|
Poslao: 11 Dec 2014 23:48
|
offline
- Pridružio: 09 Mar 2008
- Poruke: 42
|
Pozdrav
video sam da je već neko imao sličan problem, a manifesuje se podvučenim rečima i činimi se da mi se pojavljuju mnogo više reklamnih poruka tako da mi je i internet usporen .
Skenirao sam po upustvu i šaljem fajlove. Hvala unapred.
[Link mogu videti samo ulogovani korisnici]
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2014 02
Ran by Emil (administrator) on EMIL-PC on 11-12-2014 23:22:20
Running from C:\Users\Emil\Downloads
Loaded Profile: Emil (Available profiles: Emil)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Inglese (Stati Uniti)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(KYE) E:\SyTray.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(Samsung) C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Google Inc.) C:\Users\Emil\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Emil\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Google Inc.) C:\Users\Emil\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
() D:\Program Files\AirVideoServer\AirVideoServer.exe
() C:\Program Files (x86)\Samsung\PC Auto Backup\http_ss_win_pro.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) E:\iCloudServices.exe
(Apple Inc.) E:\ApplePhotoStreams.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIVE.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIVE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIVE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIVE.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) E:\iCloudDrive.exe
(Google Inc.) C:\Users\Emil\AppData\Local\Google\Chrome\Application\chrome.exe
(Samsung) C:\Program Files (x86)\Samsung\PC Auto Backup\AutoBackup.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Users\Emil\AppData\Local\Google\Chrome\Application\chrome.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Samsung Electronics Co., Ltd.) E:\samsung\AllShare\AllShareAgent.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Apple Inc.) D:\Program Files\iTunesHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Samsung Electronics Co., Ltd.) E:\samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6628968 2011-05-03] (Realtek Semiconductor)
HKLM\...\Run: [ErgoMedia] => E:\SyTray.exe [2118144 2007-02-27] (KYE)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AllShareAgent] => E:\samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295072 2013-02-11] (RealNetworks, Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe [254024 2014-02-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [Google Update] => C:\Users\Emil\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-16] (Google Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [D4D09671DCE1C9B02C971FD922736B217B064DC3._service_run] => C:\Users\Emil\AppData\Local\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [AirVideoServer] => D:\Program Files\AirVideoServer\AirVideoServer.exe [4935112 2012-07-20] ()
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [iCloudServices] => E:\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [ApplePhotoStreams] => E:\ApplePhotoStreams.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [EPLTarget\P0000000000000003] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [iCloudDrive] => E:\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [GoogleChromeAutoLaunch_4645029B69B0104988362C1262B0E0D2] => C:\Users\Emil\AppData\Local\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\MountPoints2: {6d86e02b-718a-11e3-8ee4-8c89a53239d9} - H:\iLinker.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PC Auto Backup.lnk
ShortcutTarget: PC Auto Backup.lnk -> C:\Program Files (x86)\Samsung\PC Auto Backup\AutoBackup.exe (Samsung)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-3395543027-3575646837-148787549-1000 -> DefaultScope {CD7D6E3B-F73E-4C8E-9F99-161B975BFBE5} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3395543027-3575646837-148787549-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3395543027-3575646837-148787549-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-21-3395543027-3575646837-148787549-1000 -> {CD7D6E3B-F73E-4C8E-9F99-161B975BFBE5} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&src=IE-SearchBox
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Aimersoft Video Converter Ultimate -> {54F73992-6549-4369-9A0D-84FD310A464A} -> D:\Nuova cartella\Video Converter Ultimate\SVRIEPlugin.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} [Link mogu videti samo ulogovani korisnici]
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867
FF NewTab: [Link mogu videti samo ulogovani korisnici]
FF Keyword.URL: [Link mogu videti samo ulogovani korisnici]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> E:\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> E:\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> E:\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4055459\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin HKU\S-1-5-21-3395543027-3575646837-148787549-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Emil\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3395543027-3575646837-148787549-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Emil\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3395543027-3575646837-148787549-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Emil\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3395543027-3575646837-148787549-1000: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: Battlefield Play4Free - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867\Extensions\battlefieldplay4free@ea.com [2014-11-08]
FF Extension: iCloud Bookmarks - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867\Extensions\firefoxdav@icloud.com [2014-11-15]
FF Extension: Italian dictionary - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867\Extensions\it-IT@dictionaries.addons.mozilla.org [2014-08-04]
FF Extension: Fox-It-S - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867\Extensions\{9671622f-d0b6-4470-9048-493765aa73c6} [2014-12-07]
FF Extension: MEGA - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867\Extensions\firefox@mega.co.nz.xpi [2014-05-04]
FF Extension: Adblock Plus - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-02-11]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2013-10-15]
FF HKLM-x32\...\Firefox\Extensions: [{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}] - D:\Nuova cartella\Video Converter Ultimate\SVRFirefoxExt
FF HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Firefox\Extensions: [{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}] - D:\Nuova cartella\Video Converter Ultimate\SVRFirefoxExt
Chrome:
=======
CHR HomePage: Default -> [Link mogu videti samo ulogovani korisnici]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> google.com_
CHR DefaultSearchURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-11-22]
CHR Extension: (App Kid ) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\amgpkhhebbdpmdfkjeabhdhlognbbihn [2014-04-21]
CHR Extension: (Google Drive) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-31]
CHR Extension: (WiBit) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejaaogemoligmkbmeafkhnaegkggihf [2013-11-22]
CHR Extension: (SKiD Racer) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhoaojooagiaaiidlnfhkkafjpbbnnno [2014-08-06]
CHR Extension: (Duckie Deck - Giochi per bambini) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkcldaifgljnnnikmmaoceclpcbfdaon [2013-12-24]
CHR Extension: (Extended Protection) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2013-10-16]
CHR Extension: (WGT Competizione di golf) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2013-11-22]
CHR Extension: (TradingView: Free Stock Charts) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dokcepkiahcpognlgpeeiompfhcleagb [2013-11-22]
CHR Extension: (TextSendr - Free Text Messages) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejgocgjichhbkknncchbobdlhkdkpbei [2013-11-22]
CHR Extension: (Aerei Propwash inseguimento) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\emkegpickpenagpeceliolfjegiigpjm [2014-09-29]
CHR Extension: (Google Finance) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp [2013-11-22]
CHR Extension: (Find Real Online Jobs) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhpjfomamdjggokehjfheaopneogiodn [2013-12-01]
CHR Extension: (World Time Buddy) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdhpjomiingppeefgnohkiapmnaeakoj [2013-11-22]
CHR Extension: (Bubble Translate) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhlebbhengjlhmcjebbkambaekglhkf [2013-11-22]
CHR Extension: (Neon Draw!) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcijegmhjbgohioljleomgdnebdaikmg [2014-04-21]
CHR Extension: (Speed Test Analysis) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb [2013-07-31]
CHR Extension: (Autodesk Homestyler) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2013-11-22]
CHR Extension: (Gamestar Mechanic) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnaekjigfleegmkcljigconlmmgcnbb [2014-04-21]
CHR Extension: (WealthLift Stock Research) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldadbkhmihakeinphpkmaeoaiglkgcag [2013-12-01]
CHR Extension: (Giochi per bambini) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfababnnniodhiofpdnkehkdekahgifb [2014-09-29]
CHR Extension: (Unlocking iPhone 4) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfjdcgbpimlljdnffjbhhpnncmlafgpk [2013-11-22]
CHR Extension: (Skype Click to Call) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-06]
CHR Extension: (Financial Calculator) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkogbjhaelililllocjljiooipepaeal [2013-11-22]
CHR Extension: (Need for Speed World) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk [2013-12-01]
CHR Extension: (Shareking Chart) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnngpcpedmpmdkpakplhpdoeapkhmgja [2013-11-22]
CHR Extension: (Google Wallet) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Scientific Calculator) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\npoipmeppdioagbkigdlnpmjphnolaog [2013-12-01]
CHR Extension: (Flow Colors) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbnmelddedlommnmllmfhoephaidddmk [2014-04-21]
CHR Extension: (Wikinvest Portfolio Manager) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpkgmnajebobcebngnagdabphfmooej [2013-11-22]
CHR Extension: ((zabranjeno)ing Sands Racing) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnafpgbiiobelphegdbieldnmojicndb [2013-12-01]
CHR HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Emil\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-12]
CHR HKLM-x32\...\Chrome\Extension: [cekcjpgehmohobmdiikfnopibipmgnml] - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [kckgnnipheglejoddfhekdjpbdbinhmb] - C:\Users\Emil\AppData\Roaming\SpeedTestAnalysis\speedtestanalysis.crx [2013-02-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-11-08] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-11-08] ()
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 SamsungAllShareV2.0; E:\samsung\AllShare\AllShareDMS\AllShareDMS.exe [25504 2012-03-02] (Samsung Electronics Co., Ltd.)
S3 SimpleSlideShowServer; E:\samsung\AllShare\AllShareSlideShowService.exe [27584 2012-03-02] (Samsung Electronics Co., Ltd.)
S3 wampapache; c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe [20549 2010-12-31] (Apache Software Foundation) [File not signed]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe [8133120 2010-12-31] () [File not signed]
R2 WiselinkPro; C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe [7278657 2013-02-08] (Samsung) [File not signed]
S2 70e6ca8c; "c:\progra~2\optimi~1\OptProCrash.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [42240 2013-07-31] (Advanced Micro Devices)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-05-21] (AVG Technologies)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-05-22] () [File not signed]
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
U4 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-11 23:22 - 2014-12-11 23:22 - 00037530 _____ () C:\Users\Emil\Downloads\FRST.txt
2014-12-11 23:21 - 2014-12-11 23:22 - 00000000 ___DC () C:\FRST
2014-12-11 23:20 - 2014-12-11 23:21 - 02119680 _____ (Farbar) C:\Users\Emil\Downloads\FRST64.exe
2014-12-11 19:59 - 2014-03-25 14:15 - 00060400 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-12-09 16:40 - 2014-12-09 16:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-08 01:47 - 2014-12-08 01:47 - 00181945 _____ () C:\Users\Emil\Downloads\185723-the100season01hr.zip
2014-12-07 20:34 - 2014-12-07 20:34 - 00000611 _____ () C:\Users\Emil\Desktop\BusinessCardsMX.lnk
2014-12-07 20:34 - 2014-12-07 20:34 - 00000000 ____D () C:\Users\Emil\AppData\Roaming\WebTest
2014-12-07 20:34 - 2014-12-07 20:34 - 00000000 ____D () C:\Users\Emil\AppData\Roaming\mojosoft
2014-12-07 20:34 - 2014-12-07 20:34 - 00000000 ____D () C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BusinessCards MX
2014-12-07 20:31 - 2014-12-07 20:33 - 91085136 _____ (mojosoft ) C:\Users\Emil\Desktop\BusinessCardsMX-setup.exe
2014-12-07 20:30 - 2014-12-07 20:30 - 00371056 _____ () C:\Users\Emil\Downloads\SoftonicDownloader_per_businesscards-mx.exe
2014-12-06 07:05 - 2014-12-06 07:05 - 00007917 _____ () C:\Users\Emil\Downloads\196364-halo.nightfall.s01e01.720p.webrip.x264.zip
2014-12-06 07:05 - 2014-12-06 07:05 - 00005567 _____ () C:\Users\Emil\Downloads\196365-halo.nightfall.s01e02.720p.webrip.zip
2014-12-06 01:13 - 2014-12-06 01:13 - 00039055 _____ () C:\Users\Emil\Downloads\196167-open.windows.2014.720p.bluray.x264.yifysrpski.zip
2014-11-30 02:54 - 2014-11-30 02:54 - 00028780 _____ () C:\Users\Emil\Downloads\195960-leftbehind2014.srp.zip
2014-11-30 02:52 - 2014-11-30 02:52 - 00048863 _____ () C:\Users\Emil\Downloads\195999-thejudge_2014_hdripx264ac3cpg.zip
2014-11-30 02:45 - 2014-11-30 02:46 - 00030425 _____ () C:\Users\Emil\Downloads\196018-fury.2014.dvdscr.x264.ac3blackjesussrb(1).zip
2014-11-30 02:44 - 2014-11-30 02:45 - 00030425 _____ () C:\Users\Emil\Downloads\196018-fury.2014.dvdscr.x264.ac3blackjesussrb.zip
2014-11-28 16:26 - 2014-11-28 16:26 - 00057839 _____ () C:\Users\Emil\Downloads\195629-interstellar_2014_srp.zip
2014-11-14 23:53 - 2014-11-14 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-11-14 23:50 - 2014-11-14 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-14 23:50 - 2014-11-14 23:50 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-14 23:50 - 2014-11-14 23:50 - 00000000 ____D () C:\Program Files\iTunes
2014-11-14 23:50 - 2014-11-14 23:50 - 00000000 ____D () C:\Program Files\iPod
2014-11-11 10:13 - 2014-11-11 10:13 - 00000000 ____D () C:\Users\Emil\AppData\Roaming\Verimatrix
2014-11-11 10:12 - 2014-11-11 10:12 - 00000000 ____D () C:\ProgramData\Verimatrix
2014-11-11 10:12 - 2014-11-11 10:12 - 00000000 ____D () C:\Program Files (x86)\Verimatrix
2014-11-11 10:12 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-11-11 10:11 - 2014-11-11 10:11 - 26324983 _____ () C:\Users\Emil\Downloads\player-plugin-pc_3.5.2.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-11 23:22 - 2012-09-09 20:19 - 00000000 ____D () C:\Users\Emil\AppData\Roaming\Skype
2014-12-11 23:17 - 2012-09-09 21:05 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-11 23:07 - 2009-07-14 05:45 - 00031712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-11 23:07 - 2009-07-14 05:45 - 00031712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-11 23:05 - 2012-09-09 20:49 - 00758170 _____ () C:\Windows\system32\perfh010.dat
2014-12-11 23:05 - 2012-09-09 20:49 - 00152714 _____ () C:\Windows\system32\perfc010.dat
2014-12-11 23:05 - 2009-07-14 06:13 - 01710088 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-11 23:03 - 2012-09-21 15:26 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-11 23:03 - 2008-01-01 12:24 - 01063531 _____ () C:\Windows\WindowsUpdate.log
2014-12-11 23:01 - 2012-09-16 14:32 - 00001156 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3395543027-3575646837-148787549-1000UA.job
2014-12-11 23:00 - 2014-10-22 11:20 - 00000000 ___RD () C:\Users\Emil\iCloudDrive
2014-12-11 23:00 - 2014-05-06 00:41 - 00000000 __HDC () C:\jexepackres
2014-12-11 23:00 - 2013-01-15 13:21 - 00000354 _____ () C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job
2014-12-11 23:00 - 2013-01-14 16:33 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-11 23:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-11 23:00 - 2009-07-14 05:51 - 00177184 _____ () C:\Windows\setupact.log
2014-12-11 22:58 - 2014-06-18 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-12-11 22:55 - 2013-01-14 16:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-11 22:15 - 2013-02-24 19:10 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3395543027-3575646837-148787549-1000UA.job
2014-12-11 22:01 - 2012-09-16 14:32 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3395543027-3575646837-148787549-1000Core.job
2014-12-10 19:46 - 2012-09-16 14:37 - 00002364 _____ () C:\Users\Emil\Desktop\Google Chrome.lnk
2014-12-10 19:15 - 2013-02-24 19:10 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3395543027-3575646837-148787549-1000Core.job
2014-12-10 12:12 - 2012-09-09 20:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 23:17 - 2013-11-30 20:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 23:17 - 2012-09-09 21:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 23:17 - 2012-09-09 21:05 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-08 07:42 - 2012-10-26 18:52 - 00000000 ____D () C:\Users\Emil\AppData\Roaming\uTorrent
2014-12-08 01:47 - 2012-09-21 19:25 - 00018198 _____ () C:\Users\Emil\AppData\Roaming\mainhst.zgh
2014-12-07 22:11 - 2012-09-12 07:21 - 00000000 ____D () C:\Users\Emil\Documents\1dokumenti
2014-12-03 09:28 - 2012-09-09 20:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-03 09:28 - 2012-09-09 20:19 - 00000000 ____D () C:\ProgramData\Skype
2014-12-01 05:11 - 2014-10-22 11:20 - 00000000 ____D () C:\Users\Emil\AppData\Local\B9A3E800-D073-4375-83A8-0D6EAAA1C9ED.aplzod
2014-11-27 10:40 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-15 21:56 - 2012-09-16 14:32 - 00004128 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3395543027-3575646837-148787549-1000UA
2014-11-15 21:56 - 2012-09-16 14:32 - 00003732 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3395543027-3575646837-148787549-1000Core
2014-11-14 23:50 - 2014-09-28 00:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-14 23:50 - 2014-05-02 15:51 - 00001474 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-14 23:50 - 2014-05-02 15:51 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-14 23:50 - 2013-01-14 16:33 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 23:50 - 2013-01-14 16:33 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 15:25 - 2014-10-20 09:10 - 00000983 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-11-12 09:43 - 2012-09-21 15:57 - 00000000 __HDC () C:\$AVG
2014-11-12 09:36 - 2010-11-21 04:47 - 00691490 _____ () C:\Windows\PFRO.log
Some content of TEMP:
====================
C:\Users\Emil\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr6eze0.dll
C:\Users\Emil\AppData\Local\Temp\ExPromo.exe
C:\Users\Emil\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Emil\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Emil\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Emil\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Emil\AppData\Local\Temp\NEventMessages.dll
C:\Users\Emil\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Emil\AppData\Local\Temp\npp.6.6.8.Installer.exe
C:\Users\Emil\AppData\Local\Temp\nvStInst.exe
C:\Users\Emil\AppData\Local\Temp\SimBundD.exe
C:\Users\Emil\AppData\Local\Temp\un18458.exe
C:\Users\Emil\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Emil\AppData\Local\Temp\{061EBBDF-95B1-4CD5-8E3D-621B60586049}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-05 00:57
==================== End Of Log ============================
[Link mogu videti samo ulogovani korisnici]
|
|
|
|
|
|
|
Poslao: 12 Dec 2014 00:38
|
offline
- Sass Drake
- Anti Malware Fighter
Rank 2
- Pridružio: 26 Avg 2010
- Poruke: 10622
- Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building
|
Imaš instalirana dva antivirusna programa AVG 2015 i Panda Free Antivirus. Idi u Control Panel -> Programs and Features i deinstaliraj jedan od njih.
Kada to uradiš, pokreni FRST64.exe sa Desktopa, označi opciju Addition.txt, klikni na Scan i kada završi postavi mi nove FRST.txt i Addition.txt izvještaje na uvid.
|
|
|
|
|
|
|
Poslao: 12 Dec 2014 00:52
|
offline
- Pridružio: 09 Mar 2008
- Poruke: 42
|
[Link mogu videti samo ulogovani korisnici]
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2014 02
Ran by Emil (administrator) on EMIL-PC on 12-12-2014 00:45:53
Running from C:\Users\Emil\Desktop
Loaded Profile: Emil (Available profiles: Emil)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Inglese (Stati Uniti)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(KYE) E:\SyTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Google Inc.) C:\Users\Emil\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Emil\AppData\Local\Google\Chrome\Application\chrome.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
() D:\Program Files\AirVideoServer\AirVideoServer.exe
(Samsung) C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe
(Apple Inc.) E:\iCloudServices.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Apple Inc.) E:\ApplePhotoStreams.exe
() C:\Program Files (x86)\Samsung\PC Auto Backup\http_ss_win_pro.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Google Inc.) C:\Users\Emil\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIVE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIVE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIVE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIVE.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) E:\iCloudDrive.exe
(Google Inc.) C:\Users\Emil\AppData\Local\Google\Chrome\Application\chrome.exe
(Samsung) C:\Program Files (x86)\Samsung\PC Auto Backup\AutoBackup.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Users\Emil\AppData\Local\Google\Chrome\Application\chrome.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Samsung Electronics Co., Ltd.) E:\samsung\AllShare\AllShareAgent.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) D:\Program Files\iTunesHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6628968 2011-05-03] (Realtek Semiconductor)
HKLM\...\Run: [ErgoMedia] => E:\SyTray.exe [2118144 2007-02-27] (KYE)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AllShareAgent] => E:\samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295072 2013-02-11] (RealNetworks, Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe [254024 2014-02-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [Google Update] => C:\Users\Emil\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-16] (Google Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [D4D09671DCE1C9B02C971FD922736B217B064DC3._service_run] => C:\Users\Emil\AppData\Local\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [AirVideoServer] => D:\Program Files\AirVideoServer\AirVideoServer.exe [4935112 2012-07-20] ()
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [iCloudServices] => E:\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [ApplePhotoStreams] => E:\ApplePhotoStreams.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [EPLTarget\P0000000000000003] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [iCloudDrive] => E:\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Run: [GoogleChromeAutoLaunch_4645029B69B0104988362C1262B0E0D2] => C:\Users\Emil\AppData\Local\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\MountPoints2: {6d86e02b-718a-11e3-8ee4-8c89a53239d9} - H:\iLinker.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PC Auto Backup.lnk
ShortcutTarget: PC Auto Backup.lnk -> C:\Program Files (x86)\Samsung\PC Auto Backup\AutoBackup.exe (Samsung)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Emil\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-21-3395543027-3575646837-148787549-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3395543027-3575646837-148787549-1000 -> {CD7D6E3B-F73E-4C8E-9F99-161B975BFBE5} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&src=IE-SearchBox
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Aimersoft Video Converter Ultimate -> {54F73992-6549-4369-9A0D-84FD310A464A} -> D:\Nuova cartella\Video Converter Ultimate\SVRIEPlugin.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} [Link mogu videti samo ulogovani korisnici]
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867
FF NewTab: [Link mogu videti samo ulogovani korisnici]
FF Keyword.URL: [Link mogu videti samo ulogovani korisnici]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> E:\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> E:\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> E:\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4055459\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin HKU\S-1-5-21-3395543027-3575646837-148787549-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Emil\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3395543027-3575646837-148787549-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Emil\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3395543027-3575646837-148787549-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Emil\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3395543027-3575646837-148787549-1000: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF Extension: Battlefield Play4Free - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867\Extensions\battlefieldplay4free@ea.com [2014-11-08]
FF Extension: iCloud Bookmarks - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867\Extensions\firefoxdav@icloud.com [2014-11-15]
FF Extension: Italian dictionary - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867\Extensions\it-IT@dictionaries.addons.mozilla.org [2014-08-04]
FF Extension: Fox-It-S - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867\Extensions\{9671622f-d0b6-4470-9048-493765aa73c6} [2014-12-07]
FF Extension: MEGA - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867\Extensions\firefox@mega.co.nz.xpi [2014-05-04]
FF Extension: Adblock Plus - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\daj5awau.default-1381954083867\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-02-11]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2013-10-15]
FF HKLM-x32\...\Firefox\Extensions: [{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}] - D:\Nuova cartella\Video Converter Ultimate\SVRFirefoxExt
FF HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Firefox\Extensions: [{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}] - D:\Nuova cartella\Video Converter Ultimate\SVRFirefoxExt
Chrome:
=======
CHR HomePage: Default -> [Link mogu videti samo ulogovani korisnici]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> google.com_
CHR DefaultSearchURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-11-22]
CHR Extension: (App Kid ) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\amgpkhhebbdpmdfkjeabhdhlognbbihn [2014-04-21]
CHR Extension: (Google Drive) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-31]
CHR Extension: (WiBit) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejaaogemoligmkbmeafkhnaegkggihf [2013-11-22]
CHR Extension: (SKiD Racer) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhoaojooagiaaiidlnfhkkafjpbbnnno [2014-08-06]
CHR Extension: (Duckie Deck - Giochi per bambini) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkcldaifgljnnnikmmaoceclpcbfdaon [2013-12-24]
CHR Extension: (WGT Competizione di golf) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2013-11-22]
CHR Extension: (TradingView: Free Stock Charts) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dokcepkiahcpognlgpeeiompfhcleagb [2013-11-22]
CHR Extension: (TextSendr - Free Text Messages) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejgocgjichhbkknncchbobdlhkdkpbei [2013-11-22]
CHR Extension: (Aerei Propwash inseguimento) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\emkegpickpenagpeceliolfjegiigpjm [2014-09-29]
CHR Extension: (Google Finance) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp [2013-11-22]
CHR Extension: (Find Real Online Jobs) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhpjfomamdjggokehjfheaopneogiodn [2013-12-01]
CHR Extension: (World Time Buddy) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdhpjomiingppeefgnohkiapmnaeakoj [2013-11-22]
CHR Extension: (Bubble Translate) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhlebbhengjlhmcjebbkambaekglhkf [2013-11-22]
CHR Extension: (Neon Draw!) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcijegmhjbgohioljleomgdnebdaikmg [2014-04-21]
CHR Extension: (Autodesk Homestyler) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2013-11-22]
CHR Extension: (Gamestar Mechanic) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnaekjigfleegmkcljigconlmmgcnbb [2014-04-21]
CHR Extension: (WealthLift Stock Research) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldadbkhmihakeinphpkmaeoaiglkgcag [2013-12-01]
CHR Extension: (Giochi per bambini) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfababnnniodhiofpdnkehkdekahgifb [2014-09-29]
CHR Extension: (Unlocking iPhone 4) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfjdcgbpimlljdnffjbhhpnncmlafgpk [2013-11-22]
CHR Extension: (Financial Calculator) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkogbjhaelililllocjljiooipepaeal [2013-11-22]
CHR Extension: (Need for Speed World) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk [2013-12-01]
CHR Extension: (Shareking Chart) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnngpcpedmpmdkpakplhpdoeapkhmgja [2013-11-22]
CHR Extension: (Google Wallet) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Scientific Calculator) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\npoipmeppdioagbkigdlnpmjphnolaog [2013-12-01]
CHR Extension: (Flow Colors) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbnmelddedlommnmllmfhoephaidddmk [2014-04-21]
CHR Extension: (Wikinvest Portfolio Manager) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpkgmnajebobcebngnagdabphfmooej [2013-11-22]
CHR Extension: ((zabranjeno)ing Sands Racing) - C:\Users\Emil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnafpgbiiobelphegdbieldnmojicndb [2013-12-01]
CHR HKU\S-1-5-21-3395543027-3575646837-148787549-1000\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Emil\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-12]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [kckgnnipheglejoddfhekdjpbdbinhmb] - C:\Users\Emil\AppData\Roaming\SpeedTestAnalysis\speedtestanalysis.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-11-08] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-11-08] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S2 SamsungAllShareV2.0; E:\samsung\AllShare\AllShareDMS\AllShareDMS.exe [25504 2012-03-02] (Samsung Electronics Co., Ltd.)
S3 SimpleSlideShowServer; E:\samsung\AllShare\AllShareSlideShowService.exe [27584 2012-03-02] (Samsung Electronics Co., Ltd.)
S3 wampapache; c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe [20549 2010-12-31] (Apache Software Foundation) [File not signed]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe [8133120 2010-12-31] () [File not signed]
R2 WiselinkPro; C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe [7278657 2013-02-08] (Samsung) [File not signed]
S2 70e6ca8c; "c:\progra~2\optimi~1\OptProCrash.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [42240 2013-07-31] (Advanced Micro Devices)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-05-21] (AVG Technologies)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-05-22] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
U4 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-12 00:45 - 2014-12-12 00:46 - 00033442 _____ () C:\Users\Emil\Desktop\FRST.txt
2014-12-12 00:45 - 2014-12-11 23:21 - 02119680 _____ (Farbar) C:\Users\Emil\Desktop\FRST64.exe
2014-12-12 00:28 - 2014-12-12 00:28 - 00007927 _____ () C:\Users\Emil\Downloads\adwclen.txt
2014-12-12 00:03 - 2014-12-12 00:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-12 00:03 - 2014-12-12 00:03 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-12 00:03 - 2014-12-12 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-12 00:03 - 2014-12-12 00:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-12 00:03 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-12 00:03 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-12 00:03 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-12 00:00 - 2014-12-12 00:02 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Emil\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-11 23:48 - 2014-12-11 23:51 - 02166272 _____ () C:\Users\Emil\Downloads\AdwCleaner.exe
2014-12-11 23:28 - 2014-12-11 23:28 - 00049461 _____ () C:\Users\Emil\Downloads\snimanje frst.txt
2014-12-11 23:23 - 2014-12-11 23:28 - 00049461 _____ () C:\Users\Emil\Downloads\Addition.txt
2014-12-11 23:22 - 2014-12-11 23:39 - 00047619 _____ () C:\Users\Emil\Downloads\FRST.txt
2014-12-11 23:21 - 2014-12-12 00:45 - 00000000 ___DC () C:\FRST
2014-12-11 23:20 - 2014-12-11 23:21 - 02119680 _____ (Farbar) C:\Users\Emil\Downloads\FRST64.exe
2014-12-09 16:40 - 2014-12-09 16:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-07 20:34 - 2014-12-07 20:34 - 00000611 _____ () C:\Users\Emil\Desktop\BusinessCardsMX.lnk
2014-12-07 20:34 - 2014-12-07 20:34 - 00000000 ____D () C:\Users\Emil\AppData\Roaming\WebTest
2014-12-07 20:34 - 2014-12-07 20:34 - 00000000 ____D () C:\Users\Emil\AppData\Roaming\mojosoft
2014-12-07 20:34 - 2014-12-07 20:34 - 00000000 ____D () C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BusinessCards MX
2014-12-07 20:31 - 2014-12-07 20:33 - 91085136 _____ (mojosoft ) C:\Users\Emil\Desktop\BusinessCardsMX-setup.exe
2014-12-07 20:30 - 2014-12-07 20:30 - 00371056 _____ () C:\Users\Emil\Downloads\SoftonicDownloader_per_businesscards-mx.exe
2014-11-14 23:53 - 2014-11-14 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-11-14 23:50 - 2014-11-14 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-14 23:50 - 2014-11-14 23:50 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-14 23:50 - 2014-11-14 23:50 - 00000000 ____D () C:\Program Files\iTunes
2014-11-14 23:50 - 2014-11-14 23:50 - 00000000 ____D () C:\Program Files\iPod
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-12 00:45 - 2012-09-09 20:19 - 00000000 ____D () C:\Users\Emil\AppData\Roaming\Skype
2014-12-12 00:44 - 2014-10-22 11:20 - 00000000 ___RD () C:\Users\Emil\iCloudDrive
2014-12-12 00:44 - 2014-07-29 01:42 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-12-12 00:44 - 2014-05-06 00:41 - 00000000 __HDC () C:\jexepackres
2014-12-12 00:44 - 2013-01-15 13:21 - 00000354 _____ () C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job
2014-12-12 00:44 - 2013-01-14 16:33 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-12 00:44 - 2010-11-21 04:47 - 00693474 _____ () C:\Windows\PFRO.log
2014-12-12 00:44 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-12 00:44 - 2009-07-14 05:51 - 00177352 _____ () C:\Windows\setupact.log
2014-12-12 00:44 - 2009-07-14 05:45 - 00464992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-12 00:43 - 2008-01-01 12:24 - 01071164 _____ () C:\Windows\WindowsUpdate.log
2014-12-12 00:42 - 2014-07-29 01:42 - 00000000 ____D () C:\Users\Emil\AppData\Roaming\Panda Security
2014-12-12 00:42 - 2014-07-29 01:02 - 00000000 ____D () C:\ProgramData\Panda Security
2014-12-12 00:42 - 2012-09-16 14:08 - 00118840 _____ () C:\Users\Emil\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-12 00:33 - 2009-07-14 05:45 - 00031712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-12 00:33 - 2009-07-14 05:45 - 00031712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-12 00:31 - 2012-09-09 20:49 - 00758170 _____ () C:\Windows\system32\perfh010.dat
2014-12-12 00:31 - 2012-09-09 20:49 - 00152714 _____ () C:\Windows\system32\perfc010.dat
2014-12-12 00:31 - 2009-07-14 06:13 - 01710088 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-12 00:25 - 2013-08-29 21:10 - 00000000 ___DC () C:\AdwCleaner
2014-12-12 00:25 - 2012-09-16 14:37 - 00000000 ____D () C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-12 00:25 - 2008-01-01 12:26 - 00000973 _____ () C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-12 00:20 - 2010-11-21 08:16 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
2014-12-12 00:17 - 2012-09-09 21:05 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-12 00:13 - 2012-09-21 15:26 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-12 00:03 - 2012-09-09 20:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-12 00:01 - 2012-09-16 14:32 - 00001156 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3395543027-3575646837-148787549-1000UA.job
2014-12-11 23:55 - 2013-01-14 16:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-11 22:58 - 2014-06-18 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-12-11 22:15 - 2013-02-24 19:10 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3395543027-3575646837-148787549-1000UA.job
2014-12-11 22:01 - 2012-09-16 14:32 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3395543027-3575646837-148787549-1000Core.job
2014-12-10 19:46 - 2012-09-16 14:37 - 00002364 _____ () C:\Users\Emil\Desktop\Google Chrome.lnk
2014-12-10 19:15 - 2013-02-24 19:10 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3395543027-3575646837-148787549-1000Core.job
2014-12-10 12:12 - 2012-09-09 20:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 23:17 - 2013-11-30 20:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 23:17 - 2012-09-09 21:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 23:17 - 2012-09-09 21:05 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-08 07:42 - 2012-10-26 18:52 - 00000000 ____D () C:\Users\Emil\AppData\Roaming\uTorrent
2014-12-08 01:47 - 2012-09-21 19:25 - 00018198 _____ () C:\Users\Emil\AppData\Roaming\mainhst.zgh
2014-12-07 22:11 - 2012-09-12 07:21 - 00000000 ____D () C:\Users\Emil\Documents\1dokumenti
2014-12-03 09:28 - 2012-09-09 20:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-03 09:28 - 2012-09-09 20:19 - 00000000 ____D () C:\ProgramData\Skype
2014-12-01 05:11 - 2014-10-22 11:20 - 00000000 ____D () C:\Users\Emil\AppData\Local\B9A3E800-D073-4375-83A8-0D6EAAA1C9ED.aplzod
2014-11-27 10:40 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-15 21:56 - 2012-09-16 14:32 - 00004128 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3395543027-3575646837-148787549-1000UA
2014-11-15 21:56 - 2012-09-16 14:32 - 00003732 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3395543027-3575646837-148787549-1000Core
2014-11-14 23:50 - 2014-09-28 00:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-14 23:50 - 2014-05-02 15:51 - 00001474 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-14 23:50 - 2014-05-02 15:51 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-14 23:50 - 2013-01-14 16:33 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 23:50 - 2013-01-14 16:33 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 15:25 - 2014-10-20 09:10 - 00000983 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-11-12 09:43 - 2012-09-21 15:57 - 00000000 __HDC () C:\$AVG
Some content of TEMP:
====================
C:\Users\Emil\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr6eze0.dll
C:\Users\Emil\AppData\Local\Temp\ExPromo.exe
C:\Users\Emil\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Emil\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Emil\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Emil\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Emil\AppData\Local\Temp\NEventMessages.dll
C:\Users\Emil\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Emil\AppData\Local\Temp\npp.6.6.8.Installer.exe
C:\Users\Emil\AppData\Local\Temp\nvStInst.exe
C:\Users\Emil\AppData\Local\Temp\Quarantine.exe
C:\Users\Emil\AppData\Local\Temp\SimBundD.exe
C:\Users\Emil\AppData\Local\Temp\sqlite3.dll
C:\Users\Emil\AppData\Local\Temp\un18458.exe
C:\Users\Emil\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Emil\AppData\Local\Temp\{061EBBDF-95B1-4CD5-8E3D-621B60586049}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-05 00:57
==================== End Of Log ============================
[Link mogu videti samo ulogovani korisnici]
|
|
|
|
|
|
|
|
|
Poslao: 12 Dec 2014 15:58
|
offline
- Pridružio: 09 Mar 2008
- Poruke: 42
|
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]
|
|
|
|
|
|
|
Poslao: 12 Dec 2014 16:14
|
offline
- Sass Drake
- Anti Malware Fighter
Rank 2
- Pridružio: 26 Avg 2010
- Poruke: 10622
- Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building
|
Kakvo je sada stanje?
|
|
|
|
|
|
|
Poslao: 12 Dec 2014 16:38
|
offline
- Pridružio: 09 Mar 2008
- Poruke: 42
|
Pozdrav
svaka čast ,mislim da se već bolje ponaša komp, slova više nisu podvučena. Ovo je jedno od najdragocenijh mesta na internetu.
Koja preporuka bi bila za izbegavanje ovakvih problema antivirus izgleda nije bas neka zaštita.
|
|
|
|
|
|
|
|
|
Poslao: 12 Dec 2014 17:23
|
offline
- Pridružio: 09 Mar 2008
- Poruke: 42
|
Napisano: 12 Dec 2014 17:20
Malwarebytes Anti-Malware
[Link mogu videti samo ulogovani korisnici]
Scan Date: 12/12/2014
ovo je onaj prvi mba-log, ali sistem-log nemogu da nadjem gde je
Scan Time: 16:52:33
Logfile:
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2014.12.12.04
Rootkit Database: v2014.12.08.03
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Emil
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 362673
Time Elapsed: 8 min, 14 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3395543027-3575646837-148787549-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TelevisionFanatic, Quarantined, [777dc899de9efe3817ae4b2912f13bc5],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 5
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\mz, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\skin, Quarantined, [866ed78af488f442a51f0a40b0539b65],
Files: 20
PUP.Optional.Softonic, C:\Users\Emil\Downloads\SoftonicDownloader_per_businesscards-mx.exe, Quarantined, [4ea68dd4e4984ee8446c3f1be31da858],
PUP.Optional.OpenCandy, C:\Users\Emil\Downloads\GOMPLAYERENSETUP.EXE, Quarantined, [8f65194885f7ba7c2ac8454ce61fd32d],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome.manifest, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\install.rdf, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\background.html, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\bg.js, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\button.xml, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\config.js, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\content.js, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\framework.js, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\framework.xul, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\icon128.png, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\icon16.png, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\icon48.png, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\jquery-1.6.2.min.js, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\options.xul, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\settings.json, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\mz\background.js, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\content\mz\content.js, Quarantined, [866ed78af488f442a51f0a40b0539b65],
PUP.Optional.SmileyBar.A, C:\Users\Emil\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks\chrome\skin\framework.css, Quarantined, [866ed78af488f442a51f0a40b0539b65],
Physical Sectors: 0
(No malicious items detected)
(end)
Dopuna: 12 Dec 2014 17:23
ovo je slika iz karantina dali da izbrišem sve ovo
|
|
|
|
|
|
|
Poslao: 12 Dec 2014 17:24
|
offline
- Sass Drake
- Anti Malware Fighter
Rank 2
- Pridružio: 26 Avg 2010
- Poruke: 10622
- Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building
|
Nisi ispratio ono što sam ti napisao.
|
|
|
|
|
|
Dvoklikom pokreni 
) na ikonicu programa:
