Nekontrolisano otvaranje strana

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 23 Mar 2015 23:32

Na Blicu izlazi kao i do sada.



Dopuna: 23 Mar 2015 23:34

Na Blicu izlaze 3 komada kao i do sada.





Dopuna: 23 Mar 2015 23:43

I na ostalim sajtovima je isto.
U tabu piše Powered by Info

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

process;
startupall;
drivers-services-list;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadržaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 24 Mar 2015 17:33

Zoek.exe v5.0.0.0 Updated 23-March-2015
Tool run by user6 on Tue 03/24/2015 at 17:26:18.22.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\user6\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

3/24/2015 5:27:41 PM Zoek.exe System Restore Point Created Successfully.

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
C:\Users\user6\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Services(whitelist) ======================
Powered by E Dev

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [Capture Device Service] - Capture Device Service - c:\program files (x86)\common files\intervideo\deviceservice\devsvc.exe
R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - c:\program files\nvidia corporation\geforce experience service\gfexperienceservice.exe
R2 - [LMIGuardianSvc] - LMIGuardianSvc - c:\program files (x86)\logmein hamachi\lmiguardiansvc.exe
R2 - [MsMpSvc] - Microsoft Antimalware Service - c:\program files\microsoft security client\msmpeng.exe
R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe
R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
R2 - [RealNetworks Downloader Resolver Service] - RealNetworks Downloader Resolver Service - c:\program files (x86)\realnetworks\realdownloader\rndlresolversvc.exe
R2 - [RealPlayer Cloud Service] - RealPlayer Cloud Service - c:\program files (x86)\real\realplayer\rpds\bin\rpdsvc.exe
R2 - [RealPlayerUpdateSvc] - RealPlayer Update Service - c:\program files (x86)\real\updateservice\realplayerupdatesvc.exe
R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe
R2 - [UMVPFSrv] - UMVPFSrv - c:\program files (x86)\common files\logishrd\lvmvfm\umvpfsrv.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [Disc Soft Lite Bus Service] - Disc Soft Lite Bus Service - c:\program files\daemon tools lite\discsoftbusservice.exe
R3 - [NisSrv] - Microsoft Network Inspection - c:\program files\microsoft security client\nissrv.exe
R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
R3 - [WMPNetworkSvc] - Usluga deljenja putem mreže za Windows Media Player - c:\program files\windows media player\wmpnetwk.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Google Update Service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
S3 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
S3 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe
S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe
S3 - [Fax] - Faks - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [IDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\1050\intel 32\idrivert.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [Microsoft Office Groove Audit Service] - Microsoft Office Groove Audit Service - c:\program files (x86)\microsoft office\office12\grooveauditservice.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [odserv] - Microsoft Office Diagnostics Service - c:\program files (x86)\common files\microsoft shared\office12\odserv.exe
S3 - [Origin Client Service] - Origin Client Service - c:\program files (x86)\origin\originclientservice.exe
S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe

==== Drivers(whitelist) ======================
Powered by E Dev

R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
R0 - [MpFilter] - Microsoft Malware Protection Driver - C:\Windows\system32\Drivers\MpFilter.sys
R0 - [Mup] - MUP - C:\Windows\system32\Drivers\Mup.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
R3 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys
R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys
R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys
R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys
R0 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys
R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]
R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\Windows\system32\Drivers\Compbatt.sys
R0 - [Disk] - Disk Driver - C:\Windows\system32\Drivers\Disk.sys
R0 - [fvevol] - Bitlocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys
R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys
R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys
R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys
R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys
R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys
R0 - [storflt] - Disk Virtual Machine Bus Acceleration Filter Driver - C:\Windows\system32\Drivers\storflt.sys [x]
R0 - [Tcpip] - Upravljački program TCP/IP protokola - C:\Windows\system32\Drivers\Tcpip.sys
R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys
R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys
R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
R1 - [tdx] - NetIO TDI upravljačkog programa podrške koji je zastareo - C:\Windows\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\user6\AppData\Local\Temp ====
2015-03-24 14:25:05 430F0CA1C6E7FFCB5FB671D3C38450A2 7224 ----a-w- C:\Users\user6\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
2015-03-23 21:40:30 875E1B7B8E832EF5CA95CA9D0D23C501 160712 ----a-w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp\FixSe.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-03-17 12:55:14 4C9A31EA2C0AA2FE6B43EDDDA533FF7B 4 ----a-w- C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-11 06:19:34 965D6A2B30A95A9F7EF13653988D3D9F 299008 ----a-w- C:\Windows\SysWOW64\atmfd.dll
2015-03-11 06:19:34 55273844B66D77A2F1A2213C17A9EA4A 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll
2015-03-11 06:19:34 274F0540FD4C88FC845C94CA1569688A 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll
2015-03-11 06:19:33 ABB358777FDF4AF51B2FE26137D2B8D4 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll
2015-03-11 06:19:33 01D9C9A70323BC7E5835B92442DD7EC2 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll
2015-03-11 06:19:28 B378B6A865C28CE5C1E23C35760A1199 11411968 ----a-w- C:\Windows\SysWOW64\wmp.dll
2015-03-11 06:19:28 5B0C6247027FCF5A2E2F150E298D2FFA 3209728 ----a-w- C:\Windows\SysWOW64\mf.dll
2015-03-11 06:19:26 74264B7F57A16D25CB581C07964D324A 1174528 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2015-03-11 06:19:26 6C2D4DC5D2E271F4AE4016FD4587B0B2 3973048 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 06:19:26 2CFE69A0A8AFDA8DB9A773D728000BB7 3917760 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 06:19:22 96DB6A923DEDB58FC7CBBF5CFF73314D 1329664 ----a-w- C:\Windows\SysWOW64\quartz.dll
2015-03-11 06:19:21 DCC148408770F2D55B201F8FC26438A1 988160 ----a-w- C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 06:19:20 B7D2BB84C590F0AE9DA51DBB065A780E 1005056 ----a-w- C:\Windows\SysWOW64\cryptui.dll
2015-03-11 06:19:20 98C1191C862B44567FCF3C18BAEE859E 519680 ----a-w- C:\Windows\SysWOW64\qdvd.dll
2015-03-11 06:19:20 003C51B9FE38287BA4E0E58D3AE080BD 744960 ----a-w- C:\Windows\SysWOW64\blackbox.dll
2015-03-11 06:19:19 D5EC42139D6A6158CF188975C50B6A60 179200 ----a-w- C:\Windows\SysWOW64\wintrust.dll
2015-03-11 06:19:19 3BAA4BAE71460C5CEB40D5E9339A61BC 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 06:19:18 C5667EE72D7364BE81516C0707FEF724 354816 ----a-w- C:\Windows\SysWOW64\mfplat.dll
2015-03-11 06:19:18 833FCABCB5D95B1911BA6E62FC82AC04 617984 ----a-w- C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 06:19:17 BB73C907D1BD437B6C30F2C23BB089FC 406016 ----a-w- C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 06:19:17 320A8699369C43CF53B2DB4538D17C52 504320 ----a-w- C:\Windows\SysWOW64\msscp.dll
2015-03-11 06:19:17 2D4814D567E5A85C473228BA772A7AFB 489984 ----a-w- C:\Windows\SysWOW64\evr.dll
2015-03-11 06:19:16 49474B3E37969AF4B5C076F42B623AFF 143872 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 06:19:09 70E96EBE87A38857619671FCB9C8EC7B 265216 ----a-w- C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 06:19:08 2D21189858856316D55EAD55DF4964C2 374784 ----a-w- C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 06:19:08 08FF727297A97907AADED4BA86CF44E9 50176 ----a-w- C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 06:19:07 E0AB9CA912398BE1AAD14FF7AD75C397 50688 ----a-w- C:\Windows\SysWOW64\appidapi.dll
2015-03-11 06:19:07 AF47EAA4ADDA9AA221FB7647EE22BF53 103424 ----a-w- C:\Windows\SysWOW64\mfps.dll
2015-03-11 06:19:07 A56F4029FDCF4F817E78953CDA953E28 442880 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 06:19:06 B54FD1991E659FD61EF1D34EC27AAECD 81408 ----a-w- C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 06:19:06 A4A2EFB40015B76467F09E6DC388BC26 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll
2015-03-11 06:19:06 50B8937A81360D16A5C772302BD32CFE 195584 ----a-w- C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 06:19:06 49F4EE8DF752CFA159B99046CD1FDD2B 23040 ----a-w- C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 06:19:05 FCD5137A10C8943B34C9BE891C50159F 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 06:19:05 D3916F83AC8F2314262387A2E16C6578 4096 ----a-w- C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 06:19:05 D3916F83AC8F2314262387A2E16C6578 4096 ----a-w- C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 06:19:05 8B07DBA0D77346545C6359AC67DCB980 8192 ----a-w- C:\Windows\SysWOW64\spwmp.dll
2015-03-11 06:19:04 7C1CADCA0E674212412559B0EAD0919A 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 06:19:03 2F3CE58D8C276570EEB69C99CFBAFD58 2048 ----a-w- C:\Windows\SysWOW64\mferror.dll
2015-03-11 06:18:34 B804EAA9E037580F96C22537C2ECB62A 171520 ----a-w- C:\Windows\SysWOW64\ubpm.dll
2015-03-11 06:18:33 340EECB781E6C06A6171B3068DA208AD 12875264 ----a-w- C:\Windows\SysWOW64\shell32.dll
2015-03-11 06:18:31 5F3628DCF926C4499BE1DC74431DFBC8 1230848 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 06:18:29 84B460BB65567ED42DD605FA044DB370 828928 ----a-w- C:\Windows\SysWOW64\msctf.dll
2015-03-11 06:18:27 D5063B86DC3F85B93D02AF68099F4C9A 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll
2015-03-11 06:18:27 69925A266D265DAD96C6FCBB861FA5CD 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2015-03-11 06:18:26 C7D334A01C66BF07B92D04CD7A981B7F 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 06:18:25 7A71DA6D6F75AB73475128F787DD8EAD 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 06:18:24 B06A4105DD22E91A1D922D7310803140 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 06:18:24 84974782ED5D108DA2EFAF3C6534A760 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2015-03-11 06:18:24 5E76C26CAE2810EA71C161ED9A2CF0D1 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe
2015-03-11 06:18:24 4E15E2D20AE755FDEACD96F359F732DB 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll
2015-03-11 06:18:24 30F5B3E28636009A0B194057AAE4392A 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll
2015-03-11 06:18:23 ACD0CA819E279E1C17BE5C8A077EF448 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll
2015-03-11 06:18:23 7407DDA27838C393DE67A0BDCDD044D0 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll
2015-03-11 06:18:23 04934912B1317F2F8816208067A32B96 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2015-03-11 06:18:23 0485899A035E02C53014C0545D912405 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll
2015-03-11 06:18:17 FDF0B4DC83627A859D18EE439B8E5A26 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 06:18:17 B8445B89D0EA5C2575C98EA7BD180C5C 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2015-03-11 06:18:16 6108ED659B5962DE73DACB3B04D86ED3 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 06:18:16 00F39165D6D14302618C20CDD7BB213A 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 06:18:15 B35C35C55FED3DD7F995C77F63CBC29B 1311232 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2015-03-11 06:18:15 AD1BA932AC31D2BC8C9105DA59BEA6BE 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 06:18:15 AD13E719AE506AA0E0BB5D49E0D5B44A 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 06:18:15 95CB6079B3E62D4301958023C2070A48 19720192 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2015-03-11 06:18:15 8FDE1162C9DCF7B180AA702DD9EB6071 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 06:18:15 29EDBC5C381F1406A5262351E69BC87A 342696 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 06:18:14 BD838E2129623E8311720AA86C5DFBBF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2015-03-11 06:18:14 A41C85FDB2275FA9AAA821A118807FDB 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 06:18:14 08B30EB9751858C1C369E8775492D732 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 06:18:13 F5F730ED126DCFBEBDB9BB629BD482C4 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 06:18:13 A34897A1A39316BDECCA3E61986F98F2 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 06:18:13 988AB676FBF4484508BA134CAAB711EB 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 06:18:13 756B4F77945C61ADBE68150D7D2EC7A6 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 06:18:13 52B4DECDC70B8758380D37EA2CDD4254 2278400 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2015-03-11 06:18:12 E868396BC5F8957A9E39BD9A28EA814D 12827648 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2015-03-11 06:18:12 BA10D970EB39913357B224F4473D535B 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 06:18:12 AC35DA94A14679E8E515A44A8CF90804 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll
2015-03-11 06:18:10 FC5FE9F2D140435FC95CB3EF6724EF0A 4300288 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2015-03-11 06:18:10 02C0770DA3BE9231EFAF7185EE51020C 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 06:18:09 EA6EA6912F27F05C61D8D747517EB47E 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll
2015-03-11 06:18:09 BC9CE46C3F05CCC40F8F1EFC7E4B41C7 503296 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2015-03-11 06:18:09 B0B83B31853E15C619FDB91B64F8349A 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll
2015-03-11 06:16:35 9566C8BBD2271A7962D4432A624762AD 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-03-11 06:19:34 F351B0E520502552734BE70AA5940784 41984 ----a-w- C:\Windows\Sysnative\lpk.dll
2015-03-11 06:19:34 DB0BD8B8D68D8211CA23FBE52DACE549 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll
2015-03-11 06:19:34 85D3E918658C2766780F7DEE5F8FBE57 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll
2015-03-11 06:19:34 39A108604F51821F6F4E2001E9A1CB60 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll
2015-03-11 06:19:34 1307814243F21EB129852D59B5AB37FB 372224 ----a-w- C:\Windows\Sysnative\atmfd.dll
2015-03-11 06:19:28 FDA5F186596288F0B9ECE9DC7A5AA868 5554104 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2015-03-11 06:19:27 3FECBED0EACABD22E024EF4E50CF987B 1480192 ----a-w- C:\Windows\Sysnative\crypt32.dll
2015-03-11 06:19:25 6AEEC5677AD522786CED371A7BEE620C 616360 ----a-w- C:\Windows\Sysnative\winresume.efi
2015-03-11 06:19:24 29143C7827F9F2AC543E792A8C63FBB0 4121600 ----a-w- C:\Windows\Sysnative\mf.dll
2015-03-11 06:19:23 BD311BB00DD0D656C091AC8888C2369D 14632960 ----a-w- C:\Windows\Sysnative\wmp.dll
2015-03-11 06:19:22 DF6104DCED89E13A78BA5539CEF5100A 1202176 ----a-w- C:\Windows\Sysnative\drmv2clt.dll
2015-03-11 06:19:21 F88B4A9EA1A956F09D5001D08B546228 641024 ----a-w- C:\Windows\Sysnative\msscp.dll
2015-03-11 06:19:21 B7E752FFD95DC61FCB7A6E70E37175E5 693176 ----a-w- C:\Windows\Sysnative\winload.efi
2015-03-11 06:19:21 8DFDB70E3E56C2F1AE09CB3C03E266E5 1574400 ----a-w- C:\Windows\Sysnative\quartz.dll
2015-03-11 06:19:21 7A4064169FBA91F39DB1FDC094A18DA8 619056 ----a-w- C:\Windows\Sysnative\winload.exe
2015-03-11 06:19:20 7F4D59E70DD6E757E96B40570B498D5C 782848 ----a-w- C:\Windows\Sysnative\wmdrmsdk.dll
2015-03-11 06:19:20 6968D02DC38757C3FBE7ED7C2F9670AA 680960 ----a-w- C:\Windows\Sysnative\audiosrv.dll
2015-03-11 06:19:20 410F6B1BE785F3630B4782F8E3D85A24 1069056 ----a-w- C:\Windows\Sysnative\cryptui.dll
2015-03-11 06:19:20 1BE9877B199184D7657BC4CFCB7B4A99 140288 ----a-w- C:\Windows\Sysnative\cryptnet.dll
2015-03-11 06:19:19 DB2D62AA2DF6B1F3D690A9EC9701AA2C 188416 ----a-w- C:\Windows\Sysnative\pcasvc.dll
2015-03-11 06:19:19 A53A63831185FF5339E76221BE45E6B9 842240 ----a-w- C:\Windows\Sysnative\blackbox.dll
2015-03-11 06:19:19 93C7D1C3941086162B433107D9E8BCE3 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe
2015-03-11 06:19:19 577D0B947B49DB83E2054FA169B2ECBF 229376 ----a-w- C:\Windows\Sysnative\wintrust.dll
2015-03-11 06:19:19 483221CC1AAC288368292899E32B6B9B 503808 ----a-w- C:\Windows\Sysnative\srcore.dll
2015-03-11 06:19:18 B2F02AB28864B6D5B5B9BEDA565D41BB 497664 ----a-w- C:\Windows\Sysnative\drmmgrtn.dll
2015-03-11 06:19:18 7BC64DEEFD0E6812E21DE89F0CF50A49 500224 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll
2015-03-11 06:19:17 5FFEE6CA63E27CBA1F32002743E58F3C 631808 ----a-w- C:\Windows\Sysnative\evr.dll
2015-03-11 06:19:17 0BC72EA80234382701EAFC1BE0ECD7E4 432128 ----a-w- C:\Windows\Sysnative\mfplat.dll
2015-03-11 06:19:16 C0AE7ABD87254B2789C8CB34AF274A65 296448 ----a-w- C:\Windows\Sysnative\AudioSes.dll
2015-03-11 06:19:16 AE66D26930CA536706078537CB5AC840 325632 ----a-w- C:\Windows\Sysnative\msnetobj.dll
2015-03-11 06:19:16 6E974F1C384615DEB0710E44F4847351 126464 ----a-w- C:\Windows\Sysnative\audiodg.exe
2015-03-11 06:19:16 3029D8E78E4BF18A0551E22CD4CB892C 371712 ----a-w- C:\Windows\Sysnative\qdvd.dll
2015-03-11 06:19:16 1CD76A83B9E8E9A5A3519B39E28354D9 187904 ----a-w- C:\Windows\Sysnative\cryptsvc.dll
2015-03-11 06:19:09 27793FE3FF2D0123896D1A01A2D222C7 37376 ----a-w- C:\Windows\Sysnative\pcadm.dll
2015-03-11 06:19:08 CBE684883A45E5B047DA6B4AC46C2112 55808 ----a-w- C:\Windows\Sysnative\rrinstaller.exe
2015-03-11 06:19:08 3A7BC2DC99D3C5B172465E890B3C3B14 440832 ----a-w- C:\Windows\Sysnative\AudioEng.dll
2015-03-11 06:19:07 947938F265D7CB99653CDFF2B3C0468D 206848 ----a-w- C:\Windows\Sysnative\mfps.dll
2015-03-11 06:19:07 63D3C30B497347495B8EA78A38188969 112640 ----a-w- C:\Windows\Sysnative\smss.exe
2015-03-11 06:19:07 589852B65C91F574E980ABDB8205080A 146944 ----a-w- C:\Windows\Sysnative\appidpolicyconverter.exe
2015-03-11 06:19:07 0F79883E27BB1AFE2D9BB4656A1CEFCD 11264 ----a-w- C:\Windows\Sysnative\msmmsp.dll
2015-03-11 06:19:06 ED6BF1E1C4F40F600DFEC0CB101A1789 9728 ----a-w- C:\Windows\Sysnative\pcalua.exe
2015-03-11 06:19:06 EA285B947EE48103697CDA53D76C9EEC 17920 ----a-w- C:\Windows\Sysnative\appidcertstorecheck.exe
2015-03-11 06:19:06 C4937B9D6EF4D309A60054D4D00EE9DB 63488 ----a-w- C:\Windows\Sysnative\setbcdlocale.dll
2015-03-11 06:19:06 BE7DA70C9F4A97CCA9ED78B70BCFC9AC 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll
2015-03-11 06:19:06 A84C94CF795E08BBB99E4E145F9E81A3 11264 ----a-w- C:\Windows\Sysnative\pcawrk.exe
2015-03-11 06:19:06 94BC902494AFC9F5EBC5FBB61445D73F 82432 ----a-w- C:\Windows\Sysnative\cryptsp.dll
2015-03-11 06:19:06 84DB8EB3C184BB549ED90A842020F278 58880 ----a-w- C:\Windows\Sysnative\appidapi.dll
2015-03-11 06:19:06 72D4757510FDA69D729169C00AFC211E 32256 ----a-w- C:\Windows\Sysnative\appidsvc.dll
2015-03-11 06:19:06 56FD1BC602EE0E7949F92EE2EE327B72 284672 ----a-w- C:\Windows\Sysnative\EncDump.dll
2015-03-11 06:19:06 29088A5723C81BF75AD909AAB6A91610 50176 ----a-w- C:\Windows\Sysnative\srclient.dll
2015-03-11 06:19:06 00EE5D3E16D42F25F7813ACFA10EC803 24576 ----a-w- C:\Windows\Sysnative\mfpmp.exe
2015-03-11 06:19:05 FE03B35A22C3D2714B494FC2AB32AC5B 8704 ----a-w- C:\Windows\Sysnative\pcaevts.dll
2015-03-11 06:19:05 F43B09E257121ADC501ABE9367FAA850 9728 ----a-w- C:\Windows\Sysnative\spwmp.dll
2015-03-11 06:19:05 DBCD54B841F2B216B2F0F86E18205C22 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll
2015-03-11 06:19:05 D3F1F9C784BCCDF2C880669D69FC1970 5120 ----a-w- C:\Windows\Sysnative\msdxm.ocx
2015-03-11 06:19:05 D3F1F9C784BCCDF2C880669D69FC1970 5120 ----a-w- C:\Windows\Sysnative\dxmasf.dll
2015-03-11 06:19:04 77D49942BD5DC97723ABC8A6D2757B6E 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL
2015-03-11 06:19:03 8364A0F7633414DC5C50A37295B1FAFF 2048 ----a-w- C:\Windows\Sysnative\mferror.dll
2015-03-11 06:18:52 B5CBA15C9DEDBE914D24AA1494A82DF5 3179520 ----a-w- C:\Windows\Sysnative\rdpcorets.dll
2015-03-11 06:18:52 15C3986C015EA186BCB4E6096528D656 243200 ----a-w- C:\Windows\Sysnative\rdpudd.dll
2015-03-11 06:18:51 35308B0F821CE1E8EDC2FAB96F3073F3 16384 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll
2015-03-11 06:18:35 1FB81632476857E8451DDA8A456EF3CE 215552 ----a-w- C:\Windows\Sysnative\ubpm.dll
2015-03-11 06:18:33 01F9FEB7F0C84EA1AC6A9B4D7C6B0435 14177280 ----a-w- C:\Windows\Sysnative\shell32.dll
2015-03-11 06:18:31 0A4D03A4C0F908B15B8A4C48FB18F197 1424896 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll
2015-03-11 06:18:29 E88A78273D429554B6B2D2BDA945ED9B 1067520 ----a-w- C:\Windows\Sysnative\msctf.dll
2015-03-11 06:18:27 DB2904A4CEBC39DF8892A613BEC71512 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2015-03-11 06:18:27 3807605BDA83C0DA729A5219CEBB9041 341504 ----a-w- C:\Windows\Sysnative\schannel.dll
2015-03-11 06:18:26 9B644AC070576AAE701910874C241DBD 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll
2015-03-11 06:18:26 6536829F6EA1149527728A210F493B79 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll
2015-03-11 06:18:26 1DB278E5834B08F9A184F953F2D31FF7 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll
2015-03-11 06:18:25 E1404987DCD392AF9D67F6A26CE21175 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll
2015-03-11 06:18:25 7BC39275661EA7DEE54135AA26DF733E 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll
2015-03-11 06:18:25 28CC69865D5DC458EDDCEA35F01D71DA 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2015-03-11 06:18:24 FB95F6E11AAD62F24C2DB01E6E9D7BE7 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe
2015-03-11 06:18:24 B6C7729936AAF8E0697F0A7DCA82CED8 31232 ----a-w- C:\Windows\Sysnative\lsass.exe
2015-03-11 06:18:24 92F920EE9EAF7306B4AB8124D474AB52 22016 ----a-w- C:\Windows\Sysnative\credssp.dll
2015-03-11 06:18:24 54CD467B3A6DA02E9449DB7FB1830612 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll
2015-03-11 06:18:24 473BCBFFC55C9FE33D502035322E759D 28160 ----a-w- C:\Windows\Sysnative\secur32.dll
2015-03-11 06:18:23 65CF54B1D8CB1B085B6D8BC210E2C45F 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll
2015-03-11 06:18:23 543553AD3E30CB261C8B436DF644F23E 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll
2015-03-11 06:18:23 378B175D0F0A1C38026F280BF6C8D0C6 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll
2015-03-11 06:18:19 A0DEE06D68F210CA090FD4D9A33CDC12 3204096 ----a-w- C:\Windows\Sysnative\win32k.sys
2015-03-11 06:18:17 2CA6A98547E799812489E5ADF2774D97 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2015-03-11 06:18:17 289581F0FDA6B93A0FAFE979486AD6FA 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2015-03-11 06:18:16 08892A4ED848386E6B901723C1EF611B 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2015-03-11 06:18:15 D3EA5B5E606EF17804B5BF565BEAD937 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-03-11 06:18:15 D2BF72C0A9E26BE91C1DEEACF7C430E0 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll
2015-03-11 06:18:15 7FA2B43D940DF41E46B8049B59AB6639 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2015-03-11 06:18:14 585B29EFB4954902FD53C4F8F9A0D39F 389800 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2015-03-11 06:18:13 F5E5E96E188934BAB22C0916C91F46B3 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2015-03-11 06:18:13 501A38B72FA264605123B4FACF53F057 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll
2015-03-11 06:18:12 80B3AD73027A2CCD42C47EBF5C89124F 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2015-03-11 06:18:12 5443F21A33DB376734DBE47F7635542C 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2015-03-11 06:18:12 132862B0FC4A1B7CB45C274DE169DBB2 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-03-11 06:18:11 D0767EA3A59FA70C7ACF59EE0C8CD42A 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll
2015-03-11 06:18:11 9E9B757A677927110393A505822D9174 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2015-03-11 06:18:10 62269DEFF17AB006217330A24EA8577B 2886144 ----a-w- C:\Windows\Sysnative\iertutil.dll
2015-03-11 06:18:10 22C4867C690C38B18B2C1A0B072CD0C4 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2015-03-11 06:18:09 A1264D16AF506125C974775C833A063C 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2015-03-11 06:18:09 1EC0BF321D3B14D02B9A8BAC134570F4 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2015-03-11 06:18:08 FB8C4EE9889790466A0174923410649E 633856 ----a-w- C:\Windows\Sysnative\ieui.dll
2015-03-11 06:18:08 76B53D2150284E138B46410EA54967FA 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2015-03-11 06:18:08 2335F6BF8A127E31EB0E2D9A82F188A0 14398976 ----a-w- C:\Windows\Sysnative\ieframe.dll
2015-03-11 06:18:07 D373113A84C12BA7F07CE1E9CAF4747F 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2015-03-11 06:18:07 A9190899A35431CF8ABBEF5E1BB0C8F9 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2015-03-11 06:18:07 687E11F36832BFF65EF0CD2FA3DB1966 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll
2015-03-11 06:18:07 4870B24EA7D4EEF5E1C4675AC47796B8 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2015-03-11 06:18:07 40DF85D8B2B0171EF5F23AA1B5CD9A62 6035456 ----a-w- C:\Windows\Sysnative\jscript9.dll
2015-03-11 06:18:07 36F99BD8A0F09BDBB7850A138845A014 2358784 ----a-w- C:\Windows\Sysnative\wininet.dll
2015-03-11 06:18:06 667229C8F194D619D12F05943D7F61F0 199680 ----a-w- C:\Windows\Sysnative\msrating.dll
2015-03-11 06:18:06 1C393E42928BF55B3796E732B678CD5B 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2015-03-11 06:18:02 1193400D8E29A5A010135FB09A4EB1E8 25021440 ----a-w- C:\Windows\Sysnative\mshtml.dll
2015-03-11 06:16:35 CBA2694BFC61F371181F2BE2BCD66C40 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll
====== C:\Windows\Sysnative\drivers =====
2015-03-17 11:48:19 080598EFE474B7A28D7260C3AC389E36 30352 ----a-w- C:\Windows\Sysnative\drivers\dtlitescsibus.sys
2015-03-11 06:19:24 87BCD1034CBF33537D4D4C251D39BA26 94656 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys
2015-03-11 06:19:07 ED6E75158D28D33A2E2A020AC5B2B59D 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys
2015-03-11 06:19:05 90C53BD47979FB8814F465A08B885102 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys
2015-03-11 06:18:27 8BA90F480705D7153AD0060CCA62222A 155576 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-03-11 06:18:27 56ED3EE5FED6BF2FC1305CF872042868 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2015-03-11 06:18:27 27667A788130A7F7A5858DE27572E6D7 459336 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-03-17 11:48:13 -------- d-----w- C:\Program Files\DAEMON Tools Lite
======= C:\PROGRA~2 =====
2015-03-22 12:51:28 -------- d-----w- C:\PROGRA~2\Bandicam
2015-03-11 16:21:06 -------- d-----w- C:\PROGRA~2\Minecraft
2015-03-07 07:59:12 -------- d-----w- C:\PROGRA~2\Mirillis
======= C: =====
====== C:\Users\user6\AppData\Roaming ======
2015-03-23 19:57:06 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Baidu
2015-03-23 12:35:35 24E60A23E6ECEFDD3D7098FA03A4302F 3584 ----a-w- C:\Users\user6\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-22 11:47:20 -------- d-----w- C:\Users\user6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2015-03-09 11:14:55 -------- d-----w- C:\Users\user6\AppData\Roaming\MAXON
2015-03-07 08:06:33 -------- d-----w- C:\Users\user6\AppData\Roaming\Mirillis
2015-03-07 08:06:29 -------- d-----w- C:\Users\user6\AppData\Local\Mirillis
2015-02-22 17:12:44 -------- d-----w- C:\Users\user6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
====== C:\Users\user6 ======
2015-03-23 22:09:51 56A375A83CED75C331A67882D0C0F9DA 16502728 ----a-w- C:\Users\user6\Desktop\mbar-1.09.1.1004.exe
2015-03-23 19:57:04 -------- d-----w- C:\ProgramData\Baidu
2015-03-23 19:53:12 E55CCE4E4A0153A3122E76A3DA23B288 2168320 ----a-w- C:\Users\user6\Desktop\AdwCleaner.exe
2015-03-22 18:00:09 F58676DE827DD9A5F3A44A698E8B4663 2095616 ----a-w- C:\Users\user6\Desktop\FRST64.exe
2015-03-17 11:48:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-03-17 11:46:18 D3AB99ACD4D9CDC3663D1B36F4064808 13146016 ----a-w- C:\Users\user6\Downloads\DTLite501-0406.exe
2015-03-11 16:21:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-03-07 08:06:33 -------- d-----w- C:\ProgramData\Mirillis
2015-03-07 07:59:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis

====== C: exe-files ==
2015-03-23 22:10:47 FE9BD656A5F251D2BB90151325DA1B14 54072 ----a-w- C:\Users\user6\Desktop\mbar\mbamdor.exe
2015-03-23 22:10:47 5E29C495F48A9CFED856D097FED6ECE4 170296 ----a-w- C:\Users\user6\Desktop\mbar\mbar.exe
2015-03-23 22:10:46 7CBC1070E51238E59F7535C8F2344FB6 821560 ----a-w- C:\Users\user6\Desktop\mbar\Plugins\fixdamage.exe
2015-03-23 22:09:51 56A375A83CED75C331A67882D0C0F9DA 16502728 ----a-w- C:\Users\user6\Desktop\mbar-1.09.1.1004.exe
2015-03-23 21:40:30 875E1B7B8E832EF5CA95CA9D0D23C501 160712 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temp\FixSe.exe
2015-03-23 19:53:12 E55CCE4E4A0153A3122E76A3DA23B288 2168320 ----a-w- C:\Users\user6\Desktop\AdwCleaner.exe
2015-03-22 18:00:09 F58676DE827DD9A5F3A44A698E8B4663 2095616 ----a-w- C:\Users\user6\Desktop\FRST64.exe
2015-03-22 12:51:33 69FA987FDCBEE3488BB5F729E9671059 119087 ----a-w- C:\Program Files (x86)\Bandicam\uninstall.exe
2015-03-20 14:12:41 0EC0242B7EFA92AFDF538C8C7A70EDDF 5274920 ----a-w- C:\Users\user6\AppData\Local\NVIDIA\NvBackend\Packages\0000724f\DAO.19420491.exe
2015-03-20 12:28:17 A38E9C48F13C11CAB641A0C91F8F12A1 885840 ----a-w- C:\Program Files (x86)\Google\Update\Install\{BB14A20A-FAB0-4440-8CFA-832BBA28EBE7}\41.0.2272.101_41.0.2272.89_chrome_updater.exe
2015-03-20 12:28:17 A38E9C48F13C11CAB641A0C91F8F12A1 885840 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.101\41.0.2272.101_41.0.2272.89_chrome_updater.exe
2015-03-20 08:14:22 304F0859E65A2BBE271BEFCB7851C048 675256 ----a-w- C:\Users\user6\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-03-20 08:14:18 F71300ACCA78CC082E6BD32DB83706FB 172984 ----a-w- C:\Users\user6\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-03-18 14:10:41 9EC37BA26CBCF0A8397D62221C2CD0A1 439696 ----a-w- C:\Users\user6\AppData\Local\NVIDIA\NvBackend\Packages\000071cb\CoProc update.19413874.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2683369425-3361945966-1453627295-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\user6\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-2683369425-3361945966-1453627295-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\user6\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"
"hkey"="HKCU"
"command"="\"D:\\vuk\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RealDownloader]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RealDownloader"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\downloader2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TkBellExe"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\Update\\realsched.exe\" -osboot"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\RealPlayer Cloud Service UI.lnk"
"backup"="C:\\Windows\\pss\\RealPlayer Cloud Service UI.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\Real\\REALPL~1\\RPDS\\Bin64\\RPSYST~1.EXE "
"item"="RealPlayer Cloud Service UI"


==== Startup Folders ======================

2014-03-16 21:34:32 1310 ----a-w- C:\Users\user6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [02/05/2015 07:16 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/03/2014 02:10 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/03/2014 02:10 PM]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2683369425-3361945966-1453627295-1000Core.job --a------ C:\Users\user6\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2683369425-3361945966-1453627295-1000UA.job --a------ C:\Users\user6\AppData\Local\Google\Update\GoogleUpdate.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\FVPHQRKH" [C:\Users\user6\AppData\Roaming\FVPHQRKH.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2683369425-3361945966-1453627295-1000Core" [C:\Users\user6\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2683369425-3361945966-1453627295-1000UA" [C:\Users\user6\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\RealDownloader Update Check" [C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe]
"C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2683369425-3361945966-1453627295-1000" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2683369425-3361945966-1453627295-1000" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files (x86)\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{133ED77D-58FB-4F43-8C40-F249139BD11A}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{7BF69A36-5BD0-411F-98A4-C87BCC129704}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{B21FFA08-559B-4B7E-984C-B63C73BF471A}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{C0F55EF1-4853-4556-922F-DF3A21E32FF4}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{CD55ECA3-A956-4BE1-87FD-22B53F96FCCD}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{E82C8DE0-E221-4B32-A939-C76D85F8D63C}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{F7289DDC-A1D5-4B05-9670-9DA733F0566C}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default
user_pref("browser.startup.homepage", "www.google.com");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [11/10/2014 07:32 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\user6\AppData\Roaming\KompoZer\Profiles\qq3j173k.default
- Undetermined - %ProfilePath%\extensions\installed-extensions.txt
- KompoZer classic - %ProfilePath%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

ProfilePath: C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default
- skip_compatibility_checksdrockingcom - %ProfilePath%\extensions\skip_compatibility_check@sdrocking.com
- Instrument Test - %ProfilePath%\extensions\testpilot@labs.mozilla.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default
252949179FE1C491B7D16A9AA376B29B - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealPlayer Video Downloader for HTML5 (32-bit)
DCB0BCEF594E2C410793C4A823C318F3 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director
B5CFBB8AC7C0069D80DBEAA72F3CE9E2 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll - Shockwave for Director / Shockwave for Director
C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash
2BC6A052D9B153F6DC2F0E420FB4F407 - C:\Users\user6\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player


==== Chromium Look ======================

Google Chrome Version: 41.0.2272.101 (Latest Stable version: 41.0.2272.101)


aofkhphjhkanpddmfmbckdlcajhnehlf - user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\aofkhphjhkanpddmfmbckdlcajhnehlf
pmmemlnpjmfkcddknibchodllhnnidlp - user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmmemlnpjmfkcddknibchodllhnnidlp

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Tue 03/24/2015 at 17:30:18.30 ======================

Dopuna: 24 Mar 2015 18:03

I dalje je tu.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

aofkhphjhkanpddmfmbckdlcajhnehlf;chr
KompoZer classic;ff
C:\Users\user6\AppData\Roaming\KompoZer\Profiles\qq3j173k.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd};fs
skip_compatibility_checksdrockingcom;ff
C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default\extensions\skip_compatibility_check@sdrocking.com;fs
C:\ProgramData\Baidu;fs
emptyalltemp;
emptyclsid;
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadržaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zoek.exe v5.0.0.0 Updated 23-March-2015
Tool run by user6 on Tue 03/24/2015 at 19:08:33.09.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\user6\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-03-24-163018.log 46242 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\AspInfo deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~2\Rockstar Games deleted successfully
C:\PROGRA~2\Software Update Services deleted successfully
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\Users\user6\AppData\Roaming\Publish Providers deleted successfully
C:\Users\Administrator\AppData\Local\Comodo deleted successfully
C:\Users\Administrator\AppData\Local\Google deleted successfully
C:\Users\Guest\AppData\Local\Comodo deleted successfully
C:\Users\Guest\AppData\Local\Google deleted successfully
C:\Users\user6\AppData\Local\GHISLER deleted successfully
C:\Users\user6\AppData\Local\NokiaAccount deleted successfully
C:\Users\user6\AppData\Local\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2683369425-3361945966-1453627295-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\user6\AppData\Roaming\KompoZer\Profiles\qq3j173k.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20150324_0718_.backup

ProfilePath: C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20150324_0718_.backup

==== Batch Command(s) Run By Tool======================


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\AspInfo not found
C:\PROGRA~2\Origin Games not found
C:\PROGRA~2\Rockstar Games not found
C:\PROGRA~2\Software Update Services not found
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
C:\Users\user6\AppData\Roaming\KompoZer\Profiles\qq3j173k.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} deleted
C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default\extensions\skip_compatibility_check@sdrocking.com deleted
C:\ProgramData\Baidu deleted
C:\PROGRA~2\Sony Creative Software Inc deleted
C:\Program Files\Common Files\System\SysMenu64.dll deleted
C:\Users\user6\AppData\Roaming\bitlord_log.txt deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\user6\AppData\Local\Installer deleted
C:\Users\user6\AppData\Local\CrashRpt deleted
C:\Users\Public\Documents\GOOBZO deleted
C:\Users\Public\Documents\ShopperPro deleted
C:\Users\Public\Documents\YTAHelper deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\SysWOW64\LavasoftTcpService.dll deleted
C:\Windows\SysWOW64\LavasoftTcpService.ini deleted
C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini deleted
"C:\Users\user6\AppData\Roaming\.minecraft" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default
user_pref("browser.startup.homepage", "www.google.com");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [11/10/2014 07:32 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\user6\AppData\Roaming\KompoZer\Profiles\qq3j173k.default
- Undetermined - %ProfilePath%\extensions\installed-extensions.txt

ProfilePath: C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default
- Instrument Test - %ProfilePath%\extensions\testpilot@labs.mozilla.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default
252949179FE1C491B7D16A9AA376B29B - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealPlayer Video Downloader for HTML5 (32-bit)
DCB0BCEF594E2C410793C4A823C318F3 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director
B5CFBB8AC7C0069D80DBEAA72F3CE9E2 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll - Shockwave for Director / Shockwave for Director
C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash
2BC6A052D9B153F6DC2F0E420FB4F407 - C:\Users\user6\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player


==== Chromium Look ======================

Google Chrome Version: 41.0.2272.101 (Latest Stable version: 41.0.2272.101)


aofkhphjhkanpddmfmbckdlcajhnehlf - user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\aofkhphjhkanpddmfmbckdlcajhnehlf
pmmemlnpjmfkcddknibchodllhnnidlp - user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmmemlnpjmfkcddknibchodllhnnidlp

==== Chromium Fix ======================

C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\aofkhphjhkanpddmfmbckdlcajhnehlf deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\user6\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\user6\AppData\Local\Mozilla\Firefox\Profiles\g0r9vezx.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=6406 folders=842 850427707 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\user6\AppData\Local\Temp will be emptied at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\user6\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Tue 03/24/2015 at 19:27:39.19 ======================

Mislim da si ga spržio

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Reci mi kakvo je sada stanje?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Za ovih 10-ak minuta otvorio sam nekoliko sajtova, imam utisak da je sve u najboljem redu.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Onda bismo završili.

• Sledeća procedura će implementirati završno čišćenje.

Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Hvala na izdvojenom vremenu i trudu.
Skidam kapu.