Laptop se gasi

1

Laptop se gasi

offline
  • Pridružio: 04 Sep 2013
  • Poruke: 11

Konekcija- ADSl 3MG
Nacin na koji sam pokusala da resim problem je pokretanje antivirusa Avira i nije detektovao nista. Ima dva meseca kako je poceo da se gasi, a zatim je ta pojava bila sve ucestalija. U toki dana kad koristim racunar ceo dan, on se ugasi tri do cetiri puta i to na nacin, tako da se pre samog gasenja laptopa, odjednom monitor ceo zaplavi i tada pise informacija da je detektovan neki problem, ali to posto bude u sekundi, ni ne stignem da vidim sta zapravo tu pise, posle se ugasi laptop. Onda moram sama da ga ponovo ukljucim. Nekada se vrati na situaciju na kojoj je bio pre gasenja, a nekada ne.

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

@Ivana23
Pozdrav, i dobrodosla u Ambulantu. Wink


Opis problema govori nam da restart sistema prouzrokuje BSOD. BSOD moze da nastane samo iz dva razloga:
- Drajver ( ovo u teoriji moze da prouzrokuje i maliciozan rootkit )
- Hardware ( neka komponenta ne radi ispravno )

Kada si se vec prvo javila nama, hajde da ispitamo to.
Isprati top temu "Kako otvoriti temu u Ambulanti?" i postavi nam DDS izvestaje koje ce nam omoguciti da vidimo prvo stanje racunara.
http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Neko od clanova AMF Tima ce pregledati logove i proslediti dalje instrukcije.

offline
  • Pridružio: 04 Sep 2013
  • Poruke: 11

Napisano: 05 Sep 2013 0:38

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16660
Run by Ivana at 0:21:09 on 2013-09-05
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.3031.1744 [GMT 2:00]
.
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Mp3Tube Toolbar\Mp3TubeSvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mp3Tube Toolbar\Mp3TubeVideoToMp3.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Thinstuff\Remote Desktop Host\TSXConnectService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Thinstuff\Remote Desktop Host\thinrdpsrv.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Thinstuff\Remote Desktop Host\TSXConnectAdmin.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\program files\avira\antivir desktop\avcenter.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchya.com/?f=1&a=SearchooD&cd=2XzuyEtN2Y1L1QzutD0C0E0E0EyCzz0D0ByEtB0AtCyC0C0CtN0D0Tzu0CyDtCtCtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0J1Q1F2W1G1I1F1T1Q1P1CtB&cr=1511648805&ir=
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: {013a635f-e3aa-4371-b682-ece95ca974b0} - <orphaned>
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Ironsource LTD Helper Object: {25927741-5E5B-4D27-8D8B-9188FE64373F} - c:\program files\searchya!\1.5.25.0\bh\searchya.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Avira SearchFree Toolbar plus Web Protection: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Avira SearchFree Toolbar plus Web Protection: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Mp3Tube Toolbar: {46897C77-E7A6-4c33-BFFB-E9C2E2718942} -
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Avira SearchFree Toolbar plus Web Protection: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: SearchYa Toolbar: {33AA308B-B565-4376-AC66-59EE9B6AD13E} - c:\program files\searchya!\1.5.25.0\searchyaTlbr.dll
uRun: [Badoo Desktop] c:\programdata\badoo\badoo desktop\1.6.58.1220\Badoo.Desktop.exe
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Thinstuff TSX Connect Admin] "c:\program files\thinstuff\remote desktop host\TSXConnectAdmin.exe" /hide
StartupFolder: c:\users\ivana\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:\program files\avira\antivir desktop\avsda.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
TCP: NameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{C1D38FDD-914D-4150-BD5C-E6426370FB09} : DHCPNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{FCB3971B-7B30-4395-9C69-EC40A8802E44} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~1\search~1\datamngr\mgrldr.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.62\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\ivana\appdata\roaming\mozilla\firefox\profiles\34ss2gru.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=mkg030&p=
FF - prefs.js: browser.search.selectedEngine - SearchYa!
FF - prefs.js: browser.startup.homepage - hxxp://www.searchya.com/?f=1&a=SearchooD&cd=2XzuyEtN2Y1L1QzutD0C0E0E0EyCzz0D0ByEtB0AtCyC0C0CtN0D0Tzu0CyDtCtCtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0J1Q1F2W1G1I1F1T1Q1P1CtB&cr=1511648805&ir=
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.Softonic.hpOld0 -
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - f66916cc0000000000000ceee68db42a
FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D}
FF - user.js: extensions.Softonic.instlDay - 15831
FF - user.js: extensions.Softonic.vrsn - 1.8.16.10
FF - user.js: extensions.Softonic.vrsni - 1.8.16.10
FF - user.js: extensions.Softonic.vrsnTs - 1.8.16.1019:51:44
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive
FF - user.js: extensions.Softonic.instlRef - INF00176
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.ffxUnstlRst - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic.rvrt - false
FF - user.js: extensions.Softonic.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.kw_url - hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.Softonic.dnsErr - true
FF - user.js: extensions.Softonic.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.searchya.hmpg - true
FF - user.js: extensions.searchya.hmpgUrl - hxxp://www.searchya.com/?f=1&a=SearchooD&cd=2XzuyEtN2Y1L1QzutD0C0E0E0EyCzz0D0ByEtB0AtCyC0C0CtN0D0Tzu0CyDtCtCtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0J1Q1F2W1G1I1F1T1Q1P1CtB&cr=1511648805&ir=
FF - user.js: extensions.searchya.dfltSrch - true
FF - user.js: extensions.searchya.srchPrvdr - SearchYa!
FF - user.js: extensions.searchya.dnsErr - true
FF - user.js: extensions.searchya_i.newTab - false
FF - user.js: extensions.searchya.newTabUrl - hxxp://www.searchya.com/?f=2&a=SearchooD&cd=2XzuyEtN2Y1L1QzutD0C0E0E0EyCzz0D0ByEtB0AtCyC0C0CtN0D0Tzu0CyDtCtCtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0J1Q1F2W1G1I1F1T1Q1P1CtB&cr=1511648805&ir=
FF - user.js: extensions.searchya.tlbrSrchUrl - hxxp://www.searchya.com/?f=3&a=SearchooD&cd=2XzuyEtN2Y1L1QzutD0C0E0E0EyCzz0D0ByEtB0AtCyC0C0CtN0D0Tzu0CyDtCtCtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0J1Q1F2W1G1I1F1T1Q1P1CtB&cr=1511648805&ir=&q=
FF - user.js: extensions.searchya.id - 0CEEE68DB42A16CC
FF - user.js: extensions.searchya.instlDay - 15850
FF - user.js: extensions.searchya.vrsn - 1.5.25.0
FF - user.js: extensions.searchya.vrsni - 1.5.25.0
FF - user.js: extensions.searchya_i.vrsnTs - 1.5.25.013:18:38
FF - user.js: extensions.searchya.prtnrId - searchya
FF - user.js: extensions.searchya.prdct - searchya
FF - user.js: extensions.searchya.aflt - SearchooD
FF - user.js: extensions.searchya_i.smplGrp - none
FF - user.js: extensions.searchya.tlbrId - base
FF - user.js: extensions.searchya.instlRef -
FF - user.js: extensions.searchya.dfltLng -
FF - user.js: extensions.searchya.excTlbr - false
FF - user.js: extensions.searchya.autoRvrt - false
FF - user.js: extensions.searchya.envrmnt - production
FF - user.js: extensions.searchya.isdcmntcmplt - true
FF - user.js: extensions.searchya.mntrvrsn - 1.3.0
FF - user.js: extensions.irspeeddial.aflt - SearchooD
FF - user.js: extensions.irspeeddial.instlRef -
FF - user.js: extensions.irspeeddial.cr - 1511648805
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzutD0C0E0E0EyCzz0D0ByEtB0AtCyC0C0CtN0D0Tzu0CyDtCtCtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0J1Q1F2W1G1I1F1T1Q1P1CtB
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - f66916cc0000000000000ceee68db42a
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15840
FF - user.js: extensions.delta.vrsn - 1.8.16.16
FF - user.js: extensions.delta.vrsni - 1.8.16.16
FF - user.js: extensions.delta.vrsnTs - 1.8.16.1614:51:07
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
============= SERVICES / DRIVERS ===============
.
R0 THINRDP;THINRDP;c:\windows\system32\drivers\thinrdp.sys [2013-5-27 25800]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-5-17 37352]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2013-5-17 84024]
R2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2013-5-17 108088]
R2 AntiVirWebService;Avira Web Protection;c:\program files\avira\antivir desktop\avwebgrd.exe [2013-5-17 589368]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-5-17 84744]
R2 Mp3Tube Toolbar Service;Mp3Tube Toolbar Updater Service;c:\program files\mp3tube toolbar\Mp3TubeSvc.exe [2011-4-29 227840]
R2 ThinRDPSrv;Thinstuff Remote Desktop Host Server;c:\program files\thinstuff\remote desktop host\thinrdpsrv.exe [2013-5-27 691912]
R2 tsxconsvc;Thinstuff TSX Connect Service;c:\program files\thinstuff\remote desktop host\TSXConnectService.exe [2013-3-28 5754056]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-7-14 229888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-4-27 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-3-13 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-4-13 52224]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2013-09-01 18:12:22 -------- d-----w- c:\users\ivana\appdata\local\{B1D038A7-3305-45CF-BCE9-8642A80A9747}
2013-08-14 11:57:04 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-14 11:57:01 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-08-14 11:57:01 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-14 11:57:01 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-08-14 11:57:01 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-14 11:56:58 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-14 11:56:58 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-14 11:56:57 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-14 11:56:55 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-14 11:56:06 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-14 11:54:35 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-14 11:54:33 918528 ----a-w- c:\windows\system32\rdpcorets.dll
2013-08-14 11:54:33 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-12 17:09:42 -------- d-----w- c:\windows\system32\MRT
.
==================== Find3M ====================
.
2013-07-26 03:13:24 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 03:12:04 2877440 ----a-w- c:\windows\system32\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-07-26 01:59:38 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-07-02 21:33:10 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-27 09:50:20 67168 ----a-w- c:\windows\system32\drivers\avnetflt.sys
.
============= FINISH: 0:21:20,81 ===============

Dopuna: 05 Sep 2013 0:48

mycity.rs/must-login.png
Ovo je attach.txt

Dopuna: 05 Sep 2013 0:50

mycity.rs/must-login.png

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Arrow Korak 1.


Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt








Arrow Korak 2.




Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.



Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);


Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.




Ivance95 (AMF Tim)

offline
  • Pridružio: 04 Sep 2013
  • Poruke: 11

Napisano: 05 Sep 2013 16:02

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

Izvinjivam se sto vam ranije nisam pisala, posto mi se gasio laptop i nisam mogla ranije zbog toga. Hvala vam unapred, divni ste.

Dopuna: 05 Sep 2013 22:55

Dobro vece, ja sad tuzna sto mi vi ne odgovarate. Znam da ste zauzeti i da imate puno posla ali bih volela da i mene setite i da mi odgovorite u neko dogledno vreme. Wink

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Ivana, Ivance nije na forumu trenutno, u medjuvremenu odradi Korak 1.

Procitaj ponovo njegovo uputstvo.

offline
  • Pridružio: 04 Sep 2013
  • Poruke: 11

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

OK, idemo dalje dok se nije ugasio Smile


Preuzmi zoek.zip () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:


filesrcm;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.

offline
  • Pridružio: 04 Sep 2013
  • Poruke: 11

Zoek.exe Version 4.0.0.4 Updated 31-08-2013
Tool run by Ivana on źet 05.09.2013 at 23:26:56,42.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ivana\Desktop\New folder\zoek.exe [Quick Scan] [Auto Clean]

==== System Restore Info ======================

5.9.2013 23:28:18 Zoek.exe System Restore Point Created Succesfully.

==== Creating Sample_05.09.2013_2334.zip ======================

Process chrome.exe killed
Copied file C:\Users\Ivana\AppData\Roaming\pack.exe to sample\pack.exe
sample\pack.exe renamed to D3FAF9434A552E3D3D0801B035DD628E

C:\Users\Public\Desktop\sample_05.09.2013_2334.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1338069029-2438712655-2750520253-1000\Software\Microsoft\Internet Explorer\SearchScopes\{04D1923B-2AB4-659C-49B8-65A007909125} deleted successfully
HKEY_USERS\S-1-5-21-1338069029-2438712655-2750520253-1000\Software\Microsoft\Internet Explorer\SearchScopes\{42D52C74-1A87-49AD-BBF7-2A1FA7EA3CE5} deleted successfully
HKEY_USERS\S-1-5-21-1338069029-2438712655-2750520253-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4D68C31B-010C-378F-EEF8-705543A92BBB} deleted successfully
HKEY_USERS\S-1-5-21-1338069029-2438712655-2750520253-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4E5F75B2-156C-4368-A4C5-8F2A2114347C} deleted successfully
HKEY_USERS\S-1-5-21-1338069029-2438712655-2750520253-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D4F4118C-00A8-4BA9-9694-2F66BC7E492E} deleted successfully
HKEY_USERS\S-1-5-21-1338069029-2438712655-2750520253-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\34ss2gru.default

user.js not found
---- Lines yahoo removed from prefs.js ----

user_pref("browser.search.defaulturl", "http://search.yahoo.com/search?fr=mkg030&p=");
user_pref("yahoo.ytff.general.dontshowhpoffer", true);

---- Lines yahoo modified from prefs.js ----


---- Lines ask.com removed from prefs.js ----

user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.defaultenginename", "Ask.com");
user_pref("browser.search.order.1", "Ask.com");

---- Lines ask.com modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1370469744461,\"rdfTime\":1368303951000}}},{\"name\":\"app-profile\",\"addons\":{\"anthonyytmp3download@gmail.com\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\anthonyytmp3download@gmail.com.xpi\",\"mtime\":1368645602367},\"en-US@dictionaries.addons.mozilla.org\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\en-US@dictionaries.addons.mozilla.org\",\"mtime\":1368646041129,\"rdfTime\":1368646041046},\"ffxtlbr@searchya.com\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\ffxtlbr@searchya.com\",\"mtime\":1372669427454,\"rdfTime\":1340019688295},\"mwaquickbutton@elmstreet.com\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\mwaquickbutton@elmstreet.com.xpi\",\"mtime\":1368645423995},\"toolbar@ask.com\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\toolbar@ask.com\",\"mtime\":1372669427813,\"rdfTime\":1368744339260},\"youtube-cinemode@gmail.com\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\youtube-cinemode@gmail.com.xpi\",\"mtime\":1368645370385},\"{5ebdca98-43b3-45bb-87e0-716029fb42ab}\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\{5ebdca98-43b3-45bb-87e0-716029fb42ab}\",\"mtime\":1372669428141,\"rdfTime\":1356348356000},\"{635abd67-4fe9-1b23-4f01-e679fa7484c1}\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\",\"mtime\":1372669428312,\"rdfTime\":1366295311000},\"{65030561-c150-4370-836c-7c9d04f7a1b4}\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\{65030561-c150-4370-836c-7c9d04f7a1b4}\",\"mtime\":1372669428359,\"rdfTime\":1367224852000},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1335817027037,\"rdfTime\":1126801560000}}}]");

---- Lines searchya removed from prefs.js ----


---- Lines searchya modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1370469744461,\"rdfTime\":1368303951000}}},{\"name\":\"app-profile\",\"addons\":{\"anthonyytmp3download@gmail.com\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\anthonyytmp3download@gmail.com.xpi\",\"mtime\":1368645602367},\"en-US@dictionaries.addons.mozilla.org\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\en-US@dictionaries.addons.mozilla.org\",\"mtime\":1368646041129,\"rdfTime\":1368646041046},\"ffxtlbr@searchya.com\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\ffxtlbr@searchya.com\",\"mtime\":1372669427454,\"rdfTime\":1340019688295},\"mwaquickbutton@elmstreet.com\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\mwaquickbutton@elmstreet.com.xpi\",\"mtime\":1368645423995},\"toolbar@disabled\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\toolbar@disabled\",\"mtime\":1372669427813,\"rdfTime\":1368744339260},\"youtube-cinemode@gmail.com\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\youtube-cinemode@gmail.com.xpi\",\"mtime\":1368645370385},\"{5ebdca98-43b3-45bb-87e0-716029fb42ab}\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\{5ebdca98-43b3-45bb-87e0-716029fb42ab}\",\"mtime\":1372669428141,\"rdfTime\":1356348356000},\"{635abd67-4fe9-1b23-4f01-e679fa7484c1}\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\",\"mtime\":1372669428312,\"rdfTime\":1366295311000},\"{65030561-c150-4370-836c-7c9d04f7a1b4}\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\{65030561-c150-4370-836c-7c9d04f7a1b4}\",\"mtime\":1372669428359,\"rdfTime\":1367224852000},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Users\\\\Ivana\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\34ss2gru.default\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1335817027037,\"rdfTime\":1126801560000}}}]");

---- Lines ilivid removed from prefs.js ----


---- Lines ilivid modified from prefs.js ----


---- FireFox user.js and prefs.js backups ----

prefs_05.09.2013_2335_.backup

==== Deleting Files \ Folders ======================

"C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\34ss2gru.default\searchplugins\SearchYa.xml" not found
"C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\34ss2gru.default\searchplugins\SearchYa.xml" not found
"C:\ProgramData\193d5ee11dd0ecced3e4ece876327647_c" deleted
"C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\34ss2gru.default\yahooToolbarSettings" deleted
"C:\Users\Ivana\AppData\Local\speeddial.crx" deleted
"C:\Windows\system32\Tasks\GoforFilesUpdate" deleted
"C:\Users\Ivana\AppData\Roaming\pack.exe" deleted
"C:\Program Files\GoforFiles" deleted
"C:\Users\Ivana\AppData\Roaming\GoforFiles" deleted
"C:\Users\Ivana\AppData\Roaming\SpeedyPC Software" deleted
"C:\Users\Ivana\AppData\Roaming\OpenCandy" deleted
"C:\ProgramData\SpeedyPC Software" deleted
"C:\Users\Ivana\AppData\Local\APN" deleted
"C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\34ss2gru.default\ilividtoolbargaw" deleted
"C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\34ss2gru.default\ilividtoolbargaw" deleted
"C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\34ss2gru.default\ilividtoolbargaw" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Ivana\AppData\Local\Temp ====
====== C:\Windows\system32 =====
2013-09-05 20:57:51 7F4B65E5482BE5B4421D90C36E5D59C6 29536 ----a-w- C:\Windows\System32\uxtuneup.dll
2013-09-05 19:05:16 FC8A8BD8D9B0717B473B8FCD04EDE58A 31584 ----a-w- C:\Windows\System32\TURegOpt.exe
2013-09-05 19:05:16 13970A0219211E14A0C5DF858A364FDC 21344 ----a-w- C:\Windows\System32\authuitu.dll
====== C:\Windows\system32\drivers =====
2013-08-14 11:56:55 4E8B9BE71B807B3BAEDB7F4243F85E3C 1293760 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-08-14 11:54:33 B37B08F2E5EEB1A37E448E09BACE1101 31232 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-09-05 19:04:35 -------- d-----w- C:\Program Files\TuneUp Utilities 2013
2013-09-05 19:03:22 -------- d-----w- C:\Program Files\VideoLAN
======= C: =====
2013-09-05 20:09:14 0D82E328857421BEC7410E9252A9A343 3280 ------w- C:\bootsqm.dat
2013-09-05 12:51:29 5D1EDDE6A0D29AE347CB667D820BD165 103680 ----a-w- C:\uglorpog.sys
====== C:\Users\Ivana\AppData\Roaming ======
2013-09-05 19:04:42 -------- d-----w- C:\users\Ivana\AppData\Roaming\TuneUp Software
2013-09-05 19:03:52 -------- d-----w- C:\users\Ivana\AppData\Roaming\vlc
2013-09-05 19:03:52 -------- d-----w- C:\users\Ivana\AppData\Roaming\Ignite
2013-09-05 19:02:13 -------- d-----w- C:\users\Ivana\AppData\Local\Ignite
2013-08-30 20:58:10 407AAB8C27CF7081EECE071C90A65B83 17 ----a-w- C:\users\Ivana\AppData\Local\resmon.resmoncfg
====== C:\Users\Ivana ======
2013-09-05 21:08:44 323B4AD6F1374F3621ABF748307E3287 1037222 ----a-w- C:\Users\Ivana\Downloads\adwcleaner (2).exe
2013-09-05 19:24:06 -------- d-sh--w- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-09-05 19:05:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
2013-09-05 19:04:32 -------- d-----w- C:\ProgramData\TuneUp Software
2013-09-05 19:04:25 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-09-05 19:03:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2013-09-05 19:02:16 2E43371C02C0D900BDD63D916500D5EB 22259528 ----a-w- C:\Users\Ivana\Downloads\vlc-2.0.1-win32.exe
2013-09-05 19:01:52 F0F2F429747400052855181202B4461F 1177968 ----a-w- C:\Users\Ivana\Downloads\littlealchemy_vlc_201Setup.exe
2013-09-05 12:54:16 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Ivana\Desktop\x12qx15s.exe
2013-09-05 12:53:50 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Ivana\Downloads\kcsv3ez4.exe
2013-09-05 12:51:15 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Ivana\Downloads\w8u985vk.exe
2013-09-05 12:50:41 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Ivana\Downloads\51rldul5.exe
2013-09-05 12:26:12 323B4AD6F1374F3621ABF748307E3287 1037222 ----a-w- C:\Users\Ivana\Downloads\adwcleaner (1).exe
2013-09-04 23:43:40 323B4AD6F1374F3621ABF748307E3287 1037222 ----a-w- C:\Users\Ivana\Downloads\adwcleaner.exe
2013-09-04 22:21:03 8B968045D75783A09592C3105F2865DA 688992 ----a-w- C:\Users\Ivana\Downloads\dds.com
2013-09-04 22:09:27 0A8655152C01512CB7DD9B8C35F229A1 4327208 ----a-w- C:\Users\Ivana\Downloads\rcpsetupst_RC1_ZZ_F_1.exe

====== C: exe-files ==
2013-09-05 21:08:44 323B4AD6F1374F3621ABF748307E3287 1037222 ----a-w- C:\Users\Ivana\Downloads\adwcleaner (2).exe
2013-09-05 19:25:19 C4D9C534D96E4D5EB8DADDCD4C0FCB43 32773544 ----a-w- C:\Users\Ivana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KMX1YH0\TuneUpUtilities2014_en-US[1].exe
2013-09-05 19:23:24 C4D9C534D96E4D5EB8DADDCD4C0FCB43 32773544 ----a-w- C:\Users\Ivana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KMX1YH0\TuneUpUtilities2014_en-US (1).exe
2013-09-05 19:23:16 C4D9C534D96E4D5EB8DADDCD4C0FCB43 32773544 ----a-w- C:\Users\Ivana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KMX1YH0\TuneUpUtilities2014_en-US.exe
2013-09-05 19:05:16 FC8A8BD8D9B0717B473B8FCD04EDE58A 31584 ----a-w- C:\Windows\System32\TURegOpt.exe
2013-09-05 19:03:49 7408D0E383238743D059FE6C9B81ED46 212369 ----a-w- C:\Program Files\VideoLAN\VLC\uninstall.exe
2013-09-05 19:02:16 2E43371C02C0D900BDD63D916500D5EB 22259528 ----a-w- C:\Users\Ivana\Downloads\vlc-2.0.1-win32.exe
2013-09-05 19:02:13 C0B0A35C487F3F7FC58EA6804DB47D2B 888688 ----a-w- C:\Users\Ivana\AppData\Local\Ignite\Ignite.exe
2013-09-05 19:02:13 5CD73B950A1D76258EF1C73D72DA78CB 145264 ----a-w- C:\Users\Ivana\AppData\Local\Ignite\OfferFinisher.exe
2013-09-05 19:01:52 F0F2F429747400052855181202B4461F 1177968 ----a-w- C:\Users\Ivana\Downloads\littlealchemy_vlc_201Setup.exe
2013-09-05 18:08:39 3DEF79A0391970E29EC34FF3000B5994 70200 ----a-w- C:\Program Files\Avira\AntiVir Desktop\checkt.exe
2013-09-05 18:07:35 834A360FEE94DB61BF69D90B56F59139 599608 ----a-w- C:\ProgramData\Avira\AntiVir Desktop\TEMP\SELFUPDATE\update.exe
2013-09-05 18:07:35 4D54B271BF0A2D8C07DFE5BDA67BF89B 44600 ----a-w- C:\ProgramData\Avira\AntiVir Desktop\TEMP\SELFUPDATE\updrgui.exe
2013-09-05 12:54:16 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Ivana\Desktop\x12qx15s.exe
2013-09-05 12:53:50 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Ivana\Downloads\kcsv3ez4.exe
2013-09-05 12:51:15 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Ivana\Downloads\w8u985vk.exe
2013-09-05 12:50:41 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Ivana\Downloads\51rldul5.exe
2013-09-05 12:26:12 323B4AD6F1374F3621ABF748307E3287 1037222 ----a-w- C:\Users\Ivana\Downloads\adwcleaner (1).exe
2013-09-04 23:43:40 323B4AD6F1374F3621ABF748307E3287 1037222 ----a-w- C:\Users\Ivana\Downloads\adwcleaner.exe
2013-09-04 22:09:27 0A8655152C01512CB7DD9B8C35F229A1 4327208 ----a-w- C:\Users\Ivana\Downloads\rcpsetupst_RC1_ZZ_F_1.exe
2013-08-30 19:54:32 F36154F2BEB4B535E6F0752C82625D01 7912288 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.62\29.0.1547.62_28.0.1500.95_chrome_updater.exe
=== C: other files ==
2013-09-05 21:34:27 DDC2C20A64975B08E2DC5B732D74F45B 788381 ----a-w- C:\Users\Public\Desktop\sample_05.09.2013_2334.zip
2013-09-05 12:51:29 5D1EDDE6A0D29AE347CB667D820BD165 103680 ----a-w- C:\uglorpog.sys
2013-09-05 12:42:07 979F05F6CED2D65749746AA29FE0C07A 25762 ----a-w- C:\Users\Ivana\AppData\Local\JDownloader v2.0\cfg\linkcollector50.zip
2013-09-05 12:42:06 26E3D5540C6BC2EEF5A7F6787305C6D3 233 ----a-w- C:\Users\Ivana\AppData\Local\JDownloader v2.0\cfg\downloadList215.zip
2013-09-04 22:21:03 8B968045D75783A09592C3105F2865DA 688992 ----a-w- C:\Users\Ivana\Downloads\dds.com
2013-09-04 20:41:46 C24517FB8742FAF47C7A37150FD271E7 233 ----a-w- C:\Users\Ivana\AppData\Local\JDownloader v2.0\cfg\downloadList214.zip
2013-09-04 20:41:46 1288DD36783F3F225011CF977DBC5D0F 26531 ----a-w- C:\Users\Ivana\AppData\Local\JDownloader v2.0\cfg\linkcollector49.zip
2013-09-04 17:00:57 BD3F708C22233E67F58C5FB16440E9F2 233 ----a-w- C:\Users\Ivana\AppData\Local\JDownloader v2.0\cfg\downloadList213.zip
2013-09-04 16:54:49 7C2F6D3497CCC516E63883EAF327CB0F 5064 ----a-w- C:\Users\Ivana\AppData\Local\JDownloader v2.0\cfg\downloadList212.zip
2013-09-04 16:54:36 1AF23494B78AD6E79A4FC6F7964ED3DA 4979 ----a-w- C:\Users\Ivana\AppData\Local\JDownloader v2.0\cfg\downloadList211.zip
2013-09-04 16:54:28 5241F024EEED38DCCA55A97FD7072BF1 4979 ----a-w- C:\Users\Ivana\AppData\Local\JDownloader v2.0\cfg\downloadList210.zip
2013-09-04 16:47:16 40CB786E7CEC40C4213BD729D17B5840 26531 ----a-w- C:\Users\Ivana\AppData\Local\JDownloader v2.0\cfg\linkcollector48.zip
2013-09-04 16:46:38 331BC837DC80F75D61A794610102CC9B 30933 ----a-w- C:\Users\Ivana\AppData\Local\JDownloader v2.0\cfg\linkcollector47.zip
2013-09-04 16:45:58 5529A4AE27F788EE7CC9CF0E37AC198A 233 ----a-w- C:\Users\Ivana\AppData\Local\JDownloader v2.0\cfg\linkcollector46.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1338069029-2438712655-2750520253-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo\PROGRA~1\Yahoo\Messenger\YahooMessenger.exe -quiet"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"GoogleChromeAutoLaunch_A0974F4F7ABDBFE34896561F2822A68F"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"WinampAgent"="C:\Program Files\Winamp\winampa.exe"
"NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe"
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"
"Thinstuff TSX Connect Admin"="C:\Program Files\Thinstuff\Remote Desktop Host\TSXConnectAdmin.exe /hide"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo\PROGRA~1\Yahoo\Messenger\YahooMessenger.exe -quiet"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"GoogleChromeAutoLaunch_A0974F4F7ABDBFE34896561F2822A68F"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""


==== Startup Folders ======================

2012-04-09 21:02:59 1280 ----a-w- C:\users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15.05.2013 22:21]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [30.04.2012 22:57]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [30.04.2012 22:57]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\34ss2gru.default
- Undetermined - %ProfilePath%\extensions\installed-extensions.txt
- United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org
- Power Zoom - %ProfilePath%\extensions\{65030561-c150-4370-836c-7c9d04f7a1b4}
- Firefox default - %ProfilePath%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- YouTube MP3 Download - %ProfilePath%\extensions\anthonyytmp3download@gmail.com.xpi
- Music World Anonymous Quick Button - %ProfilePath%\extensions\mwaquickbutton@elmstreet.com.xpi
- YouTube Cinema Mode . - %ProfilePath%\extensions\youtube-cinemode@gmail.com.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

Profilepath: C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\34ss2gru.default
101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update
ADC539F67D3198679F480974EE203678 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.210.11
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
B16EC84E06F26B8B85800F3B07B8D757 - C:\Windows\system32\Macromed\Flash\NPSWF32.dll - Shockwave Flash
6DE7BF0DADC0881F7ED82D9FCC998B89 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaaabfjnbeinlpljodiajipidiompfl - C:\Users\Ivana\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.24.0.crx[]
ablnpmdakdiclnimkjfcaibpgjhapkbl - C:\Users\Ivana\AppData\Local\CRE\ablnpmdakdiclnimkjfcaibpgjhapkbl.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[22.11.2012 10:30]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
ablnpmdakdiclnimkjfcaibpgjhapkbl - C:\Users\Ivana\AppData\Local\CRE\ablnpmdakdiclnimkjfcaibpgjhapkbl.crx[]

Power Zoom - Ivana - default\Extensions\jlioidldolgbmanndggdnldambdlglgj
Google Drive - Ivana - Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Ivana - Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Ivana - Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Ivana - Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Office - Ivana - Profile 6\Extensions\ahfpbkogcgkoecgolaojpcijkabngljl
ENGLISH MEMORY - Ivana - Profile 6\Extensions\aidhibeakadjobeknimdalmhfekikmaa
Google Docs - Ivana - Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Ivana - Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf
Virtual Yeast Cell - Ivana - Profile 6\Extensions\bggcfkeamlabnkdllkkaeaeojiiphjhm
HeapNote Teacher - Ivana - Profile 6\Extensions\bllhchpefpppioobbgcpjffahfogcaid
YouTube - Ivana - Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Useful Periodic Table - Ivana - Profile 6\Extensions\chachkegffmilnmdlonllkhkfkakghie
Google Search - Ivana - Profile 6\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Chemical Elements - Ivana - Profile 6\Extensions\eilhonghnelklfkaekhjibgnbfelgbho
WinWeb Online Office - Ivana - Profile 6\Extensions\fplkmnmmhodmddabbcipjijjmgokildf
Easy Essays - Ivana - Profile 6\Extensions\ippabcfpniimkomfeidkcfffmjahcgln
Zoho Writer - Ivana - Profile 6\Extensions\jgaeidloagadfcohacebhbkkapgpiddj
Little Alchemy - Ivana - Profile 6\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd
Skype for Chromium - Ivana - Profile 6\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Advanced Periodic Table - Ivana - Profile 6\Extensions\lnapfbmgfeemaakflaojcefffeobddog
Card number - Ivana - Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Ivana - Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
PR Checker - Ivana - Profile 6\Extensions\pneoplpmnpjoioldpodoljacigkahohc

==== Chrome Fix ======================

C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_app.mam.conduit.com_0.localstorage deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_app.mam.conduit.com_0.localstorage-journal deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_apps.conduit.com_0.localstorage deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_apps.conduit.com_0.localstorage-journal deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_facebook.conduitapps.com_0.localstorage deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_facebook.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_offering.hosting.distributionengine.conduit-services.com_0.localstorage deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_offering.hosting.distributionengine.conduit-services.com_0.localstorage-journal deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pricegong.conduitapps.com_0.localstorage deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pricegong.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_search.conduit.com_0.localstorage deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_search.conduit.com_0.localstorage-journal deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_ticker.conduit.com_0.localstorage deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_ticker.conduit.com_0.localstorage-journal deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 6\Local Storage\http_en.softonic.com_0.localstorage deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 6\Local Storage\http_en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 6\Local Storage\http_jdownloader-portable.en.softonic.com_0.localstorage deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 6\Local Storage\http_jdownloader-portable.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 6\Local Storage\http_jdownloader.en.softonic.com_0.localstorage deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 6\Local Storage\http_jdownloader.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www2.delta-search.com_0.localstorage deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www2.delta-search.com_0.localstorage-journal deleted successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aaaaabfjnbeinlpljodiajipidiompfl deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{DECA3892-BA8F-44b8-A993-A466AD694AE4}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{C43829F1-5599-4CA3-8D30-6A3B84787362} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz="

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1338069029-2438712655-2750520253-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ablnpmdakdiclnimkjfcaibpgjhapkbl deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ablnpmdakdiclnimkjfcaibpgjhapkbl deleted successfully

==== Empty IE Cache ======================

C:\Users\Ivana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ivana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Ivana\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\users\Ivana\AppData\Local\Mozilla\Firefox\Profiles\34ss2gru.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 6\Cache emptied successfully
C:\users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 6\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Ivana\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źet 05.09.2013 at 23:44:47,32 ======================

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Procitaj ponovo moje uputstvo, ali pazljivo i nemoj nista drugo da radis nego tacno kako pise.
Jesam li ja negde napisao da ides na "Opcije" i da stikliras Autoclean?

Ko je trenutno na forumu
 

Ukupno su 910 korisnika na forumu :: 36 registrovanih, 6 sakrivenih i 868 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Petar, A.R.Chafee.Jr., airsuba, Atomski čoban, babaroga, bojank, ccoogg123, FileFinder, HogarStrashni, Krvava Devetka, kybonacci, ladro, lord sir giga, MB120mm, milanovic, milenko crazy north, Milometer, Milos ZA, Milos82, MilosKop, Misirac, Motocar, nemkea71, nuke92, pein, pera bager, procesor, raptorsi, Ripanjac, Sirius, Srle993, stegonosa, Stoilkovic, tubular, VitezKoja, |_MeD_|