Možda tražite i:
Problem sa CD uredjajem
Problem za problemom!
Problem sa najavom
samsung galaxy fit gt-s5670 (problem USB)

MyCity » Ambulanta -> Arhiva Ambulante » Problem by eDeals

Problem by eDeals

Napisano na dan: 24.10.2014

Strana:
1
2

Problem by eDeals

Sledeća strana

Pagination

Zaključano

Strana:
1
2

jokics Poslao: 24 Okt 2014 10:31 Idi na vrh
offline jokics Novi MyCity građanin Pridružio: 24 Okt 2014 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Od pre dva dana počeo mi je se dogadjati ovaj problem. Naime na nekim sajtovima mi izbacuje neku ponudu, dok je veći problem što su mi u tekstovima određene riječi linkovane. Baš kao što je prikazano na ovoj slici images.pcrisk.com/stories/screenshots20146/edeals-adware.jpg (COMPANY). Koristim Mozillu i pokušavao sam vraćanje na prvobitne postavke ali nije upalilo, malwarebytes ne pronazali ništa, kao ni adwcleaner i avast. mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-10-2014 Ran by f (administrator) on LI-EE3031018A7A on 24-10-2014 10:16:59 Running from C:\Documents and Settings\f\Desktop Loaded Profile: f (Available profiles: f) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe () C:\Documents and Settings\f\Local Settings\Application Data\AppDockGUI\AppDockGUI.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc.exe () C:\WINDOWS\system32\KeyboardSDKText\KeyboardSDKText.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (BitTorrent Inc.) C:\Documents and Settings\f\Application Data\uTorrent\uTorrent.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe () C:\Documents and Settings\f\Local Settings\Application Data\AppDockGUI\BackupSambaSDK.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-14] (Microsoft Corporation) HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-14] () HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation) HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-30] (AVAST Software) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16384000 2007-08-10] (Realtek Semiconductor Corp.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-14] ( (Microsoft Corporation)) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-776561741-73586283-1417001333-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.) HKU\S-1-5-21-776561741-73586283-1417001333-1003\...\MountPoints2: {6bed62ea-8e4c-11e3-8ff6-001e8c8f4814} - F:\LGAutoRun.exe HKU\S-1-5-21-776561741-73586283-1417001333-1003\...\MountPoints2: {6bed62eb-8e4c-11e3-8ff6-001e8c8f4814} - F:\LGAutoRun.exe HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION) HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION) SecurityProviders: msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:10497 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz= HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz= HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com SearchScopes: HKCU - {F0D82C64-8E5E-4C08-B886-EB217EE2898D} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282698&CUI=UN34306169571258148&UM=2 BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll No File BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578 FF Homepage: hxxp://www.google.ba/firefox FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> D:\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> D:\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3-20140130-0207 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\f\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml FF Extension: Gmail Notifier (restartless) - C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2014-10-23] FF Extension: FIDPlus - C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578\Extensions\jid1-wBQ459dI4EwqHg@jetpack.xpi [2014-10-23] FF Extension: Adblock Plus - C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-23] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-11-07] FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-10] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-10] Chrome: ======= CHR Profile: C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (SocialReviver) - C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald [2014-01-15] CHR Extension: (AdBlock) - C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-16] CHR Extension: (avast! Online Security) - C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-11] CHR Extension: (FIDPlus) - C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcgfkcipkhjdfobgaahmbeekfkimhbhe [2014-01-15] CHR Extension: (UToubeAdBloocka) - C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jobpmejaliolglbeplmfgfjoebcmjaoj [2014-02-02] CHR Extension: (Google Wallet) - C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-04] CHR HKLM\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Documents and Settings\f\Local Settings\Application Data\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx [2013-11-12] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-23] CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] CHR HKCU\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Documents and Settings\f\Local Settings\Application Data\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx [2013-11-12] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 AppDockGUI.exe; C:\Documents and Settings\f\Local Settings\Application Data\AppDockGUI\AppDockGUI.exe [111653 2014-09-23] () [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-23] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-23] (AVAST Software) S4 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed] R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation) R2 KeyboardSDKText; C:\WINDOWS\system32\KeyboardSDKText\KeyboardSDKText.exe [60453 2014-09-23] () [File not signed] R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) S3 MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed] S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed] S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () S3 SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-07-02] (Advanced Micro Devices) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-23] () R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2014-07-23] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-23] (AVAST Software) R0 aswNdis; C:\WINDOWS\System32\DRIVERS\aswNdis.sys [12112 2014-02-10] (ALWIL Software) R0 aswNdis2; C:\WINDOWS\system32\Drivers\aswNdis2.sys [252872 2014-07-23] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-23] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-23] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-23] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-23] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-23] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-23] () R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R3 ManyCam; C:\WINDOWS\System32\DRIVERS\mcvidrv.sys [40736 2013-11-27] (Visicom Media Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2014-10-24] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\WINDOWS\System32\drivers\mcaudrv.sys [29728 2013-12-06] (Visicom Media Inc.) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [13616 2012-01-12] (Marvell Semiconductor Inc.) R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2012-01-12] (Marvell Semiconductor Inc.) [File not signed] R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [13616 2012-01-12] (Marvell Semiconductor Inc.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [58752 2007-03-06] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [19968 2007-03-06] (NVIDIA Corporation) R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [114376 2013-10-23] (Power Software Ltd) S2 WCMVCAM; C:\WINDOWS\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider) S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X] S4 IntelIde; No ImagePath S3 RTHDMIAzAudService; system32\drivers\RtKHDMI.sys [X] U5 TMUSB; C:\WINDOWS\System32\DRIVERS\TMUSBXP.SYS [49408 2013-09-06] (Seiko Epson Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-24 10:16 - 2014-10-24 10:18 - 00020073 _____ () C:\Documents and Settings\f\Desktop\FRST.txt 2014-10-24 10:16 - 2014-10-24 10:17 - 00000000 ____D () C:\FRST 2014-10-24 10:15 - 2014-10-24 10:16 - 01103360 _____ (Farbar) C:\Documents and Settings\f\Desktop\FRST.exe 2014-10-24 10:05 - 2014-10-24 10:18 - 316732176 _____ () C:\Documents and Settings\f\Desktop\World.Without.End.S01E06.HDTV.x264-2HD.mp4 2014-10-24 10:05 - 2014-10-24 10:17 - 320284164 _____ () C:\Documents and Settings\f\Desktop\World.Without.End.S01E07.HDTV.x264-2HD.mp4 2014-10-24 09:06 - 2014-10-24 09:26 - 405338499 _____ () C:\Documents and Settings\f\Desktop\World.Without.End.S01E05.HDTV.x264-2HD.mp4 2014-10-23 23:07 - 2014-10-24 09:04 - 449477990 _____ () C:\Documents and Settings\f\Desktop\World.Without.End.S01E08.HDTV.x264-2HD.mp4 2014-10-23 23:07 - 2014-10-24 08:11 - 508772440 _____ () C:\Documents and Settings\f\Desktop\World.Without.End.S01E02.HDTV.x264-2HD.mp4 2014-10-23 23:07 - 2014-10-24 07:38 - 362556279 _____ () C:\Documents and Settings\f\Desktop\World.Without.End.S01E04.HDTV.x264-2HD.mp4 2014-10-23 23:07 - 2014-10-24 07:28 - 310922125 _____ () C:\Documents and Settings\f\Desktop\World.Without.End.S01E03.HDTV.x264-2HD.mp4 2014-10-23 23:06 - 2014-10-24 07:58 - 406969660 _____ () C:\Documents and Settings\f\Desktop\World.Without.End.S01E01.Knight.HDTV.x264-2HD.mp4 2014-10-23 22:06 - 2014-10-24 10:01 - 00000000 ____D () C:\AdwCleaner 2014-10-23 22:06 - 2014-10-23 22:06 - 01962496 _____ () C:\Documents and Settings\f\Desktop\adwcleaner_4.001.exe 2014-10-23 21:54 - 2014-10-23 21:54 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk 2014-10-23 11:45 - 2014-10-23 11:45 - 00000000 ____D () C:\Documents and Settings\f\My Documents\Преузимања 2014-10-15 09:00 - 2014-10-15 09:00 - 00000000 ____D () C:\Documents and Settings\f\Local Settings\Application Data\CheckCode 2014-10-12 07:53 - 2014-10-12 07:53 - 00849408 _____ () C:\Documents and Settings\f\My Documents\SRFE52.part1.rar.exe 2014-10-11 10:22 - 2014-10-11 10:22 - 00000000 ____D () C:\Documents and Settings\f\Application Data\java 2014-10-11 07:32 - 2014-10-11 07:32 - 00000000 ____D () C:\Documents and Settings\f\Application Data\Oracle 2014-10-11 07:28 - 2014-10-16 08:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Oracle 2014-10-11 07:11 - 2014-10-14 09:59 - 00000000 ____D () C:\Program Files\FileHippo.com 2014-10-11 07:02 - 2014-10-24 10:05 - 00000212 _____ () C:\WINDOWS\Tasks\IORRT.job 2014-10-07 08:53 - 2014-10-07 08:53 - 00001804 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-25 09:08 - 2014-09-25 09:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-09-24 20:07 - 2014-10-22 20:56 - 00000000 ____D () C:\Documents and Settings\f\Desktop\Crossing Lines ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-24 10:19 - 2013-11-04 17:11 - 00000000 ____D () C:\Documents and Settings\f\Local Settings\Temp 2014-10-24 10:18 - 2013-11-05 14:14 - 00000000 ____D () C:\Documents and Settings\f\Application Data\uTorrent 2014-10-24 10:18 - 2013-11-05 12:43 - 00000000 ____D () C:\Documents and Settings\f\Application Data\Skype 2014-10-24 10:08 - 2014-02-10 19:58 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-10-24 10:05 - 2014-08-14 21:02 - 00000202 _____ () C:\WINDOWS\Tasks\Hybrid.job 2014-10-24 10:05 - 2014-07-30 15:04 - 00000270 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-776561741-73586283-1417001333-1003.job 2014-10-24 10:05 - 2014-06-09 10:30 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-10-24 10:05 - 2013-11-04 17:06 - 02051605 _____ () C:\WINDOWS\WindowsUpdate.log 2014-10-24 10:03 - 2014-07-07 08:27 - 00000426 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1404714448.job 2014-10-24 10:03 - 2013-11-04 17:58 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-10-24 10:03 - 2013-11-04 17:58 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-10-24 10:03 - 2013-11-04 17:21 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-24 10:02 - 2013-11-04 17:10 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-10-24 10:01 - 2013-11-04 17:11 - 00000178 ___SH () C:\Documents and Settings\f\ntuser.ini 2014-10-24 10:01 - 2013-11-04 17:10 - 00032470 _____ () C:\WINDOWS\SchedLgU.Txt 2014-10-24 09:52 - 2013-11-05 13:19 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-10-24 09:37 - 2013-11-04 17:21 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-24 07:38 - 2014-06-01 18:41 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini 2014-10-24 07:38 - 2013-11-05 12:24 - 00033280 _____ () C:\Documents and Settings\f\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-10-24 07:22 - 2013-11-14 18:12 - 00000000 ____D () C:\Documents and Settings\f\Desktop\Strimovanje 2014-10-23 23:16 - 2013-11-04 17:11 - 00000000 ____D () C:\Documents and Settings\f 2014-10-23 23:14 - 2013-11-07 12:26 - 00000000 ____D () C:\Documents and Settings\f\Application Data\vlc 2014-10-23 21:54 - 2014-06-09 10:20 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-10-23 21:54 - 2014-06-09 10:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware 2014-10-23 16:43 - 2013-11-05 12:30 - 00000000 ___RD () C:\Documents and Settings\f\Desktop\Igrice 2014-10-23 11:02 - 2013-11-04 17:48 - 00000000 ____D () C:\WINDOWS\Help 2014-10-23 08:34 - 2008-04-14 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-10-22 22:40 - 2013-11-05 15:20 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt 2014-10-22 22:18 - 2014-07-18 11:55 - 00000000 ____D () C:\Documents and Settings\f\Application Data\TS3Client 2014-10-22 20:56 - 2013-11-05 15:23 - 00002501 _____ () C:\Documents and Settings\f\Desktop\Microsoft Word 2010.lnk 2014-10-22 19:26 - 2014-03-23 09:25 - 00002267 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk 2014-10-18 15:20 - 2014-04-01 19:46 - 00000000 ____D () C:\Documents and Settings\f\Application Data\.minecraft 2014-10-17 05:59 - 2014-07-07 08:27 - 00000000 ____D () C:\Program Files\Opera 2014-10-16 17:53 - 2013-11-10 18:53 - 00000318 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-776561741-73586283-1417001333-1003.job 2014-10-16 07:55 - 2014-01-16 13:20 - 00000000 ____D () C:\Program Files\Java 2014-10-16 07:52 - 2014-07-17 07:12 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-10-16 07:52 - 2014-07-17 07:12 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-10-16 07:52 - 2014-07-17 07:12 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-10-16 07:52 - 2014-07-17 07:12 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-10-16 07:52 - 2014-07-17 07:12 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-10-15 09:17 - 2013-12-05 00:20 - 00000000 ____D () C:\Documents and Settings\f\Desktop\Nintendo wii 2014-10-13 14:17 - 2013-12-05 00:06 - 00000000 ____D () C:\Documents and Settings\f\My Documents\WBFS Manager Covers 2014-10-13 08:09 - 2013-11-04 17:04 - 00000599 _____ () C:\Documents and Settings\All Users\Start Menu\Microsoft Update Catalog.lnk 2014-10-12 22:26 - 2013-11-10 18:53 - 00000300 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-776561741-73586283-1417001333-1003.job 2014-10-11 07:38 - 2013-11-27 08:35 - 00000000 ____D () C:\Documents and Settings\f\Local Settings\Application Data\Adobe 2014-10-11 07:38 - 2013-11-05 13:19 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-10-11 07:38 - 2008-04-14 13:00 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-10-11 07:31 - 2013-11-07 18:24 - 00000719 _____ () C:\Documents and Settings\All Users\Desktop\VLC media player.lnk 2014-10-11 07:02 - 2013-11-06 10:53 - 00000000 ____D () C:\Documents and Settings\f\Application Data\Winamp 2014-10-10 17:33 - 2013-11-05 12:27 - 00000000 ____D () C:\Documents and Settings\f\My Documents\GTA San Andreas User Files 2014-10-08 20:15 - 2014-04-17 15:22 - 00000000 ____D () C:\Documents and Settings\f\Application Data\XBMC 2014-10-08 16:11 - 2014-01-09 11:06 - 00000000 ____D () C:\Documents and Settings\f\Desktop\Resiver 2014-10-08 16:10 - 2013-11-05 12:41 - 00000000 ____D () C:\Documents and Settings\f\Application Data\Notepad++ 2014-10-08 07:28 - 2013-11-04 17:48 - 00000000 ____D () C:\WINDOWS\$hf_mig$ 2014-10-07 21:11 - 2014-08-31 16:20 - 00004805 _____ () C:\Documents and Settings\f\Desktop\Telekom_by_losmij.m3u 2014-10-05 22:21 - 2013-12-06 15:27 - 00000000 ____D () C:\Documents and Settings\f\My Documents\Jokić Goran 2014-10-05 21:09 - 2014-02-10 13:33 - 00055296 ___SH () C:\Documents and Settings\f\Desktop\Thumbs.db 2014-10-03 11:25 - 2013-11-15 17:25 - 00000000 ____D () C:\Documents and Settings\f\My Documents\Euro Truck Simulator 2014-10-01 11:11 - 2014-06-09 10:20 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-10-01 11:11 - 2014-06-09 10:20 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-09-29 15:22 - 2013-11-05 16:00 - 00000000 ___RD () C:\Documents and Settings\f\Desktop\Stampac 2014-09-26 17:26 - 2014-09-22 15:04 - 00000000 ____D () C:\Documents and Settings\f\Desktop\Shollym Standalone Multi-Patch 2014 Full Final v1.1 2014-09-26 10:20 - 2013-11-19 20:12 - 00000000 ____D () C:\Documents and Settings\f\Application Data\TeamViewer 2014-09-26 07:01 - 2013-11-05 12:42 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-09-25 11:19 - 2014-09-23 08:58 - 00000616 _____ () C:\Documents and Settings\All Users\Desktop\Shollym Patch 2014.lnk 2014-09-25 11:19 - 2014-09-23 08:58 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Shollym Multi-Patch 2014 Files to move or delete: ==================== C:\Documents and Settings\f\TempWmicBatchFile.bat Some content of TEMP: ==================== C:\Documents and Settings\f\Local Settings\Temp\jre-8u25-windows-au.exe C:\Documents and Settings\f\Local Settings\Temp\Quarantine.exe C:\Documents and Settings\f\Local Settings\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ mycity.rs/must-login.png

Profil

Sass Drake Poslao: 24 Okt 2014 18:44 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION SearchScopes: HKCU - {F0D82C64-8E5E-4C08-B886-EB217EE2898D} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282698&CUI=UN34306169571258148&UM=2 CHR Extension: (UToubeAdBloocka) - C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jobpmejaliolglbeplmfgfjoebcmjaoj [2014-02-02] CHR HKLM\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Documents and Settings\f\Local Settings\Application Data\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx [2013-11-12] CHR HKCU\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Documents and Settings\f\Local Settings\Application Data\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx [2013-11-12] C:\Documents and Settings\f\Local Settings\Application Data\CRE C:\Documents and Settings\f\TempWmicBatchFile.bat Task: C:\WINDOWS\Tasks\Hybrid.job => ? Task: C:\WINDOWS\Tasks\IORRT.job => ? EmptyTemp: U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum Korak 2 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. u EULA prozoru klikni na I agree. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Clean i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl" Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt Korak 3 Preuzmi Junkware Removal Tool (JRT) i sačuvaj ga na Desktop. Zatvori browser i ostale pokrenute programe Privremeno deaktiviraj zaštitni softver (Uputstvo); Dvoklikom na ikonicu () pokreni program JRT; Kod obavještenja "Press any key" pritisnuti bilo koji taster i alat ce započeti skeniranje. Napomena: u ovisnosti od hardvera račuanra vreme skeniranja u nekim slučajevima moze da potraje. Kada završi otvorice se Notepad sa izvještajem koji ce biti sačuvan na Desktopu pod nazivom JRT.txt Kopiraj sadržaj tog loga u temu.

Profil

jokics Poslao: 25 Okt 2014 08:46 Idi na vrh
offline jokics Novi MyCity građanin Pridružio: 24 Okt 2014 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Sve tri stavke odrađene, samo posle skeniranje sa FRST i restarta nije mi se otvorilo ništa u notepadu. mycity.rs/must-login.png Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-10-2014 Ran by f at 2014-10-25 08:11:42 Run:1 Running from C:\Documents and Settings\f\Desktop Loaded Profile: f (Available profiles: f) Boot Mode: Normal ============================================== Content of fixlist: *************** GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION SearchScopes: HKCU - {F0D82C64-8E5E-4C08-B886-EB217EE2898D} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282698&CUI=UN34306169571258148&UM=2 CHR Extension: (UToubeAdBloocka) - C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jobpmejaliolglbeplmfgfjoebcmjaoj [2014-02-02] CHR HKLM\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Documents and Settings\f\Local Settings\Application Data\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx [2013-11-12] CHR HKCU\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Documents and Settings\f\Local Settings\Application Data\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx [2013-11-12] C:\Documents and Settings\f\Local Settings\Application Data\CRE C:\Documents and Settings\f\TempWmicBatchFile.bat Task: C:\WINDOWS\Tasks\Hybrid.job => ? Task: C:\WINDOWS\Tasks\IORRT.job => ? EmptyTemp: *************** C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully. C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. "HKCU\SOFTWARE\Policies\Google" => Key deleted successfully. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F0D82C64-8E5E-4C08-B886-EB217EE2898D}" => Key deleted successfully. "HKCR\CLSID\{F0D82C64-8E5E-4C08-B886-EB217EE2898D}" => Key not found. C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jobpmejaliolglbeplmfgfjoebcmjaoj => Moved successfully. "HKLM\SOFTWARE\Google\Chrome\Extensions\giolhomkcooifelkdfpejhidfidaahlc" => Key deleted successfully. C:\Documents and Settings\f\Local Settings\Application Data\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx => Moved successfully. "HKCU\SOFTWARE\Google\Chrome\Extensions\giolhomkcooifelkdfpejhidfidaahlc" => Key deleted successfully. "C:\Documents and Settings\f\Local Settings\Application Data\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx" => File/Directory not found. C:\Documents and Settings\f\Local Settings\Application Data\CRE => Moved successfully. C:\Documents and Settings\f\TempWmicBatchFile.bat => Moved successfully. C:\WINDOWS\Tasks\Hybrid.job => Moved successfully. C:\WINDOWS\Tasks\IORRT.job => Moved successfully. EmptyTemp: => Removed 455.8 MB temporary data. The system needed a reboot. ==== End of Fixlog ==== mycity.rs/must-login.png mycity.rs/must-login.png

Profil

Sass Drake Poslao: 25 Okt 2014 10:56 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje?

Profil

jokics Poslao: 25 Okt 2014 15:36 Idi na vrh
offline jokics Novi MyCity građanin Pridružio: 24 Okt 2014 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 25 Okt 2014 15:20 Trenutno je dobro pa ću vidjeti hoće li se više pojavljivati. Dopuna: 25 Okt 2014 15:36 Evo ga opet se pojavilo

Profil

Sass Drake Poslao: 25 Okt 2014 16:01 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: `process; startupall; skipfix-iedefaults; firefoxlook; chromelook; filesrcm;` Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku.

Profil

jokics Poslao: 25 Okt 2014 21:23 Idi na vrh
offline jokics Novi MyCity građanin Pridružio: 24 Okt 2014 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png Zoek.exe v5.0.0.0 Updated 24-10-2014 Tool run by f on ??? 25.10.2014 at 21:09:39,31. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\f\Desktop\zoek\zoek.com [Scan all users] [Script inserted] ==== System Restore Info ====================== 25.10.2014 21:11:48 Zoek.exe System Restore Point Created Succesfully. ==== Running Processes ====================== C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\AVAST Software\Avast\afwServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Documents and Settings\f\Local Settings\Application Data\AppDockGUI\AppDockGUI.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\EscSvc.exe C:\WINDOWS\system32\KeyboardSDKText\KeyboardSDKText.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\alg.exe C:\Documents and Settings\f\Local Settings\Application Data\AppDockGUI\BackupSambaSDK.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\explorer.exe C:\Program Files\Realtek\Audio\Drivers\WDM\RTHDCPL.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\f\LOCALS~1\Temp ==== 2014-10-25 06:31:18 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\libiconv2.dll 2014-10-25 06:31:18 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\libintl3.dll 2014-10-25 06:31:18 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\pcre3.dll 2014-10-25 06:31:18 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\regex2.dll 2014-10-25 06:31:18 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\erunt\ERUNT.EXE 2014-10-19 20:58:16 5C73E64374D9BA37AC5569D1F7DE5C9B 665682 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\sqlite3.dll ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-10-11 05:11:00 -------- d-----w- C:\Program Files\FileHippo.com ======= C: ===== ====== C:\Documents and Settings\f\Application Data ====== 2014-10-15 07:00:29 -------- d-----w- C:\Documents and Settings\f\Local Settings\Application Data\CheckCode 2014-10-11 08:22:12 -------- d-----w- C:\Documents and Settings\f\Application Data\java 2014-10-11 05:32:21 -------- d-----w- C:\Documents and Settings\f\Application Data\Oracle ====== C:\Documents and Settings\f ====== 2014-10-12 05:53:18 E976FB2C67F9D9F96AD66A39E1C0D662 849408 ----a-w- C:\Documents and Settings\f\My Documents\SRFE52.part1.rar.exe ====== C: exe-files == 2014-10-25 06:31:18 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\erunt\ERUNT.EXE 2014-10-25 06:27:27 A70585CB18BB7EB4DF792B1B3B2252E5 1694893 ----a-w- C:\RECYCLER\S-1-5-21-776561741-73586283-1417001333-1003\Dc7.exe 2014-10-25 06:27:27 2F25DFBD3C73F970355D92650FCF02E9 2750020 ----a-w- C:\RECYCLER\S-1-5-21-776561741-73586283-1417001333-1003\Dc6.exe 2014-10-25 06:27:06 16102F4A44248291D88BB8D0EBED9CA6 515718 ----a-w- C:\WINDOWS\Temp\UptUpdater.exe 2014-10-25 06:22:06 27A4F18F1BB9F05D71128BADD4DCD5C3 1706144 ----a-w- C:\RECYCLER\S-1-5-21-776561741-73586283-1417001333-1003\Dc10.exe 2014-10-25 06:21:23 EC87C870FC286178E461C1D917567DCE 41081424 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\38.0.2125.104\38.0.2125.104_chrome_installer.exe 2014-10-25 06:14:38 821E577AB0B119278BD1940FEF224DDA 51080 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateBroker.exe 2014-10-25 06:14:38 4067DC9EA0640485F1CF395427FD5E9B 51080 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe 2014-10-25 06:14:38 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateSetup.exe 2014-10-25 06:14:37 976D5F35A058340DA2C160CEC4063C4B 230792 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe 2014-10-25 06:14:37 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdate.exe 2014-10-25 06:14:37 26E37D5EAC3F1CF66587183AB348168C 114568 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateComRegisterShell64.exe 2014-10-25 06:14:37 047556104954A72A2222FFF169166EEE 285064 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler64.exe 2014-10-25 06:14:34 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.5\GoogleUpdateSetup.exe 2014-10-24 08:15:48 59AF7F2F017F437BD09A382836001B78 1103360 ----a-w- C:\RECYCLER\S-1-5-21-776561741-73586283-1417001333-1003\Dc17.exe 2014-10-23 21:10:50 FBDE032C34B2905B6894D3EFFC8EAAB8 422697 ----a-w- C:\Documents and Settings\f\Desktop\Strimovanje\SKRIPTE ZA PROGRAME\ZileTV\ZileTV.exe 2014-10-23 20:06:22 EB40DC01EF0D0D91F13AABA0FE1FC0CA 1962496 ----a-w- C:\RECYCLER\S-1-5-21-776561741-73586283-1417001333-1003\Dc16.exe === C: other files == 2014-10-25 06:31:18 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\prelim.bat 2014-10-25 06:31:18 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\TDL4.bat 2014-10-25 06:31:18 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\medfos.bat 2014-10-25 06:31:18 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\surfvox.bat 2014-10-25 06:31:18 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\searchlnk.bat 2014-10-25 06:31:18 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\firefox.bat 2014-10-25 06:31:18 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\ev_clear.bat 2014-10-25 06:31:18 7F7A362CC9FBF3AD1D1E7C37DD825C0F 14957 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\get.bat 2014-10-25 06:31:18 730313487A4CF7DCAA4039643F72A1BE 184027 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\misc.bat 2014-10-25 06:31:18 4D80C7010E2CE44AB25FA25B013649E4 8085 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\mws.bat 2014-10-25 06:31:18 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\ask.bat 2014-10-25 06:31:18 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\iexplore.bat 2014-10-25 06:31:18 323C58D6693BEC9A6A37566F37D81B22 9469 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\runvalues.bat 2014-10-25 06:31:18 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\delfolders.bat 2014-10-25 06:31:18 048407135C9B1FB6A355E256BD96160D 14192 ----a-w- C:\Documents and Settings\f\Local Settings\Temp\jrt\chrome.bat 2014-10-24 15:09:45 916EAAEBD47472680AE11A464D18CD72 542926 ----a-w- C:\Documents and Settings\f\Desktop\Tor Browser\FirefoxPortable\Data\profile\extensions\staged\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi 2014-10-23 09:44:21 EA61070CB9FDBE3F820DA73CC1A2843F 197329 ----a-w- C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578\extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi 2014-10-23 09:42:33 4258CDE3071942F3EA6CF3038E865614 538117 ----a-w- C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578\extensions\jid1-wBQ459dI4EwqHg@jetpack.xpi 2014-10-23 09:41:51 4AC75A9F5F7318FF53BC435DCFBF5A64 979610 ----a-w- C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\CTFMON.EXE" "EPLTarget\P0000000000000000"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE /EPT EPLTarget\P0000000000000000 /M XP-205 207 Series" "EPLTarget\P0000000000000001"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE /EPT EPLTarget\P0000000000000001 /M XP-205 207 Series" [HKEY_USERS\S-1-5-21-776561741-73586283-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\CTFMON.EXE" "EPLTarget\P0000000000000000"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE /EPT EPLTarget\P0000000000000000 /M XP-205 207 Series" "EPLTarget\P0000000000000001"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE /EPT EPLTarget\P0000000000000001 /M XP-205 207 Series" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC" "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC" "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "RTHDCPL"="RTHDCPL.EXE" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Alcmtr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ALCMTR" "hkey"="HKLM" "command"="ALCMTR.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NMBgMonitor" "hkey"="HKCU" "command"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EEventManager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EEventManager" "hkey"="HKLM" "command"="\"C:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPLTarget] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPLTarget\P0000000000000000] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="P0000000000000000\" /M \"XP-205 207 Series\"" "hkey"="HKCU" "command"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIILE.EXE /EPT \"EPLTarget\\P0000000000000000\" /M \"XP-205 207 Series\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MP10_EnsureFileVer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="unregmp2" "hkey"="HKLM" "command"="C:\\WINDOWS\\inf\\unregmp2.exe /EnsureFileVersions" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PWRISOVM.EXE] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PWRISOVM" "hkey"="HKLM" "command"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE -startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SkyTel] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SkyTel" "hkey"="HKLM" "command"="SkyTel.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CLIStart" "hkey"="HKLM" "command"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="jusched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="realsched" "hkey"="HKLM" "command"="\"D:\\RealPlayer\\update\\realsched.exe\" -osboot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11.10.2014 07:38] C:\WINDOWS\tasks\avast\Undetermined Task.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [04.11.2013 17:21] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [04.11.2013 17:21] C:\WINDOWS\tasks\Opera scheduled Autoupdate 1404714448.job --a------ C:\Program Files\Opera\launcher.exe [15.10.2014 11:39] C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-776561741-73586283-1417001333-1003.job --a------ C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [14.08.2013 16:19] C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-776561741-73586283-1417001333-1003.job --a------ C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [14.08.2013 16:19] C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-776561741-73586283-1417001333-1003.job --a------ C:\Program Files\Real\RealUpgrade\realupgrade.exe [14.08.2013 18:13] C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-776561741-73586283-1417001333-1003.job --a------ C:\Program Files\Real\RealUpgrade\realupgrade.exe [14.08.2013 18:13] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [23.07.2014 15:39] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578 - Gmail Notifier restartless - %ProfilePath%\extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi - FIDPlus - %ProfilePath%\extensions\jid1-wBQ459dI4EwqHg@jetpack.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578 40AAE0A1A4F664828DF5A95875AEA1C8 - C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll - Google Update E7006BB5611298DBDD03FE3519C19AC2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U25 238F239EAEFF7E3E782913D599084E18 - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.250.18 DFC9460CC37E5C414DC4680B10C19E7A - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash 005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 421CB2C1010522B3BF7C00725520B844 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 0E8B2D0D9E3415A91EF259CE1112C579 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1210150.dll - Shockwave for Director / Shockwave for Director 65C1D9F74004E775F9A8598476ABE5EE - C:\Documents and Settings\f\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 01D93217A9EE48DD37072B671378CC9C - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In 3A9E1940B4459CC97FDCBB24FCB69004 - D:\RealPlayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) 0FCEAA7D12B7B0BA825E5C770B1DCA48 - D:\RealPlayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin BE126CB7049E89ED6F3038016668B502 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) EAC427FEF96A13058C1ACD17C38966CF - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) 96B3689320E9B16EDF38B7A5001C35F0 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin C5322029C67AD8D38311FABEEAB4E595 - C:\Program Files\Winamp Detect\npwachk.dll - Winamp Application Detector AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 28986F0A2342A033345EF9E70D395E4F - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[23.07.2014 15:39] idhngdhcfkoamngbedgpaokgjbnpdiji - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14.08.2013 16:24] YTBouookMaork - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo Saving Smart - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph SNT - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YTBouookMaork - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo YTBouookMaork - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo SocialReviver - f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald AdBlock - f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom avast Online Security - f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki FIDPlus - f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcgfkcipkhjdfobgaahmbeekfkimhbhe Google Wallet - f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda YTBouookMaork - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo YTBouookMaork - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo Saving Smart - Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph SNT - Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YTBouookMaork - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo YTBouookMaork - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo Saving Smart - HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph SNT - HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YTBouookMaork - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo YTBouookMaork - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo Saving Smart - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph SNT - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YTBouookMaork - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo ==== Chromium Startpages ====================== C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.ba/firefox", ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=" ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on ??? 25.10.2014 at 21:16:21,39 ======================

Profil

Sass Drake Poslao: 26 Okt 2014 02:04 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: shmele Registruj se da bi pohvalio/la poruku! Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: C:\RECYCLER\S-1-5-21-776561741-73586283-1417001333-1003\Dc7.exe;f C:\RECYCLER\S-1-5-21-776561741-73586283-1417001333-1003\Dc6.exe;f C:\WINDOWS\Temp\UptUpdater.exe;f C:\RECYCLER\S-1-5-21-776561741-73586283-1417001333-1003\Dc10.exe;f C:\RECYCLER\S-1-5-21-776561741-73586283-1417001333-1003\Dc17.exe;f jid1-wBQ459dI4EwqHg@jetpack.xpi;ff bfipfkeoidmndggnnpobeenlamiclald;chr daoaepmjkdnkjjacfemjogligojnname;chr gighmmpiobklfepjocnamgkkbiglidom;chr gomekmidlodglbbmalcneegieacbdmki;chr hcamnijgggppihioleoenjmlnakejdph;chr hcgfkcipkhjdfobgaahmbeekfkimhbhe;chr ibnfnknbioppmddppinifbgfoolackcn;chr jgpheejijkmdiahhbipodpmohjimejkf;chr jpflmbglhkddgbndnafkmmiphopfmbbn;chr mhodkolbppkpemplnhapghafbbljiekn;chr nmmhkkegccagdldgiimedpiccmgmieda;chr ogfgebccnkonoclobaianboknnhjmfbi;chr omilhkipfmnkmgolilbmoejccolnbclo;chr emptyclsid; shortcutfix; emptyalltemp; autoclean; Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku.

Profil

jokics Poslao: 26 Okt 2014 08:00 Idi na vrh
offline jokics Novi MyCity građanin Pridružio: 24 Okt 2014 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png Zoek.exe v5.0.0.0 Updated 24-10-2014 Tool run by f on ??? 26.10.2014 at 7:22:09,81. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\f\Desktop\zoek\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 26.10.2014 7:26:35 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully HKEY_USERS\S-1-5-21-776561741-73586283-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully HKEY_USERS\S-1-5-21-776561741-73586283-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully HKEY_USERS\S-1-5-21-776561741-73586283-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-776561741-73586283-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_CLASSES_ROOT\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-776561741-73586283-1417001333-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578 user.js not found ---- Lines jid1-wBQ459dI4EwqHg@jetpack.xpi removed from prefs.js ---- user_pref("extensions.bootstrappedAddons", "{\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.6.5\",\"type\":\"extension\",\"descriptor\":\ ---- Lines jid1-wBQ459dI4EwqHg@jetpack.xpi modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_26.10.2014_0739_.backup ==== Deleting Files \ Folders ====================== C:\Documents and Settings\f\AppData\LocalLow\{174474D0-71ED-37A0-87B7-E08C5513624B} deleted C:\Documents and Settings\f\AppData\LocalLow\{892B3554-B8ED-BB12-3A29-1FC9812837CC} deleted C:\Documents and Settings\f\AppData\LocalLow\{B1921A2A-FD22-8D57-8D91-174AAA61912E} deleted C:\Documents and Settings\f\AppData\LocalLow\{B1CC9F99-522A-90B9-BC03-3D963C48638A} deleted C:\Documents and Settings\f\AppData\LocalLow\{B4FEEFFB-A45B-3AB9-758E-C35D38307770} deleted C:\Documents and Settings\f\AppData\LocalLow\{C814BFB9-C3E9-55EB-22EA-98053F429A43} deleted C:\WINDOWS\system32\config\systemprofile\AppData\LocalLow\{C814BFB9-C3E9-55EB-22EA-98053F429A43} deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\f08a7df195231ae1 deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\UToubeAdBloocka deleted C:\Program Files\ComPlus Applications deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\boost_interprocess deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\ItsMyApp deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallMate deleted C:\Documents and Settings\f\Local Settings\Application Data\CrashRpt deleted C:\WINDOWS\system32\GroupPolicy\User deleted C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578\jetpack deleted "C:\RECYCLER\S-1-5-21-776561741-73586283-1417001333-1003\Dc7.exe" deleted "C:\RECYCLER\S-1-5-21-776561741-73586283-1417001333-1003\Dc6.exe" deleted "C:\WINDOWS\Temp\UptUpdater.exe" deleted "C:\RECYCLER\S-1-5-21-776561741-73586283-1417001333-1003\Dc10.exe" deleted "C:\RECYCLER\S-1-5-21-776561741-73586283-1417001333-1003\Dc17.exe" deleted "C:\WINDOWS\Installer\647daa.msi" deleted "C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578\extensions\jid1-wBQ459dI4EwqHg@jetpack.xpi" deleted "C:\DOCUME~1\ALLUSE~1\APPLIC~1\jobpmejaliolglbeplmfgfjoebcmjaoj\jobpmejaliolglbeplmfgfjoebcmjaoj.crx" deleted "C:\DOCUME~1\ALLUSE~1\APPLIC~1\jobpmejaliolglbeplmfgfjoebcmjaoj\update.xml" deleted "C:\Documents and Settings\f\Local Settings\Application Data\AppDockGUI\AppDockGUI.exe" deleted "C:\Documents and Settings\f\Local Settings\Application Data\AppDockGUI\BackupSambaSDK.exe" deleted "C:\Documents and Settings\f\Local Settings\Application Data\AppDockGUI\msvcp100.dll" deleted "C:\Documents and Settings\f\Local Settings\Application Data\AppDockGUI\msvcr100.dll" deleted "C:\Documents and Settings\f\Local Settings\Application Data\AppDockGUI\QtCore4.dll" deleted "C:\Documents and Settings\f\Local Settings\Application Data\AppDockGUI\QtNetwork4.dll" deleted "C:\WINDOWS\System32\KeyboardSDKText\KeyboardSDKText.exe" deleted "C:\WINDOWS\System32\KeyboardSDKText\msvcp100.dll" deleted "C:\WINDOWS\System32\KeyboardSDKText\msvcr100.dll" deleted "C:\WINDOWS\System32\KeyboardSDKText\QtCore4.dll" deleted "C:\WINDOWS\System32\KeyboardSDKText\QtNetwork4.dll" deleted "C:\DOCUME~1\ALLUSE~1\APPLIC~1\jobpmejaliolglbeplmfgfjoebcmjaoj" deleted "C:\Documents and Settings\f\Local Settings\Application Data\AppDockGUI" deleted "C:\WINDOWS\System32\KeyboardSDKText" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [23.07.2014 14:39] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578 - Gmail Notifier restartless - %ProfilePath%\extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\f\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578 40AAE0A1A4F664828DF5A95875AEA1C8 - C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll - Google Update E7006BB5611298DBDD03FE3519C19AC2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U25 238F239EAEFF7E3E782913D599084E18 - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.250.18 DFC9460CC37E5C414DC4680B10C19E7A - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash 005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 421CB2C1010522B3BF7C00725520B844 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 0E8B2D0D9E3415A91EF259CE1112C579 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1210150.dll - Shockwave for Director / Shockwave for Director 65C1D9F74004E775F9A8598476ABE5EE - C:\Documents and Settings\f\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 01D93217A9EE48DD37072B671378CC9C - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In 3A9E1940B4459CC97FDCBB24FCB69004 - D:\RealPlayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) 0FCEAA7D12B7B0BA825E5C770B1DCA48 - D:\RealPlayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin BE126CB7049E89ED6F3038016668B502 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) EAC427FEF96A13058C1ACD17C38966CF - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) 96B3689320E9B16EDF38B7A5001C35F0 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin C5322029C67AD8D38311FABEEAB4E595 - C:\Program Files\Winamp Detect\npwachk.dll - Winamp Application Detector AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 28986F0A2342A033345EF9E70D395E4F - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[23.07.2014 14:39] idhngdhcfkoamngbedgpaokgjbnpdiji - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14.08.2013 15:24] YTBouookMaork - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo Saving Smart - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph SNT - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YTBouookMaork - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo YTBouookMaork - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo SocialReviver - f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald AdBlock - f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom avast Online Security - f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki FIDPlus - f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcgfkcipkhjdfobgaahmbeekfkimhbhe Google Wallet - f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda YTBouookMaork - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo YTBouookMaork - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo Saving Smart - Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph SNT - Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YTBouookMaork - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo YTBouookMaork - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo Saving Smart - HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph SNT - HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YTBouookMaork - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo YTBouookMaork - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo Saving Smart - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph SNT - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YTBouookMaork - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname Saving Smart - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph YoutubeAdblocker - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn saVe net - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf SNT - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn SNT - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn YoutubeAdblocker - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi GreatsiaaveR - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo ==== Chromium Startpages ====================== C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.ba/firefox", ==== Chromium Fix ====================== C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx deleted successfully C:\Documents and Settings\f\Application Data\Opera Software\Opera Stable\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Documents and Settings\f\Application Data\Opera Software\Opera Stable\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\daoaepmjkdnkjjacfemjogligojnname deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcgfkcipkhjdfobgaahmbeekfkimhbhe deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ibnfnknbioppmddppinifbgfoolackcn deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jgpheejijkmdiahhbipodpmohjimejkf deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\jpflmbglhkddgbndnafkmmiphopfmbbn deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\mhodkolbppkpemplnhapghafbbljiekn deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogfgebccnkonoclobaianboknnhjmfbi deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo deleted successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo deleted successfully C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo deleted successfully C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo deleted successfully C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\omilhkipfmnkmgolilbmoejccolnbclo deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=" ==== shortcuts on Users Desktops ====================== C:\Documents and Settings\f\Desktop\Auslogics BoostSpeed.lnk - C:\Program Files\Auslogics\BoostSpeed\BoostSpeed.exe C:\Documents and Settings\f\Desktop\avast Internet Security.lnk - C:\Documents and Settings\f\Desktop\Chameleon Shutdown.lnk - C:\Program Files\Chameleon Shutdown\shutdown.exe C:\Documents and Settings\f\Desktop\EVEREST Home Edition.lnk - C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe C:\Documents and Settings\f\Desktop\Microsoft Word 2010.lnk - C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe C:\Documents and Settings\f\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\f\Desktop\Muzika.lnk - D:\Jokic Goran C:\Documents and Settings\f\Desktop\My Documents.lnk - C:\Documents and Settings\f\My Documents C:\Documents and Settings\f\Desktop\Paint.lnk - C:\WINDOWS\system32\mspaint.exe C:\Documents and Settings\f\Desktop\PotPlayer.lnk - C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe C:\Documents and Settings\f\Desktop\Prečica do fm.lnk - C:\Documents and Settings\f\Desktop\Sve slike i video zapisi.lnk - D:\Sve slike i video zapisi C:\Documents and Settings\f\Desktop\Total CMA Pack.lnk - C:\Program Files\Total CMA Pack\Total CMA Pack.exe C:\Documents and Settings\f\Desktop\XBMC.lnk - C:\Program Files\XBMC\XBMC.exe C:\Documents and Settings\f\Desktop\Igrice\Minecraft.lnk - C:\Documents and Settings\f\Application Data\.minecraft\minecraft launcher\Minecraft Launcher.exe C:\Documents and Settings\f\Desktop\Igrice\Prečica do eurotrucks.lnk - C:\Documents and Settings\f\Desktop\Igrice\Prečica do ExtTrucker2.lnk - C:\Documents and Settings\f\Desktop\Igrice\Prečica do Game.lnk - C:\Documents and Settings\f\Desktop\Igrice\Prečica do GAOR.lnk - C:\Documents and Settings\f\Desktop\Igrice\Prečica do gta_sa.lnk - C:\Documents and Settings\f\Desktop\Igrice\Prečica do PlayUFS.lnk - C:\Documents and Settings\f\Desktop\Igrice\Prečica do tmnt.lnk - C:\Documents and Settings\f\Desktop\Igrice\Prečica do trials.lnk - C:\Documents and Settings\f\Desktop\Igrice\Prečica do woodcutter.lnk - C:\Documents and Settings\f\Desktop\Igrice\Primal Carnage.lnk - D:\Primal Carnage\Binaries\Win32\PrimalCarnageGame.exe C:\Documents and Settings\f\Desktop\Igrice\TMNT.lnk - C:\Program Files\Ubisoft\TMNT\TMNT.exe C:\Documents and Settings\f\Desktop\Nintendo wii\WBFS Manager 3.0.lnk - C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe C:\Documents and Settings\f\Desktop\Photoshop CS6\Adobe Photoshop CS6.lnk - C:\Program Files\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6\PhotoshopCS6.exe C:\Documents and Settings\f\Desktop\Stampac\Epson Easy Photo Print.lnk - C:\Program Files\EPSON Software\Easy Photo Print\EPQuicker.exe C:\Documents and Settings\f\Desktop\Stampac\EPSON Scan.lnk - C:\WINDOWS\twain_32\escndv\escndv.exe C:\Documents and Settings\f\Desktop\Stampac\Korisnički vodič EPSON XP-205 207 Series.lnk - C:\Documents and Settings\f\Desktop\Stampac\Mrežni vodič EPSON XP-205 207 Series.lnk - C:\Documents and Settings\f\Desktop\Strimovanje\playlists.lnk - C:\Program Files\XBMC\addons\SerbianForum m3u plejer\playlists C:\Documents and Settings\f\Desktop\Strimovanje\Simple_TV_by_Maxwell_(lite)_05.06.14\Simple_TV_by_Maxwell ( lite )\work\Channel\logo\logo - ?????.lnk - ==== shortcuts on All Users Desktop ====================== C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe C:\Documents and Settings\All Users\Desktop\ManyCam.lnk - C:\Program Files\ManyCam\ManyCam.exe C:\Documents and Settings\All Users\Desktop\PowerISO.lnk - C:\Program Files\PowerISO\PowerISO.exe C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe C:\Documents and Settings\All Users\Desktop\Shollym Patch 2014.lnk - D:\Shollym Multi-Patch 2014\PES6.exe C:\Documents and Settings\All Users\Desktop\Skype.lnk - C:\WINDOWS\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe C:\Documents and Settings\All Users\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe C:\Documents and Settings\All Users\Desktop\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe C:\Documents and Settings\All Users\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe C:\Documents and Settings\All Users\Desktop\Winamp.lnk - C:\Program Files\Winamp\winamp.exe ==== shortcuts in Users Start Menu ====================== C:\Documents and Settings\f\Start Menu\Programs\EPSON Software\Download Navigator.lnk - C:\Program Files\EPSON Software\Download Navigator\EPSDNAVI.EXE /ST C:\Documents and Settings\f\Start Menu\Programs\WBFS Manager\WBFS Manager 3.0.lnk - C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe ==== shortcuts in All Users Start Menu ====================== C:\Documents and Settings\All Users\Start Menu\Microsoft Update Catalog.lnk - C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\All Users\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe -tab about C:\Documents and Settings\All Users\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe -tab update C:\Documents and Settings\All Users\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe C:\Documents and Settings\All Users\Start Menu\Programs\Java\Get Help.lnk - C:\Documents and Settings\All Users\Start Menu\Programs\Java\Visit Java.com.lnk - C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\unins000.exe C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files\VideoLAN\VLC\Documentation.url C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files\VideoLAN\VLC\NEWS.txt C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files\VideoLAN\VLC\VideoLAN Website.url C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe -Iskins C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Documents and Settings\f\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk - C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8 C:\Documents and Settings\f\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8 C:\Documents and Settings\f\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk - C:\Program Files\Opera\launcher.exe C:\Documents and Settings\f\Application Data\Microsoft\Internet Explorer\Quick Launch\Subtitle Workshop.lnk - C:\Program Files\URUSoft\Subtitle Workshop\SubtitleWorkshop.exe C:\Documents and Settings\f\Application Data\Microsoft\Internet Explorer\Quick Launch\Total CMA Pack.lnk - C:\Program Files\Total CMA Pack\Total CMA Pack.exe ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:12742" "ProxyOverride"="<local>;origin.com;ea.com;*akamaihd.net" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F274703B9DB704042955ECD6A611693A deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\29529048-ba39-40d3-a25d-799fce41b41c deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\8c203b4d-7588-4b2b-85e6-151258f67d5c deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\985e67b0-299c-4f8b-8175-0b458690880a deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\e11ad90e-b410-47d8-ad12-ff2a097fe8f1 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B307472F-7BD9-4040-9255-CE6D6A1196A3} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F274703B9DB704042955ECD6A611693A deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\f\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\f\Local Settings\Application Data\Mozilla\Firefox\Profiles\cgh6cwhu.default-1414056880578\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\f\Local Settings\Application Data\Opera Software\Opera Stable\Cache emptied successfully C:\Documents and Settings\f\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=988 folders=394 36988692 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\f\Local Settings\Temp will be emptied at reboot C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\f\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\f\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on ??? 26.10.2014 at 7:57:33,50 ======================

Profil

Sass Drake Poslao: 26 Okt 2014 11:02 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: `process; startupall; skipfix-iedefaults; firefoxlook; chromelook; filesrcm;` Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku. Kakvo je sada stanje?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem by eDeals

Ko je trenutno na forumu

Ukupno su 1102 korisnika na forumu :: 30 registrovanih, 5 sakrivenih i 1067 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: anbeast, Ben Roj, Boris BM, CikaKURE, debeli, doktor1964, Dorcolac, Georgius, hologram, HrcAk47, kolle.the.kid, krkalon, Kubovac, ladro, Leonov, Marex, milos.cbr, Miskohd, muaddib, ozzy, Pohovani_00, RJ, Srle993, styg, vandrej, vathra, yrraf, ZetaMan, |_MeD_|, žeks62

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by