg-867ba746-e4c9-4e28-b589-e06b73b37a13.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-31 13:03

==================== End Of Log ============================

Poslao: 07 Nov 2013 22:07
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Racunar je sada cist, malware nije prisutan. ESET je pronasao toolbarove i PUP (potentially unwanted) softver.


AVG nije kompletno obrisan, probaj da restartujes racunar u Safe Mode i odatle pokreni alat ciji sam link ostavio...

MyCity » Ambulanta -> Arhiva Ambulante » Eset skenirao puno prijetnji

Ko je trenutno na forumu
 

Ukupno su 835 korisnika na forumu :: 9 registrovanih, 0 sakrivenih i 826 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Bluper, bojank, goxin, milenko crazy north, Ne doznajem se u oružje, Neutral-M, robytz, SR-3m, wizzardone