MyCity » Ambulanta -> Arhiva Ambulante » Problem konekcija

Problem konekcija

Napisano na dan: 11.2.2014

Strana:
1
2

Problem konekcija

Sledeća strana

Pagination

Odgovori

Strana:
1
2

cvetko_a Poslao: 11 Feb 2014 21:51 Idi na vrh
offline cvetko_a Građanin Pridružio: 20 Feb 2005 Poruke: 297 Gde živiš: Vranje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: U poslednje vreme konekcija mi je očajno loša a naročito u zadnja dva dana,malte ne nemogu da otvorim sajt uvek idem na refrešovanje ili ponovno pokretanje.. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.51.2 Run by Hranca at 21:46:10 on 2014-02-11 Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.3071.1606 [GMT 1:00] . AV: ESET Smart Security 6.0 Enabled/Updated {77DEAFED-8149-104B-25A1-21771CA47CD1} SP: ESET Smart Security 6.0 Enabled/Updated {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET lični zaštitni zid Enabled {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe C:\Windows\system32\svchost.exe -k HsfXAudioService C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\MCShield\MCShieldRTM.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Hranca\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Hranca\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Hranca\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Hranca\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Users\Hranca\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wuauclt.exe C:\Users\Hranca\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://mail.ru/cnt/10445 uProxyOverride = <local> BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe uRun: [Google Update] "C:\Users\Hranca\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:221 uPolicies-Explorer: NoSMBalloonTip = dword:1 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {73848533-39E1-49F1-9363-28054268C094} - hxxps://rol.raiffeisenbank.rs/RetailDLL/FSINT9.dll DPF: {8BA2FE8E-8506-11D4-BFE2-CB5FED326646} - hxxps://rol.raiffeisenbank.rs/RaiffeisenDLL/SAWZip.dll DPF: {A42DDE4E-DF36-4592-83B6-CCA28E770ABD} - hxxps://rol.raiffeisenbank.rs/RaiffeisenDLL/EbankingWWW.dll DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab DPF: {F6FFAC18-CAD4-4054-9D49-D610286CE323} - hxxps://rol.raiffeisenbank.rs/RetailDLL/EBCSCC2a.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{2388B5E3-174A-48E3-8684-116F41AFA482} : DHCPNameServer = 192.168.42.129 TCP: Interfaces\{47DA6221-F032-4FA7-AC51-0010E42B3AB1} : DHCPNameServer = 192.168.42.129 TCP: Interfaces\{509A287C-B7E3-4FCC-911E-BC94F16EEE30} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{6CF69849-BE63-4B89-B127-F5B13E60F019} : DHCPNameServer = 192.168.42.129 TCP: Interfaces\{75C9A330-DD36-4C72-96D5-F079E91CD177} : DHCPNameServer = 192.168.42.129 TCP: Interfaces\{BD5EC01A-EB3E-4874-948B-EFC7239B9638} : DHCPNameServer = 192.168.42.129 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2012-11-28 57904] R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2012-10-8 211344] R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2012-10-8 59440] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-3-9 235520] R2 APNMCP;Ask Update Service;C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-8-20 164816] R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-26 1329304] R2 HsfXAudioService;HsfXAudioService;C:\Windows\System32\svchost.exe -k HsfXAudioService [2009-7-14 27136] R2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor64.sys [2013-1-20 12824] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-11 418376] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-7-13 769432] R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-18 5087584] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768] R3 CAXHWBS2;CAXHWBS2;C:\Windows\System32\drivers\CAXHWBS2.sys [2009-6-30 411136] R3 DKRtWrt;DKRtWrt;C:\Windows\System32\drivers\DKRtWrt.sys [2013-1-20 44624] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-2-11 25928] R3 seehcri;Sony Ericsson seehcri Device Driver;C:\Windows\System32\drivers\seehcri.sys [2012-12-30 34032] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-11 701512] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672] S2 WiseBootAssistant;Wise Boot Assistant;C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [2013-1-20 580648] S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2010-10-18 38424] S3 DfSdkS;Defragmentation-Service;C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\DfSdkS64.exe [2013-1-20 544768] S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2012-10-21 14448] S3 massfilter_hs;HS HandSet Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter_hs.sys [2014-2-10 18456] S3 pneteth;PdaNet Broadband;C:\Windows\System32\drivers\pneteth.sys [2013-1-12 15360] S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-2-15 19032] S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-2-15 12384] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-3 19456] S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-9-28 155824] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\Windows\System32\drivers\ss_bbus.sys [2009-9-19 127488] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\Windows\System32\drivers\ss_bmdfl.sys [2009-9-19 18944] S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\Windows\System32\drivers\ss_bmdm.sys [2009-9-19 161280] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-3 57856] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-21 1255736] S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896] S4 WO_LiveService;Ashampoo LiveTuner Service;C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe [2013-1-20 884608] . =============== File Associations =============== . FileExt: .reg: Applications\AcroRd32.exe - CurrentVersion: AcroExch.Document.11="C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" "%1" [UserChoice] [default=Read] . =============== Created Last 30 ================ . 2014-02-11 19:33:59 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-02-11 19:33:59 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-11 10:52:15 -------- d-----w- C:\Users\Hranca\AppData\Local\MailRu 2014-02-11 10:49:35 -------- d-----w- C:\Users\Hranca\AppData\Local\Mail.Ru 2014-01-19 08:23:13 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2014-01-15 07:39:14 -------- d-----w- C:\Flashtool . ==================== Find3M ==================== . 2014-02-11 19:02:23 281768 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2014-02-11 19:02:23 281768 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2014-02-11 18:55:18 281768 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2013-11-16 11:06:27 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-11-16 11:06:27 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe . ============= FINISH: 21:46:46,11 =============== https://www.mycity.rs/must-login.png

Profil

magna86 Poslao: 12 Feb 2014 00:48 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Da li koristis mail.ru ? Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop: Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom. Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija. dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor; pričekati koji trenutak dok alat proverava postoji li novija verzija; klikni na dugme Scan; po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj FRST.txt izveštaja u poruku; po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt); okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

Profil

cvetko_a Poslao: 12 Feb 2014 14:37 Idi na vrh
offline cvetko_a Građanin Pridružio: 20 Feb 2005 Poruke: 297 Gde živiš: Vranje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 12 Feb 2014 14:37 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014 01 Ran by Hranca (administrator) on HRANCA-PC on 12-02-2014 14:29:16 Running from C:\Users\Hranca\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe () C:\Windows\SysWOW64\PnkBstrA.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Users\Hranca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Hranca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Hranca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Hranca\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\system32\DeviceDisplayObjectProvider.exe (Microsoft Corporation) C:\Windows\system32\DXPServer.exe (Google Inc.) C:\Users\Hranca\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [6325936 2012-11-26] (ESET) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKU\S-1-5-21-3660575161-1947987749-166325203-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-04-02] (Google Inc.) HKU\S-1-5-21-3660575161-1947987749-166325203-1000\...\Run: [MCShield Monitor] - C:\Program Files (x86)\MCShield\mcshieldrtm.exe [607232 2013-02-10] (MyCity) HKU\S-1-5-21-3660575161-1947987749-166325203-1000\...\Run: [Google Update] - C:\Users\Hranca\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-07] (Google Inc.) HKU\S-1-5-21-3660575161-1947987749-166325203-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-3660575161-1947987749-166325203-1000\...\Policies\Explorer: [NoSMBalloonTip] 1 HKU\S-1-5-21-3660575161-1947987749-166325203-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 0 ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.ru/cnt/10445 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9B5EEFBD070FCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-rs StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?q={SearchTerms}&fr=ntg BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) DPF: HKLM-x32 {73848533-39E1-49F1-9363-28054268C094} https://rol.raiffeisenbank.rs/RetailDLL/FSINT9.dll DPF: HKLM-x32 {8BA2FE8E-8506-11D4-BFE2-CB5FED326646} https://rol.raiffeisenbank.rs/RaiffeisenDLL/SAWZip.dll DPF: HKLM-x32 {A42DDE4E-DF36-4592-83B6-CCA28E770ABD} https://rol.raiffeisenbank.rs/RaiffeisenDLL/EbankingWWW.dll DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazon......5.1.0.cab DPF: HKLM-x32 {F6FFAC18-CAD4-4054-9D49-D610286CE323} https://rol.raiffeisenbank.rs/RetailDLL/EBCSCC2a.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.8.5.1235.0517.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.8.5.1235.0517.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Hranca\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Hranca\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Hranca\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Extension: OneClickDownloader - C:\Users\Hranca\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2012-08-25] FF Extension: GoPhotoIt - C:\Users\Hranca\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2012-07-31] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-02-03] FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-12-09] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-02-03] Chrome: ======= CHR HomePage: https://www.google.com.tr/ CHR RestoreOnStartup: "https://www.google.com.tr/" CHR DefaultSearchKeyword: google.com.tr CHR Extension: (Gmail) - C:\Users\Hranca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-28] CHR HKLM-x32\...\Chrome\Extension: [aaaaipellmcghooemdekbhlgaoiaebam] - C:\ProgramData\AskPartnerNetwork\Toolbar\SHD-V7\CRX\ToolbarCR.crx [2013-08-20] CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-12-09] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-07-12] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-20] (APN LLC.) S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) R2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2627920 2011-03-03] (Diskeeper Corporation) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1329304 2012-11-26] (ESET) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-02-17] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-02-03] () S3 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] () S3 usnjsvc; C:\Program Files (x86)\Windows Live\Messenger\usnsvc.exe [98672 2007-05-17] (Microsoft Corporation) S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580648 2012-07-17] (WiseCleaner.com) S3 WLSetupSvc; C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe [228208 2007-05-16] () S4 WO_LiveService; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe [884608 2012-05-14] () ==================== Drivers (Whitelisted) ==================== S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] () R3 DKRtWrt; C:\Windows\System32\DRIVERS\DKRtWrt.sys [44624 2011-02-14] (Diskeeper Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [211344 2012-10-08] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [149592 2012-10-08] (ESET) R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [189208 2012-10-08] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2012-10-08] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [57904 2012-11-28] (ESET) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.) R2 LiveTunerPM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor64.sys [12824 2011-03-08] () S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [18456 2012-04-16] (HandSet Incorporated) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-01-11] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-01-11] () S3 SANDRA; No ImagePath R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2012-12-30] (Sony Ericsson Mobile Communications) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2012-04-04] () S3 Synth3dVsc; No ImagePath S3 tsusbhub; No ImagePath S3 VGPU; No ImagePath U3 ad6snqzw; C:\Windows\System32\Drivers\ad6snqzw.sys [0 ] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-12 14:29 - 2014-02-12 14:30 - 00016381 _____ () C:\Users\Hranca\Desktop\FRST.txt 2014-02-12 14:29 - 2014-02-12 14:29 - 00000000 ____D () C:\FRST 2014-02-12 14:27 - 2014-02-12 14:28 - 02151424 _____ (Farbar) C:\Users\Hranca\Desktop\FRST64.exe 2014-02-12 11:37 - 2014-02-12 11:37 - 00000062 _____ () C:\Users\Hranca\Desktop\New Text Document (3).txt 2014-02-11 21:45 - 2014-02-11 21:45 - 00688992 ____R (Swearware) C:\Users\Hranca\Desktop\dds.scr 2014-02-11 21:43 - 2014-02-12 08:53 - 00129200 ____N () C:\Windows\WindowsUpdate.log 2014-02-11 20:34 - 2014-02-11 20:34 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-02-11 20:33 - 2014-02-11 20:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-11 20:33 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-02-11 20:32 - 2014-02-11 20:33 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Hranca\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-11 20:01 - 2014-02-11 20:01 - 00001057 _____ () C:\Users\Hranca\Desktop\VerindraRconClient.exe - Shortcut.lnk 2014-02-11 12:46 - 2014-02-11 12:48 - 04784310 _____ () C:\Users\Hranca\Downloads\Peliculas .zip 2014-02-11 11:56 - 2014-02-11 11:59 - 00000057 _____ () C:\Users\Hranca\Desktop\New Text Document (2).txt 2014-02-11 11:52 - 2014-02-11 11:52 - 00000000 ____D () C:\Users\Hranca\AppData\Local\MailRu 2014-02-11 11:49 - 2014-02-11 11:49 - 00000000 ____D () C:\Users\Hranca\AppData\Local\Mail.Ru 2014-02-11 11:28 - 2014-02-11 11:28 - 26863006 _____ () C:\Users\Hranca\Downloads\Perfectly Clear v.2.0.11 - Xdroidzone.rar 2014-02-10 21:40 - 2014-02-10 21:40 - 00000000 ____D () C:\Program Files\ZTE Handset USB Driver 2014-02-10 21:40 - 2012-05-24 20:00 - 00128624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsvousb.sys 2014-02-10 21:40 - 2012-05-24 20:00 - 00128624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghstrace.sys 2014-02-10 21:40 - 2012-05-24 20:00 - 00128624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsnmea.sys 2014-02-10 21:40 - 2012-05-24 20:00 - 00128624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsmdm.sys 2014-02-10 21:40 - 2012-05-24 20:00 - 00128624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsdiagmdm.sys 2014-02-10 21:40 - 2012-05-24 20:00 - 00128624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsdiag.sys 2014-02-10 21:40 - 2012-05-24 20:00 - 00128624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsat.sys 2014-02-10 21:40 - 2012-04-16 15:56 - 00018456 _____ (HandSet Incorporated) C:\Windows\system32\Drivers\massfilter_hs.sys 2014-02-10 21:40 - 2012-03-09 14:44 - 00129176 _____ (HS Incorporated) C:\Windows\system32\Drivers\ghsmdm.sys 2014-02-10 21:40 - 2012-03-09 14:44 - 00129176 _____ (HS Incorporated) C:\Windows\system32\Drivers\ghsdiagMDM.sys 2014-02-10 21:40 - 2012-03-09 14:44 - 00129176 _____ (HS Incorporated) C:\Windows\system32\Drivers\ghsdiagAP.sys 2014-02-10 21:40 - 2012-03-09 14:44 - 00129176 _____ (HS Incorporated) C:\Windows\system32\Drivers\ghsat.sys 2014-02-10 21:40 - 2012-03-09 14:43 - 00129176 _____ (HS Incorporated) C:\Windows\system32\Drivers\ghsnmea.sys 2014-02-10 21:40 - 2012-03-08 15:02 - 00163352 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsnet.sys 2014-02-10 21:40 - 2012-03-08 15:02 - 00039448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\zghsvcom.sys 2014-02-10 21:40 - 2011-10-26 15:31 - 00067608 _____ (Google, inc) C:\Windows\AdbWinUsbApi.dll 2014-02-10 21:40 - 2011-08-15 16:43 - 00584584 _____ () C:\Windows\adb.exe 2014-02-10 21:40 - 2011-08-15 16:43 - 00102936 _____ (Google, inc) C:\Windows\AdbWinApi.dll 2014-02-10 21:25 - 2014-02-10 21:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_androidusb_01005.Wdf 2014-02-10 21:12 - 2014-02-11 11:11 - 00000000 ____D () C:\Users\Hranca\Downloads\ZTEBlade3 2014-02-10 21:01 - 2014-02-10 21:07 - 00000000 ____D () C:\Users\Hranca\Desktop\DanijelaSlike 2014-02-07 16:55 - 2013-12-04 08:11 - 10500922 _____ () C:\Users\Hranca\Desktop\boot.img 2014-02-06 12:03 - 2014-02-06 12:03 - 10932182 _____ () C:\Users\Hranca\Desktop\Vengeance-Reloaded Tipo-v2.elf 2014-02-06 12:02 - 2014-02-06 12:03 - 10932182 _____ () C:\Users\Hranca\Downloads\Vengeance-Reloaded Tipo-v2.elf 2014-02-06 11:13 - 2014-02-06 11:19 - 00000216 _____ () C:\Users\Hranca\Desktop\New Text Document.txt 2014-02-06 10:04 - 2014-02-06 10:04 - 00533274 _____ () C:\Users\Hranca\Downloads\blacktheme.apk 2014-02-05 18:21 - 2014-02-05 18:21 - 00000824 _____ () C:\Users\Hranca\Downloads\rtf 2014-02-02 13:42 - 2014-02-02 13:42 - 00000000 ____D () C:\Users\Hranca\Desktop\2014-02-01.Gimlo 2014-02-01 19:30 - 2014-02-01 19:30 - 00000000 ____D () C:\Users\Hranca\Desktop\2013-11-30.znxt6.2 2014-01-19 09:23 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-01-19 09:23 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-01-19 09:23 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-01-19 09:23 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-01-19 09:22 - 2014-01-19 09:23 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-01-15 08:39 - 2014-01-18 11:13 - 00000000 ____D () C:\Flashtool 2014-01-15 08:39 - 2014-01-15 08:39 - 00000000 ____D () C:\Users\Hranca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool ==================== One Month Modified Files and Folders ======= 2014-02-12 14:30 - 2014-02-12 14:29 - 00016381 _____ () C:\Users\Hranca\Desktop\FRST.txt 2014-02-12 14:29 - 2014-02-12 14:29 - 00000000 ____D () C:\FRST 2014-02-12 14:28 - 2014-02-12 14:27 - 02151424 _____ (Farbar) C:\Users\Hranca\Desktop\FRST64.exe 2014-02-12 14:10 - 2012-04-02 16:16 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-12 14:06 - 2012-09-28 08:27 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660575161-1947987749-166325203-1000UA.job 2014-02-12 13:36 - 2013-03-15 10:31 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3660575161-1947987749-166325203-1000UA.job 2014-02-12 13:06 - 2012-09-28 08:27 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660575161-1947987749-166325203-1000Core.job 2014-02-12 12:13 - 2009-07-14 05:45 - 00046544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-12 12:13 - 2009-07-14 05:45 - 00046544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-12 12:07 - 2013-02-03 12:32 - 00281768 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-02-12 12:07 - 2012-04-30 16:53 - 00281768 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-02-12 11:39 - 2013-02-03 12:32 - 00281768 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-02-12 11:37 - 2014-02-12 11:37 - 00000062 _____ () C:\Users\Hranca\Desktop\New Text Document (3).txt 2014-02-12 11:08 - 2012-04-02 15:08 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6599C1B7-5469-40F1-81BD-1AD35A6AC043} 2014-02-12 10:36 - 2013-03-15 10:31 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3660575161-1947987749-166325203-1000Core.job 2014-02-12 10:35 - 2012-04-03 23:24 - 00000000 ____D () C:\Users\Hranca\Documents\Outlook Files 2014-02-12 08:53 - 2014-02-11 21:43 - 00129200 ____N () C:\Windows\WindowsUpdate.log 2014-02-12 08:50 - 2013-09-16 19:16 - 00000000 ____D () C:\ProgramData\MCShield 2014-02-12 08:50 - 2012-04-02 16:16 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-12 08:50 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-11 21:45 - 2014-02-11 21:45 - 00688992 ____R (Swearware) C:\Users\Hranca\Desktop\dds.scr 2014-02-11 20:53 - 2013-12-30 09:28 - 00000000 ____D () C:\Users\Hranca\AppData\Local\genienext 2014-02-11 20:34 - 2014-02-11 20:34 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-02-11 20:34 - 2014-02-11 20:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-11 20:33 - 2014-02-11 20:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Hranca\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-11 20:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-02-11 20:01 - 2014-02-11 20:01 - 00001057 _____ () C:\Users\Hranca\Desktop\VerindraRconClient.exe - Shortcut.lnk 2014-02-11 18:00 - 2013-04-14 20:01 - 00000468 _____ () C:\Windows\Tasks\ParetoLogic Registration.job 2014-02-11 12:48 - 2014-02-11 12:46 - 04784310 _____ () C:\Users\Hranca\Downloads\Peliculas .zip 2014-02-11 11:59 - 2014-02-11 11:56 - 00000057 _____ () C:\Users\Hranca\Desktop\New Text Document (2).txt 2014-02-11 11:55 - 2013-01-20 10:53 - 00000000 ____D () C:\Users\Hranca\AppData\Roaming\Wise Care 365 2014-02-11 11:52 - 2014-02-11 11:52 - 00000000 ____D () C:\Users\Hranca\AppData\Local\MailRu 2014-02-11 11:49 - 2014-02-11 11:49 - 00000000 ____D () C:\Users\Hranca\AppData\Local\Mail.Ru 2014-02-11 11:28 - 2014-02-11 11:28 - 26863006 _____ () C:\Users\Hranca\Downloads\Perfectly Clear v.2.0.11 - Xdroidzone.rar 2014-02-11 11:11 - 2014-02-10 21:12 - 00000000 ____D () C:\Users\Hranca\Downloads\ZTEBlade3 2014-02-10 21:40 - 2014-02-10 21:40 - 00000000 ____D () C:\Program Files\ZTE Handset USB Driver 2014-02-10 21:40 - 2013-08-08 11:03 - 00000000 ____D () C:\Users\Hranca\.android 2014-02-10 21:25 - 2014-02-10 21:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_androidusb_01005.Wdf 2014-02-10 21:25 - 2009-07-14 06:13 - 00782986 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-10 21:07 - 2014-02-10 21:01 - 00000000 ____D () C:\Users\Hranca\Desktop\DanijelaSlike 2014-02-06 12:03 - 2014-02-06 12:03 - 10932182 _____ () C:\Users\Hranca\Desktop\Vengeance-Reloaded Tipo-v2.elf 2014-02-06 12:03 - 2014-02-06 12:02 - 10932182 _____ () C:\Users\Hranca\Downloads\Vengeance-Reloaded Tipo-v2.elf 2014-02-06 11:19 - 2014-02-06 11:13 - 00000216 _____ () C:\Users\Hranca\Desktop\New Text Document.txt 2014-02-06 10:04 - 2014-02-06 10:04 - 00533274 _____ () C:\Users\Hranca\Downloads\blacktheme.apk 2014-02-06 09:33 - 2013-04-13 17:03 - 00000000 ____D () C:\Program Files\Recuva 2014-02-05 18:21 - 2014-02-05 18:21 - 00000824 _____ () C:\Users\Hranca\Downloads\rtf 2014-02-02 13:42 - 2014-02-02 13:42 - 00000000 ____D () C:\Users\Hranca\Desktop\2014-02-01.Gimlo 2014-02-01 19:30 - 2014-02-01 19:30 - 00000000 ____D () C:\Users\Hranca\Desktop\2013-11-30.znxt6.2 2014-01-31 07:32 - 2013-02-03 15:34 - 00000000 ____D () C:\Users\Hranca\AppData\Roaming\Xfire 2014-01-31 07:32 - 2013-02-03 15:34 - 00000000 ____D () C:\ProgramData\Xfire 2014-01-30 18:14 - 2013-09-16 13:31 - 00000000 ____D () C:\Users\Hranca\Desktop\Tekstovi 2014-01-19 09:23 - 2014-01-19 09:22 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-01-19 09:23 - 2013-09-17 14:27 - 00000000 ____D () C:\ProgramData\Oracle 2014-01-19 09:23 - 2013-09-17 14:27 - 00000000 ____D () C:\Program Files (x86)\Java 2014-01-18 11:13 - 2014-01-15 08:39 - 00000000 ____D () C:\Flashtool 2014-01-15 08:41 - 2013-08-17 07:38 - 00000000 ___RD () C:\Users\Hranca\Desktop\MOBILNI 2014-01-15 08:39 - 2014-01-15 08:39 - 00000000 ____D () C:\Users\Hranca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-08 10:42 ==================== End Of Log ============================ https://www.mycity.rs/must-login.png Dopuna: 12 Feb 2014 14:37 Mail ru ne koristim i mislimda sam ga obrisao..

Profil

magna86 Poslao: 12 Feb 2014 21:10 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 12 Feb 2014 14:57 Ok, pregledacu kasnije logove, sad trenutno nemam vremena, pa da me ne cekas.

Profil

magna86 Poslao: 12 Feb 2014 21:10 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo cvetko_a, Pre nego sto nastavim, da te posavetujem ako smem. Ako zelis da ti sistem sto stabilnije i duze radi...okani se raznoraznih "Windows optimize" alata knp. Ashampoo WinOptimizer ili Wise Care 365 ili 'nesto' Repair Pro i ...sve u tom fazonu. Ukoliko naravno uzivas u laznom utisku da su oni nesto znacajno uradili ili boost-ovali sam sistem, onda ih ostavi. PS: ovo se naravno ne odnosi na diskeeper, cisto da znas, vec samo na te crapware programe. DK to svakako nije... => Rezultujuce logove salji jedan po jedan, da bi bili preglednije. --- --- --- --- 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start CMD: type %homedrive%\Combofix.txt File: C:\Windows\adb.exe C:\Program Files (x86)\Mobogenie C:\Users\Hranca\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi C:\ProgramData\AskPartnerNetwork C:\Users\Hranca\AppData\Local\MailRu C:\Users\Hranca\AppData\Local\Mail.Ru HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.ru/cnt/10445 SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?q={SearchTerms}&fr=ntg FF Extension: GoPhotoIt - C:\Users\Hranca\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2012-07-31] CHR HKLM-x32\...\Chrome\Extension: [aaaaipellmcghooemdekbhlgaoiaebam] - C:\ProgramData\AskPartnerNetwork\Toolbar\SHD-V7\CRX\ToolbarCR.crx [2013-08-20] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-20] (APN LLC.) S3 SANDRA; No ImagePath S3 Synth3dVsc; No ImagePath S3 tsusbhub; No ImagePath S3 VGPU; No ImagePath S3 catchme; \??\C:\ComboFix\catchme.sys [X] AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:58DD92AC End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. --- --- --- --- Potom pokreni MSConfig alat ( start > upisi msconfig > enter ) i potrebno je da ukljucis ( enable-ujes ) mobilegeni daemon... --- --- --- --- Preuzmi smeenk-ov zoek () sa ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... Klikni na More Options dugme i stikliraj polje ispred sledece opcije: Auto Clean Napomena: Stikliraj samo navedenu opciju, ostale opcije ne dirati ! ! U beli okvir prozora iskopiraj sledeći tekst: `StartupAll; EmptyCLSID; Uninstall-List;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

cvetko_a Poslao: 12 Feb 2014 22:49 Idi na vrh
offline cvetko_a Građanin Pridružio: 20 Feb 2005 Poruke: 297 Gde živiš: Vranje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 12 Feb 2014 22:01 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-02-2014 Ran by Hranca at 2014-02-12 21:59:56 Run:1 Running from C:\Users\Hranca\Desktop Boot Mode: Normal ============================================== Content of fixlist: *************** Start CMD: type %homedrive%\Combofix.txt File: C:\Windows\adb.exe C:\Program Files (x86)\Mobogenie C:\Users\Hranca\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi C:\ProgramData\AskPartnerNetwork C:\Users\Hranca\AppData\Local\MailRu C:\Users\Hranca\AppData\Local\Mail.Ru HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.ru/cnt/10445 SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?q={SearchTerms}&fr=ntg FF Extension: GoPhotoIt - C:\Users\Hranca\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2012-07-31] CHR HKLM-x32\...\Chrome\Extension: [aaaaipellmcghooemdekbhlgaoiaebam] - C:\ProgramData\AskPartnerNetwork\Toolbar\SHD-V7\CRX\ToolbarCR.crx [2013-08-20] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-20] (APN LLC.) S3 SANDRA; No ImagePath S3 Synth3dVsc; No ImagePath S3 tsusbhub; No ImagePath S3 VGPU; No ImagePath S3 catchme; \??\C:\ComboFix\catchme.sys [X] AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:58DD92AC End ************* ========= type %homedrive%\Combofix.txt ========= The system cannot find the file specified. ========= End of CMD: ========= ========================= File: C:\Windows\adb.exe ======================== MD5: 5ADD45C7DBE05092BF6F33E55A700269 Creation and modification date: 2014-02-10 21:40 - 2011-08-15 16:43 Size: 0584584 Attributes: ----A Company Name: Internal Name: Original Name: Product Name: Description: File Version: Product Version: Copyright: ====== End Of File: ====== "C:\Program Files (x86)\Mobogenie" => File/Directory not found. C:\Users\Hranca\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi => Moved successfully. C:\ProgramData\AskPartnerNetwork => Moved successfully. C:\Users\Hranca\AppData\Local\MailRu => Moved successfully. C:\Users\Hranca\AppData\Local\Mail.Ru => Moved successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => Key deleted successfully. HKCR\CLSID\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => Key not found. C:\Users\Hranca\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaipellmcghooemdekbhlgaoiaebam => Key deleted successfully. "C:\ProgramData\AskPartnerNetwork\Toolbar\SHD-V7\CRX\ToolbarCR.crx" => File/Directory not found. HKLM\SOFTWARE\Policies\Google => Key deleted successfully. APNMCP => Service deleted successfully. SANDRA => Service deleted successfully. Synth3dVsc => Service deleted successfully. tsusbhub => Service deleted successfully. VGPU => Service deleted successfully. catchme => Service deleted successfully. C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully. C:\ProgramData\TEMP => ":373E1720" ADS removed successfully. C:\ProgramData\TEMP => ":58DD92AC" ADS removed successfully. The system needs a manual reboot. ==== End of Fixlog ==== Dopuna: 12 Feb 2014 22:08 Od gore navedenih programa koristim samo Wise care a ostale ne,mogu ih uninstalirati,nisu mi potrebni. Evo loga Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-02-2014 Ran by Hranca at 2014-02-12 21:59:56 Run:1 Running from C:\Users\Hranca\Desktop Boot Mode: Normal ============================================== Content of fixlist: ************* Start CMD: type %homedrive%\Combofix.txt File: C:\Windows\adb.exe C:\Program Files (x86)\Mobogenie C:\Users\Hranca\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi C:\ProgramData\AskPartnerNetwork C:\Users\Hranca\AppData\Local\MailRu C:\Users\Hranca\AppData\Local\Mail.Ru HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.ru/cnt/10445 SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?q={SearchTerms}&fr=ntg FF Extension: GoPhotoIt - C:\Users\Hranca\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2012-07-31] CHR HKLM-x32\...\Chrome\Extension: [aaaaipellmcghooemdekbhlgaoiaebam] - C:\ProgramData\AskPartnerNetwork\Toolbar\SHD-V7\CRX\ToolbarCR.crx [2013-08-20] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-20] (APN LLC.) S3 SANDRA; No ImagePath S3 Synth3dVsc; No ImagePath S3 tsusbhub; No ImagePath S3 VGPU; No ImagePath S3 catchme; \??\C:\ComboFix\catchme.sys [X] AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:58DD92AC End *************** ========= type %homedrive%\Combofix.txt ========= The system cannot find the file specified. ========= End of CMD: ========= ========================= File: C:\Windows\adb.exe ======================== MD5: 5ADD45C7DBE05092BF6F33E55A700269 Creation and modification date: 2014-02-10 21:40 - 2011-08-15 16:43 Size: 0584584 Attributes: ----A Company Name: Internal Name: Original Name: Product Name: Description: File Version: Product Version: Copyright: ====== End Of File: ====== "C:\Program Files (x86)\Mobogenie" => File/Directory not found. C:\Users\Hranca\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi => Moved successfully. C:\ProgramData\AskPartnerNetwork => Moved successfully. C:\Users\Hranca\AppData\Local\MailRu => Moved successfully. C:\Users\Hranca\AppData\Local\Mail.Ru => Moved successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => Key deleted successfully. HKCR\CLSID\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => Key not found. C:\Users\Hranca\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaipellmcghooemdekbhlgaoiaebam => Key deleted successfully. "C:\ProgramData\AskPartnerNetwork\Toolbar\SHD-V7\CRX\ToolbarCR.crx" => File/Directory not found. HKLM\SOFTWARE\Policies\Google => Key deleted successfully. APNMCP => Service deleted successfully. SANDRA => Service deleted successfully. Synth3dVsc => Service deleted successfully. tsusbhub => Service deleted successfully. VGPU => Service deleted successfully. catchme => Service deleted successfully. C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully. C:\ProgramData\TEMP => ":373E1720" ADS removed successfully. C:\ProgramData\TEMP => ":58DD92AC" ADS removed successfully. The system needs a manual reboot. ==== End of Fixlog ==== Dopuna: 12 Feb 2014 22:49 Zoek.exe v5.0.0.0 Updated 10-February-2014 Tool run by Hranca on sre 12.02.2014 at 22:33:14,51. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hranca\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 12.2.2014 22:34:50 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3660575161-1947987749-166325203-1000\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe" "Google Update"="C:\Users\Hranca\AppData\Local\Google\Update\GoogleUpdate.exe /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "mobilegeni daemon"="C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe" "Google Update"="C:\Users\Hranca\AppData\Local\Google\Update\GoogleUpdate.exe /c" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TkBellExe" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\update\\realsched.exe\" -osboot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMD External Events Utility] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DfSdkS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMScheduler] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ProtexisLicensing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Skype C2C Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WO_LiveService] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3660575161-1947987749-166325203-1000Core.job --a------ C:\Users\Hranca\AppData\Local\FC:ebook\Update\FC:ebookUpdate.exe [] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3660575161-1947987749-166325203-1000UA.job --a------ C:\Users\Hranca\AppData\Local\Facebook\Update\FacebookUpdate.exe [15.03.2013 10:31] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02.04.2012 16:16] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3660575161-1947987749-166325203-1000Core.job --a------ C:\Users\Hranca\AppData\Local\Google\Update\GoogleUpdate.exe [07.09.2012 14:31] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3660575161-1947987749-166325203-1000UA.job --a------ C:\Users\Hranca\AppData\Local\Google\Update\GoogleUpdate.exe [07.09.2012 14:31] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3660575161-1947987749-166325203-1000Core" [C:\Users\Hranca\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3660575161-1947987749-166325203-1000UA" [C:\Users\Hranca\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3660575161-1947987749-166325203-1000Core" [C:\Users\Hranca\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3660575161-1947987749-166325203-1000UA" [C:\Users\Hranca\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-3660575161-1947987749-166325203-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-3660575161-1947987749-166325203-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{6599C1B7-5469-40F1-81BD-1AD35A6AC043}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\ASUS\ASUS RegRun Loader" [C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe] "C:\Windows\SysNative\tasks\ASUS\Cpu Level Up Hook Lanunch" [C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{0153E448-190B-4987-BDE1-F256CADA672F}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [05.01.2013 21:58] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[12.07.2013 13:38] AdBlock - Hranca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom Skype for Chromium - Hranca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Skype for Chromium - Hranca\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Skype Click to Call - Hranca\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Uninstall List x64 ====================== 5-Mode Oscar Editor [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OscarX7Mouse5Mode] Adobe Flash Player 11 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] Adobe Flash Player 11 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin] Adobe Reader XI (11.0.06) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AB0000000001}] AI Suite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{310BC5E2-31AF-49BB-904D-E71EB93645DC}] Akamai NetSession Interface [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai] AMD Accelerated Video Transcoding [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3987279A-3504-2916-D063-741B910F0747}] AMD APP SDK Runtime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{503F672D-6C84-448A-8F8F-4BC35AC83441}] AMD Catalyst Install Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C8807716-1F6F-5C43-3C32-7295A45CF060}] AMD Drag and Drop Transcoding [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{06DB2C4C-DC29-DA42-3B00-5581CBF545BB}] AMD Media Foundation Decoders [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7C5CAFD6-F51C-0011-410B-001EF3E342A7}] Amigo [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Amigo] Ashampoo Burning Studio 11 v.11.0.4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ashampoo Burning Studio 11_is1] Ashampoo WinOptimizer 9 v.9.4.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ashampoo WinOptimizer 9_is1] ASUSUpdate [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{587178E7-B1DF-494E-9838-FA4DD36E873C}] Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3108C217-BE83-42E4-AE9E-A56A2A92E549}] Canon iP4500 series [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series] Canon iP4500 series User Registration [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Canon iP4500 series User Registration] Canon My Printer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CanonMyPrinter] Catalyst Control Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F6567C5A-C3EA-2E05-E89E-C8C52E33150D}] Catalyst Control Center Graphics Previews Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{36B6FF8B-38E3-E64C-F840-75F6AAEBE3EA}] Catalyst Control Center Localization All [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FE54AF33-9364-7053-670F-A15AD658214C}] ccc-utility64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13815D81-44B6-7ADA-2A41-FFFC64DD6FAB}] CCC Help Chinese Standard [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CECECCED-B7F3-B1A3-3241-0C5D775F8E70}] CCC Help Chinese Traditional [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0E6B8EA7-4FDF-F730-8F28-05720874BE71}] CCC Help Czech [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C5B6078F-5D37-A122-2E6E-EDC623E8C787}] CCC Help Danish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3BC2C64B-0DA0-974B-6311-AED4F3711DCE}] CCC Help Dutch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0A590981-75A9-B968-4A29-718E5A8E1416}] CCC Help English [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B3406262-5701-E9CC-D6B3-BA38C34125A9}] CCC Help Finnish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C7068E1F-22C6-9408-7B24-584F32F66D70}] CCC Help French [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8F80DAA3-8A1D-09E9-57E6-DB0223CF2CE4}] CCC Help German [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AFC71277-DE19-6505-8CBC-71D29163F44A}] CCC Help Greek [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C87B855D-DD8F-E419-C640-34936E813EA9}] CCC Help Hungarian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D3CEF909-78DC-9D3D-37BD-52F5324C01DA}] CCC Help Italian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2C33E65D-9187-8F2E-40D8-BD9E24E341FB}] CCC Help Japanese [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F1EA61A2-B88F-44AD-3143-419ECB6C7E9A}] CCC Help Korean [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7ADCABE0-E651-6EA5-5128-26E203DAA5E1}] CCC Help Norwegian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE1CA06F-0AD8-CA2A-3A3A-872E8191C198}] CCC Help Polish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1690611F-D4EA-A00D-DAAD-91D216869679}] CCC Help Portuguese [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26EED5E6-EC40-35A9-602A-C3CF03A9C1E6}] CCC Help Russian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1003E625-BE5B-390B-7B60-D483D0B75A26}] CCC Help Spanish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5BAC4DE5-4062-EE34-3337-5F92FE5D5032}] CCC Help Swedish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3AB00888-CA03-0BFD-3F3C-C877767192B0}] CCC Help Thai [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3ACA2563-E786-BDD4-C87B-09909BB3F61C}] CCC Help Turkish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{38F6C932-2274-4897-479D-03AA6BA5B567}] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] CD-LabelPrint [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MediaNavigation.CDLabelPrint] ConvertXtoDVD 4.1.19.365 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1] CPUID HWMonitor 1.21 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CPUID HWMonitor_is1] CrysisR3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4198AE83-A3C6-4C41-85C8-EC63E990696E}] Diskeeper 2011 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7ECE8B97-924C-4886-857D-B5F144C8F7B8}] ESET Smart Security [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3B940DFB-37B7-4DB1-94F9-03FD22A7BA0A}] Facebook Video Calling 2.0.0.447 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}] Flashtool [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Flashtool] FormatFactory 2.95 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FormatFactory] FreeArc 0.666 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FreeArc] Google Chrome [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] HLSW v1.4.0.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HLSW_is1] Java 7 Update 51 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217040FF}] Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] JDownloader 0.9 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\5513-1208-7298-9440] Malwarebytes Anti-Malware verzija 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1] MCShield ::Anti-Malware Tool:: [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MCShield] Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}] Microsoft .NET Framework 4 Extended [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}] Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.PROPLUS] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}] MiniTool Partition Wizard Home Edition 7.7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1] MSVCRT Redists [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E1D7DF5E-3771-11E3-9588-1040F3E7010F}] Nero Burning ROM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5963F4B4-D138-47CD-ADEF-470E87E185BD}] Nero Burning ROM Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2890E324-6F3B-4975-8B95-E7D6D80E0226}] Nero BurningROM 12 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C0CA68BF-2963-4139-8207-1E83038F86F8}] Nero ControlCenter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ABC88553-8770-4B97-B43E-5A90647A5B63}] Nero ControlCenter Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}] Nero Core Components [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}] Nero SharedVideoCodecs [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2432E589-6256-4513-B0BF-EFA8E325D5F0}] Nero Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}] Noise Reduction Plug-In 2.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{847C6940-D852-11E2-81D2-F04DA23A5C58}] OCCT 4.3.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OCCT] PC Wizard 2012.2.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Wizard 2012_is1] PCI SoftV92 Modem [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CNXT_MODEM_PCI_HSF] Pinball Madness 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Pinball Madness 2] Prerequisite installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3AAB08A3-F129-4BD5-B409-AE674F93759D}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] Recuva [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Recuva] Skype Click to Call [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6CF2967-C81E-40C0-9815-C05774FEF120}] Skypet 6.7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}] Sony Mobile Update Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Update Service] Sony PC Companion 2.10.174 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}] Sound Forge Pro 11.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{437C8730-3505-11E3-9509-F04DA23A5C58}] Speccy [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speccy] SpeedFan (remove only) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpeedFan] TeamViewer 8 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TeamViewer 8] Total Commander (Remove or Repair) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Totalcmd] Ulead PhotoImpact 12 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{11AFE21E-B193-430D-B57A-DFF7815BB962}] UltraISO Premium V9.53 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\UltraISO_is1] Unlocker 1.9.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Unlocker] uTorrent [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] Visual Pinball [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B36C4994-A563-4339-8754-CCCE51314A4C}] Visual Pinball VPInstaller 1.0.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Visual Pinball] VLC media player 2.0.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player] WinDirStat 1.1.2 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinDirStat] WinRAR 4.11 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] WinZip 16.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D5}] Wise Care 365 version 2.15 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1] Xfire [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Xfire] XP Repair Pro [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{636BB5E4-88A3-4DA6-9630-B98E7814972A}] Your Uninstaller 7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\YU2010_is1] ZTE Handset USB Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}] ZTE Handset USB Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D2D77DC2-8299-11D1-8949-444553540000}_is1] ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hranca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Hranca\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully C:\Users\Hranca\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1667 folders=242 275301440 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Public\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Hranca\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Hranca\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on sre 12.02.2014 at 22:47:45,03 ======================

Profil

magna86 Poslao: 13 Feb 2014 16:34 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav cvetko_a, Izvrsi ovaj dodatan ARK scan + jos jedan zoek fix te mi potom reci kako ti se racunar sad ponasa? Potom, dodatna provera: Preuzmi aswMBR i sacuvaj ga na Desktop. Dvoklikom pokreni aswMBR. Ukoliko dobijes sledecu poruku: Would you like to download latest Avast! virus definitions? Klikni na dugme Yes i pricekaj da se proces preuzimanja definicija zavrsi. Proveri da je pod AV Scan: izabrana opcija QuickScan Klikni na Scan. Kada zavrsi skeniranje ( Scan finished successfully ) klikni Save log. Sacuvaj aswMBR log na Desktop. Sadrzaj tog loga iskopiraj u temi. --- --- --- --- --- Ponovo pokreni zoek kao sto si i ranije ... U beli okvir prozora iskopiraj sledeći tekst: `EmptyAllTemp; [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mobilegeni daemon"=- Reboot;` Klikni na dugme i pričekaj da se skeniranje završi. Po restartu, zoek ce otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj sadrzaj tog izvestaja u poruku.

Profil

cvetko_a Poslao: 13 Feb 2014 19:21 Idi na vrh
offline cvetko_a Građanin Pridružio: 20 Feb 2005 Poruke: 297 Gde živiš: Vranje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 13 Feb 2014 19:02 aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software Run date: 2014-02-13 18:47:46 ----------------------------- 18:47:46.184 OS Version: Windows x64 6.1.7601 Service Pack 1 18:47:46.184 Number of processors: 4 586 0xF0B 18:47:46.185 ComputerName: HRANCA-PC UserName: Hranca 18:47:47.898 Initialize success 18:52:54.618 AVAST engine defs: 14021300 18:53:34.380 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 18:53:34.383 Disk 0 Vendor: WDC_WD1600AAJS-22L7A0 01.03E01 Size: 152627MB BusType: 3 18:53:34.398 Disk 0 MBR read successfully 18:53:34.401 Disk 0 MBR scan 18:53:34.405 Disk 0 Windows 7 default MBR code 18:53:34.408 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 72002 MB offset 63 18:53:34.413 Disk 0 Partition - 00 0F Extended LBA 80615 MB offset 147460635 18:53:34.432 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 80615 MB offset 147460698 18:53:34.488 Disk 0 scanning C:\Windows\system32\drivers 18:53:44.601 Service scanning 18:54:08.282 Modules scanning 18:54:08.289 Disk 0 trace - called modules: 18:54:08.312 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80031c02c0]<<sphw.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 18:54:08.317 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80035d3060] 18:54:08.322 3 CLASSPNP.SYS[fffff88001a3b43f] -> nt!IofCallDriver -> [0xfffffa80032e79b0] 18:54:08.327 5 ACPI.sys[fffff880011957a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa8003329680] 18:54:08.332 \Driver\atapi[0xfffffa80032de9a0] -> IRP_MJ_CREATE -> 0xfffffa80031c02c0 18:54:09.062 AVAST engine scan C:\Windows 18:54:11.369 AVAST engine scan C:\Windows\system32 18:57:06.686 AVAST engine scan C:\Windows\system32\drivers 18:57:18.445 AVAST engine scan C:\Users\Hranca 18:59:01.700 AVAST engine scan C:\ProgramData 18:59:43.761 Scan finished successfully 19:00:16.967 Disk 0 MBR has been saved successfully to "C:\Users\Hranca\Desktop\MBR.dat" 19:00:16.972 The log file has been saved successfully to "C:\Users\Hranca\Desktop\aswMBR.txt" Dopuna: 13 Feb 2014 19:21 Zoek.exe v5.0.0.0 Updated 10-February-2014 Tool run by Hranca on źet 13.02.2014 at 19:03:57,78. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hranca\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-02-12-214745.log 27161 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Hranca\.android deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{0153E448-190B-4987-BDE1-F256CADA672F}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [05.01.2013 21:58] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[12.07.2013 13:38] AdBlock - Hranca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom Skype for Chromium - Hranca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Skype for Chromium - Hranca\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Skype Click to Call - Hranca\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hranca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Hranca\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully C:\Users\Hranca\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1667 folders=242 275301495 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Public\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Hranca\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Hranca\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on źet 13.02.2014 at 19:19:53,41 ======================

Profil

magna86 Poslao: 13 Feb 2014 19:57 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U drugom pokretanju nije trebalo da koristis dodatne opcije... Ostaje ti jos da mi odgovoris na pitanje?

Profil

cvetko_a Poslao: 13 Feb 2014 21:56 Idi na vrh
offline cvetko_a Građanin Pridružio: 20 Feb 2005 Poruke: 297 Gde živiš: Vranje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sada bolje i tečnije radi računar a štose tiče interneta malo je bolje ali odlučio sam da promenim internet provajdera jer na merenjima mi pokazuje manje vrednosti. Samo neznam dali da obrišem ove dodatne programe što sam instalirao,pokretau ??

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem konekcija

Ko je trenutno na forumu

Ukupno su 784 korisnika na forumu :: 26 registrovanih, 6 sakrivenih i 752 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., cenejac111, comi_pfc, Dimitrije Paunovic, draganca, jackreacher011011, janbo, Karla, krkalon, LUDI, mercedesamg, Mlav, mnn2, naki011, nikoladim, panzerwaffe, Pohovani_00, raptorsi, Romibrat, sasa87, Srle993, stagezin, stegonosa, Tvrtko I, vathra, vladetije

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by