Positive finds ads.

1

Positive finds ads.

offline
  • Pridružio: 11 Feb 2012
  • Poruke: 25

Poštovani,

posle jako dugo vremena vam se ponovo javljam. naime, pre par dana je drugar instalirao na ovaj računar nešto, a zajedno sa tim i positive finds ads. Izuzetno iritirajuće. Pokušao sam sken sa Avastom, MalwareBytsom, HitmanPro-om i Adwcleaner. Na karaju sam pustio i Eset online AV. međutim, problem i dalje postoji.

Ako možete da izdvojite vremena za moj problem bio bih vam duboko zahvalan!

Unapred hvala

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by Vitez (administrator) on VITEZ-10 on 10-02-2015 13:00:33
Running from C:\Users\Vitez\Desktop
Loaded Profiles: Vitez (Available profiles: Vitez & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(BitTorrent Inc.) C:\Users\Vitez\AppData\Roaming\uTorrent\uTorrent.exe
(Gretech Corporation) C:\Program Files (x86)\GRETECH\GomAudio\Goma.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACPW06EN] => C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [1234120 2012-12-17] (ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-16] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1348176 2012-09-20] (ABBYY)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478600 2013-05-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
HKLM-x32\...\Run: [Gaming 3] => "C:\Gaming Mouse\Gaming 3.exe" /hide
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [GarenaPlus] => C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [9899312 2014-02-26] ()
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911032 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [uTorrent] => C:\Users\Vitez\AppData\Roaming\uTorrent\uTorrent.exe [1377872 2015-01-22] (BitTorrent Inc.)
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [GomAudio] => C:\Program Files (x86)\GRETECH\GomAudio\Goma.exe [4918872 2014-05-19] (Gretech Corporation)
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {1280938c-f4cd-11e3-aee0-902b34737702} - G:\npeuinst.exe
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {8a9229b6-2f09-11e3-bbd2-902b34737702} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {8f15efa5-a0f8-11e2-b0b1-902b34737702} - D:\Setup.exe
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {e2bd7ccd-03ed-11e3-8206-902b34737702} - D:\setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-904190866-3107325068-606562831-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-904190866-3107325068-606562831-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-904190866-3107325068-606562831-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin HKU\S-1-5-21-904190866-3107325068-606562831-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-04-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-08]

Chrome:
=======
CHR HomePage: Default -> google.rs/
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSuggestURL: Default -> google.com/complete/search?client=chrome&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\gcswf32.dll No File
CHR Plugin: (Norton Confidential) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-08]
CHR Extension: (Google Search) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-08]
CHR Extension: (AdBlock) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-28]
CHR Extension: (Avast Online Security) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-08]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-04-26]
CHR Extension: (Google Wallet) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Gmail) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-08]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-05-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [821840 2012-07-19] (ABBYY)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [361888 2012-07-25] (HP)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-09-18] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-07] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 tor; "C:\Program Files (x86)\Tor\tor.exe" --nt-service "-ControlPort" "9051" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-02] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-08-14] (Disc Soft Ltd)
S3 L6UX2; C:\Windows\System32\Drivers\L6UX264.sys [894592 2010-08-04] (Line 6)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 zghsser; C:\Windows\System32\DRIVERS\zghsser.sys [131976 2012-10-31] (ZTE Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2045-04-17 02:25 - 2045-04-17 02:25 - 00000000 ____D () C:\Users\Vitez\Documents\Steinberg
2045-04-17 02:25 - 2014-04-17 05:18 - 00000000 ____D () C:\Users\Vitez\Documents\Cubase LE AI Elements Projects
2045-04-17 02:24 - 2045-04-17 02:24 - 00000000 ____D () C:\Users\Vitez\Documents\VST3 Presets
2045-04-17 02:20 - 2045-04-17 02:20 - 00000000 ____D () C:\Program Files\Common Files\Steinberg
2045-04-17 02:19 - 2045-04-17 02:19 - 00000000 ____D () C:\ProgramData\Steinberg
2045-04-17 02:18 - 2045-04-17 02:25 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\Steinberg
2045-04-17 02:18 - 2045-04-17 02:18 - 00002892 _____ () C:\Windows\SysWOW64\audcon.sys
2045-04-17 02:18 - 2045-04-17 02:18 - 00000049 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2045-04-17 02:18 - 2045-04-17 02:18 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 7 64bit
2045-04-17 02:18 - 2045-04-17 02:18 - 00000000 ____D () C:\ProgramData\Syncrosoft
2045-04-17 02:18 - 2045-04-17 02:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2045-04-17 02:18 - 2045-04-17 02:18 - 00000000 ____D () C:\Program Files\Steinberg
2045-04-17 02:18 - 2045-04-17 02:18 - 00000000 ____D () C:\Program Files\Common Files\Propellerhead Software
2045-04-17 02:18 - 2045-04-17 02:18 - 00000000 ____D () C:\Program Files (x86)\Syncrosoft
2045-04-17 02:18 - 2011-12-14 20:21 - 00086016 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe
2045-04-17 02:17 - 2045-04-17 02:18 - 00000000 ____D () C:\ProgramData\eLicenser
2045-04-17 02:17 - 2045-04-17 02:18 - 00000000 ____D () C:\Program Files (x86)\eLicenser
2045-04-17 02:17 - 2045-04-17 02:17 - 00000000 ____D () C:\Program Files\eLicenser
2045-04-17 02:17 - 2012-12-07 16:48 - 01714176 _____ (Steinberg Media Technologies GmbH) C:\Windows\system32\SYNSOACC.dll
2045-04-17 02:17 - 2012-12-07 16:48 - 01277952 _____ (Steinberg Media Technologies GmbH) C:\Windows\SysWOW64\SYNSOACC.dll
2045-04-17 02:14 - 2045-04-17 02:14 - 00000000 ____D () C:\Users\Vitez\Documents\Line 6
2045-04-17 02:14 - 2045-04-17 02:14 - 00000000 ____D () C:\ProgramData\Line 6
2045-04-17 02:12 - 2045-04-17 02:12 - 00000000 ____D () C:\Users\Public\Documents\Line 6
2015-02-10 13:00 - 2015-02-10 13:00 - 00023616 _____ () C:\Users\Vitez\Desktop\FRST.txt
2015-02-10 13:00 - 2015-02-10 13:00 - 00000000 ____D () C:\FRST
2015-02-10 12:59 - 2015-02-10 13:00 - 02132992 _____ (Farbar) C:\Users\Vitez\Desktop\FRST64.exe
2015-02-09 16:52 - 2015-02-09 16:52 - 00000062 _____ () C:\Users\Vitez\Desktop\listen (2).pls
2015-02-09 16:31 - 2015-02-10 12:42 - 00003496 _____ () C:\Windows\System32\Tasks\gg_uac_daemon_Vitez
2015-02-09 16:27 - 2015-02-09 16:27 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-02-09 16:17 - 2015-02-09 16:27 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-02-09 16:16 - 2015-02-09 16:17 - 11225840 _____ (SurfRight B.V.) C:\Users\Vitez\Desktop\HitmanPro_x64.exe
2015-02-09 16:07 - 2015-02-10 09:24 - 00000000 ____D () C:\AdwCleaner
2015-02-09 16:07 - 2015-02-09 16:07 - 02112512 _____ () C:\Users\Vitez\Desktop\adwcleaner_4.110.exe
2015-02-09 14:21 - 2015-02-09 14:21 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-09 10:54 - 2015-02-09 10:54 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-09 10:53 - 2015-02-09 10:54 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Vitez\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-07 15:27 - 2015-02-07 15:27 - 00001222 _____ () C:\Users\Public\Desktop\WinX DVD Ripper.lnk
2015-02-07 15:27 - 2015-02-07 15:27 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\Digiarty
2015-02-07 15:27 - 2015-02-07 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2015-02-07 15:27 - 2015-02-07 15:27 - 00000000 ____D () C:\Program Files (x86)\Digiarty
2015-02-07 15:26 - 2015-02-07 15:26 - 10753176 _____ (Digiarty Software, Inc. ) C:\Users\Vitez\Desktop\winx-dvd-ripper.exe
2015-02-07 15:21 - 2015-02-07 15:21 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\TuneUp Software
2015-02-07 15:21 - 2015-02-07 15:21 - 00000000 ____D () C:\Users\Vitez\AppData\Local\TuneUp Software
2015-02-07 15:19 - 2015-02-07 15:22 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-07 15:19 - 2015-02-07 15:19 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-07 15:18 - 2015-02-07 15:24 - 00000000 ____D () C:\Users\Vitez\Documents\DVDVideoSoft
2015-02-07 15:17 - 2015-02-10 09:59 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\DVDVideoSoft
2015-01-31 16:39 - 2015-02-10 07:21 - 00000000 ____D () C:\Users\Vitez\Desktop\jk
2015-01-31 16:33 - 2015-01-31 16:33 - 00485019 _____ () C:\Users\Vitez\Desktop\kolokvijum (1).rar
2015-01-27 17:15 - 2015-01-27 17:15 - 00060460 _____ () C:\Users\Vitez\Desktop\Ustav i prava gradjana.odt
2015-01-27 07:13 - 2015-01-27 07:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-27 07:13 - 2015-01-27 07:13 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-23 18:51 - 2015-01-23 18:53 - 00000000 ____D () C:\Users\Vitez\Desktop\FOTOSUTING VANA BI
2015-01-23 18:51 - 2015-01-23 12:01 - 12489529 _____ () C:\Users\Vitez\Desktop\_ALX8453.NEF
2015-01-23 18:51 - 2015-01-23 12:01 - 12347203 _____ () C:\Users\Vitez\Desktop\_ALX8452.NEF
2015-01-23 18:51 - 2015-01-23 12:01 - 11857771 _____ () C:\Users\Vitez\Desktop\_ALX8450.NEF
2015-01-23 18:51 - 2015-01-23 12:01 - 11823652 _____ () C:\Users\Vitez\Desktop\_ALX8451.NEF
2015-01-19 16:25 - 2015-01-19 16:25 - 00000062 _____ () C:\Users\Vitez\Desktop\listen (1).pls
2015-01-19 16:24 - 2015-01-19 16:24 - 00000062 _____ () C:\Users\Vitez\Desktop\listen.pls
2015-01-18 06:02 - 2015-01-18 06:02 - 01119304 _____ () C:\Users\Vitez\Desktop\drugi semestar (1).rar
2015-01-18 05:15 - 2015-01-18 05:15 - 00421769 _____ () C:\Users\Vitez\Desktop\prvi semestar (1).rar
2015-01-16 21:55 - 2015-01-16 21:56 - 00000000 ____D () C:\Users\Vitez\Desktop\Isidora i Krsto
2015-01-16 16:04 - 2015-01-16 16:04 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\TeamViewer
2015-01-16 15:47 - 2015-01-16 15:48 - 07720120 _____ (TeamViewer GmbH) C:\Users\Vitez\Desktop\TeamViewer_Setup_sr-ioj.exe
2015-01-14 12:17 - 2015-01-15 09:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-14 08:57 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 08:57 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 08:57 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 08:57 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 08:57 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 08:57 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 08:57 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 08:57 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 08:57 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 08:57 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 08:57 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 08:57 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 08:57 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 12:59 - 2013-04-09 10:24 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\uTorrent
2015-02-10 12:48 - 2009-07-14 05:45 - 00020992 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-10 12:48 - 2009-07-14 05:45 - 00020992 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-10 12:47 - 2013-04-08 17:48 - 01454683 _____ () C:\Windows\WindowsUpdate.log
2015-02-10 12:43 - 2013-05-24 16:21 - 00000000 ____D () C:\Users\Vitez\AppData\Local\LogMeIn Hamachi
2015-02-10 12:42 - 2015-01-08 09:18 - 00001336 _____ () C:\Windows\Tasks\LHGQB.job
2015-02-10 12:42 - 2013-04-08 17:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-10 12:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-10 12:42 - 2009-07-14 05:51 - 00133152 _____ () C:\Windows\setupact.log
2015-02-10 12:39 - 2013-04-09 13:03 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 11
2015-02-10 12:29 - 2015-01-08 09:18 - 00000000 ____D () C:\Program Files (x86)\05e6f622-637c-4a47-8788-03e63173214b
2015-02-10 12:02 - 2013-04-08 17:54 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-10 10:02 - 2013-04-08 18:26 - 01050730 _____ () C:\Windows\PFRO.log
2015-02-10 09:55 - 2013-12-30 22:23 - 00000000 ____D () C:\Program Files\TabletPlugins
2015-02-10 09:39 - 2015-01-09 10:12 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-10 09:26 - 2013-04-08 18:20 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-09 16:27 - 2014-03-01 17:35 - 00000000 ____D () C:\Users\Vitez\Downloads\PCPerformer-BitTorrent-c
2015-02-09 16:09 - 2013-04-08 17:54 - 00001286 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-09 16:09 - 2013-04-08 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-09 16:09 - 2013-04-08 17:46 - 00000949 _____ () C:\Users\Vitez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-09 13:57 - 2014-04-17 08:52 - 00000000 ____D () C:\Windows\Minidump
2015-02-09 13:14 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2015-02-09 13:02 - 2013-04-20 11:28 - 04652544 ___SH () C:\Users\Vitez\Desktop\Thumbs.db
2015-02-09 10:54 - 2015-01-09 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-09 10:54 - 2015-01-09 10:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-07 17:04 - 2013-04-09 10:07 - 00000000 ____D () C:\Users\Vitez\AppData\Local\CrashDumps
2015-02-04 18:57 - 2013-04-08 17:54 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 18:57 - 2013-04-08 17:54 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-29 10:05 - 2013-11-04 09:19 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-29 10:03 - 2014-11-04 09:33 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-29 10:03 - 2014-11-04 09:33 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-29 10:03 - 2014-11-04 09:33 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-29 10:03 - 2014-11-04 09:33 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-29 10:03 - 2013-05-03 23:19 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-28 19:58 - 2013-04-08 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-01-28 01:41 - 2014-12-04 01:13 - 00000000 ____D () C:\Users\Vitez\Desktop\jelena
2015-01-26 16:58 - 2015-01-10 01:14 - 00000000 ____D () C:\Users\Vitez\Desktop\komp
2015-01-23 18:45 - 2009-07-14 06:13 - 00849546 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-23 18:38 - 2014-12-04 01:30 - 00000000 ____D () C:\Users\Vitez\Desktop\stefan
2015-01-23 18:37 - 2014-12-28 22:21 - 00000000 ____D () C:\Users\Vitez\Desktop\raviojla hdr
2015-01-23 18:36 - 2015-01-02 02:49 - 00000000 ____D () C:\Users\Vitez\Desktop\parovi za fb
2015-01-23 18:36 - 2014-12-28 22:10 - 00000000 ____D () C:\Users\Vitez\Desktop\hajat fejs majka ng 14
2015-01-23 18:36 - 2014-12-23 12:54 - 00000000 ____D () C:\Users\Vitez\Desktop\slvn
2015-01-16 07:45 - 2013-04-08 18:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 08:07 - 2013-04-09 11:42 - 00841668 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-14 23:20 - 2013-07-31 02:03 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 23:20 - 2013-04-08 19:41 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 11:32 - 2013-08-14 01:38 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys

==================== Files in the root of some directories =======

2014-03-11 16:06 - 2014-03-11 16:06 - 0000132 _____ () C:\Users\Vitez\AppData\Roaming\Adobe BMP Format CS6 Prefs
2013-04-11 09:50 - 2013-04-11 09:50 - 0000132 _____ () C:\Users\Vitez\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Vitez\AppData\Roaming\LHGQB
2013-05-04 05:08 - 2014-04-05 02:47 - 0045270 _____ () C:\Users\Vitez\AppData\Roaming\room_v3.dat
2013-09-26 13:13 - 2014-11-13 10:33 - 0001456 _____ () C:\Users\Vitez\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-06-02 12:58 - 2013-06-03 14:24 - 0007599 _____ () C:\Users\Vitez\AppData\Local\Resmon.ResmonCfg
2013-05-16 20:42 - 2012-08-31 08:49 - 0024772 _____ () C:\ProgramData\P1210DEF.css
2013-05-16 20:42 - 2014-10-21 15:47 - 0015730 _____ () C:\ProgramData\P1210OS.HTM
2013-05-16 20:42 - 2012-08-31 08:49 - 0002944 _____ () C:\ProgramData\P1210SIG.GIF
2014-11-10 12:05 - 2014-11-10 12:06 - 0000464 _____ () C:\ProgramData\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini

Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\ShellHook.dll
C:\Users\Vitez\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Vitez\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Vitez\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Vitez\AppData\Local\Temp\Quarantine.exe
C:\Users\Vitez\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Vitez\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Vitez\AppData\Local\Temp\ShellHook.dll
C:\Users\Vitez\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 00:15

==================== End Of Log ============================
mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {1280938c-f4cd-11e3-aee0-902b34737702} - G:\npeuinst.exe
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {8a9229b6-2f09-11e3-bbd2-902b34737702} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {8f15efa5-a0f8-11e2-b0b1-902b34737702} - D:\Setup.exe
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {e2bd7ccd-03ed-11e3-8206-902b34737702} - D:\setup.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Vitez\Downloads\PCPerformer-BitTorrent-c
Task: {6EE17205-4C5E-4D46-ABAD-C0E0BDBD33AA} - System32\Tasks\{77EABCF1-8B00-4261-ABD2-0729759C72F2} => pcalua.exe -a E:\Downloads\Skyrim\install.exe -d E:\Downloads\Skyrim
Task: {9BD108D5-4268-461A-BBBF-34DEA58161EA} - System32\Tasks\LHGQB => C:\Users\Vitez\AppData\Roaming\LHGQB.exe <==== ATTENTION
Task: {EDBA6DA9-B6C5-4CDD-8CC1-917E77CEBFDF} - System32\Tasks\{C8000239-5CB3-4005-AEA9-C8C2D0151360} => pcalua.exe -a "C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\Install\uninst.exe" -d "C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\Install"
Task: C:\Windows\Tasks\LHGQB.job => C:\Users\Vitez\AppData\Roaming\LHGQB.exe <==== ATTENTION
C:\Users\Vitez\AppData\Roaming\LHGQB.exe
EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).




Arrow Korak 2

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

process;
startupall;
drivers-services-list;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.

offline
  • Pridružio: 11 Feb 2012
  • Poruke: 25

Korak 1:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015
Ran by Vitez at 2015-02-11 09:14:14 Run:1
Running from C:\Users\Vitez\Desktop
Loaded Profiles: Vitez (Available profiles: Vitez & Guest)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {1280938c-f4cd-11e3-aee0-902b34737702} - G:\npeuinst.exe
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {8a9229b6-2f09-11e3-bbd2-902b34737702} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {8f15efa5-a0f8-11e2-b0b1-902b34737702} - D:\Setup.exe
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {e2bd7ccd-03ed-11e3-8206-902b34737702} - D:\setup.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Vitez\Downloads\PCPerformer-BitTorrent-c
Task: {6EE17205-4C5E-4D46-ABAD-C0E0BDBD33AA} - System32\Tasks\{77EABCF1-8B00-4261-ABD2-0729759C72F2} => pcalua.exe -a E:\Downloads\Skyrim\install.exe -d E:\Downloads\Skyrim
Task: {9BD108D5-4268-461A-BBBF-34DEA58161EA} - System32\Tasks\LHGQB => C:\Users\Vitez\AppData\Roaming\LHGQB.exe <==== ATTENTION
Task: {EDBA6DA9-B6C5-4CDD-8CC1-917E77CEBFDF} - System32\Tasks\{C8000239-5CB3-4005-AEA9-C8C2D0151360} => pcalua.exe -a "C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\Install\uninst.exe" -d "C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\Install"
Task: C:\Windows\Tasks\LHGQB.job => C:\Users\Vitez\AppData\Roaming\LHGQB.exe <==== ATTENTION
C:\Users\Vitez\AppData\Roaming\LHGQB.exe
EmptyTemp:
*****************

"HKU\S-1-5-21-904190866-3107325068-606562831-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1280938c-f4cd-11e3-aee0-902b34737702}" => Key deleted successfully.
HKCR\CLSID\{1280938c-f4cd-11e3-aee0-902b34737702} => Key not found.
"HKU\S-1-5-21-904190866-3107325068-606562831-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a9229b6-2f09-11e3-bbd2-902b34737702}" => Key deleted successfully.
HKCR\CLSID\{8a9229b6-2f09-11e3-bbd2-902b34737702} => Key not found.
"HKU\S-1-5-21-904190866-3107325068-606562831-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f15efa5-a0f8-11e2-b0b1-902b34737702}" => Key deleted successfully.
HKCR\CLSID\{8f15efa5-a0f8-11e2-b0b1-902b34737702} => Key not found.
"HKU\S-1-5-21-904190866-3107325068-606562831-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2bd7ccd-03ed-11e3-8206-902b34737702}" => Key deleted successfully.
HKCR\CLSID\{e2bd7ccd-03ed-11e3-8206-902b34737702} => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
C:\Users\Vitez\Downloads\PCPerformer-BitTorrent-c => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EE17205-4C5E-4D46-ABAD-C0E0BDBD33AA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EE17205-4C5E-4D46-ABAD-C0E0BDBD33AA}" => Key deleted successfully.
C:\Windows\System32\Tasks\{77EABCF1-8B00-4261-ABD2-0729759C72F2} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{77EABCF1-8B00-4261-ABD2-0729759C72F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9BD108D5-4268-461A-BBBF-34DEA58161EA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BD108D5-4268-461A-BBBF-34DEA58161EA}" => Key deleted successfully.
C:\Windows\System32\Tasks\LHGQB => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LHGQB" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EDBA6DA9-B6C5-4CDD-8CC1-917E77CEBFDF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDBA6DA9-B6C5-4CDD-8CC1-917E77CEBFDF}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C8000239-5CB3-4005-AEA9-C8C2D0151360} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C8000239-5CB3-4005-AEA9-C8C2D0151360}" => Key deleted successfully.
C:\Windows\Tasks\LHGQB.job => Moved successfully.
"C:\Users\Vitez\AppData\Roaming\LHGQB.exe" => File/Directory not found.
EmptyTemp: => Removed 1.9 GB temporary data.


The system needed a reboot.

==== End of Fixlog 09:14:32 ====

Korak 2


Zoek.exe v5.0.0.0 Updated 10-February-2015
Tool run by Vitez on 11-Feb-15 at 9:21:04.82.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vitez\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

11-Feb-15 9:23:18 AM Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Vitez\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Services(whitelist) ======================
Powered by E Dev

R2 - [ABBYY.Licensing.FineReader.Corporate.11.0] - ABBYY FineReader 11 CE Licensing Service - c:\program files (x86)\common files\abbyy\finereader\11.00\licensing\ce\networklicenseserver.exe
R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe
R2 - [HPM1210RcvFaxSrvc] - HP LaserJet Professional M1210 MFP Series Receive Fax Service - c:\program files\hp\hp laserjet m1210 mfp series\receivefaxutility.exe
R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe
R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
R2 - [LMIGuardianSvc] - LMIGuardianSvc - c:\program files (x86)\logmein hamachi\lmiguardiansvc.exe
R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
R2 - [MSSQL$SQLEXPRESS] - SQL Server (SQLEXPRESS) - c:\program files (x86)\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe
R2 - [NAUpdate] - Nero Update - c:\program files (x86)\nero\update\nasvc.exe
R2 - [NIHardwareService] - NIHardwareService - c:\program files\common files\native instruments\hardware\nihardwareservice.exe
R2 - [PSI_SVC_2] - Protexis Licensing V2 - c:\program files (x86)\common files\protexis\license service\psiservice_2.exe
R2 - [SQLBrowser] - SQL Server Browser - c:\program files (x86)\microsoft sql server\90\shared\sqlbrowser.exe
R2 - [SQLWriter] - SQL Server VSS Writer - c:\program files\microsoft sql server\90\shared\sqlwriter.exe
R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Google Update Service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [KMService] - KMService - c:\windows\system32\srvany.exe [x]
S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S2 - [tor] - Tor Win32 Service - c:\program files (x86)\tor\tor.exe [x]
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
S3 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
S3 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe
S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files (x86)\windows live\family safety\fsssvc.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [gusvc] - Google Software Updater - c:\program files (x86)\google\common\google updater\googleupdaterservice.exe
S3 - [IDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files\microsoft office\office14\groove.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [SwitchBoard] - SwitchBoard - c:\program files (x86)\common files\adobe\switchboard\switchboard.exe
S3 - [TunngleService] - TunngleService - c:\program files (x86)\tunngle\tnglctrl.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S4 - [MSSQLServerADHelper] - SQL Server Active Directory Helper - c:\program files (x86)\microsoft sql server\90\shared\sqladhlp90.exe
S4 - [msvsmon90] - Visual Studio 2008 Remote Debugger - c:\program files\microsoft visual studio 9.0\common7\ide\remote debugger\x64\msvsmon.exe

==== Drivers(whitelist) ======================
Powered by E Dev

R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
R3 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys
R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys
R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys
R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys
R0 - [aswRvrt] - avast! Revert - C:\Windows\system32\Drivers\aswRvrt.sys
R0 - [aswVmm] - avast! VM Monitor - C:\Windows\system32\Drivers\aswVmm.sys
R0 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys
R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]
R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
R0 - [Disk] - Disk Driver - C:\Windows\system32\Drivers\Disk.sys
R0 - [fvevol] - Bitlocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys
R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys
R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys
R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys
R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
R0 - [PxHlpa64] - PxHlpa64 - C:\Windows\system32\Drivers\PxHlpa64.sys
R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys
R0 - [storflt] - Disk Virtual Machine Bus Acceleration Filter Driver - C:\Windows\system32\Drivers\storflt.sys [x]
R0 - [Tcpip] - TCP/IP Protocol Driver - C:\Windows\system32\Drivers\Tcpip.sys
R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys
R0 - [vmbus] - Virtual Machine Bus - C:\Windows\system32\Drivers\vmbus.sys
R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys
R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
R1 - [tdx] - NetIO Legacy TDI Support Driver - C:\Windows\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Vitez\AppData\Local\Temp ====
2015-02-11 08:17:02 A9284FD8CF1C5DED66C4CD3307145ABD 70656 ----a-w- C:\Users\Vitez\AppData\Local\Temp\ShellHook.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2045-04-17 01:18:16 E5B43213F7CAF6C65504A3EDB1977EEA 2892 ----a-w- C:\Windows\SysWOW64\audcon.sys
2045-04-17 01:18:02 B29680F5EEA7C35873F26427534EDD29 86016 ----a-w- C:\Windows\SysWOW64\SYNSOPOS.exe
2045-04-17 01:18:02 84407C7CA172179A35F079BBD4AF9644 49 ----a-w- C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2045-04-17 01:17:45 E63B75E84CD8C0ED2C405BFB70C0089F 1277952 ----a-w- C:\Windows\SysWOW64\SYNSOACC.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2045-04-17 01:17:45 71A999C0F31E5D157B499119C1AB8126 1714176 ----a-w- C:\Windows\Sysnative\SYNSOACC.dll
2015-02-09 15:27:32 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\Sysnative\bootdelete.exe
====== C:\Windows\Sysnative\drivers =====
2015-01-14 07:57:55 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
====== C:\Windows\Tasks ======
2015-02-09 15:31:32 BD1E3C7B5A86F3005A794C34A138568F 3496 ----a-w- C:\Windows\Sysnative\Tasks\gg_uac_daemon_Vitez
====== C:\Windows\Temp ======
======= C:\Program Files =====
2045-04-17 01:20:15 -------- d-----w- C:\Program Files\Common Files\Steinberg
2045-04-17 01:18:30 -------- d-----w- C:\Program Files\Common Files\Propellerhead Software
2045-04-17 01:18:26 -------- d-----w- C:\Program Files\Steinberg
2045-04-17 01:17:44 -------- d-----w- C:\Program Files\eLicenser
======= C:\PROGRA~2 =====
2045-04-17 01:19:57 -------- d-----w- C:\PROGRA~2\COMMON~1\Steinberg
2045-04-17 01:18:02 -------- d-----w- C:\PROGRA~2\Syncrosoft
2045-04-17 01:17:43 -------- d-----w- C:\PROGRA~2\eLicenser
2015-02-09 13:21:58 -------- d-----w- C:\PROGRA~2\ESET
2015-02-07 14:27:06 -------- d-----w- C:\PROGRA~2\Digiarty
2015-01-29 09:04:11 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2015-01-14 11:17:24 -------- d-----w- C:\PROGRA~2\Mozilla Thunderbird
======= C: =====
====== C:\Users\Vitez\AppData\Roaming ======
2045-04-17 01:18:26 -------- d-----w- C:\Users\Vitez\AppData\Roaming\Steinberg
2045-04-17 01:18:26 -------- d-----w- C:\Users\Vitez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 7 64bit
2015-02-07 14:27:06 -------- d-----w- C:\Users\Vitez\AppData\Roaming\Digiarty
2015-02-07 14:21:03 -------- d-----w- C:\Users\Vitez\AppData\Roaming\TuneUp Software
2015-02-07 14:21:03 -------- d-----w- C:\Users\Vitez\AppData\Local\TuneUp Software
2015-02-07 14:17:18 -------- d-----w- C:\Users\Vitez\AppData\Roaming\DVDVideoSoft
2015-01-16 15:04:58 -------- d-----w- C:\Users\Vitez\AppData\Roaming\TeamViewer
====== C:\Users\Vitez ======
2045-04-17 01:19:57 -------- d-----w- C:\ProgramData\Steinberg
2045-04-17 01:18:16 -------- d-----w- C:\ProgramData\Syncrosoft
2045-04-17 01:18:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2045-04-17 01:17:44 -------- d-----w- C:\ProgramData\eLicenser
2045-04-17 01:14:25 -------- d-----w- C:\ProgramData\Line 6
2045-04-17 01:12:28 -------- d-----w- C:\Users\Public\Documents\Line 6
2015-02-10 11:59:59 C2BB64D56E643AD07C968590F9FA124D 2132992 ----a-w- C:\Users\Vitez\Desktop\FRST64.exe
2015-02-09 15:17:39 -------- d-----w- C:\ProgramData\HitmanPro
2015-02-09 15:16:34 DC56182AF1F306F6F2A641EAA0055015 11225840 ----a-w- C:\Users\Vitez\Desktop\HitmanPro_x64.exe
2015-02-09 15:07:13 B5998562E394D9DB672D012D4E670790 2112512 ----a-w- C:\Users\Vitez\Desktop\adwcleaner_4.110.exe
2015-02-09 09:53:43 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Vitez\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-07 14:27:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2015-02-07 14:26:23 1903694D9F423AE96884C2C4929D6F24 10753176 ----a-w- C:\Users\Vitez\Desktop\winx-dvd-ripper.exe
2015-02-07 14:19:11 -------- d-sh--w- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-07 14:19:10 -------- d--h--w- C:\ProgramData\Common Files
2015-02-07 14:19:10 -------- d-----w- C:\ProgramData\TuneUp Software

====== C: exe-files ==
2045-04-17 01:18:05 6B2B12EF7C2C501C7D107065EE04AE22 6480298 ----a-w- C:\Program Files (x86)\eLicenser\Uninstaller\Uninstall eLicenser Control.exe
2045-04-17 01:18:02 B29680F5EEA7C35873F26427534EDD29 86016 ----a-w- C:\Windows\SysWOW64\SYNSOPOS.exe
2045-04-17 01:18:02 B29680F5EEA7C35873F26427534EDD29 86016 ----a-w- C:\Program Files (x86)\Syncrosoft\POS\SYNSOPOS.exe
2045-04-17 01:18:02 B29680F5EEA7C35873F26427534EDD29 86016 ----a-w- C:\Program Files (x86)\Syncrosoft\LCC\LCC.exe
2045-04-17 01:17:43 D046DCA2111D0AAC3015F2463076C616 2805760 ----a-w- C:\Program Files (x86)\eLicenser\POS\SYNSOPOS.exe
2045-04-17 01:17:43 67E0920C0592DF8BD261F763C46620EE 2768896 ----a-w- C:\Program Files (x86)\eLicenser\eLCC\eLCC.exe
2015-02-10 11:59:59 C2BB64D56E643AD07C968590F9FA124D 2132992 ----a-w- C:\Users\Vitez\Desktop\FRST64.exe
2015-02-09 15:27:32 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2015-02-09 15:16:34 DC56182AF1F306F6F2A641EAA0055015 11225840 ----a-w- C:\Users\Vitez\Desktop\HitmanPro_x64.exe
2015-02-09 15:07:13 B5998562E394D9DB672D012D4E670790 2112512 ----a-w- C:\Users\Vitez\Desktop\adwcleaner_4.110.exe
2015-02-09 13:22:08 E273331224005C5A8A504164373DE1DC 535304 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
2015-02-09 13:22:08 9E47522861242EE002D7F385C35D1322 2887824 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2015-02-09 13:22:08 5B3DE7968D23B476AFB256D8014B25B9 333424 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2015-02-09 13:22:08 47B06E473B78A792DF07D226E0537D63 119184 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2015-02-09 13:22:08 3C3F35C91F230493B088B334E39D1F7A 358144 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2015-02-09 09:53:43 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Vitez\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-07 14:27:06 E1760DCDEA1E9139B967F5A228AD02BF 1207584 ----a-w- C:\Program Files (x86)\Digiarty\WinX_DVD_Ripper\unins000.exe
2015-02-07 14:27:06 2E35619E9728FC2312838808A79AD7A8 14640416 ----a-w- C:\Program Files (x86)\Digiarty\WinX_DVD_Ripper\WinX_DVD_Ripper.exe
2015-02-07 14:26:23 1903694D9F423AE96884C2C4929D6F24 10753176 ----a-w- C:\Users\Vitez\Desktop\winx-dvd-ripper.exe
2015-02-06 08:03:59 1F9A2717F6C6D3440B1F4A59FF96C708 1043024 ----a-w- C:\Program Files (x86)\Google\Update\Install\{19E92A0E-E534-427C-8FEA-952ECDEA7DA5}\40.0.2214.111_40.0.2214.94_chrome_updater.exe
2015-02-06 08:03:59 1F9A2717F6C6D3440B1F4A59FF96C708 1043024 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.111\40.0.2214.111_40.0.2214.94_chrome_updater.exe
2015-02-04 17:57:50 FD98434B6A06FE31A35E4BFBC827B290 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe
2015-02-04 17:57:50 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateSetup.exe
2015-02-04 17:57:50 5F0A3AA68785C49454F56C9F2DDA0237 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateWebPlugin.exe
2015-02-04 17:57:50 4C02536F4CA35911FB3EA5715F300C57 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateBroker.exe
2015-02-04 17:57:46 F3B6470DA7CE34E559D3BA7365CC909C 115528 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateComRegisterShell64.exe
2015-02-04 17:57:45 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdate.exe
2015-02-04 17:57:45 83BB030C71C9727DCFB2737005772C4E 232264 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
2015-02-04 17:57:45 323CFFFDAF253AC65CD194A101BE6231 287048 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
2015-02-04 17:57:42 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\Install\{15B33E7B-B333-4B8D-8DCC-6F6FB0474784}\GoogleUpdateSetup.exe
2015-02-04 17:57:42 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.26.9\GoogleUpdateSetup.exe
=== C: other files ==
2045-04-17 01:18:16 E5B43213F7CAF6C65504A3EDB1977EEA 2892 ----a-w- C:\Windows\SysWOW64\audcon.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"GarenaPlus"="C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe -autolaunch"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"uTorrent"="C:\Users\Vitez\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"
"GomAudio"="C:\Program Files (x86)\GRETECH\GomAudio\Goma.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"Bonus.SSR.FR11"="C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe /autorun"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
"BambooCore"="C:\Program Files (x86)\Bamboo Dock\BambooCore.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"Gaming 3"="C:\Gaming Mouse\Gaming 3.exe /hide"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GarenaPlus"="C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe -autolaunch"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"uTorrent"="C:\Users\Vitez\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"
"GomAudio"="C:\Program Files (x86)\GRETECH\GomAudio\Goma.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ACPW06EN"="C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe /pid ACPW06EN"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-Oct-14 07:44 AM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate 2" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\gg_uac_daemon_SES" [C:\Program Files (x86)\Garena Plus\ggdllhost.exe]
"C:\Windows\SysNative\tasks\gg_uac_daemon_Vitez" [C:\Program Files (x86)\Garena Plus\ggdllhost.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\{14603B95-A5F0-4719-9B17-B8E590A7CF1F}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [27-Jan-15 07:12 AM]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 40.0.2214.111 (Possible outdated, latest Stable version: 40.0.2214.94)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[11-May-13 11:37 AM]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[02-Dec-14 11:24 AM]

Google Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Adobe Acrobat - Create PDF - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj
Avast Online Security - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Voice Search Hotword (Beta) - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Windows Media Player Extension for HTML5 - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak
Google Wallet - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on 11-Feb-15 at 9:28:34.26 ======================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ovo mi izgleda čisto. Da li ti se i dalje pojavljuju reklame?

offline
  • Pridružio: 11 Feb 2012
  • Poruke: 25

Napisano: 11 Feb 2015 16:59

da.


Mora ima više od 10 char

Dopuna: 11 Feb 2015 17:02

međutim, nisam restartovao posle zoeka

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Slaven Kovacevic ::Napisano: 11 Feb 2015 16:59

da.


Mora ima više od 10 char

Dopuna: 11 Feb 2015 17:02

međutim, nisam restartovao posle zoeka




Možeš li mi napraviti screenshot toga?

offline
  • Pridružio: 11 Feb 2012
  • Poruke: 25

Eve slike. I dalje je nepromenjeno.




offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

hokdglbhghcebcopdbanieangmcamaak;chr
emptyalltemp;
emptyclsid;
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.



Question

Kakvo je sada stanje?

offline
  • Pridružio: 11 Feb 2012
  • Poruke: 25

I dalje isto. Vidi sliku na kraju.

Zoek Log


Zoek.exe v5.0.0.0 Updated 10-February-2015
Tool run by Vitez on 12-Feb-15 at 16:24:15.10.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vitez\Desktop\zoek (1).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12-Feb-15 4:25:16 PM Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\05e6f622-637c-4a47-8788-03e63173214b deleted successfully
C:\PROGRA~2\LucasArts deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\World of Warcraft deleted successfully
C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\Nokia deleted successfully
C:\Users\Vitez\AppData\Roaming\Nokia deleted successfully
C:\Users\Vitez\AppData\Roaming\Nokia Suite deleted successfully
C:\Users\Guest\AppData\Local\VirtualStore deleted successfully
C:\Users\SES\AppData\Local\VirtualStore deleted successfully
C:\Users\Vitez\AppData\Local\GHISLER deleted successfully
C:\Users\Vitez\AppData\Local\PACE Anti-Piracy deleted successfully
C:\Users\Vitez\AppData\Local\Ubisoft Game Launcher deleted successfully
C:\Users\Vitez\AppData\Local\Unity deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{179FBE3D-52B3-496C-B8E-E2433F39DCC5} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DFB1624-5A97-4973-8BED-9138D3922B} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2252597A-BAC1-463D-AFE-D3CC749898E4} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377805bc-677b-4d33-ad1e-4e4bf88c0c0a} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F766453-47C0-4720-B71C-9602EE38F8} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6136E97C-581F-4E9D-BB7D-79E315FDE70} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A447A67-F717-442B-9EF6-50DA6D37015} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B815852-3C18-4B4A-8FB0-83EF84AC2E7} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{826B40CD-C778-4230-8847-D6716DE62157} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8855F4E4-EF98-4CE3-A297-2CC36CFF586F} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C7AAE75-2889-4D77-A67B-99E84B3E5CDD} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D4CC527-5CBA-4D38-B6C6-ED4A8335BEBA} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{962C0FA0-4A38-4A75-AD61-1239123364E} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9672B532-75F-4452-9CB4-89BA113EBA} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A792885A-2D4B-4C8E-A87-FC81F6386766} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B60333E-19B5-4086-9A64-7E8ECADC9C23} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9E595FA-79A8-4CE2-8777-E526BB97961E} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB697430-A50E-4AEA-A1AD-7FF96993232F} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC620C5D-8EA4-482E-9FB6-763A9827D30} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD573F27-52DA-4B0A-8C63-42D6848A8DD0} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bdbfd37d-00fc-4279-922e-b899552dd646} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFAE3704-686C-4F84-9124-88266339197A} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3ADCBFA-87F9-4E63-86FE-4940176DCB40} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBA508CB-F543-461E-82C4-4E3A182C4AF0} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5C180C9-D376-4138-B41-2978DBF71C4} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F69120A8-5A5A-4E31-8BB2-B84E2D31834E} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377805bc-677b-4d33-ad1e-4e4bf88c0c0a} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bdbfd37d-00fc-4279-922e-b899552dd646} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Vitez\.android deleted
C:\~1392.tmp deleted
C:\~298F.tmp deleted
C:\~54FE.tmp deleted
C:\~5BB.tmp deleted
C:\~68D8.tmp deleted
C:\~6DD7.tmp deleted
C:\~9020.tmp deleted
C:\~CE27.tmp deleted
C:\~E159.tmp deleted
C:\~FC4C.tmp deleted
C:\Users\Vitez\AppData\Local\avgchrome deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
"C:\Users\Vitez\AppData\Roaming\LHGQB" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [27-Jan-15 07:12 AM]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\SES\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 40.0.2214.111 (Up to date, latest Stable version: 40.0.2214.111)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[11-May-13 11:37 AM]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[02-Dec-14 11:24 AM]

Google Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Adobe Acrobat - Create PDF - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj
Avast Online Security - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Voice Search Hotword (Beta) - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Windows Media Player Extension for HTML5 - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak
Google Wallet - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vitez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F5ELALZ4 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=22 folders=6 963743 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\SES\AppData\Local\Temp emptied successfully
C:\Users\Vitez\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Vitez\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Vitez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F5ELALZ4" not found

==== EOF on 12-Feb-15 at 16:48:44.89 ======================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Da li je neko od vas instalirao Garenu Plus?

Ko je trenutno na forumu
 

Ukupno su 809 korisnika na forumu :: 28 registrovanih, 5 sakrivenih i 776 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., amaterSRB, amstel, Apok, awathorn, Ctrl x, darkangel, djordje92sm, gasha, girici2, HrcAk47, hyla, krlebgd77, ljuba, MarKhan, mercedesamg, Misirac, NoOneEver Dreams, Panonsky, randja26, rovac, Toni, trajkoni018, VJ, Vlad000, Vlada1389, voja64, Zi0mek