Kompjuter je postao katastrofa :) Spor, baguje, koci, gasi se....

Kompjuter je postao katastrofa :) Spor, baguje, koci, gasi se....

offline
  • Pridružio: 26 Jan 2015
  • Poruke: 5

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2015 01
Ran by Simeone at 2015-01-26 00:39:22
Running from C:\Users\Simeone\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton AntiVirus (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.64.1073 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
K-Lite Mega Codec Pack 10.0.5 (HKLM\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Logitech Vid (HKLM\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM\...\{6eeabf7b-fb0a-4a8d-b982-d1e91f3bc5d7}) (Version: - Nero AG)
Norton AntiVirus (HKLM\...\NAV) (Version: 19.9.1.14 - Symantec Corporation)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Unity Web Player (HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZipper (HKLM\...\WinZipper) (Version: 1.5.83 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
YTD Video Downloader 4.8.3 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.3 - GreenTree Applications SRL) <==== ATTENTION
YTDownloader (HKLM\...\YTDownloader) (Version: - YTDownloader) <==== ATTENTION!

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1580771026-3311180266-4087878210-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Simeone\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)

==================== Restore Points =========================

20-01-2015 14:43:02 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0EAE3AD4-F8C2-4C7B-B2E8-FF3C53ACC3B2} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {18EC75F0-7E3B-4C03-B068-36547CA9690A} - System32\Tasks\{FBBDAC9A-EC52-4CB2-8599-4ECF194F0B55} => pcalua.exe -a "C:\Program Files\Object Browser\Uninstall.exe" -c /fcp=1
Task: {23B668BE-BC04-43F6-9483-44C796A4776E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {2C875492-A0A5-4145-BF27-32F504E856CC} - System32\Tasks\{8DDA4EE6-9E3A-4725-9D68-593D53A64ED1} => pcalua.exe -a C:\Users\Simeone\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=amt <==== ATTENTION
Task: {3DF0F2B9-9D61-49D7-A1EB-64A683DEDD39} - System32\Tasks\YTDownloaderUpd => C:\Program Files\YTDownloader\updater.exe [2014-08-25] (Goobzo) <==== ATTENTION
Task: {4C056A09-1D5A-4420-B469-4136C05984E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {4CBA3A6F-CB0E-4AFB-B299-124415FCAB24} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {67F5C978-C96A-4FB3-8466-B6302D72C752} - System32\Tasks\YTDownloader => C:\Program Files\YTDownloader\YTDownloader.exe [2014-08-25] (YTDownloader) <==== ATTENTION
Task: {6EE66AC8-1E56-42DF-B3E6-3DB08497009A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {6F5D75A2-8E35-4F29-830E-C81E93B0528D} - System32\Tasks\{926986C8-C53B-4260-B80A-C4CD197A5997} => pcalua.exe -a "C:\Program Files\Sense\Uninstall.exe" -c /fcp=1
Task: {8534F256-BE5E-4D9B-903E-68144F0F9D4A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8D92688A-CCE5-4EFD-B25E-232FC74BA11D} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {9DC21671-71C1-4F66-91C6-35C7F12A2843} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {D5BA25F2-794F-439B-8F1F-3C487802004C} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {E6135A33-534D-4670-85D9-23CBA3076AE3} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {FAA81FFB-8CCB-445B-8578-72102FDC876A} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-12-23 16:01 - 2014-12-17 03:43 - 00612528 _____ () C:\Program Files\WinZipper\sqlite3.dll
2010-01-09 19:18 - 2010-01-09 19:18 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 00:34 - 2010-01-21 00:34 - 08793952 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2009-10-14 12:36 - 2009-10-14 12:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2014-08-15 21:48 - 2014-08-07 04:20 - 00718152 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 21:48 - 2014-08-07 04:20 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 21:48 - 2014-08-07 04:20 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 21:48 - 2014-08-07 04:20 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 21:48 - 2014-08-07 04:20 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-15 21:48 - 2014-08-07 04:20 - 14669128 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Simeone\Downloads\noname (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\Simeone\Downloads\noname.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1580771026-3311180266-4087878210-500 - Administrator - Disabled)
Guest (S-1-5-21-1580771026-3311180266-4087878210-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1580771026-3311180266-4087878210-1002 - Limited - Enabled)
Simeone (S-1-5-21-1580771026-3311180266-4087878210-1000 - Administrator - Enabled) => C:\Users\Simeone

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2015 04:43:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YTDownloader.exe, version: 1.0.3.9, time stamp: 0x53faf831
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0003cf85
Faulting process id: 0x1700
Faulting application start time: 0xYTDownloader.exe0
Faulting application path: YTDownloader.exe1
Faulting module path: YTDownloader.exe2
Report Id: YTDownloader.exe3

Error: (01/23/2015 08:26:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YTDownloader.exe, version: 1.0.3.9, time stamp: 0x53faf831
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0013d3ce
Faulting process id: 0x9e4
Faulting application start time: 0xYTDownloader.exe0
Faulting application path: YTDownloader.exe1
Faulting module path: YTDownloader.exe2
Report Id: YTDownloader.exe3

Error: (01/23/2015 05:35:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dup.exe, version: 1.5.83.8755, time stamp: 0x54b3819b
Faulting module name: netprofm.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a5bda75
Exception code: 0xc0000005
Fault offset: 0x6e302505
Faulting process id: 0x948
Faulting application start time: 0xdup.exe0
Faulting application path: dup.exe1
Faulting module path: dup.exe2
Report Id: dup.exe3

Error: (01/22/2015 05:34:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YTDownloader.exe, version: 1.0.3.9, time stamp: 0x53faf831
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00275608
Faulting process id: 0x16e4
Faulting application start time: 0xYTDownloader.exe0
Faulting application path: YTDownloader.exe1
Faulting module path: YTDownloader.exe2
Report Id: YTDownloader.exe3

Error: (01/20/2015 02:28:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dup.exe, version: 1.5.83.8755, time stamp: 0x54b3819b
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x00039342
Faulting process id: 0xfa0
Faulting application start time: 0xdup.exe0
Faulting application path: dup.exe1
Faulting module path: dup.exe2
Report Id: dup.exe3

Error: (01/17/2015 09:28:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YTDownloader.exe, version: 1.0.3.9, time stamp: 0x53faf831
Faulting module name: netprofm.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a5bda75
Exception code: 0xc0000005
Fault offset: 0x6e302505
Faulting process id: 0x4cc
Faulting application start time: 0xYTDownloader.exe0
Faulting application path: YTDownloader.exe1
Faulting module path: YTDownloader.exe2
Report Id: YTDownloader.exe3

Error: (01/17/2015 10:55:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2015 11:42:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YTDownloader.exe, version: 1.0.3.9, time stamp: 0x53faf831
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00698888
Faulting process id: 0x1588
Faulting application start time: 0xYTDownloader.exe0
Faulting application path: YTDownloader.exe1
Faulting module path: YTDownloader.exe2
Report Id: YTDownloader.exe3

Error: (01/16/2015 00:12:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YTDownloader.exe, version: 1.0.3.9, time stamp: 0x53faf831
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x00039342
Faulting process id: 0x1244
Faulting application start time: 0xYTDownloader.exe0
Faulting application path: YTDownloader.exe1
Faulting module path: YTDownloader.exe2
Report Id: YTDownloader.exe3

Error: (01/15/2015 11:22:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YTDownloader.exe, version: 1.0.3.9, time stamp: 0x53faf831
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x00039342
Faulting process id: 0xc8c
Faulting application start time: 0xYTDownloader.exe0
Faulting application path: YTDownloader.exe1
Faulting module path: YTDownloader.exe2
Report Id: YTDownloader.exe3


System errors:
=============
Error: (01/25/2015 09:50:16 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/25/2015 04:42:20 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/24/2015 03:50:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (01/23/2015 09:21:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (01/23/2015 09:21:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/22/2015 06:08:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NAV service.

Error: (01/22/2015 02:36:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/22/2015 11:36:29 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (01/21/2015 07:41:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/21/2015 04:05:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.


Microsoft Office Sessions:
=========================
Error: (01/25/2015 04:43:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: YTDownloader.exe1.0.3.953faf831ole32.dll6.1.7601.175144ce7b96fc00000050003cf85170001d0375b5c173adaC:\Program Files\YTDownloader\YTDownloader.exeC:\Windows\system32\ole32.dllda20d783-a4a8-11e4-904a-0020188969ba

Error: (01/23/2015 08:26:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: YTDownloader.exe1.0.3.953faf831ole32.dll6.1.7601.175144ce7b96fc00000050013d3ce9e401d03695f263a7c0C:\Program Files\YTDownloader\YTDownloader.exeC:\Windows\system32\ole32.dllafe83823-a335-11e4-904a-0020188969ba

Error: (01/23/2015 05:35:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dup.exe1.5.83.875554b3819bnetprofm.dll_unloaded0.0.0.04a5bda75c00000056e30250594801d0372a92e2929fC:\Program Files\WinZipper\dup.exenetprofm.dlldc0fbccd-a31d-11e4-904a-0020188969ba

Error: (01/22/2015 05:34:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: YTDownloader.exe1.0.3.953faf831unknown0.0.0.000000000c00000050027560816e401d035c90742d5f8C:\Program Files\YTDownloader\YTDownloader.exeunknown7fcc55c4-a254-11e4-904a-0020188969ba

Error: (01/20/2015 02:28:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dup.exe1.5.83.875554b3819bole32.dll6.1.7601.175144ce7b96fc000000500039342fa001d034b4dbc7539eC:\Program Files\WinZipper\dup.exeC:\Windows\system32\ole32.dll31f9e193-a0a8-11e4-904a-0020188969ba

Error: (01/17/2015 09:28:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: YTDownloader.exe1.0.3.953faf831netprofm.dll_unloaded0.0.0.04a5bda75c00000056e3025054cc01d0323b9bd5617aC:\Program Files\YTDownloader\YTDownloader.exenetprofm.dll63183457-9e87-11e4-904a-0020188969ba

Error: (01/17/2015 10:55:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2015 11:42:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: YTDownloader.exe1.0.3.953faf831unknown0.0.0.000000000c000000500698888158801d031db3333dfbbC:\Program Files\YTDownloader\YTDownloader.exeunknownf23a54e8-9dd0-11e4-b35d-0020188969ba

Error: (01/16/2015 00:12:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: YTDownloader.exe1.0.3.953faf831ole32.dll6.1.7601.175144ce7b96fc000000500039342124401d0311208c82fd2C:\Program Files\YTDownloader\YTDownloader.exeC:\Windows\system32\ole32.dlleff8a758-9d0b-11e4-b35d-0020188969ba

Error: (01/15/2015 11:22:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: YTDownloader.exe1.0.3.953faf831ole32.dll6.1.7601.175144ce7b96fc000000500039342c8c01d0306c710a43e6C:\Program Files\YTDownloader\YTDownloader.exeC:\Windows\system32\ole32.dll5abfb082-9ca0-11e4-b35d-0020188969ba


==================== Memory info ===========================

Processor: Intel(R) Atom(TM) CPU 230 @ 1.60GHz
Percentage of memory in use: 70%
Total physical RAM: 2037.9 MB
Available physical RAM: 591.49 MB
Total Pagefile: 4075.8 MB
Available Pagefile: 1866.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:73.24 GB) (Free:39.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0DF80DF7)
Partition 1: (Active) - (Size=73.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

offline
  • Osvjedodžbeni spretnik munjarstva
  • Pridružio: 04 Jul 2011
  • Poruke: 5314
  • Gde živiš: Beograd

Pozdrav.

Nedostaje ti FRST.txt izveštaj.

offline
  • Pridružio: 26 Jan 2015
  • Poruke: 5

Jel to to?

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by Simeone (administrator) on SIMEONE-PC on 26-01-2015 01:09:14
Running from C:\Users\Simeone\Downloads
Loaded Profiles: Simeone (Available profiles: Simeone)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\winzipersvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\ccsvchst.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\dup.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(YTDownloader) C:\Program Files\YTDownloader\YTDownloader.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Simeone\Downloads\FRST (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe [1988968 2014-08-25] (YTDownloader)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [GamingWonderland AppIntegrator 32-bit] => C:\PROGRA~1\GAMING~2\bar\1.bin\AppIntegrator.exe
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [uTorrent] => C:\Users\Simeone\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-21] (BitTorrent Inc.)
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [SpeedItupFree] => "C:\Program Files\SpeedItup Free\speeditupfree.exe"
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe [1988968 2014-08-25] (YTDownloader)
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [Logitech Vid] => C:\Program Files\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [LiveSupport] => "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [TornTv Downloader] => C:\Users\Simeone\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-30] (Piriform Ltd)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\Users\Simeone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Users\Simeone\AppData\Roaming\TornTV.com\Torntv Downloader.exe (No File)
HKLM\...\AppCertDlls: [x64] -> c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = delta-homes.com/?type=hp&ts=1419346796&.....P4A18EP4AX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = istart.webssearches.com/web/?type=ds&ts=140.....18EP4AX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = delta-homes.com/?type=hp&ts=1419346796&.....P4A18EP4AX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = istart.webssearches.com/web/?type=ds&ts=140.....18EP4AX&q={searchTerms}
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Main,Search Page = search.delta-homes.com/web/?type=ds&ts=1419.....18EP4AX&q={searchTerms}
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Main,Start Page = delta-homes.com/?type=hp&ts=1419346796&.....P4A18EP4AX
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = delta-homes.com/?type=hp&ts=1419346796&.....P4A18EP4AX
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = search.delta-homes.com/web/?type=ds&ts=1419.....18EP4AX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe istart.webssearches.com/?type=sc&ts=1404990.....P4A18EP4AX
SearchScopes: HKLM -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.wonderfulsearches.info/?l=1&q={searchTerms}&pid=1273&r=2014/08/18&hid=5494168456684837163&lg=EN&cc=RS&unqvl=60
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = istart.webssearches.com/web/?type=ds&ts=140.....18EP4AX&q={searchTerms}
SearchScopes: HKLM -> {3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab} URL = search.tb.ask.com/search/GGmain.jhtml?p2=^Z7^xdm032^S10645^rs&si=CNGA3afr7cACFarjwgodmiUA2Q&ptb=96FEB69E-FAEA-467F-B6D3-1A2FB60D95D5&psa=&ind=2014091913&st=sb&n=780c9a89&searchfor={searchTerms}
SearchScopes: HKLM -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.wonderfulsearches.info/?l=1&q={searchTerms}&pid=1273&r=2014/08/18&hid=5494168456684837163&lg=EN&cc=RS&unqvl=60
SearchScopes: HKU\S-1-5-21-1580771026-3311180266-4087878210-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = search.delta-homes.com/web/?type=ds&ts=1419.....18EP4AX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1580771026-3311180266-4087878210-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = only-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=600F0020188969BA&affID=129300&tt=020914_onst&tsp=5360
SearchScopes: HKU\S-1-5-21-1580771026-3311180266-4087878210-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = search.delta-homes.com/web/?type=ds&ts=1419.....18EP4AX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1580771026-3311180266-4087878210-1000 -> {3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab} URL = search.tb.ask.com/search/GGmain.jhtml?p2=^Z7^xdm032^S10645^rs&si=CNGA3afr7cACFarjwgodmiUA2Q&ptb=96FEB69E-FAEA-467F-B6D3-1A2FB60D95D5&psa=&ind=2014091913&st=sb&n=780c9a89&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-1580771026-3311180266-4087878210-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.wonderfulsearches.info/?l=1&q={searchTerms}&pid=1273&r=2014/08/18&hid=5494168456684837163&lg=EN&cc=RS&unqvl=60
SearchScopes: HKU\S-1-5-21-1580771026-3311180266-4087878210-1000 -> {EA77B772-97F9-4A62-B675-6E2DDAF8641F} URL = search.yahoo.com/search?fr=chr-greentree_i.....=501549&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1580771026-3311180266-4087878210-1000 -> {FCDB24BA-0B51-49CC-AE3B-050A50EE0565} URL = only-search.com/?babsrc=SP_kms&affID=12.....sp=5360&q={searchTerms}&r=920
BHO: NeextCoiuPe -> {28E89A42-BDAB-D84C-83DB-E088D715C4E6} -> C:\Program Files\NeextCoiuPe\i.dll ()
BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\SupTab\SupTab.dll No File
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: NextCoup -> {DFDD897A-6445-66DF-C14D-8ACD409A1D3B} -> C:\Program Files\NextCoup\bZMQU.dll ()
Toolbar: HKU\S-1-5-21-1580771026-3311180266-4087878210-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1580771026-3311180266-4087878210-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Simeone\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\IPSFFPlgn [2014-09-03]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-10]
CHR Extension: (YouTube) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-10]
CHR Extension: (Google Search) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-10]
CHR Extension: (AdBlock) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-03]
CHR Extension: (Google Wallet) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-10]
CHR Extension: (Gmail) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-10]
CHR Profile: C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google документи) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-04]
CHR Extension: (Google диск) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-04]
CHR Extension: (YouTube) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-04]
CHR Extension: (Google претрага) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-04]
CHR Extension: (Google новчаник) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-04]
CHR Extension: (Gmail) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-04]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe delta-homes.com/?type=sc&ts=1419346796&.....P4A18EP4AX

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 NAV; C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [472064 2014-12-22] (Fuyu LIMITED) [File not signed]
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [424624 2015-01-12] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 Update WebSpades; "C:\Program Files\WebSpades\updateWebSpades.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\BASHDefs\20140912.003\BHDrvx86.sys [1137368 2014-09-12] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAV\1309010.00E\ccSetx86.sys [132768 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2014-09-09] (Symantec Corporation)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\IPSDefs\20140917.001\IDSvix86.sys [476888 2014-09-01] (Symantec Corporation)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20140917.022\NAVENG.SYS [95704 2014-09-03] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20140917.022\NAVEX15.SYS [1636696 2014-09-03] (Symantec Corporation)
R3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
R2 sbmntr; C:\Program Files\YTDownloader\sbmntr.sys [50024 2014-08-25] (YTDownloader)
S3 SRTSP; C:\Windows\System32\Drivers\NAV\1309010.00E\SRTSP.SYS [574112 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAV\1309010.00E\SRTSPX.SYS [32928 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAV\1309010.00E\SYMDS.SYS [340088 2011-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAV\1309010.00E\SYMEFA.SYS [924320 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [141944 2014-09-03] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAV\1309010.00E\Ironx86.SYS [149624 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAV\1309010.00E\SYMNETS.SYS [318584 2012-04-18] (Symantec Corporation)
R1 {e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw; C:\Windows\System32\drivers\{e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw.sys [43152 2014-11-23] (StdLib)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 01:08 - 2015-01-26 01:08 - 01120768 _____ (Farbar) C:\Users\Simeone\Downloads\FRST (1).exe
2015-01-26 00:39 - 2015-01-26 00:43 - 00022202 _____ () C:\Users\Simeone\Downloads\Addition.txt
2015-01-26 00:36 - 2015-01-26 01:09 - 00020370 _____ () C:\Users\Simeone\Downloads\FRST.txt
2015-01-26 00:36 - 2015-01-26 01:09 - 00000000 ____D () C:\FRST
2015-01-26 00:35 - 2015-01-26 00:35 - 01120768 _____ (Farbar) C:\Users\Simeone\Downloads\FRST.exe
2015-01-25 23:48 - 2015-01-25 23:49 - 00063106 _____ () C:\Users\Simeone\Downloads\facebook-chat-history-manager-1-1-5-en.xpi
2015-01-17 10:54 - 2015-01-24 01:56 - 00000392 _____ () C:\Windows\setupact.log
2015-01-17 10:54 - 2015-01-17 10:54 - 00000342 _____ () C:\Windows\PFRO.log
2015-01-17 10:54 - 2015-01-17 10:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-15 15:14 - 2015-01-15 15:14 - 00000000 ____D () C:\Users\Simeone\AppData\Local\Temp{56AA9518-8E6F-4B07-A934-54275F0E19DD}
2015-01-14 13:49 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 13:49 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 13:49 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 13:49 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 13:49 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 13:49 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-02 23:49 - 2015-01-02 23:49 - 00105472 _____ () C:\Users\Simeone\Downloads\2.1.15.k4g.xls
2014-12-30 00:26 - 2014-12-30 00:26 - 11034576 _____ () C:\Users\Simeone\Downloads\Instructions (1).rar
2014-12-30 00:13 - 2014-12-30 00:13 - 00000000 ____D () C:\Users\Simeone\AppData\Roaming\eCyber
2014-12-30 00:12 - 2014-12-30 00:12 - 11034576 _____ () C:\Users\Simeone\Downloads\Instructions.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 01:03 - 2014-08-15 17:15 - 00000000 ____D () C:\Users\Simeone\AppData\Roaming\Skype
2015-01-26 00:38 - 2014-06-09 15:27 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-25 21:50 - 2014-06-10 00:12 - 01215876 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 14:38 - 2014-06-09 15:27 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-25 13:59 - 2014-12-23 16:01 - 00000000 ____D () C:\Program Files\WinZipper
2015-01-22 23:54 - 2014-08-17 08:57 - 00000000 ____D () C:\Users\Simeone\Desktop\Finansijsko pravo
2015-01-21 11:19 - 2014-06-09 15:47 - 00000000 ____D () C:\Users\Simeone\AppData\Roaming\uTorrent
2015-01-20 14:43 - 2009-07-14 05:34 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-20 14:43 - 2009-07-14 05:34 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-17 10:54 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 11:24 - 2014-11-24 18:08 - 00000000 ____D () C:\Windows\Minidump
2015-01-15 11:22 - 2014-11-10 19:25 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-15 04:14 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-15 03:08 - 2010-11-20 22:01 - 00773536 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-14 13:28 - 2014-12-23 16:01 - 00000000 ____D () C:\Users\Simeone\AppData\Roaming\WinZipper
2015-01-11 12:28 - 2014-08-15 17:15 - 00000000 ___RD () C:\Program Files\Skype
2015-01-11 12:28 - 2014-08-15 17:14 - 00000000 ____D () C:\ProgramData\Skype
2015-01-08 10:46 - 2014-06-17 08:45 - 00000000 ____D () C:\Users\Simeone\Desktop\Slike
2015-01-06 04:36 - 2014-06-09 15:44 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-01 10:21 - 2014-10-09 09:16 - 00000000 ____D () C:\Users\Simeone\Desktop\Politicki sistemi
2014-12-27 00:09 - 2014-08-17 08:55 - 00000000 ____D () C:\Users\Simeone\Desktop\Kriminologija

==================== Files in the root of some directories =======

2014-08-18 15:06 - 2014-08-21 00:25 - 0000366 _____ () C:\Users\Simeone\AppData\Roaming\LiveSupport.exe_log.txt
2014-08-18 15:06 - 2014-08-21 00:25 - 0000086 _____ () C:\Users\Simeone\AppData\Roaming\regsvr32.exe_log.txt
2014-11-23 23:40 - 2014-11-23 23:40 - 2030504 _____ (Object Browser) C:\Users\Simeone\AppData\Roaming\TBKLT.exe
2014-11-23 23:42 - 2014-11-23 23:42 - 1539496 _____ (Object Browser) C:\Users\Simeone\AppData\Roaming\YG.exe
2014-09-16 11:19 - 2014-09-16 11:20 - 0000600 _____ () C:\Users\Simeone\AppData\Local\PUTTY.RND
2014-07-10 12:04 - 2014-07-10 12:04 - 0000040 _____ () C:\ProgramData\spds90.txt

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 01:57

==================== End Of Log ============================

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6062

Pozdrav simaalfa511. Izvini na cekanju, nekako smo svi zauzeti ...

Start > Control Panel > Programs and Features, deinstaliraj sledece:

- WinZipper
- YTD Video Downloader 4.8.3
- YTDownloader




Ako nesto odbija deinstalaciju, preskociti i preci na sledeci program. U svakom slucaju, odradi sledece:


Preuzmi smeenk-ov zoek () sa ovog linka i sačuvaj ga na Desktop.
Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


Klikni na More Options dugme i stikliraj polje ispred sledece opcije:
Auto Clean
Napomena: Stikliraj samo navedenu opciju, ostale opcije ne dirati ! !


Klikni na dugme i pričekaj da se skeniranje završi.
zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)

Arrow Kopiraj sadrzaj tog loga u poruku.

offline
  • Pridružio: 26 Jan 2015
  • Poruke: 5

Izvoli:


Zoek.exe v5.0.0.0 Updated 27-01-2015
Tool run by Simeone on Wed 01/28/2015 at 17:57:16.51.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Simeone\Downloads\zoek.exe [Scan all users] [Checkboxes used]

==== System Restore Info ======================

1/28/2015 6:04:03 PM Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\Adblocker deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\MySearch deleted successfully
C:\Program Files\PCDApp deleted successfully
C:\Program Files\Pointstone deleted successfully
C:\Program Files\prIcechop deleted successfully
C:\Program Files\WebBing deleted successfully
C:\Program Files\WinZipper deleted successfully
C:\PROGRA~2\Adblocker deleted successfully
C:\PROGRA~2\MySearch deleted successfully
C:\PROGRA~2\NextCoup deleted successfully
C:\PROGRA~2\prIcechop deleted successfully
C:\PROGRA~2\WebBing deleted successfully
C:\Users\Simeone\AppData\Roaming\eCyber deleted successfully
C:\Users\Simeone\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EA77B772-97F9-4A62-B675-6E2DDAF8641F} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FCDB24BA-0B51-49CC-AE3B-050A50EE0565} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C6A91CC-6181-420D-B7B8-0A6C5A8A52} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5200ABEB-83BE-49EB-A7B9-1D8558AF5ABA} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B0BF822-DA2B-47B1-A1BF-85E32BBF94A3} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EB79027-7BCF-40C1-A1A-DE2728859972} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95FB5F2D-8B3E-475B-A38B-F21E99EF8A9F} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AA1D0F8-E2CF-4E46-984C-D811C1296FB} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE13D1F3-E9D0-4309-8DFB-D6F0A018461D} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DECAC3A-57FC-4FA6-BD1E-8BAFE7F568BE} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1F36328-7274-42B6-B7EF-248446E37439} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E98AC5C4-61EB-45EC-B337-1663B68139C8} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA5DA2EA-5958-49F4-BD76-AC3EC376257} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD2472C2-B0D7-4A14-9952-E38E12965724} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]
@="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\Users\Simeone\AppData\LocalLow\{28E89A42-BDAB-D84C-83DB-E088D715C4E6} deleted
C:\Users\Simeone\AppData\LocalLow\{DFDD897A-6445-66DF-C14D-8ACD409A1D3B} deleted
C:\PROGRA~2\NeextCoiuPe deleted
C:\Program Files\NeextCoiuPe deleted
C:\Program Files\NextCoup deleted
C:\Program Files\SpeedItup Free deleted
C:\Program Files\Common Files\Config\uninstinethnfd.exe deleted
C:\Program Files\GreenTree Applications deleted
C:\Program Files\globalUpdate deleted
C:\Program Files\Common Files\Config deleted
C:\awh22B2.tmp deleted
C:\awh382.tmp deleted
C:\awh4C14.tmp deleted
C:\awh62A.tmp deleted
C:\awh74.tmp deleted
C:\awh8FDB.tmp deleted
C:\awhC65E.tmp deleted
C:\awhDB3.tmp deleted
C:\awhE31A.tmp deleted
C:\awhFCBB.tmp deleted
C:\Users\Simeone\AppData\Roaming\SkypEmoticons deleted
C:\PROGRA~2\spds90.txt deleted
C:\PROGRA~2\DSearchLink deleted
C:\PROGRA~2\PlutoApp deleted
C:\PROGRA~2\InstallMate deleted
C:\PROGRA~2\WindowsMangerProtect deleted
C:\Users\Simeone\AppData\Local\globalUpdate deleted
C:\Users\Simeone\AppData\Local\CrashRpt deleted
C:\Users\Simeone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk deleted
C:\Users\Public\Documents\ShopperPro deleted
C:\Users\Simeone\AppData\LocalLow\{2D72A117-7A7A-AE3B-AA47-E67BBD663F29} deleted
C:\Users\Simeone\AppData\LocalLow\{660C3239-644D-65E3-3671-F08A603F9ABA} deleted
C:\Users\Simeone\AppData\LocalLow\{8602E691-6A8D-0FA5-98B5-9A213E41813A} deleted
C:\Users\Simeone\AppData\LocalLow\{CEE905B3-3164-8C7E-F10E-B7814DCEBA15} deleted
C:\Users\Simeone\AppData\LocalLow\{F7376875-C4E2-4B8B-4D6F-5486779CF0C3} deleted
C:\Users\Simeone\AppData\LocalLow\IAC deleted
C:\Windows\wininit.ini deleted
C:\Windows\system32\tasks\YTDownloader deleted
C:\Windows\System32\drivers\{e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw.sys deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
C:\Windows\system32\installd.exe deleted
C:\Users\Simeone\Documents\Optimizer Pro deleted
C:\Users\Simeone\AppData\Roaming\TBKLT.exe deleted
C:\Users\Simeone\AppData\Roaming\YG.exe deleted
"C:\PROGRA~2\90ecc40317c81b5e\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140821011854" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140821012708" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140821012913" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140821013405" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140821013537" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140821013733" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140821013818" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140818160458" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140821011815" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140821011816" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140821011855" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140821011856" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{87162843-2059-2054-7171-45775F2A6708}.20140821013817" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{87162843-2059-2054-7171-45775F2A6708}.20140821213638" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20140818160507" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.20140818160644" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.20140821012700" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.20140821013500" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.20140821013501" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.20140821013537" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.20140821013538" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140818160443" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140818160451" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140821012817" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140821012818" deleted
"C:\PROGRA~2\90ecc40317c81b5e\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140821012914" deleted
"C:\PROGRA~2\90ecc40317c81b5e" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\IPSFFPlgn" [09/03/2014 01:42 PM]

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Torch deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Administrator\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\Guest\AppData\Local\Torch deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Torch deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\Simeone\AppData\Local\Torch deleted
Fake profile C:\Users\Simeone\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Simeone\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Simeone\AppData\Local\Chromatic Browser deleted

==== Chromium Look ======================

Google Chrome Version: 36.0.1985.143 (Possible outdated, latest Stable version: 40.0.2214.93)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[07/14/2014 05:22 PM]

Google Voice Search Hotword (Beta) - Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
AdBlock - Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

==== Chromium Startpages ======================

C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://www.google.rs/",
"startup_urls": [ "https://www.google.rs/" ],


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.delta-homes.com/?type=hp&ts=1419346796&from=wpm12233&uid=HitachiXHDS721032CLA362_JP1421HN18EP4A18EP4AX"
"Search Page"="http://search.delta-homes.com/web/?type=ds&ts=1419346796&from=wpm12233&uid=HitachiXHDS721032CLA362_JP1421HN18EP4A18EP4AX&q={searchTerms}"
"Default_Page_URL"="http://www.delta-homes.com/?type=hp&ts=1419346796&from=wpm12233&uid=HitachiXHDS721032CLA362_JP1421HN18EP4A18EP4AX"
"Default_Search_URL"="http://search.delta-homes.com/web/?type=ds&ts=1419346796&from=wpm12233&uid=HitachiXHDS721032CLA362_JP1421HN18EP4A18EP4AX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1404990423&from=amt&uid=HitachiXHDS721032CLA362_JP1421HN18EP4A18EP4AX&q={searchTerms}"
"Default_Page_URL"="http://www.delta-homes.com/?type=hp&ts=1419346796&from=wpm12233&uid=HitachiXHDS721032CLA362_JP1421HN18EP4A18EP4AX"
"Start Page"="http://www.delta-homes.com/?type=hp&ts=1419346796&from=wpm12233&uid=HitachiXHDS721032CLA362_JP1421HN18EP4A18EP4AX"
"Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1404990423&from=amt&uid=HitachiXHDS721032CLA362_JP1421HN18EP4A18EP4AX&q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28E89A42-BDAB-D84C-83DB-E088D715C4E6} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28E89A42-BDAB-D84C-83DB-E088D715C4E6} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFDD897A-6445-66DF-C14D-8ACD409A1D3B} deleted successfully
HKEY_USERS\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFDD897A-6445-66DF-C14D-8ACD409A1D3B} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{28E89A42-BDAB-D84C-83DB-E088D715C4E6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{28E89A42-BDAB-D84C-83DB-E088D715C4E6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28E89A42-BDAB-D84C-83DB-E088D715C4E6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DFDD897A-6445-66DF-C14D-8ACD409A1D3B} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DFDD897A-6445-66DF-C14D-8ACD409A1D3B} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DFDD897A-6445-66DF-C14D-8ACD409A1D3B} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts in Users Start Menu ======================

C:\Users\Simeone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe delta-homes.com/?type=sc&ts=1419346796&.....P4A18EP4AX
C:\Users\Simeone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe delta-homes.com/?type=sc&ts=1419346796&.....P4A18EP4AX

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe delta-homes.com/?type=sc&ts=1419346796&.....P4A18EP4AX
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files\Skype\Phone\Skype.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player PRO.lnk - C:\Program Files\Webteh\BSplayerPro\bsplayer.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe delta-homes.com/?type=sc&ts=1419346796&.....P4A18EP4AX
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe delta-homes.com/?type=sc&ts=1419346796&.....P4A18EP4AX
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk - C:\Program Files\Winamp\winamp.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe delta-homes.com/?type=sc&ts=1419346796&.....P4A18EP4AX
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BS.Player PRO.lnk - C:\Program Files\Webteh\BSplayerPro\bsplayer.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe delta-homes.com/?type=sc&ts=1419346796&.....P4A18EP4AX
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe delta-homes.com/?type=sc&ts=1419346796&.....P4A18EP4AX
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Logitech Webcam Software.lnk - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk -

==== shortcuts After Repair ======================

C:\Users\Simeone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Simeone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\2d28eef9-3cb0-4cd5-9421-cb8f39f40976 deleted successfully
HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Simeone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Simeone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UYPOF2U will be deleted at reboot
C:\Users\Simeone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HCR1HCZ will be deleted at reboot
C:\Users\Simeone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQPVF1TY will be deleted at reboot
C:\Users\Simeone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RBUNPO5A will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=122 folders=104 32886666 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Simeone\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Simeone\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Simeone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UYPOF2U" not found
"C:\Users\Simeone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HCR1HCZ" not found
"C:\Users\Simeone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQPVF1TY" not found
"C:\Users\Simeone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RBUNPO5A" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on Wed 01/28/2015 at 18:59:47.17 ======================

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6062

Pozdrav,

Zoek je odradio odlican posao. Nema tu vise sta da se radi, sa njim smo zavrsili. Hajde sada ponovo pokreni FRST, samo proveri da li je stiklirana Additional opcija i klik na [Scan] dugme.

Postavi sveze FRST logove na uvid. FRST log iskopiraj, Additional prikaci uz poruku.

offline
  • Pridružio: 26 Jan 2015
  • Poruke: 5

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-01-2015 01
Ran by Simeone (administrator) on SIMEONE-PC on 28-01-2015 19:19:46
Running from C:\Users\Simeone\Desktop
Loaded Profiles: Simeone (Available profiles: Simeone)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\ccsvchst.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\ccsvchst.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(BitTorrent Inc.) C:\Users\Simeone\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Logitech Inc.) C:\Program Files\Logitech\Logitech Vid\Vid.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Simeone\Desktop\FRST (2).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [YTDownloader] => "C:\Program Files\YTDownloader\YTDownloader.exe" /boot
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [GamingWonderland AppIntegrator 32-bit] => C:\PROGRA~1\GAMING~2\bar\1.bin\AppIntegrator.exe
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [uTorrent] => C:\Users\Simeone\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-21] (BitTorrent Inc.)
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [SpeedItupFree] => "C:\Program Files\SpeedItup Free\speeditupfree.exe"
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [YTDownloader] => "C:\Program Files\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [Logitech Vid] => C:\Program Files\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [LiveSupport] => "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [TornTv Downloader] => C:\Users\Simeone\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-30] (Piriform Ltd)
HKLM\...\AppCertDlls: [x64] -> c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKU\S-1-5-21-1580771026-3311180266-4087878210-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1580771026-3311180266-4087878210-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = google.com/search?q={searchTerms}
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1580771026-3311180266-4087878210-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1580771026-3311180266-4087878210-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Simeone\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\IPSFFPlgn [2014-09-03]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-10]
CHR Extension: (YouTube) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-10]
CHR Extension: (Google Search) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-10]
CHR Extension: (AdBlock) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-03]
CHR Extension: (Google Wallet) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-10]
CHR Extension: (Gmail) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-10]
CHR Profile: C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google документи) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-04]
CHR Extension: (Google диск) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-04]
CHR Extension: (YouTube) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-04]
CHR Extension: (Google претрага) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-04]
CHR Extension: (Google новчаник) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-04]
CHR Extension: (Gmail) - C:\Users\Simeone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-04]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 NAV; C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 Update WebSpades; "C:\Program Files\WebSpades\updateWebSpades.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\BASHDefs\20140912.003\BHDrvx86.sys [1137368 2014-09-12] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAV\1309010.00E\ccSetx86.sys [132768 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2014-09-09] (Symantec Corporation)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\IPSDefs\20140917.001\IDSvix86.sys [476888 2014-09-01] (Symantec Corporation)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20140917.022\NAVENG.SYS [95704 2014-09-03] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20140917.022\NAVEX15.SYS [1636696 2014-09-03] (Symantec Corporation)
R3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
S3 SRTSP; C:\Windows\System32\Drivers\NAV\1309010.00E\SRTSP.SYS [574112 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAV\1309010.00E\SRTSPX.SYS [32928 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAV\1309010.00E\SYMDS.SYS [340088 2011-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAV\1309010.00E\SYMEFA.SYS [924320 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [141944 2014-09-03] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAV\1309010.00E\Ironx86.SYS [149624 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAV\1309010.00E\SYMNETS.SYS [318584 2012-04-18] (Symantec Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 {e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw; system32\drivers\{e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 19:19 - 2015-01-28 19:20 - 00013639 _____ () C:\Users\Simeone\Desktop\FRST.txt
2015-01-28 19:19 - 2015-01-28 19:19 - 01121792 _____ (Farbar) C:\Users\Simeone\Desktop\FRST (2).exe
2015-01-28 19:18 - 2015-01-28 19:19 - 01121792 _____ (Farbar) C:\Users\Simeone\Downloads\FRST (2).exe
2015-01-28 18:59 - 2015-01-28 18:59 - 00000000 ____D () C:\Users\Simeone\AppData\Local\VirtualStore
2015-01-28 18:55 - 2015-01-28 17:57 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-28 18:03 - 2015-01-28 18:59 - 00030825 _____ () C:\zoek-results.log
2015-01-28 17:57 - 2015-01-28 18:59 - 00000000 ____D () C:\zoek_backup
2015-01-28 17:56 - 2015-01-28 17:56 - 01295360 _____ () C:\Users\Simeone\Downloads\zoek.exe
2015-01-28 17:52 - 2015-01-28 17:54 - 04134156 _____ () C:\Users\Simeone\Downloads\zoek.zip
2015-01-26 01:08 - 2015-01-26 01:08 - 01120768 _____ (Farbar) C:\Users\Simeone\Downloads\FRST (1).exe
2015-01-26 00:39 - 2015-01-26 00:43 - 00022202 _____ () C:\Users\Simeone\Downloads\Addition.txt
2015-01-26 00:36 - 2015-01-28 19:19 - 00000000 ____D () C:\FRST
2015-01-26 00:36 - 2015-01-26 01:10 - 00026234 _____ () C:\Users\Simeone\Downloads\FRST.txt
2015-01-26 00:35 - 2015-01-26 00:35 - 01120768 _____ (Farbar) C:\Users\Simeone\Downloads\FRST.exe
2015-01-25 23:48 - 2015-01-25 23:49 - 00063106 _____ () C:\Users\Simeone\Downloads\facebook-chat-history-manager-1-1-5-en.xpi
2015-01-17 10:54 - 2015-01-28 18:59 - 00001872 _____ () C:\Windows\PFRO.log
2015-01-17 10:54 - 2015-01-28 18:59 - 00000560 _____ () C:\Windows\setupact.log
2015-01-17 10:54 - 2015-01-17 10:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-15 15:14 - 2015-01-15 15:14 - 00000000 ____D () C:\Users\Simeone\AppData\Local\Temp{56AA9518-8E6F-4B07-A934-54275F0E19DD}
2015-01-14 13:49 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 13:49 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 13:49 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 13:49 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 13:49 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 13:49 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-02 23:49 - 2015-01-02 23:49 - 00105472 _____ () C:\Users\Simeone\Downloads\2.1.15.k4g.xls
2014-12-30 00:26 - 2014-12-30 00:26 - 11034576 _____ () C:\Users\Simeone\Downloads\Instructions (1).rar
2014-12-30 00:12 - 2014-12-30 00:12 - 11034576 _____ () C:\Users\Simeone\Downloads\Instructions.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 19:20 - 2014-06-09 15:47 - 00000000 ____D () C:\Users\Simeone\AppData\Roaming\uTorrent
2015-01-28 19:06 - 2014-06-10 00:12 - 01320211 _____ () C:\Windows\WindowsUpdate.log
2015-01-28 19:06 - 2009-07-14 05:34 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-28 19:06 - 2009-07-14 05:34 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-28 18:59 - 2014-08-18 15:04 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-01-28 18:59 - 2014-06-09 15:27 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-28 18:59 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-28 18:53 - 2014-08-15 17:15 - 00000000 ____D () C:\Users\Simeone\AppData\Roaming\Skype
2015-01-28 18:49 - 2014-06-09 15:22 - 00001882 _____ () C:\Users\Simeone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-28 18:46 - 2014-08-18 15:04 - 00000000 ____D () C:\Users\Simeone\AppData\Local\Comodo
2015-01-28 18:46 - 2014-08-18 15:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2015-01-28 18:46 - 2014-08-18 15:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2015-01-28 18:46 - 2014-06-09 15:27 - 00000000 ____D () C:\Users\Simeone\AppData\Local\Google
2015-01-28 18:45 - 2014-08-18 15:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2015-01-28 18:45 - 2014-08-18 15:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2015-01-28 18:45 - 2014-08-18 15:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2015-01-28 18:45 - 2014-08-18 15:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2015-01-28 18:45 - 2009-07-14 03:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-01-28 18:38 - 2014-06-09 15:27 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-28 18:01 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-28 15:17 - 2014-09-16 15:08 - 00000000 ____D () C:\Users\Simeone\Desktop\Radno pravo
2015-01-28 15:16 - 2014-09-16 15:09 - 00000000 ____D () C:\Users\Simeone\Desktop\Porodicno pravo
2015-01-28 15:15 - 2014-08-17 08:56 - 00000000 ____D () C:\Users\Simeone\Desktop\Analitika
2015-01-22 23:54 - 2014-08-17 08:57 - 00000000 ____D () C:\Users\Simeone\Desktop\Finansijsko pravo
2015-01-15 11:24 - 2014-11-24 18:08 - 00000000 ____D () C:\Windows\Minidump
2015-01-15 11:22 - 2014-11-10 19:25 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-15 04:14 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-15 03:08 - 2010-11-20 22:01 - 00773536 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-11 12:28 - 2014-08-15 17:15 - 00000000 ___RD () C:\Program Files\Skype
2015-01-11 12:28 - 2014-08-15 17:14 - 00000000 ____D () C:\ProgramData\Skype
2015-01-08 10:46 - 2014-06-17 08:45 - 00000000 ____D () C:\Users\Simeone\Desktop\Slike
2015-01-06 04:36 - 2014-06-09 15:44 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-01 10:21 - 2014-10-09 09:16 - 00000000 ____D () C:\Users\Simeone\Desktop\Politicki sistemi

==================== Files in the root of some directories =======

2014-08-18 15:06 - 2014-08-21 00:25 - 0000366 _____ () C:\Users\Simeone\AppData\Roaming\LiveSupport.exe_log.txt
2014-08-18 15:06 - 2014-08-21 00:25 - 0000086 _____ () C:\Users\Simeone\AppData\Roaming\regsvr32.exe_log.txt
2014-09-16 11:19 - 2014-09-16 11:20 - 0000600 _____ () C:\Users\Simeone\AppData\Local\PUTTY.RND

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 01:57

==================== End Of Log ============================

offline
  • Pridružio: 26 Jan 2015
  • Poruke: 5

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-01-2015 01
Ran by Simeone at 2015-01-28 19:21:22
Running from C:\Users\Simeone\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton AntiVirus (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.64.1073 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
K-Lite Mega Codec Pack 10.0.5 (HKLM\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Logitech Vid (HKLM\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM\...\{6eeabf7b-fb0a-4a8d-b982-d1e91f3bc5d7}) (Version: - Nero AG)
Norton AntiVirus (HKLM\...\NAV) (Version: 19.9.1.14 - Symantec Corporation)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Unity Web Player (HKU\S-1-5-21-1580771026-3311180266-4087878210-1000\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1580771026-3311180266-4087878210-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Simeone\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)

==================== Restore Points =========================

20-01-2015 14:43:02 Windows Update
27-01-2015 11:27:50 Windows Update
28-01-2015 18:03:37 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {18EC75F0-7E3B-4C03-B068-36547CA9690A} - System32\Tasks\{FBBDAC9A-EC52-4CB2-8599-4ECF194F0B55} => pcalua.exe -a "C:\Program Files\Object Browser\Uninstall.exe" -c /fcp=1
Task: {23B668BE-BC04-43F6-9483-44C796A4776E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {2C875492-A0A5-4145-BF27-32F504E856CC} - System32\Tasks\{8DDA4EE6-9E3A-4725-9D68-593D53A64ED1} => pcalua.exe -a C:\Users\Simeone\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=amt <==== ATTENTION
Task: {4C056A09-1D5A-4420-B469-4136C05984E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {67F5C978-C96A-4FB3-8466-B6302D72C752} - \YTDownloader No Task File <==== ATTENTION
Task: {6EE66AC8-1E56-42DF-B3E6-3DB08497009A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {6F5D75A2-8E35-4F29-830E-C81E93B0528D} - System32\Tasks\{926986C8-C53B-4260-B80A-C4CD197A5997} => pcalua.exe -a "C:\Program Files\Sense\Uninstall.exe" -c /fcp=1
Task: {8534F256-BE5E-4D9B-903E-68144F0F9D4A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8D92688A-CCE5-4EFD-B25E-232FC74BA11D} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {9DC21671-71C1-4F66-91C6-35C7F12A2843} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {D5BA25F2-794F-439B-8F1F-3C487802004C} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {E6135A33-534D-4670-85D9-23CBA3076AE3} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-09 19:18 - 2010-01-09 19:18 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 00:34 - 2010-01-21 00:34 - 08793952 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2009-10-14 12:36 - 2009-10-14 12:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-07-16 14:34 - 2009-07-16 14:34 - 02140944 _____ () C:\Program Files\Logitech\Logitech Vid\QtCore4.dll
2009-07-16 14:34 - 2009-07-16 14:34 - 07704336 _____ () C:\Program Files\Logitech\Logitech Vid\QtGui4.dll
2009-07-16 14:34 - 2009-07-16 14:34 - 00968976 _____ () C:\Program Files\Logitech\Logitech Vid\QtNetwork4.dll
2009-07-16 14:34 - 2009-07-16 14:34 - 00475408 _____ () C:\Program Files\Logitech\Logitech Vid\QtOpenGL4.dll
2009-07-16 14:35 - 2009-07-16 14:35 - 00363792 _____ () C:\Program Files\Logitech\Logitech Vid\QtXml4.dll
2009-07-16 14:34 - 2009-07-16 14:34 - 00199952 _____ () C:\Program Files\Logitech\Logitech Vid\QtSql4.dll
2009-07-16 14:35 - 2009-07-16 14:35 - 00027408 _____ () C:\Program Files\Logitech\Logitech Vid\SDL.dll
2009-07-16 14:35 - 2009-07-16 14:35 - 11311888 _____ () C:\Program Files\Logitech\Logitech Vid\QtWebKit4.dll
2009-07-16 14:34 - 2009-07-16 14:34 - 00291600 _____ () C:\Program Files\Logitech\Logitech Vid\phonon4.dll
2009-07-16 14:36 - 2009-07-16 14:36 - 00028944 _____ () C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
2009-07-16 14:36 - 2009-07-16 14:36 - 00035088 _____ () C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
2009-07-16 14:36 - 2009-07-16 14:36 - 00138000 _____ () C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
2009-10-14 12:36 - 2009-10-14 12:36 - 00181592 _____ () C:\Program Files\Common Files\LogiShrd\LvApi11\LvApi11.dll
2014-04-14 20:41 - 2014-04-14 20:41 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2009-10-14 12:34 - 2009-10-14 12:34 - 00560472 _____ () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Simeone\Downloads\noname (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\Simeone\Downloads\noname.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1580771026-3311180266-4087878210-500 - Administrator - Disabled)
Guest (S-1-5-21-1580771026-3311180266-4087878210-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1580771026-3311180266-4087878210-1002 - Limited - Enabled)
Simeone (S-1-5-21-1580771026-3311180266-4087878210-1000 - Administrator - Enabled) => C:\Users\Simeone

==================== Faulty Device Manager Devices =============

Name: {e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw
Description: {e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: {e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2015 07:00:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 04:43:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YTDownloader.exe, version: 1.0.3.9, time stamp: 0x53faf831
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0003cf85
Faulting process id: 0x1700
Faulting application start time: 0xYTDownloader.exe0
Faulting application path: YTDownloader.exe1
Faulting module path: YTDownloader.exe2
Report Id: YTDownloader.exe3

Error: (01/23/2015 08:26:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YTDownloader.exe, version: 1.0.3.9, time stamp: 0x53faf831
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0013d3ce
Faulting process id: 0x9e4
Faulting application start time: 0xYTDownloader.exe0
Faulting application path: YTDownloader.exe1
Faulting module path: YTDownloader.exe2
Report Id: YTDownloader.exe3

Error: (01/23/2015 05:35:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dup.exe, version: 1.5.83.8755, time stamp: 0x54b3819b
Faulting module name: netprofm.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a5bda75
Exception code: 0xc0000005
Fault offset: 0x6e302505
Faulting process id: 0x948
Faulting application start time: 0xdup.exe0
Faulting application path: dup.exe1
Faulting module path: dup.exe2
Report Id: dup.exe3

Error: (01/22/2015 05:34:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YTDownloader.exe, version: 1.0.3.9, time stamp: 0x53faf831
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00275608
Faulting process id: 0x16e4
Faulting application start time: 0xYTDownloader.exe0
Faulting application path: YTDownloader.exe1
Faulting module path: YTDownloader.exe2
Report Id: YTDownloader.exe3

Error: (01/20/2015 02:28:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dup.exe, version: 1.5.83.8755, time stamp: 0x54b3819b
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x00039342
Faulting process id: 0xfa0
Faulting application start time: 0xdup.exe0
Faulting application path: dup.exe1
Faulting module path: dup.exe2
Report Id: dup.exe3

Error: (01/17/2015 09:28:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YTDownloader.exe, version: 1.0.3.9, time stamp: 0x53faf831
Faulting module name: netprofm.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a5bda75
Exception code: 0xc0000005
Fault offset: 0x6e302505
Faulting process id: 0x4cc
Faulting application start time: 0xYTDownloader.exe0
Faulting application path: YTDownloader.exe1
Faulting module path: YTDownloader.exe2
Report Id: YTDownloader.exe3

Error: (01/17/2015 10:55:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2015 11:42:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YTDownloader.exe, version: 1.0.3.9, time stamp: 0x53faf831
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00698888
Faulting process id: 0x1588
Faulting application start time: 0xYTDownloader.exe0
Faulting application path: YTDownloader.exe1
Faulting module path: YTDownloader.exe2
Report Id: YTDownloader.exe3

Error: (01/16/2015 00:12:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YTDownloader.exe, version: 1.0.3.9, time stamp: 0x53faf831
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x00039342
Faulting process id: 0x1244
Faulting application start time: 0xYTDownloader.exe0
Faulting application path: YTDownloader.exe1
Faulting module path: YTDownloader.exe2
Report Id: YTDownloader.exe3


System errors:
=============
Error: (01/28/2015 07:01:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (01/28/2015 06:59:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
{e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw

Error: (01/28/2015 06:59:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update WebSpades service failed to start due to the following error:
%%2

Error: (01/28/2015 06:45:23 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/28/2015 06:45:22 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/28/2015 06:45:20 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/28/2015 06:45:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/28/2015 06:45:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/28/2015 06:45:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/28/2015 06:45:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.


Microsoft Office Sessions:
=========================
Error: (01/28/2015 07:00:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 04:43:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: YTDownloader.exe1.0.3.953faf831ole32.dll6.1.7601.175144ce7b96fc00000050003cf85170001d0375b5c173adaC:\Program Files\YTDownloader\YTDownloader.exeC:\Windows\system32\ole32.dllda20d783-a4a8-11e4-904a-0020188969ba

Error: (01/23/2015 08:26:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: YTDownloader.exe1.0.3.953faf831ole32.dll6.1.7601.175144ce7b96fc00000050013d3ce9e401d03695f263a7c0C:\Program Files\YTDownloader\YTDownloader.exeC:\Windows\system32\ole32.dllafe83823-a335-11e4-904a-0020188969ba

Error: (01/23/2015 05:35:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dup.exe1.5.83.875554b3819bnetprofm.dll_unloaded0.0.0.04a5bda75c00000056e30250594801d0372a92e2929fC:\Program Files\WinZipper\dup.exenetprofm.dlldc0fbccd-a31d-11e4-904a-0020188969ba

Error: (01/22/2015 05:34:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: YTDownloader.exe1.0.3.953faf831unknown0.0.0.000000000c00000050027560816e401d035c90742d5f8C:\Program Files\YTDownloader\YTDownloader.exeunknown7fcc55c4-a254-11e4-904a-0020188969ba

Error: (01/20/2015 02:28:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dup.exe1.5.83.875554b3819bole32.dll6.1.7601.175144ce7b96fc000000500039342fa001d034b4dbc7539eC:\Program Files\WinZipper\dup.exeC:\Windows\system32\ole32.dll31f9e193-a0a8-11e4-904a-0020188969ba

Error: (01/17/2015 09:28:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: YTDownloader.exe1.0.3.953faf831netprofm.dll_unloaded0.0.0.04a5bda75c00000056e3025054cc01d0323b9bd5617aC:\Program Files\YTDownloader\YTDownloader.exenetprofm.dll63183457-9e87-11e4-904a-0020188969ba

Error: (01/17/2015 10:55:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2015 11:42:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: YTDownloader.exe1.0.3.953faf831unknown0.0.0.000000000c000000500698888158801d031db3333dfbbC:\Program Files\YTDownloader\YTDownloader.exeunknownf23a54e8-9dd0-11e4-b35d-0020188969ba

Error: (01/16/2015 00:12:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: YTDownloader.exe1.0.3.953faf831ole32.dll6.1.7601.175144ce7b96fc000000500039342124401d0311208c82fd2C:\Program Files\YTDownloader\YTDownloader.exeC:\Windows\system32\ole32.dlleff8a758-9d0b-11e4-b35d-0020188969ba


==================== Memory info ===========================

Processor: Intel(R) Atom(TM) CPU 230 @ 1.60GHz
Percentage of memory in use: 33%
Total physical RAM: 2037.9 MB
Available physical RAM: 1359.49 MB
Total Pagefile: 4075.8 MB
Available Pagefile: 3145.28 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:73.24 GB) (Free:39.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0DF80DF7)
Partition 1: (Active) - (Size=73.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6062

Ko je trenutno na forumu
 

Ukupno su 445 korisnika na forumu :: 7 registrovanih, 3 sakrivenih i 435 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Petar, cikadeda, duskovuk63, filip1f, MilosKop, Srki94, tokivoki01