Mnogo mi koci racunar

1

Mnogo mi koci racunar

offline
  • Pridružio: 27 Okt 2014
  • Poruke: 10

Pozdrav.
Sumnjam da mi je racunar pun virusa,mnogo koci.
Otvaraju mi se nezeljene stranice kad sam na netu.
Imam samo Avas antivirus ali to ocigledno nije dovoljno,
kada skeniram pronadje problem ali ne moze da ga resi.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014 01
Ran by Nemanja (administrator) on NEMANJA-PC on 27-10-2014 21:17:32
Running from C:\Users\Nemanja\Downloads
Loaded Profile: Nemanja (Available profiles: Nemanja)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
() C:\Users\Nemanja\AppData\Roaming\BTLive\BTLive.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Somoto) C:\Users\Nemanja\AppData\Local\FilesFrog Update Checker\update_checker.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Users\Nemanja\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
() C:\ProgramData\IBUpdaterService\ibsvc.exe
(Massive Media) C:\Users\Nemanja\AppData\Roaming\Massive Media\Twoo.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(FileServe Limited) C:\Program Files (x86)\FileServe Manager\FSStarter.exe
(ClientConnect Ltd.) C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
() C:\Users\Nemanja\AppData\Roaming\BTLive\BTLive.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Badoo) C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [37888 2010-01-13] (Nullsoft, Inc.)
HKLM-x32\...\Run: [facemoods] => C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe [323584 2010-10-26] (facemoods.com)
HKLM-x32\...\Run: [FileServe Manager Task] => C:\Program Files (x86)\FileServe Manager\FSStarter.exe [954648 2011-06-20] (FileServe Limited)
HKLM-x32\...\Run: [SweetIM] => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [114992 2012-01-19] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [105120 2012-08-21] (PC Tools)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3890208 2014-08-07] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [Facebook Update] => C:\Users\Nemanja\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-19] (Facebook Inc.)
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [BTLive] => C:\Users\Nemanja\AppData\Roaming\BTLive\BTLive.exe [6995632 2013-10-30] ()
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [SDP] => C:\Users\Nemanja\AppData\Local\FilesFrog Update Checker\update_checker.exe [201808 2013-01-31] (Somoto)
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [BackgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Nemanja\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [Twoo] => C:\Users\Nemanja\AppData\Roaming\Massive Media\Twoo.exe [10476000 2013-10-03] (Massive Media)
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe [854192 2014-09-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Policies\system: [NoControlPanel] 1
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Policies\system: [DisableMyPicturesDirChange] 1
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\MountPoints2: {37054c60-5da7-11e4-b736-20cf308bdad1} - G:\.\Autorun.exe
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\MountPoints2: {9f98c907-9cd3-11e1-9870-20cf308bdad1} - G:\Setup.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.conduit.com?SearchSource=10&ctid.....4601447150
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x409F57DFF73ECC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = search.conduit.com?SearchSource=10&ctid=CT2431400
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = search.babylon.com/?affID=119294&babsrc.....CF308BDAD1
URLSearchHook: HKLM-x32 - BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Users\Nemanja\AppData\LocalLow\BrotherSoft_Extreme\prxtbBro2.dll (ClientConnect Ltd.)
URLSearchHook: HKLM-x32 - MB2 Toolbar - {013a635f-e3aa-4371-b682-ece95ca974b0} - C:\Users\Nemanja\AppData\LocalLow\MB2\prxtbMB0.dll (ClientConnect Ltd.)
URLSearchHook: HKCU - (No Name) - {B94D2A9E-E529-4389-B8DE-4F50D087F0D1} - No File
URLSearchHook: HKCU - BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Users\Nemanja\AppData\LocalLow\BrotherSoft_Extreme\prxtbBro2.dll (ClientConnect Ltd.)
URLSearchHook: HKCU - MB2 Toolbar - {013a635f-e3aa-4371-b682-ece95ca974b0} - C:\Users\Nemanja\AppData\LocalLow\MB2\prxtbMB0.dll (ClientConnect Ltd.)
URLSearchHook: HKCU - FroggyBoss Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files (x86)\Minibar\Froggy.dll (TODO: <название компании>)
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = dts.search-results.com/sr?src=ieb&appid=495&systemid=1&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = dts.search-results.com/sr?src=ieb&appid=495&systemid=1&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = start.funmoods.com/results.php?f=4&q={searchTerms}&a=stonicrow&chnl=stonicrow&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDzz0B0D0A0DtC0BzzyCyCtN0D0Tzu0CtByDyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=754115576
SearchScopes: HKLM-x32 - DefaultScope {0AEDF339-9ABD-4E7C-BE7C-65A5F70AE043} URL =
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKLM-x32 - {7E31D53C-7DB1-5EEE-1D7C-57173F728F8F} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431400
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = dts.search-results.com/sr?src=ieb&appid=495&systemid=1&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = start.funmoods.com/results.php?f=4&q={searchTerms}&a=stonicrow&chnl=stonicrow&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDzz0B0D0A0DtC0BzzyCyCtN0D0Tzu0CtByDyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=754115576
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.a-searchpage.info/?l=1&q={searchTerms}&pid=879&r=2013/05/30&hid=114255086&lg=EN&cc=RS&unqvl=18
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=4.0003002
SearchScopes: HKCU - DefaultScope {0AEDF339-9ABD-4E7C-BE7C-65A5F70AE043} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431400
SearchScopes: HKCU - Backup.Old.DefaultScope {F423386B-52CB-420E-AF9D-46730575FB2D}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {044757BC-030D-471B-92C2-469ED21901C8} URL = start.funmoods.com/results.php?f=4&q={searchTerms}&a=stonicrow&chnl=stonicrow&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDzz0B0D0A0DtC0BzzyCyCtN0D0Tzu0CtByDyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=754115576
SearchScopes: HKCU - {0AEDF339-9ABD-4E7C-BE7C-65A5F70AE043} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431400
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = start.facemoods.com/?a=ost&s={searchTerms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F08520CF308BDAD1&affID=128492&tt=180614_ctrl&tsp=5282
SearchScopes: HKCU - {15360AAB-7B57-42F0-A7B3-D875D19A8052} URL = mysearchresults.com/search?c=8004&t=11&q={searchTerms}
SearchScopes: HKCU - {1E215B4B-9590-447F-B4AC-4C0D637DAE84} URL = rts.dsrlte.com/?q={searchTerms}&r=560
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={sear
SearchScopes: HKCU - {7E31D53C-7DB1-5EEE-1D7C-57173F728F8F} URL = searchtronic.net/Search?query={searchTerms}&i=61&tp=chrome
SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = dts.search-results.com/sr?src=ieb&appid=495&systemid=1&q={searchTerms}
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.a-searchpage.info/?l=1&q={searchTerms}&pid=879&r=2013/05/30&hid=114255086&lg=EN&cc=RS&unqvl=18
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=4.0003002
BHO: No Name -> {474597C5-AB09-49d6-A4D5-2E8D7341384E} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: FileServeManager -> {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} -> No File
BHO-x32: MB2 Toolbar -> {013a635f-e3aa-4371-b682-ece95ca974b0} -> C:\Users\Nemanja\AppData\LocalLow\MB2\prxtbMB0.dll (ClientConnect Ltd.)
BHO-x32: SearchAmong Toolbar -> {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} -> C:\Program Files (x86)\SearchAmong Toolbar\SearchAmongToolbar.dll ()
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name -> {1185823F-F22F-4027-80E5-4F68ACD5DE5E} -> No File
BHO-x32: No Name -> {28387537-e3f9-4ed7-860c-11e69af4a8a0} -> No File
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> No File
BHO-x32: No Name -> {474597C5-AB09-49d6-A4D5-2E8D7341384E} -> No File
BHO-x32: BrotherSoft Extreme Toolbar -> {51a86bb3-6602-4c85-92a5-130ee4864f13} -> C:\Users\Nemanja\AppData\LocalLow\BrotherSoft_Extreme\prxtbBro2.dll (ClientConnect Ltd.)
BHO-x32: CescrtHlpr Object -> {64182481-4F71-486b-A045-B233BD0DA8FC} -> C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll (facemoods.com BHO)
BHO-x32: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll No File
BHO-x32: DefaultTab Browser Helper -> {7F6AFBF1-E065-4627-A2FD-810366367D01} -> C:\Windows\SysWow64\config\systemprofile\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
BHO-x32: MrFroggy Class -> {856E12B5-22D7-4E22-9ACA-EA9A008DD65B} -> C:\Program Files (x86)\Minibar\Froggy.dll (TODO: <название компании>)
BHO-x32: cconntinuuetoossavee -> {8B698829-3B13-59C9-77D5-D9514FFDF022} -> C:\ProgramData\cconntinuuetoossavee\51a6f8ebab336.dll ()
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: MinibarBHO -> {AA74D58F-ACD0-450D-A85E-6C04B171C044} -> C:\Program Files (x86)\Minibar\Kango.dll (KangoExtensions)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: No Name -> {B94D2A9E-E529-4389-B8DE-4F50D087F0D1} -> No File
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> No File
BHO-x32: SearchNewTab -> {CD85658B-2E27-69B6-66D9-D7D1797A11FB} -> C:\ProgramData\SearchNewTab\51a6f9256f180.dll ()
BHO-x32: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
Toolbar: HKLM-x32 - facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll (facemoods.com)
Toolbar: HKLM-x32 - BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Users\Nemanja\AppData\LocalLow\BrotherSoft_Extreme\prxtbBro2.dll (ClientConnect Ltd.)
Toolbar: HKLM-x32 - No Name - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No File
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - MB2 Toolbar - {013a635f-e3aa-4371-b682-ece95ca974b0} - C:\Users\Nemanja\AppData\LocalLow\MB2\prxtbMB0.dll (ClientConnect Ltd.)
Toolbar: HKLM-x32 - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll No File
Toolbar: HKLM-x32 - SearchAmong Toolbar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files (x86)\SearchAmong Toolbar\SearchAmongToolbar.dll ()
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
Toolbar: HKCU - No Name - {013A635F-E3AA-4371-B682-ECE95CA974B0} - No File
Toolbar: HKCU - No Name - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: butterscotchtoolbar - {721B7821-181F-44E8-9649-067641EF5AA2} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: butterscotchtoolbar - {721B7821-181F-44E8-9649-067641EF5AA2} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956
FF Homepage: hxxp://home.tb.ask.com/index.jhtml?ptb=890FFBD0-F67D-41BF-8212-DFDD634D1F7B&n=780c76f6&p2=^ARV^xdm007^YYA^rs&si=CKWuo8OrtsACFSEcwwodwj0AZQ
FF Keyword.URL: hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=890FFBD0-F67D-41BF-8212-DFDD634D1F7B&n=780c76f6&ind=2014082806&p2=^ARV^xdm007^YYA^rs&si=CKWuo8OrtsACFSEcwwodwj0AZQ&searchfor=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @VideoDownloadConverter_ScriptHelper.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter\npVDCPlugin.dll (Mindspark)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Nemanja\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF user.js: detected! => C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956\user.js
FF SearchPlugin: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956\searchplugins\ask-web-search.xml
FF SearchPlugin: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956\searchplugins\keepmysearch.xml
FF Extension: GardeningEnthusiast - C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956\Extensions\7jffxtbr@GardeningEnthusiast_7j.com [2014-09-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [butterscotch@igeared] - C:\Program Files (x86)\ButterscotchToolbar\Firefox\butterscotch@igeared
FF HKLM-x32\...\Firefox\Extensions: [{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}] - C:\Program Files (x86)\FileServe Manager\FireFox_Extension\{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}
FF HKLM-x32\...\Firefox\Extensions: [shabtay@gmail.com] - C:\Program Files (x86)\2YourFace\2YourFace.xpi
FF HKLM-x32\...\Firefox\Extensions: [support@2yourface.com] - C:\Program Files (x86)\2YourFace\ffextension
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-24]
FF HKCU\...\Firefox\Extensions: [shabtay@gmail.com] - C:\Program Files (x86)\2YourFace\2YourFace.xpi
FF HKCU\...\Firefox\Extensions: [support@2yourface.com] - C:\Program Files (x86)\2YourFace\ffextension
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: Default -> hxxp://rts.dsrlte.com
CHR StartupUrls: Default -> "hxxp://rts.dsrlte.com"
CHR DefaultSearchURL: Default -> rts.dsrlte.com/?q={searchTerms}
CHR Profile: C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (VideoDownloadConverter) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\adldappccjhelkmbkpiibilgnnjakieg [2013-11-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (McAfee Security Scan+) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (Foxtab Speed Dial (Release Candidate)) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif [2012-11-26]
CHR Extension: (Speed Test 127) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp [2014-01-20]
CHR Extension: (DefaultTab) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc [2014-02-23]
CHR Extension: (Skype Click to Call) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-04-20]
CHR Extension: (Google Wallet) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Nemanja\AppData\Local\funmoods.crx []
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Nemanja\AppData\Local\funmoods-speeddial.crx []
CHR HKCU\...\Chrome\Extension: [ablnpmdakdiclnimkjfcaibpgjhapkbl] - C:\Users\Nemanja\AppData\Local\CRE\ablnpmdakdiclnimkjfcaibpgjhapkbl.crx []
CHR HKCU\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Nemanja\AppData\Local\funmoods.crx []
CHR HKCU\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Nemanja\AppData\Local\funmoods-speeddial.crx []
CHR HKLM-x32\...\Chrome\Extension: [ablnpmdakdiclnimkjfcaibpgjhapkbl] - C:\Users\Nemanja\AppData\Local\CRE\ablnpmdakdiclnimkjfcaibpgjhapkbl.crx []
CHR HKLM-x32\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Nemanja\AppData\Local\funmoods.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Nemanja\AppData\Local\funmoods-speeddial.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [clbfjfbnelcflpgpklppgplejolacbej] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoods.crx [2010-11-24]
CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn11.crx [2010-11-24]
CHR HKLM-x32\...\Chrome\Extension: [jljheddigenhleadfofeccneimcmlefp] - C:\Users\Nemanja\AppData\Roaming\speedtest4354\speedtest4354.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [lmblfngognklgemafekefcdjcnkdhmdm] - C:\Program Files (x86)\2YourFace\2YourFace.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [naipdapbimiiikbbgjcpbgmfhnlbagpj] - C:\Users\Nemanja\AppData\Local\Temp\naipdapbimiiikbbgjcpbgmfhnlbagpj.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-06-18] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [574464 2013-12-20] () [File not signed]
R2 DefaultTabUpdate; C:\Users\Nemanja\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2014-02-23] () [File not signed]
R2 IBUpdaterService; C:\ProgramData\IBUpdaterService\ibsvc.exe [645464 2013-02-02] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)
R2 TBSrv; C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe [350528 2014-04-10] (ClientConnect Ltd.)
S2 Update FindRight; "C:\Program Files (x86)\FindRight\updateFindRight.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-18] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R1 {42e50651-9669-456e-9081-d5a836274274}w64; C:\Windows\System32\drivers\{42e50651-9669-456e-9081-d5a836274274}w64.sys [61112 2014-05-22] (StdLib)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-27 21:17 - 2014-10-27 21:17 - 02113024 _____ (Farbar) C:\Users\Nemanja\Downloads\FRST64.exe
2014-10-27 21:17 - 2014-10-27 21:17 - 00029684 _____ () C:\Users\Nemanja\Downloads\FRST.txt
2014-10-27 21:17 - 2014-10-27 21:17 - 00000000 ____D () C:\FRST
2014-10-27 18:38 - 2014-10-27 18:38 - 00003662 _____ () C:\Windows\System32\Tasks\DTChk
2014-10-15 07:13 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 07:12 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 07:12 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 07:12 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 07:12 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 07:12 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 07:12 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 07:12 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 07:12 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 07:12 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 07:12 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 07:12 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 07:12 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 07:12 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 07:12 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 07:12 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 07:12 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 07:12 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 07:12 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 07:12 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 07:12 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 07:12 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 07:12 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 07:12 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 07:12 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 07:12 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 07:12 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:12 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 07:12 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 07:12 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 07:12 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 07:12 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 07:12 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 07:12 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 07:12 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 07:12 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 07:12 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 07:12 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 07:12 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 07:12 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 07:12 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 07:12 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:12 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 07:12 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 07:12 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 07:12 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 07:12 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 07:12 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 07:12 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 07:11 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 07:11 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 07:11 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 07:11 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 07:11 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 07:11 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 07:11 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:11 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 07:11 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 07:11 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 07:11 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 07:10 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 07:10 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 07:10 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 07:10 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 07:10 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 07:10 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 07:10 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 07:10 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 07:10 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 07:10 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 07:10 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 07:09 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 07:09 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 07:09 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 07:09 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-09 19:29 - 2014-10-09 19:29 - 00000000 ____D () C:\Users\Nemanja\AppData\Local\4079
2014-10-01 10:31 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 10:31 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-01 08:01 - 2014-10-01 08:01 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-27 21:17 - 2011-11-14 18:41 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2441958971-3140706620-1908336796-1000UA.job
2014-10-27 21:07 - 2011-06-09 20:35 - 02086313 _____ () C:\Windows\WindowsUpdate.log
2014-10-27 21:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-27 20:33 - 2014-01-30 09:51 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-27 20:28 - 2012-01-13 16:55 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-27 18:38 - 2014-04-22 14:38 - 00000000 ____D () C:\Users\Public\Util
2014-10-27 18:17 - 2011-11-14 18:41 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2441958971-3140706620-1908336796-1000Core.job
2014-10-27 08:08 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-27 08:08 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-27 08:04 - 2014-02-21 09:27 - 00000374 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-10-27 08:03 - 2011-10-18 21:56 - 00000000 ____D () C:\Users\Nemanja\AppData\Roaming\Skype
2014-10-27 08:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-27 08:02 - 2009-07-14 05:51 - 00404399 _____ () C:\Windows\setupact.log
2014-10-22 23:03 - 2012-08-30 21:53 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-19 20:22 - 2013-02-03 11:40 - 00000000 ____D () C:\Users\Nemanja\AppData\Roaming\vlc
2014-10-19 12:36 - 2013-10-31 13:46 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-19 11:29 - 2013-03-13 23:52 - 00000000 ____D () C:\Users\Nemanja\AppData\Local\CrashDumps
2014-10-18 11:18 - 2011-08-03 09:29 - 00602120 _____ () C:\Windows\PFRO.log
2014-10-17 12:35 - 2009-07-14 05:45 - 00268432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 12:34 - 2014-05-05 22:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-15 22:45 - 2013-07-30 15:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 22:45 - 2011-06-10 15:44 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-13 22:23 - 2012-01-13 16:55 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-13 22:23 - 2012-01-13 16:55 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-13 22:23 - 2012-01-13 16:55 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-09 19:29 - 2014-02-21 09:27 - 00003420 _____ () C:\Windows\System32\Tasks\AmiUpdXp
2014-10-09 12:32 - 2009-07-14 06:08 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-02 14:53 - 2011-06-09 20:56 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-01 08:02 - 2014-09-25 07:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-01 08:02 - 2014-02-21 09:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-01 08:01 - 2014-09-03 07:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-01 08:01 - 2014-09-03 07:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-01 08:01 - 2014-09-03 07:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-01 08:01 - 2013-10-19 19:44 - 00000000 ____D () C:\ProgramData\Oracle

Some content of TEMP:
====================
C:\Users\Nemanja\AppData\Local\Temp\6_Offer_3.exe
C:\Users\Nemanja\AppData\Local\Temp\7z920.exe
C:\Users\Nemanja\AppData\Local\Temp\aplinstal.exe
C:\Users\Nemanja\AppData\Local\Temp\BI_RunOnce (1).exe
C:\Users\Nemanja\AppData\Local\Temp\BI_RunOnce (2).exe
C:\Users\Nemanja\AppData\Local\Temp\BI_RunOnce (3).exe
C:\Users\Nemanja\AppData\Local\Temp\BI_RunOnce (4).exe
C:\Users\Nemanja\AppData\Local\Temp\BI_RunOnce.exe
C:\Users\Nemanja\AppData\Local\Temp\BTLive.exe
C:\Users\Nemanja\AppData\Local\Temp\BuenoSearchTB.exe
C:\Users\Nemanja\AppData\Local\Temp\DM1393145087.exe
C:\Users\Nemanja\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Nemanja\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Nemanja\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Nemanja\AppData\Local\Temp\drm_dyndata_7410004.dll
C:\Users\Nemanja\AppData\Local\Temp\drv42814.exe
C:\Users\Nemanja\AppData\Local\Temp\drvinst-1.exe
C:\Users\Nemanja\AppData\Local\Temp\drvinst-2.exe
C:\Users\Nemanja\AppData\Local\Temp\drvinst01.exe
C:\Users\Nemanja\AppData\Local\Temp\drvinstal.exe
C:\Users\Nemanja\AppData\Local\Temp\drvinstal1.exe
C:\Users\Nemanja\AppData\Local\Temp\ffdshow.exe
C:\Users\Nemanja\AppData\Local\Temp\firefoxjre_exe-1.exe
C:\Users\Nemanja\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Nemanja\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Nemanja\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\Nemanja\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Nemanja\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\htmlayout.dll
C:\Users\Nemanja\AppData\Local\Temp\InstallManager_GEN_GEN.exe
C:\Users\Nemanja\AppData\Local\Temp\install_helper.exe
C:\Users\Nemanja\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Nemanja\AppData\Local\Temp\MatroskaSplitter.exe
C:\Users\Nemanja\AppData\Local\Temp\minibar-master-v1.exe
C:\Users\Nemanja\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Nemanja\AppData\Local\Temp\rad98EA7.tmp_update.exe
C:\Users\Nemanja\AppData\Local\Temp\radC23C9.tmp_update.exe
C:\Users\Nemanja\AppData\Local\Temp\run.exe
C:\Users\Nemanja\AppData\Local\Temp\SecuExp.exe
C:\Users\Nemanja\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nemanja\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe
C:\Users\Nemanja\AppData\Local\Temp\sonarinst.exe
C:\Users\Nemanja\AppData\Local\Temp\SQLite.dll
C:\Users\Nemanja\AppData\Local\Temp\tbBro0.dll
C:\Users\Nemanja\AppData\Local\Temp\toolbar10150407.exe
C:\Users\Nemanja\AppData\Local\Temp\toolbar17289450.exe
C:\Users\Nemanja\AppData\Local\Temp\uninstall889236.exe
C:\Users\Nemanja\AppData\Local\Temp\uninstall889283.exe
C:\Users\Nemanja\AppData\Local\Temp\uninstall889439.exe
C:\Users\Nemanja\AppData\Local\Temp\uninstall889486.exe
C:\Users\Nemanja\AppData\Local\Temp\unrar.dll
C:\Users\Nemanja\AppData\Local\Temp\upd60839.exe
C:\Users\Nemanja\AppData\Local\Temp\upd80274.exe
C:\Users\Nemanja\AppData\Local\Temp\upd85741.exe
C:\Users\Nemanja\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Nemanja\AppData\Local\Temp\uttE467.tmp.exe
C:\Users\Nemanja\AppData\Local\Temp\uttEE50.tmp.exe
C:\Users\Nemanja\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\Nemanja\AppData\Local\Temp\{44A069EB-2384-4A2A-A49D-89A1B601826E}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{5ADCEB72-33DE-452F-B110-86533A6CCECD}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{AB25D032-5660-4804-AD41-66A05CC35A76}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{AEF2AA26-CC6E-45A3-AD74-771BCDC8CC74}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{D018EACE-5D2B-4F5F-BF9E-417BE567E64B}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{DCA596AA-AF26-4D46-93E0-EAF4856D369D}-24.0.1312.52_chrome_installer.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 11:43

==================== End Of Log ============================
mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Sistem ti je pun adwarea i nije ni čudo što je spor.


Arrow Korak 1

Napomena: ako ne možeš pristupiti Control Panelu, pređi na korak broj 2. Ako možeš, prvo obavi korak 1.

Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe:


Badoo Desktop
BrotherSoft Extreme Toolbar
Bundled software uninstaller
cconntinuuetoossavee
ContinueToSave 1.74
Defaulttab
Facemoods Toolbar
FilesFrog Update Checker
FLV Player
iMesh
Google Toolbar for Internet Explorer
MB2 Toolbar
McAfee Security Scan Plus
OffersWizard Network System Driver
Search Assistant WebSearch 1.74
SearchAmong Toolbar version 1.0
SearchNewTab
Software Version Updater
SweetIM for Messenger 3.6
SweetPacks Toolbar for Internet Explorer 4.4
Twoo 2.1.1011
Updater Service
VideoDownloadConverter Toolbar Chrome Extension



Arrow Korak 2

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

Start
R1 {42e50651-9669-456e-9081-d5a836274274}w64; C:\Windows\System32\drivers\{42e50651-9669-456e-9081-d5a836274274}w64.sys [61112 2014-05-22] (StdLib)
CloseProcesses:
HKLM-x32\...\Run: [facemoods] => C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe [323584 2010-10-26] (facemoods.com)
HKLM-x32\...\Run: [SweetIM] => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [114992 2012-01-19] (SweetIM Technologies Ltd.)
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [BackgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Nemanja\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [Twoo] => C:\Users\Nemanja\AppData\Roaming\Massive Media\Twoo.exe [10476000 2013-10-03] (Massive Media)
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Policies\system: [NoControlPanel] 1
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Policies\system: [DisableMyPicturesDirChange] 1
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\MountPoints2: {37054c60-5da7-11e4-b736-20cf308bdad1} - G:\.\Autorun.exe
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\MountPoints2: {9f98c907-9cd3-11e1-9870-20cf308bdad1} - G:\Setup.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid.....4601447150
KCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2431400
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=119294&babsrc.....CF308BDAD1
URLSearchHook: HKLM-x32 - BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Users\Nemanja\AppData\LocalLow\BrotherSoft_Extreme\prxtbBro2.dll (ClientConnect Ltd.)
URLSearchHook: HKLM-x32 - MB2 Toolbar - {013a635f-e3aa-4371-b682-ece95ca974b0} - C:\Users\Nemanja\AppData\LocalLow\MB2\prxtbMB0.dll (ClientConnect Ltd.)
URLSearchHook: HKCU - (No Name) - {B94D2A9E-E529-4389-B8DE-4F50D087F0D1} - No File
URLSearchHook: HKCU - BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Users\Nemanja\AppData\LocalLow\BrotherSoft_Extreme\prxtbBro2.dll (ClientConnect Ltd.)
URLSearchHook: HKCU - MB2 Toolbar - {013a635f-e3aa-4371-b682-ece95ca974b0} - C:\Users\Nemanja\AppData\LocalLow\MB2\prxtbMB0.dll (ClientConnect Ltd.)
URLSearchHook: HKCU - FroggyBoss Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files (x86)\Minibar\Froggy.dll (TODO: <название компании>)
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&appid=495&systemid=1&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&appid=495&systemid=1&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=stonicrow&chnl=stonicrow&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDzz0B0D0A0DtC0BzzyCyCtN0D0Tzu0CtByDyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=754115576
SearchScopes: HKLM-x32 - {7E31D53C-7DB1-5EEE-1D7C-57173F728F8F} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431400
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&appid=495&systemid=1&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=stonicrow&chnl=stonicrow&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDzz0B0D0A0DtC0BzzyCyCtN0D0Tzu0CtByDyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=754115576
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.a-searchpage.info/?l=1&q={searchTerms}&pid=879&r=2013/05/30&hid=114255086&lg=EN&cc=RS&unqvl=18
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=4.0003002
SearchScopes: HKCU - DefaultScope {0AEDF339-9ABD-4E7C-BE7C-65A5F70AE043} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431400
SearchScopes: HKCU - {044757BC-030D-471B-92C2-469ED21901C8} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=stonicrow&chnl=stonicrow&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDzz0B0D0A0DtC0BzzyCyCtN0D0Tzu0CtByDyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=754115576
SearchScopes: HKCU - {0AEDF339-9ABD-4E7C-BE7C-65A5F70AE043} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431400
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=ost&s={searchTerms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F08520CF308BDAD1&affID=128492&tt=180614_ctrl&tsp=5282
SearchScopes: HKCU - {15360AAB-7B57-42F0-A7B3-D875D19A8052} URL = http://www.mysearchresults.com/search?c=8004&t=11&q={searchTerms}
SearchScopes: HKCU - {1E215B4B-9590-447F-B4AC-4C0D637DAE84} URL = http://rts.dsrlte.com/?q={searchTerms}&r=560
SearchScopes: HKCU - {7E31D53C-7DB1-5EEE-1D7C-57173F728F8F} URL = http://searchtronic.net/Search?query={searchTerms}&i=61&tp=chrome
SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&appid=495&systemid=1&q={searchTerms}
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.a-searchpage.info/?l=1&q={searchTerms}&pid=879&r=2013/05/30&hid=114255086&lg=EN&cc=RS&unqvl=18
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=4.0003002
BHO: No Name -> {474597C5-AB09-49d6-A4D5-2E8D7341384E} -> No File
BHO-x32: FileServeManager -> {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} -> No File
BHO-x32: MB2 Toolbar -> {013a635f-e3aa-4371-b682-ece95ca974b0} -> C:\Users\Nemanja\AppData\LocalLow\MB2\prxtbMB0.dll (ClientConnect Ltd.)
BHO-x32: SearchAmong Toolbar -> {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} -> C:\Program Files (x86)\SearchAmong Toolbar\SearchAmongToolbar.dll ()
BHO-x32: No Name -> {1185823F-F22F-4027-80E5-4F68ACD5DE5E} -> No File
BHO-x32: No Name -> {28387537-e3f9-4ed7-860c-11e69af4a8a0} -> No File
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> No File
BHO-x32: No Name -> {474597C5-AB09-49d6-A4D5-2E8D7341384E} -> No File
BHO-x32: BrotherSoft Extreme Toolbar -> {51a86bb3-6602-4c85-92a5-130ee4864f13} -> C:\Users\Nemanja\AppData\LocalLow\BrotherSoft_Extreme\prxtbBro2.dll (ClientConnect Ltd.)
BHO-x32: CescrtHlpr Object -> {64182481-4F71-486b-A045-B233BD0DA8FC} -> C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll (facemoods.com BHO)
BHO-x32: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll No File
BHO-x32: DefaultTab Browser Helper -> {7F6AFBF1-E065-4627-A2FD-810366367D01} -> C:\Windows\SysWow64\config\systemprofile\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
BHO-x32: MrFroggy Class -> {856E12B5-22D7-4E22-9ACA-EA9A008DD65B} -> C:\Program Files (x86)\Minibar\Froggy.dll (TODO: <название компании>)
BHO-x32: cconntinuuetoossavee -> {8B698829-3B13-59C9-77D5-D9514FFDF022} -> C:\ProgramData\cconntinuuetoossavee\51a6f8ebab336.dll ()
BHO-x32: MinibarBHO -> {AA74D58F-ACD0-450D-A85E-6C04B171C044} -> C:\Program Files (x86)\Minibar\Kango.dll (KangoExtensions)
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> No File
BHO-x32: SearchNewTab -> {CD85658B-2E27-69B6-66D9-D7D1797A11FB} -> C:\ProgramData\SearchNewTab\51a6f9256f180.dll ()
BHO-x32: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - No Name - {AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
Toolbar: HKLM-x32 - facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll (facemoods.com
Toolbar: HKLM-x32 - BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Users\Nemanja\AppData\LocalLow\BrotherSoft_Extreme\prxtbBro2.dll (ClientConnect Ltd.)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - MB2 Toolbar - {013a635f-e3aa-4371-b682-ece95ca974b0} - C:\Users\Nemanja\AppData\LocalLow\MB2\prxtbMB0.dll (ClientConnect Ltd.)
Toolbar: HKLM-x32 - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll No File
Toolbar: HKLM-x32 - SearchAmong Toolbar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files (x86)\SearchAmong Toolbar\SearchAmongToolbar.dll ()
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
Toolbar: HKCU - No Name - {013A635F-E3AA-4371-B682-ECE95CA974B0} - No File
Toolbar: HKCU - No Name - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Handler: butterscotchtoolbar - {721B7821-181F-44E8-9649-067641EF5AA2} - No File
Handler-x32: butterscotchtoolbar - {721B7821-181F-44E8-9649-067641EF5AA2} - No File
FF Homepage: hxxp://home.tb.ask.com/index.jhtml?ptb=890FFBD0-F67D-41BF-8212-DFDD634D1F7B&n=780c76f6&p2=^ARV^xdm007^YYA^rs&si=CKWuo8OrtsACFSEcwwodwj0AZQ
FF Keyword.URL: hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=890FFBD0-F67D-41BF-8212-DFDD634D1F7B&n=780c76f6&ind=2014082806&p2=^ARV^xdm007^YYA^rs&si=CKWuo8OrtsACFSEcwwodwj0AZQ&searchfor=
FF user.js: detected! => C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956\user.js
FF SearchPlugin: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956\searchplugins\ask-web-search.xml
FF SearchPlugin: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956\searchplugins\keepmysearch.xml
FF Extension: GardeningEnthusiast - C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956\Extensions\7jffxtbr@GardeningEnthusiast_7j.com [2014-09-10]
FF HKLM-x32\...\Firefox\Extensions: [butterscotch@igeared] - C:\Program Files (x86)\ButterscotchToolbar\Firefox\butterscotch@igeared
FF HKLM-x32\...\Firefox\Extensions: [shabtay@gmail.com] - C:\Program Files (x86)\2YourFace\2YourFace.xpi
FF HKLM-x32\...\Firefox\Extensions: [support@2yourface.com] - C:\Program Files (x86)\2YourFace\ffextension
FF HKCU\...\Firefox\Extensions: [shabtay@gmail.com] - C:\Program Files (x86)\2YourFace\2YourFace.xpi
FF HKCU\...\Firefox\Extensions: [support@2yourface.com] - C:\Program Files (x86)\2YourFace\ffextension
CHR HomePage: Default -> hxxp://rts.dsrlte.com
CHR StartupUrls: Default -> "hxxp://rts.dsrlte.com"
CHR DefaultSearchURL: Default -> http://rts.dsrlte.com/?q={searchTerms}
CHR Extension: (Foxtab Speed Dial (Release Candidate)) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif [2012-11-26]
CHR Extension: (Speed Test 127) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp [2014-01-20]
CHR Extension: (DefaultTab) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc [2014-02-23]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Nemanja\AppData\Local\funmoods.crx []
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Nemanja\AppData\Local\funmoods-speeddial.crx []
CHR HKCU\...\Chrome\Extension: [ablnpmdakdiclnimkjfcaibpgjhapkbl] - C:\Users\Nemanja\AppData\Local\CRE\ablnpmdakdiclnimkjfcaibpgjhapkbl.crx []
CHR HKCU\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Nemanja\AppData\Local\funmoods.crx []
CHR HKCU\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Nemanja\AppData\Local\funmoods-speeddial.crx []
CHR HKLM-x32\...\Chrome\Extension: [ablnpmdakdiclnimkjfcaibpgjhapkbl] - C:\Users\Nemanja\AppData\Local\CRE\ablnpmdakdiclnimkjfcaibpgjhapkbl.crx []
HR HKLM-x32\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Nemanja\AppData\Local\funmoods.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Nemanja\AppData\Local\funmoods-speeddial.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [clbfjfbnelcflpgpklppgplejolacbej] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoods.crx [2010-11-24]
CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn11.crx [2010-11-24]
CHR HKLM-x32\...\Chrome\Extension: [jljheddigenhleadfofeccneimcmlefp] - C:\Users\Nemanja\AppData\Roaming\speedtest4354\speedtest4354.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [lmblfngognklgemafekefcdjcnkdhmdm] - C:\Program Files (x86)\2YourFace\2YourFace.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [naipdapbimiiikbbgjcpbgmfhnlbagpj] - C:\Users\Nemanja\AppData\Local\Temp\naipdapbimiiikbbgjcpbgmfhnlbagpj.crx [2014-07-14]
S2 DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [574464 2013-12-20] () [File not signed]
R2 DefaultTabUpdate; C:\Users\Nemanja\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2014-02-23] () [File not signed]
R2 IBUpdaterService; C:\ProgramData\IBUpdaterService\ibsvc.exe [645464 2013-02-02] ()
R2 TBSrv; C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe [350528 2014-04-10] (ClientConnect Ltd.)
S2 Update FindRight; "C:\Program Files (x86)\FindRight\updateFindRight.exe" [X]
iMesh (x32 Version: 10.0.0.99457 - iMesh Inc.) Hidden <==== ATTENTION
Task: {14372D60-6966-4182-A9A1-02AF67478216} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {14AC0513-9E2C-4E36-ADA2-4E3A4B82DBDE} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Safe Web Lite\Engine\2014.6.0.27\SymErr.exe
Task: {185AC030-777C-4C28-A862-4396B0048EA7} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {54DB1B2F-1FB9-43B4-BBF2-CD7DF8212637} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Safe Web Lite\Engine\2014.6.0.27\SymErr.exe
Task: {78953E2A-907F-4128-B7DB-C8EB8640507A} - System32\Tasks\AmiUpdXp => C:\Users\Nemanja\AppData\Local\4079\Updater.exe [2014-10-09] () <==== ATTENTION
Task: {80D681EF-784D-46F0-9A52-F29B20ED053D} - System32\Tasks\EPUpdater => C:\Users\Nemanja\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-12-12] () <==== ATTENTION
Task: {D88D1998-325E-4545-8238-6EE99DB2D465} - System32\Tasks\DTReg => C:\Windows\system32\config\systemprofile\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
Task: {E01C3B76-CA63-4A15-9375-622A051E95CF} - System32\Tasks\DTChk => C:\Users\Public\Util\DTChk.exe <==== ATTENTION
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Nemanja\AppData\Local\4079\Updater.exe
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
C:\Program Files (x86)\2YourFace
C:\Program Files (x86)\BrowserCompanion
C:\Program Files (x86)\DefaultTab
C:\Program Files (x86)\facemoods.com
C:\Program Files (x86)\FindRight
C:\Program Files (x86)\Funmoods
C:\Program Files (x86)\GoforFiles
C:\Program Files (x86)\Minibar
C:\Program Files (x86)\SearchAmong Toolbar
C:\Program Files (x86)\SweetIM
C:\Program Files (x86)\Tbccint
C:\Program Files (x86)\TornTV.com
C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension
C:\ProgramData\bitguard
C:\ProgramData\cconntinuuetoossavee
C:\ProgramData\IBUpdaterService
C:\ProgramData\SearchNewTab
C:\Users\Nemanja\AppData\Local\4079
C:\Users\Nemanja\AppData\Local\Conduit
C:\Users\Nemanja\AppData\Local\CRE
C:\Users\Nemanja\AppData\Local\FilesFrog Update Checker
C:\Users\Nemanja\AppData\Local\funmoods.crx
C:\Users\Nemanja\AppData\Local\funmoods-speeddial.crx
C:\Users\Nemanja\AppData\Local\Temp\naipdapbimiiikbbgjcpbgmfhnlbagpj.crx
C:\Users\Nemanja\AppData\LocalLow\BrotherSoft_Extreme
C:\Users\Nemanja\AppData\LocalLow\MB2
C:\Users\Nemanja\AppData\Roaming\BabSolution
C:\Users\Nemanja\AppData\Roaming\DefaultTab
C:\Users\Nemanja\AppData\Roaming\Massive Media
C:\Users\Nemanja\AppData\Roaming\speedtest4354
C:\Users\Public\Util
C:\Windows\system32\config\systemprofile\AppData\Roaming\DefaultTab
C:\Windows\System32\drivers\{42e50651-9669-456e-9081-d5a836274274}w64.sys
C:\Windows\SysWow64\config\systemprofile\AppData\Roaming\DefaultTab
EmptyTemp:
End


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum

offline
  • Pridružio: 27 Okt 2014
  • Poruke: 10

Deinstalirao sam ove programe ali kad sam kliknuo na Fix nece da odradi nista nego zakoci...

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Onda idemo ovako:

Arrow Korak 1

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt



Arrow Korak 2

Ponovo pokreni FRST, označi Addition.txt i klikni na Scan. Kada završi postavi mi nove FRST.txt i Addition.txt izvještaje.

offline
  • Pridružio: 27 Okt 2014
  • Poruke: 10

Napisano: 28 Okt 2014 18:20

mycity.rs/must-login.png

Dopuna: 28 Okt 2014 18:20

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014 01
Ran by Nemanja (administrator) on NEMANJA-PC on 28-10-2014 18:06:43
Running from C:\Users\Nemanja\Downloads
Loaded Profile: Nemanja (Available profiles: Nemanja)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
() C:\Users\Nemanja\AppData\Roaming\BTLive\BTLive.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\Nemanja\AppData\Roaming\BTLive\BTLive.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(FileServe Limited) C:\Program Files (x86)\FileServe Manager\FSStarter.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Nemanja\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [37888 2010-01-13] (Nullsoft, Inc.)
HKLM-x32\...\Run: [FileServe Manager Task] => C:\Program Files (x86)\FileServe Manager\FSStarter.exe [954648 2011-06-20] (FileServe Limited)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [105120 2012-08-21] (PC Tools)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3890208 2014-08-07] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [Facebook Update] => C:\Users\Nemanja\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-19] (Facebook Inc.)
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [BTLive] => C:\Users\Nemanja\AppData\Roaming\BTLive\BTLive.exe [6995632 2013-10-30] ()
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x409F57DFF73ECC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com/ie
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKCU - Backup.Old.DefaultScope {F423386B-52CB-420E-AF9D-46730575FB2D}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={sear
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Nemanja\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}] - C:\Program Files (x86)\FileServe Manager\FireFox_Extension\{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-24]

Chrome:
=======
CHR DefaultSearchURL: Default -> rts.dsrlte.com/?q={searchTerms}
CHR Profile: C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (VideoDownloadConverter) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\adldappccjhelkmbkpiibilgnnjakieg [2013-11-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (McAfee Security Scan+) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (Skype Click to Call) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-04-20]
CHR Extension: (Google Wallet) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-06-18] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-18] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 18:05 - 2014-10-28 18:05 - 00053701 _____ () C:\Users\Nemanja\Desktop\AdwCleaner[S0].txt
2014-10-28 17:43 - 2014-10-28 17:47 - 00000000 ____D () C:\AdwCleaner
2014-10-28 17:43 - 2014-10-28 17:43 - 01998336 _____ () C:\Users\Nemanja\Desktop\AdwCleaner.exe
2014-10-28 17:00 - 2014-10-28 17:00 - 02113024 _____ (Farbar) C:\Users\Nemanja\Downloads\FRST64(1).exe
2014-10-28 15:32 - 2014-10-28 15:32 - 00003428 _____ () C:\Windows\System32\Tasks\{151DD929-E3D9-4629-8E1C-64A2E987D77E}
2014-10-27 21:19 - 2014-10-27 21:19 - 00030518 _____ () C:\Users\Nemanja\Desktop\Addition.txt
2014-10-27 21:18 - 2014-10-27 21:19 - 00030518 _____ () C:\Users\Nemanja\Downloads\Addition.txt
2014-10-27 21:17 - 2014-10-28 18:07 - 00012212 _____ () C:\Users\Nemanja\Downloads\FRST.txt
2014-10-27 21:17 - 2014-10-28 18:06 - 00000000 ____D () C:\FRST
2014-10-27 21:17 - 2014-10-27 21:17 - 02113024 _____ (Farbar) C:\Users\Nemanja\Downloads\FRST64.exe
2014-10-15 07:13 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 07:12 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 07:12 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 07:12 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 07:12 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 07:12 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 07:12 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 07:12 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 07:12 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 07:12 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 07:12 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 07:12 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 07:12 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 07:12 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 07:12 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 07:12 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 07:12 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 07:12 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 07:12 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 07:12 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 07:12 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 07:12 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 07:12 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 07:12 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 07:12 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 07:12 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 07:12 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:12 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 07:12 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 07:12 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 07:12 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 07:12 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 07:12 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 07:12 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 07:12 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 07:12 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 07:12 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 07:12 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 07:12 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 07:12 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 07:12 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 07:12 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:12 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 07:12 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 07:12 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 07:12 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 07:12 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 07:12 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 07:12 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 07:11 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 07:11 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 07:11 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 07:11 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 07:11 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 07:11 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 07:11 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:11 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 07:11 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 07:11 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 07:11 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 07:10 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 07:10 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 07:10 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 07:10 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 07:10 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 07:10 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 07:10 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 07:10 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 07:10 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 07:10 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 07:10 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 07:09 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 07:09 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 07:09 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 07:09 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-01 10:31 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 10:31 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-01 08:01 - 2014-10-01 08:01 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 17:53 - 2011-06-09 20:35 - 01125586 _____ () C:\Windows\WindowsUpdate.log
2014-10-28 17:53 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-28 17:53 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-28 17:49 - 2012-08-30 21:53 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-28 17:48 - 2011-08-03 09:29 - 00606634 _____ () C:\Windows\PFRO.log
2014-10-28 17:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-28 17:48 - 2009-07-14 05:51 - 00404679 _____ () C:\Windows\setupact.log
2014-10-28 16:33 - 2014-01-30 09:51 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-28 16:28 - 2012-01-13 16:55 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-28 15:17 - 2011-11-14 18:41 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2441958971-3140706620-1908336796-1000UA.job
2014-10-28 11:29 - 2013-10-31 13:46 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-28 00:05 - 2011-06-09 20:37 - 00000000 ____D () C:\Users\Nemanja
2014-10-27 23:29 - 2013-02-23 14:23 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2014-10-27 21:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-27 18:17 - 2011-11-14 18:41 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2441958971-3140706620-1908336796-1000Core.job
2014-10-27 08:03 - 2011-10-18 21:56 - 00000000 ____D () C:\Users\Nemanja\AppData\Roaming\Skype
2014-10-19 20:22 - 2013-02-03 11:40 - 00000000 ____D () C:\Users\Nemanja\AppData\Roaming\vlc
2014-10-19 11:29 - 2013-03-13 23:52 - 00000000 ____D () C:\Users\Nemanja\AppData\Local\CrashDumps
2014-10-17 12:35 - 2009-07-14 05:45 - 00268432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 12:34 - 2014-05-05 22:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-15 22:45 - 2013-07-30 15:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 22:45 - 2011-06-10 15:44 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-13 22:23 - 2012-01-13 16:55 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-13 22:23 - 2012-01-13 16:55 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-13 22:23 - 2012-01-13 16:55 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-09 12:32 - 2009-07-14 06:08 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-02 14:53 - 2011-06-09 20:56 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-01 08:02 - 2014-09-25 07:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-01 08:02 - 2014-02-21 09:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-01 08:01 - 2014-09-03 07:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-01 08:01 - 2014-09-03 07:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-01 08:01 - 2014-09-03 07:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-01 08:01 - 2013-10-19 19:44 - 00000000 ____D () C:\ProgramData\Oracle

Some content of TEMP:
====================
C:\Users\Nemanja\AppData\Local\Temp\htmlayout.dll
C:\Users\Nemanja\AppData\Local\Temp\InstallManager_GEN_GEN.exe
C:\Users\Nemanja\AppData\Local\Temp\install_helper.exe
C:\Users\Nemanja\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Nemanja\AppData\Local\Temp\MatroskaSplitter.exe
C:\Users\Nemanja\AppData\Local\Temp\minibar-master-v1.exe
C:\Users\Nemanja\AppData\Local\Temp\Quarantine.exe
C:\Users\Nemanja\AppData\Local\Temp\rad98EA7.tmp_update.exe
C:\Users\Nemanja\AppData\Local\Temp\radC23C9.tmp_update.exe
C:\Users\Nemanja\AppData\Local\Temp\run.exe
C:\Users\Nemanja\AppData\Local\Temp\SecuExp.exe
C:\Users\Nemanja\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nemanja\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe
C:\Users\Nemanja\AppData\Local\Temp\sonarinst.exe
C:\Users\Nemanja\AppData\Local\Temp\SQLite.dll
C:\Users\Nemanja\AppData\Local\Temp\sqlite3.dll
C:\Users\Nemanja\AppData\Local\Temp\tbBro0.dll
C:\Users\Nemanja\AppData\Local\Temp\toolbar10150407.exe
C:\Users\Nemanja\AppData\Local\Temp\toolbar17289450.exe
C:\Users\Nemanja\AppData\Local\Temp\uninstall889236.exe
C:\Users\Nemanja\AppData\Local\Temp\uninstall889283.exe
C:\Users\Nemanja\AppData\Local\Temp\uninstall889439.exe
C:\Users\Nemanja\AppData\Local\Temp\uninstall889486.exe
C:\Users\Nemanja\AppData\Local\Temp\unrar.dll
C:\Users\Nemanja\AppData\Local\Temp\upd60839.exe
C:\Users\Nemanja\AppData\Local\Temp\upd80274.exe
C:\Users\Nemanja\AppData\Local\Temp\upd85741.exe
C:\Users\Nemanja\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Nemanja\AppData\Local\Temp\{44A069EB-2384-4A2A-A49D-89A1B601826E}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{5ADCEB72-33DE-452F-B110-86533A6CCECD}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{AB25D032-5660-4804-AD41-66A05CC35A76}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{AEF2AA26-CC6E-45A3-AD74-771BCDC8CC74}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{D018EACE-5D2B-4F5F-BF9E-417BE567E64B}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{DCA596AA-AF26-4D46-93E0-EAF4856D369D}-24.0.1312.52_chrome_installer.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 11:43

==================== End Of Log ============================
mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Sada mi postavi nove FRST izvještaje kako je traženo u koraku 2.

offline
  • Pridružio: 27 Okt 2014
  • Poruke: 10

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014 01
Ran by Nemanja (administrator) on NEMANJA-PC on 28-10-2014 18:06:43
Running from C:\Users\Nemanja\Downloads
Loaded Profile: Nemanja (Available profiles: Nemanja)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
() C:\Users\Nemanja\AppData\Roaming\BTLive\BTLive.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\Nemanja\AppData\Roaming\BTLive\BTLive.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(FileServe Limited) C:\Program Files (x86)\FileServe Manager\FSStarter.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Nemanja\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [37888 2010-01-13] (Nullsoft, Inc.)
HKLM-x32\...\Run: [FileServe Manager Task] => C:\Program Files (x86)\FileServe Manager\FSStarter.exe [954648 2011-06-20] (FileServe Limited)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [105120 2012-08-21] (PC Tools)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3890208 2014-08-07] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [Facebook Update] => C:\Users\Nemanja\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-19] (Facebook Inc.)
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [BTLive] => C:\Users\Nemanja\AppData\Roaming\BTLive\BTLive.exe [6995632 2013-10-30] ()
HKU\S-1-5-21-2441958971-3140706620-1908336796-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x409F57DFF73ECC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com/ie
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKCU - Backup.Old.DefaultScope {F423386B-52CB-420E-AF9D-46730575FB2D}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={sear
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Nemanja\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}] - C:\Program Files (x86)\FileServe Manager\FireFox_Extension\{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-24]

Chrome:
=======
CHR DefaultSearchURL: Default -> rts.dsrlte.com/?q={searchTerms}
CHR Profile: C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (VideoDownloadConverter) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\adldappccjhelkmbkpiibilgnnjakieg [2013-11-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (McAfee Security Scan+) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (Skype Click to Call) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-04-20]
CHR Extension: (Google Wallet) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-06-18] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-18] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 18:05 - 2014-10-28 18:05 - 00053701 _____ () C:\Users\Nemanja\Desktop\AdwCleaner[S0].txt
2014-10-28 17:43 - 2014-10-28 17:47 - 00000000 ____D () C:\AdwCleaner
2014-10-28 17:43 - 2014-10-28 17:43 - 01998336 _____ () C:\Users\Nemanja\Desktop\AdwCleaner.exe
2014-10-28 17:00 - 2014-10-28 17:00 - 02113024 _____ (Farbar) C:\Users\Nemanja\Downloads\FRST64(1).exe
2014-10-28 15:32 - 2014-10-28 15:32 - 00003428 _____ () C:\Windows\System32\Tasks\{151DD929-E3D9-4629-8E1C-64A2E987D77E}
2014-10-27 21:19 - 2014-10-27 21:19 - 00030518 _____ () C:\Users\Nemanja\Desktop\Addition.txt
2014-10-27 21:18 - 2014-10-27 21:19 - 00030518 _____ () C:\Users\Nemanja\Downloads\Addition.txt
2014-10-27 21:17 - 2014-10-28 18:07 - 00012212 _____ () C:\Users\Nemanja\Downloads\FRST.txt
2014-10-27 21:17 - 2014-10-28 18:06 - 00000000 ____D () C:\FRST
2014-10-27 21:17 - 2014-10-27 21:17 - 02113024 _____ (Farbar) C:\Users\Nemanja\Downloads\FRST64.exe
2014-10-15 07:13 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 07:12 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 07:12 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 07:12 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 07:12 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 07:12 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 07:12 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 07:12 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 07:12 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 07:12 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 07:12 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 07:12 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 07:12 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 07:12 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 07:12 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 07:12 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 07:12 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 07:12 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 07:12 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 07:12 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 07:12 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 07:12 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 07:12 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 07:12 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 07:12 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 07:12 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 07:12 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:12 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 07:12 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 07:12 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 07:12 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 07:12 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 07:12 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 07:12 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 07:12 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 07:12 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 07:12 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 07:12 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 07:12 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 07:12 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 07:12 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 07:12 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:12 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 07:12 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 07:12 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 07:12 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 07:12 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 07:12 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 07:12 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 07:12 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 07:11 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 07:11 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 07:11 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 07:11 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 07:11 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 07:11 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 07:11 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:11 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 07:11 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 07:11 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 07:11 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 07:10 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 07:10 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 07:10 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 07:10 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 07:10 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 07:10 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 07:10 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 07:10 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 07:10 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 07:10 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 07:10 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 07:10 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 07:09 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 07:09 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 07:09 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 07:09 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-01 10:31 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 10:31 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-01 08:01 - 2014-10-01 08:01 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 17:53 - 2011-06-09 20:35 - 01125586 _____ () C:\Windows\WindowsUpdate.log
2014-10-28 17:53 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-28 17:53 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-28 17:49 - 2012-08-30 21:53 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-28 17:48 - 2011-08-03 09:29 - 00606634 _____ () C:\Windows\PFRO.log
2014-10-28 17:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-28 17:48 - 2009-07-14 05:51 - 00404679 _____ () C:\Windows\setupact.log
2014-10-28 16:33 - 2014-01-30 09:51 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-28 16:28 - 2012-01-13 16:55 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-28 15:17 - 2011-11-14 18:41 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2441958971-3140706620-1908336796-1000UA.job
2014-10-28 11:29 - 2013-10-31 13:46 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-28 00:05 - 2011-06-09 20:37 - 00000000 ____D () C:\Users\Nemanja
2014-10-27 23:29 - 2013-02-23 14:23 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2014-10-27 21:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-27 18:17 - 2011-11-14 18:41 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2441958971-3140706620-1908336796-1000Core.job
2014-10-27 08:03 - 2011-10-18 21:56 - 00000000 ____D () C:\Users\Nemanja\AppData\Roaming\Skype
2014-10-19 20:22 - 2013-02-03 11:40 - 00000000 ____D () C:\Users\Nemanja\AppData\Roaming\vlc
2014-10-19 11:29 - 2013-03-13 23:52 - 00000000 ____D () C:\Users\Nemanja\AppData\Local\CrashDumps
2014-10-17 12:35 - 2009-07-14 05:45 - 00268432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 12:34 - 2014-05-05 22:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-15 22:45 - 2013-07-30 15:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 22:45 - 2011-06-10 15:44 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-13 22:23 - 2012-01-13 16:55 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-13 22:23 - 2012-01-13 16:55 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-13 22:23 - 2012-01-13 16:55 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-09 12:32 - 2009-07-14 06:08 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-02 14:53 - 2011-06-09 20:56 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-01 08:02 - 2014-09-25 07:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-01 08:02 - 2014-02-21 09:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-01 08:01 - 2014-09-03 07:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-01 08:01 - 2014-09-03 07:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-01 08:01 - 2014-09-03 07:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-01 08:01 - 2013-10-19 19:44 - 00000000 ____D () C:\ProgramData\Oracle

Some content of TEMP:
====================
C:\Users\Nemanja\AppData\Local\Temp\htmlayout.dll
C:\Users\Nemanja\AppData\Local\Temp\InstallManager_GEN_GEN.exe
C:\Users\Nemanja\AppData\Local\Temp\install_helper.exe
C:\Users\Nemanja\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Nemanja\AppData\Local\Temp\MatroskaSplitter.exe
C:\Users\Nemanja\AppData\Local\Temp\minibar-master-v1.exe
C:\Users\Nemanja\AppData\Local\Temp\Quarantine.exe
C:\Users\Nemanja\AppData\Local\Temp\rad98EA7.tmp_update.exe
C:\Users\Nemanja\AppData\Local\Temp\radC23C9.tmp_update.exe
C:\Users\Nemanja\AppData\Local\Temp\run.exe
C:\Users\Nemanja\AppData\Local\Temp\SecuExp.exe
C:\Users\Nemanja\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nemanja\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe
C:\Users\Nemanja\AppData\Local\Temp\sonarinst.exe
C:\Users\Nemanja\AppData\Local\Temp\SQLite.dll
C:\Users\Nemanja\AppData\Local\Temp\sqlite3.dll
C:\Users\Nemanja\AppData\Local\Temp\tbBro0.dll
C:\Users\Nemanja\AppData\Local\Temp\toolbar10150407.exe
C:\Users\Nemanja\AppData\Local\Temp\toolbar17289450.exe
C:\Users\Nemanja\AppData\Local\Temp\uninstall889236.exe
C:\Users\Nemanja\AppData\Local\Temp\uninstall889283.exe
C:\Users\Nemanja\AppData\Local\Temp\uninstall889439.exe
C:\Users\Nemanja\AppData\Local\Temp\uninstall889486.exe
C:\Users\Nemanja\AppData\Local\Temp\unrar.dll
C:\Users\Nemanja\AppData\Local\Temp\upd60839.exe
C:\Users\Nemanja\AppData\Local\Temp\upd80274.exe
C:\Users\Nemanja\AppData\Local\Temp\upd85741.exe
C:\Users\Nemanja\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Nemanja\AppData\Local\Temp\{44A069EB-2384-4A2A-A49D-89A1B601826E}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{5ADCEB72-33DE-452F-B110-86533A6CCECD}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{AB25D032-5660-4804-AD41-66A05CC35A76}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{AEF2AA26-CC6E-45A3-AD74-771BCDC8CC74}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{D018EACE-5D2B-4F5F-BF9E-417BE567E64B}-24.0.1312.52_chrome_installer.exe
C:\Users\Nemanja\AppData\Local\Temp\{DCA596AA-AF26-4D46-93E0-EAF4856D369D}-24.0.1312.52_chrome_installer.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 11:43

==================== End Of Log ============================
mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

CHR Extension: (McAfee Security Scan+) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR HKLM-x32\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 []
C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum




Arrow Korak 2

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.

offline
  • Pridružio: 27 Okt 2014
  • Poruke: 10

Sacuvao sam fixlist na Desktop ali opet kad pretisnem na Fix pise mi da fixlista nije pronadjena i pise jos the fixliste should be in the same folder directory the tool is located....

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

radojkovicnemanja91 ::Sacuvao sam fixlist na Desktop ali opet kad pretisnem na Fix pise mi da fixlista nije pronadjena i pise jos the fixliste should be in the same folder directory the tool is located....

Prebaci FRST na Desktop. U uputstvu za otvaranje teme jasno piše da FRST treba biti na Desktopu.

Ko je trenutno na forumu
 

Ukupno su 956 korisnika na forumu :: 77 registrovanih, 8 sakrivenih i 871 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, 8u47, A.R.Chafee.Jr., Apok, bagor10, Ben Roj, Bobrock1, chichabg, Cigi, Cobi026, dejanbenkovic, Denaya, DENIRO, Despot1, Dorcolac, DPera, draggan, dukajov, Ehinacea, flash12, geo.dule, GORDI, Gosha101980, goxin, Griffon vulture, havoc995, hawkeye, HrcAk47, hurmiza, ikan, Istman, ivan1973, izi, Joja, kairos, Koridor, Krusarac, kunktator, Lazarus, Lieutenant, loon123, maiden6657, Mercury, Milan A. Nikolic, mile23, Miskohd, mnn2, moldway, nenaddz, nizam, nuke92, operniki, Pakito93, Panter, pein, Pomorac1, Rakenica, raykan, rkekoke, RobinHood12, rodoljub, Sale.S, Shufle, Srle993, stagezin, strn, Toni, trajkoni018, upitnik, uruk, virked, VJ, VladaNS1978, vladas87, zastavnik, zexoni, zillbg