Mnogo mi koci racunar

2

Mnogo mi koci racunar

offline
  • Pridružio: 27 Okt 2014
  • Poruke: 10

jeste na dekstopu i fixlista takodje

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10518
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

FRST64.exe iz Download foldera prebaci na Desktop.

offline
  • Pridružio: 27 Okt 2014
  • Poruke: 10

prebacen je i opet nece

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10518
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U uputuama koje sam ti dao piše da fajl treba snimiš pod imenom Fixlist, a ne Fixliste. Ukloni "e" iz imena pa probaj opet. Razz

offline
  • Pridružio: 27 Okt 2014
  • Poruke: 10

ispravio sam sad radi....

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-10-2014 01
Ran by Nemanja at 2014-10-28 20:11:26 Run:5
Running from C:\Users\Nemanja\Desktop
Loaded Profile: Nemanja (Available profiles: Nemanja)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR Extension: (McAfee Security Scan+) - C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR HKLM-x32\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 []
C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension

*****************

C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\adldappccjhelkmbkpiibilgnnjakieg" => Key not found.
"C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1" => File/Directory not found.
"C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension" => File/Directory not found.

==== End of Fixlog ====

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10518
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Sada odradi drugi kroak za Zoekom.

offline
  • Pridružio: 27 Okt 2014
  • Poruke: 10

Zoek.exe v5.0.0.0 Updated 27-10-2014
Tool run by Nemanja on 28/10/2014 at 20:24:33.22.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Nemanja\Desktop\zoek.com [Scan all users] [Script inserted]

==== System Restore Info ======================

28/10/2014 8:26:09 PM Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Nemanja\AppData\Local\Temp ====
2014-10-19 20:58:16 5C73E64374D9BA37AC5569D1F7DE5C9B 665682 ----a-w- C:\Users\Nemanja\AppData\Local\Temp\sqlite3.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-10-15 06:12:59 A139A5E6B34F136405B030EA04595A20 156824 ----a-w- C:\Windows\SysWOW64\mscorier.dll
2014-10-15 06:12:59 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\SysWOW64\dfshim.dll
2014-10-15 06:12:58 D5D5BBF6AA45D820BAA0BD1303B8AAF6 81560 ----a-w- C:\Windows\SysWOW64\mscories.dll
2014-10-15 06:12:12 DF59F2510EDABBF216FA837D5D964106 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 06:12:12 BD66BA5A924DCC8392CFAEB67131A246 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 06:12:12 604C67F58747D6A333EA641BCCC2C842 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2014-10-15 06:12:12 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 06:12:11 D78C4DB153874DB7AC6AA6A03BE38B66 331448 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 06:12:11 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2014-10-15 06:12:10 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 06:12:10 B5B1C277E46A5B0E2FC63E5FC5624CE5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 06:12:10 97F2F82BF0B4AF86A85FFDD78DFDC87D 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 06:12:09 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2014-10-15 06:12:08 8FAA1E45198C4ECEC691326B7F5E71C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2014-10-15 06:12:08 58EC068116BCE16A94B1B2C429A35E41 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 06:12:07 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 06:12:07 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2014-10-15 06:12:06 B74B348D13134D67B4F68ADDDC76A447 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 06:12:06 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 06:12:06 158690737381C49120165A7F3F5D13EB 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll
2014-10-15 06:12:05 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2014-10-15 06:12:03 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2014-10-15 06:12:03 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2014-10-15 06:12:03 AA103FEAD721863B86A1B1260948E662 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 06:12:03 8E8E6E7B4CC27B92F40F74E29C1F6290 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 06:12:02 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 06:12:02 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\Windows\SysWOW64\wininet.dll
2014-10-15 06:12:02 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 06:12:02 2409C41081D657A3FABE3659BB989AFB 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll
2014-10-15 06:10:24 3888D02CE6413C2A06D903DE1C778BF5 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll
2014-10-15 06:10:17 37C395C075E6FA66623C82DE50A8FAED 372736 ----a-w- C:\Windows\SysWOW64\rastls.dll
2014-10-15 06:10:09 FD67683FBA9B2C4BB551780BD8846F64 157696 ----a-w- C:\Windows\SysWOW64\winsta.dll
2014-10-15 06:10:08 DB1D6751689B4A7EE2439C64F2ADF1C9 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll
2014-10-15 06:10:08 13829161C1297F4170A5546430147BBD 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 06:09:56 0C9988BDA3CEC3C421B773982C5E2EC6 5703168 ----a-w- C:\Windows\SysWOW64\mstscax.dll
2014-10-15 06:09:55 C120855C1133DF8FFD5E0C04A7E70B67 67072 ----a-w- C:\Windows\SysWOW64\packager.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-10-15 06:13:00 5602D4C331FD7938ADE06D9242138922 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys
2014-10-15 06:12:59 2D6C77A3DB3D8EE00FB55834A67E4073 156312 ----a-w- C:\Windows\Sysnative\mscorier.dll
2014-10-15 06:12:58 50EC828370CB5F5E9FF08B10F1B701C8 73880 ----a-w- C:\Windows\Sysnative\mscories.dll
2014-10-15 06:12:58 5083CC5456FE8A5D21ECF9E32ACC779F 1943696 ----a-w- C:\Windows\Sysnative\dfshim.dll
2014-10-15 06:12:16 974F83636F841739FEA5CC6219BFB241 276480 ----a-w- C:\Windows\Sysnative\generaltel.dll
2014-10-15 06:12:16 510D5492BCA9E63E10E3CE0285965722 507392 ----a-w- C:\Windows\Sysnative\aepdu.dll
2014-10-15 06:12:15 767D478BB4B2F84B47B3C0956E6A5A05 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll
2014-10-15 06:12:11 C109D5136DF0A6CA668C7AD888AA125F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2014-10-15 06:12:11 739D9C9F220CCEDAFD8212C6B976B60D 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll
2014-10-15 06:12:11 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2014-10-15 06:12:10 DD8E9C85F9F428859713055183661956 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2014-10-15 06:12:10 4D21F4FDF57DF86FAD9149ED1C071D15 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-10-15 06:12:08 87D14AF9A2C3F3D5233B613CFA9C321D 378552 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2014-10-15 06:12:07 B07E9AFF50DC007E7D5AC54736AA5A25 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2014-10-15 06:12:07 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\Windows\Sysnative\urlmon.dll
2014-10-15 06:12:06 E9109E91BB8366759822DC2FC9B5DA8B 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2014-10-15 06:12:06 DAF317E9F4CEC206D0D443014A427341 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2014-10-15 06:12:06 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2014-10-15 06:12:05 0467A4DDA6B2CE8E27A8178BF035BA18 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll
2014-10-15 06:12:04 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2014-10-15 06:12:04 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\Windows\Sysnative\iertutil.dll
2014-10-15 06:12:02 BE37AA454460539877420951EEA16EF0 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2014-10-15 06:12:01 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2014-10-15 06:12:01 88D2165E07CEDC3F34CBE1A5A807673D 595968 ----a-w- C:\Windows\Sysnative\ieui.dll
2014-10-15 06:12:00 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2014-10-15 06:12:00 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\Windows\Sysnative\ieframe.dll
2014-10-15 06:11:59 F9FA80C1CB6EAC55A7F534937F6AC4E4 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2014-10-15 06:11:59 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2014-10-15 06:11:59 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\Windows\Sysnative\jscript9.dll
2014-10-15 06:11:59 70527367E5779C3537992F0768D9C59A 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2014-10-15 06:11:58 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\Windows\Sysnative\wininet.dll
2014-10-15 06:11:58 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll
2014-10-15 06:11:58 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2014-10-15 06:11:57 EB710A3AF29BEC4EE7475A1ED5C575DE 195584 ----a-w- C:\Windows\Sysnative\msrating.dll
2014-10-15 06:11:57 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2014-10-15 06:11:56 15847E14811FEDDF77E934AF4F0BEF45 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-10-15 06:11:55 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\Windows\Sysnative\mshtml.dll
2014-10-15 06:10:30 E9CB5F138943D383DB67F29AAB60453F 3179520 ----a-w- C:\Windows\Sysnative\rdpcorets.dll
2014-10-15 06:10:24 ADD3F2C3E6B89BD16D4BFC61B3658DD9 3241472 ----a-w- C:\Windows\Sysnative\msi.dll
2014-10-15 06:10:17 DD7C31F12936795C0516BB6C59CBCCD8 424448 ----a-w- C:\Windows\Sysnative\rastls.dll
2014-10-15 06:10:10 4FC4C50985E5B840F4D72E57286887B8 681984 ----a-w- C:\Windows\Sysnative\termsrv.dll
2014-10-15 06:10:09 C23B6D9D16FD86F446BE607CA18389D9 235520 ----a-w- C:\Windows\Sysnative\winsta.dll
2014-10-15 06:10:09 85E03B6E05939845BC924C91AEDE0E24 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll
2014-10-15 06:10:09 0374D83D003043E7DE33036294A2EFAE 150528 ----a-w- C:\Windows\Sysnative\rdpcorekmts.dll
2014-10-15 06:10:08 560CF90C026C0FE51CC6820302FF94FE 22016 ----a-w- C:\Windows\Sysnative\credssp.dll
2014-10-15 06:09:57 6DD73E4E947DB3B0608321AE13210D94 6584320 ----a-w- C:\Windows\Sysnative\mstscax.dll
2014-10-15 06:09:55 1DB68B8A1E3BDE3C19F1D3612CE436CA 77312 ----a-w- C:\Windows\Sysnative\packager.dll
====== C:\Windows\Sysnative\drivers =====
2014-10-15 06:10:09 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys
2014-10-15 06:10:08 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys
====== C:\Windows\Tasks ======
2014-10-28 19:19:57 2EB477419DA58BD8505D90F7DCAD1980 3136 ----a-w- C:\Windows\Sysnative\Tasks\{658BAE3E-C337-4439-A07B-A8F4A22EB907}
2014-10-28 19:17:45 6B1DFAC1A926B80E59534F58D829F5E8 3124 ----a-w- C:\Windows\Sysnative\Tasks\{A390F4E0-E59E-45D8-B966-3FD423D103D5}
2014-10-28 14:32:11 A151DF54AA8CD54ADD20C2A8B8212888 3428 ----a-w- C:\Windows\Sysnative\Tasks\{151DD929-E3D9-4629-8E1C-64A2E987D77E}
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-10-01 07:01:35 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Nemanja\AppData\Roaming ======
====== C:\Users\Nemanja ======
2014-10-28 18:42:33 943C708E6C85202BB41BAAED958F2D07 2113024 ----a-w- C:\Users\Nemanja\Desktop\FRST64.exe
2014-10-28 16:43:03 FF33D8CDF04B1D15F3808D49406BEA43 1998336 ----a-w- C:\Users\Nemanja\Desktop\AdwCleaner.exe

====== C: exe-files ==
2014-10-28 19:21:02 04ED9D2B5B61B5A6E372835AA847BEC6 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2441958971-3140706620-1908336796-1000\$IDCVP6C.exe
2014-10-28 19:19:25 D51F5780C2CAC6A22F21EF15BB8EDDFE 1290240 ----a-w- C:\$Recycle.Bin\S-1-5-21-2441958971-3140706620-1908336796-1000\$RDCVP6C.exe
2014-10-28 18:42:33 943C708E6C85202BB41BAAED958F2D07 2113024 ----a-w- C:\Users\Nemanja\Desktop\FRST64.exe
2014-10-28 18:41:32 B08EE1C235427D2CB90F2A9AFBC49AE4 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2441958971-3140706620-1908336796-1000\$ITNIOGK.exe
2014-10-28 18:41:22 DE709C56CC513EBFE9EFDF729BDD0405 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2441958971-3140706620-1908336796-1000\$I7089TN.exe
2014-10-28 16:43:03 FF33D8CDF04B1D15F3808D49406BEA43 1998336 ----a-w- C:\Users\Nemanja\Desktop\AdwCleaner.exe
2014-10-28 16:00:38 943C708E6C85202BB41BAAED958F2D07 2113024 ----a-w- C:\$Recycle.Bin\S-1-5-21-2441958971-3140706620-1908336796-1000\$RTNIOGK.exe
2014-10-28 15:58:37 F30CE95921660B58AD98C050837337E7 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2441958971-3140706620-1908336796-1000\$IMGJPGL.exe
2014-10-28 14:32:14 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Nemanja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34NR3J26\bi_cleaner[1].exe
2014-10-28 10:29:10 DCC534F22A5A4B43E5123A772D3ECF5A 895568 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\38.0.2125.111\38.0.2125.111_38.0.2125.104_chrome_updater.exe
2014-10-27 23:34:00 D2C5DE47427E4FBCD24CC35182CFF8E3 1689168 ----a-w- C:\Windows\Temp\avast_ash\uTorrent (current user)\uTorrent.exe
2014-10-27 22:25:04 943C708E6C85202BB41BAAED958F2D07 2113024 ----a-w- C:\$Recycle.Bin\S-1-5-21-2441958971-3140706620-1908336796-1000\$RMGJPGL.exe
2014-10-27 20:17:06 943C708E6C85202BB41BAAED958F2D07 2113024 ----a-w- C:\$Recycle.Bin\S-1-5-21-2441958971-3140706620-1908336796-1000\$R7089TN.exe
2014-10-24 12:36:36 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Nemanja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9CAA4O20\SkypeSetupFull[1].exe
=== C: other files ==
2014-10-28 19:21:09 4A9D1791B836F5E275BB6A7AB4234F9C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2441958971-3140706620-1908336796-1000\$I2OATOU.com
2014-10-28 19:16:43 90641F5394C9762938D8B516CD46B498 1421585 ----a-w- C:\$Recycle.Bin\S-1-5-21-2441958971-3140706620-1908336796-1000\$R2OATOU.com

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2441958971-3140706620-1908336796-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\Nemanja\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"BTLive"="C:\Users\Nemanja\AppData\Roaming\BTLive\BTLive.exe"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe"
"FileServe Manager Task"="C:\Program Files (x86)\FileServe Manager\FSStarter.exe"
"SSDMonitor"="C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"AvastUI.exe"="C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\Nemanja\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"BTLive"="C:\Users\Nemanja\AppData\Roaming\BTLive\BTLive.exe"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/09/2014 07:34 PM]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2441958971-3140706620-1908336796-1000Core.job --a------ C:\Users\Nemanja\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/04/2013 05:12 PM]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2441958971-3140706620-1908336796-1000UA.job --a------ C:\Users\Nemanja\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/04/2013 05:12 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13/10/2014 10:23 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13/10/2014 10:23 PM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2441958971-3140706620-1908336796-1000Core" [C:\Users\Nemanja\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2441958971-3140706620-1908336796-1000UA" [C:\Users\Nemanja\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{1E4C1441-20CA-44CA-ADA3-12A7BFED07A9}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{4DA8607E-FBFB-4330-B027-05786915721A}" [C:\Program Files\Alwil Software\Avast5\AvastUI.exe]
"C:\Windows\SysNative\tasks\{9CACBE30-B6A0-45FD-BC96-F4E0B6BF9285}" [C:\Program Files (x86)\Skype\Phone\Skype.exe]
"C:\Windows\SysNative\tasks\{D451A75B-5940-4909-819B-9499AB843668}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [18/06/2014 11:39 AM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\6bbrszl7.default-1351851759894
- Undetermined - %ProfilePath%\extensions\staged

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\8rqopg08.default-1359054800391
- Undetermined - %ProfilePath%\extensions\staged
- Undetermined - %ProfilePath%\extensions\testpilot@labs.mozilla.com
- Instrument Test - %ProfilePath%\extensions\testpilot@labs.mozilla.com.xpi

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Undetermined - %ProfilePath%\extensions\staged

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\of6pzx9y.default-1359052554265
- Undetermined - %ProfilePath%\extensions\staged

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\qi4a1cj2.default-1356103168590
- Undetermined - %ProfilePath%\extensions\staged

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\qlyov7yv.default
- Undetermined - %ProfilePath%\extensions\staged

ExtDir: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- 2YourFace - %ExtDir%\support@2yourface.com

ExtDir: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles
- 2YourFace - %ExtDir%\extensions\support@2yourface.com

ExtDir: C:\Users\Nemanja\AppData\Roaming\Mozilla\Extensions
- 2YourFace - C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\support@2yourface.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Nemanja\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
66640A55AEFF3819C94E0A8D40D7E0AD - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director


==== Chromium Look ======================

Google Voice Search Hotword (Beta) - Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Google Wallet - Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Backup.Old.Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear"
{A46FB142-E14F-47A0-8ED3-2C1214ABF892} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
{F423386B-52CB-420E-AF9D-46730575FB2D} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on 28/10/2014 at 20:31:39.79 ======================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10518
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

testpilot@labs.mozilla.com.xpi;ff
2YourFace;ff
C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\support@2yourface.com;fs
kdidombaedgpfiiedeimiebkmbilgmlc;chr
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc;fs
shortcutfix;
emptyclsid;
emptyalltemp;
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.



Arrow Korak 2

Preuzmi Junkware Removal Tool (JRT) i sačuvaj ga na Desktop.

Zatvori browser i ostale pokrenute programe

Privremeno deaktiviraj zaštitni softver (Uputstvo);

Dvoklikom na ikonicu () pokreni program JRT;

Kod obavještenja "Press any key" pritisnuti bilo koji taster i alat ce započeti skeniranje.
Napomena: u ovisnosti od hardvera račuanra vreme skeniranja u nekim slučajevima moze da potraje.

Kada završi otvorice se Notepad sa izvještajem koji ce biti sačuvan na Desktopu pod nazivom JRT.txt


Arrow Kopiraj sadržaj tog loga u temu.

offline
  • Pridružio: 27 Okt 2014
  • Poruke: 10

Napisano: 28 Okt 2014 22:57

Zoek.exe v5.0.0.0 Updated 27-10-2014
Tool run by Nemanja on 28/10/2014 at 21:38:28.41.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Nemanja\Desktop\zoek.scr [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-10-28-193139.log 21736 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\6bbrszl7.default-1351851759894

user.js not found
---- Lines BabylonToolbar removed from prefs.js ----
user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://isearch.babylon.com/?affID=116216&tt=4712_3&babsrc=NT_ss&mntrId=f085b86600000000000020cf308
---- Lines Search removed from prefs.js ----
user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
user_pref("browser.search.order.1", "Search the web (Babylon)");
---- Lines babylon modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"butterscotch@igeared\":{\"descriptor\":\"C:\\\\Program Files (x86
---- FireFox user.js and prefs.js backups ----

prefs_102014_1029_.backup

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\78w98qey.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_102014_1029_.backup

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\8rqopg08.default-1359054800391

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_102014_1029_.backup

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_102014_1029_.backup

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_102014_1029_.backup

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\of6pzx9y.default-1359052554265

user.js not found
---- Lines babylon modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"butterscotch@igeared\":{\"descriptor\":\"C:\\\\Program Files (x86
---- FireFox user.js and prefs.js backups ----

prefs_102014_1029_.backup

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\qi4a1cj2.default-1356103168590

user.js not found
---- Lines babylon modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"butterscotch@igeared\":{\"descriptor\":\"C:\\\\Program Files (x86
---- FireFox user.js and prefs.js backups ----

prefs_102014_1029_.backup

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\qlyov7yv.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_102014_1029_.backup

==== Deleting Files \ Folders ======================

C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\support@2yourface.com deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted
C:\PROGRA~2\COMMON~1\Config\uninstinethnfd.exe deleted
C:\PROGRA~2\COMMON~1\Config deleted
C:\found.000 deleted
C:\Users\Nemanja\AppData\Roaming\GetRightToGo deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Nemanja\AppData\Local\avgchrome deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\cconntinuuetoossavee deleted
C:\Users\Nemanja\Downloads\VideoPerformerSetup.exe deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\REN451B.tmp deleted
C:\Windows\Syswow64\REN451C.tmp deleted
C:\Windows\Syswow64\REN5E49.tmp deleted
C:\Windows\Syswow64\REN5E4A.tmp deleted
C:\Windows\Syswow64\trz100B.tmp deleted
C:\Windows\Syswow64\trz104A.tmp deleted
C:\Windows\Syswow64\trz2677.tmp deleted
C:\Windows\Syswow64\trz5564.tmp deleted
C:\Windows\Syswow64\trz57F4.tmp deleted
C:\Windows\Syswow64\trzC734.tmp deleted
C:\Windows\Syswow64\trzE3AA.tmp deleted
C:\Windows\Syswow64\trzE3DA.tmp deleted
C:\Windows\Syswow64\trzF3C3.tmp deleted
C:\Windows\Syswow64\hfnapi.dll deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\6bbrszl7.default-1351851759894\extensions\staged deleted
C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\78w98qey.default\jetpack deleted
C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\8rqopg08.default-1359054800391\extensions\staged deleted
C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\staged deleted
C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\of6pzx9y.default-1359052554265\extensions\staged deleted
C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\qi4a1cj2.default-1356103168590\extensions\staged deleted
C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\qlyov7yv.default\extensions\staged deleted
C:\Users\Nemanja\AppData\Roaming\satoolbar.exe deleted
C:\Users\Nemanja\AppData\Roaming\vio_clean.exe deleted
"C:\Users\Nemanja\AppData\Local\{0D782F05-8E87-4A56-866C-0573E9106354}" deleted
"C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\8rqopg08.default-1359054800391\extensions\testpilot@labs.mozilla.com.xpi" deleted
"C:\PROGRA~2\FileServe Manager\FSStarter.exe" deleted
"C:\PROGRA~2\Windows Portable Devices" deleted
"C:\PROGRA~2\FileServe Manager" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [18/06/2014 11:39 AM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\8rqopg08.default-1359054800391
- Undetermined - %ProfilePath%\extensions\testpilot@labs.mozilla.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Nemanja\AppData\Roaming\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Nemanja\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
66640A55AEFF3819C94E0A8D40D7E0AD - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director


==== Chromium Look ======================

Google Voice Search Hotword (Beta) - Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Google Wallet - Nemanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Fix ======================

C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kdidombaedgpfiiedeimiebkmbilgmlc_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Backup.Old.Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Backup.Old.Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear"
{A46FB142-E14F-47A0-8ED3-2C1214ABF892} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
{F423386B-52CB-420E-AF9D-46730575FB2D} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== shortcuts on Users Desktops ======================

C:\Users\Nemanja\Desktop\Assassin's Creed IV - Black Flag.lnk - E:\Nemanja\igrice\Assassin's Creed IV - Black Flag\Launcher.exe
C:\Users\Nemanja\Desktop\Downloads.lnk - C:\Users\Nemanja\Downloads
C:\Users\Nemanja\Desktop\Shortcut to virtual_garden.exe.lnk - C:\Program Files (x86)\virtual_garden\shockwave\virtual_garden.exe
C:\Users\Nemanja\Desktop\Total Commander.lnk - C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
C:\Users\Nemanja\Desktop\XMedia Recode.lnk - C:\Program Files (x86)\XMedia Recode\XMedia Recode.exe
C:\Users\Nemanja\Desktop\Contacts\Pictures - Shortcut.lnk - C:\Users\Nemanja\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
C:\Users\Nemanja\Desktop\Contacts\Videos - Shortcut.lnk - C:\Users\Nemanja\AppData\Roaming\Microsoft\Windows\Libraries\Videos.library-ms
C:\Users\Nemanja\Desktop\New folder (2)\Still0069 - Shortcut.lnk - C:\Users\Nemanja\Documents\Still0069.jpg
C:\Users\Nemanja\Desktop\New folder (2)\Still0070 - Shortcut.lnk - C:\Users\Nemanja\Documents\Still0070.jpg
C:\Users\Nemanja\Desktop\New folder (2)\Still0071 - Shortcut.lnk - C:\Users\Nemanja\Documents\Still0071.jpg

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe
C:\Users\Public\Desktop\Sleeping Dogs.lnk - E:\Nemanja\igrice\Sleeping Dogs\HKShip.exe
C:\Users\Public\Desktop\Sniper Ghost Warrior 2.lnk - E:\Nemanja\igrice\Sniper Ghost Warrior 2\Bin32\SniperGhostWarrior2.exe
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Users\Public\Desktop\Webcam videocap.lnk - C:\Program Files (x86)\ETRON\WebCam\X64\VideoCap.exe
C:\Users\Public\Desktop\µTorrent.lnk -

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Subtitle Workshop.lnk - C:\Program Files (x86)\URUSoft\Subtitle Workshop\SubtitleWorkshop.exe
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Sticky Notes.lnk -
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Badoo.Desktop.lnk - C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Setup Aplications.lnk - C:\Users\Nemanja\AppData\Local\Temp\n9412\s9412.exe
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Nemanja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{17E45F31-6A5D-F5CF-AAD4-44952DB7157C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{393F7D30-E54B-F4B1-2FDB-CA3455FFD257} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nemanja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nemanja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0V0DBYB will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Nemanja\AppData\Local\Mozilla\Firefox\Profiles\h7i398kg.default-1403521762956\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Nemanja\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=248 folders=62 29389250 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Nemanja\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Nemanja\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Nemanja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0V0DBYB" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on 28/10/2014 at 22:55:31.08 ======================

Dopuna: 28 Okt 2014 23:08

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Ultimate x64
Ran by Nemanja on 28/10/2014 at 23:00:46.20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util findright



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Nemanja\AppData\Roaming\mozilla\firefox\profiles\h7i398kg.default-1403521762956\minidumps [118 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/10/2014 at 23:06:54.81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10518
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sada stanje sistema?

Ko je trenutno na forumu
 

Ukupno su 912 korisnika na forumu :: 65 registrovanih, 6 sakrivenih i 841 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 5.56, _commandos_, _Sale, A.R.Chafee.Jr., aramis s, Arhiv, bankulen, Belac91, bojank, brufen, celeron, CrazyDiablo, darcaud, darkstar101, Dežurni pod palubom, dolinalima, doom83, draganca, dule10savic, dzoni25, esx66, filiplukac1337, Georgius2, havoc995, helen1, ikan, Ilija Cvorovic, ivan1973, ivan979, Jethro, kaptain, kolateralnasteta, Konda2, KUZMAR, liman, Lucije Kvint, Marko Marković2, marsovac 2, Mercury, Metanoja, mihajlot2013, milan.tatanac, milanstankovic087, mile09, nenad81, novator, pavle_pzs2, riva, RJ, rodoljub2, sale755, shone34, spektorsky, Srki94, Srna2, suton, t84dar, taz1cl, trajkoni018, ucenik32, vladancekicsrb, voja64, White Knight, yrraf, Zori2