MyCity » Ambulanta -> Arhiva Ambulante » Problem sa Windows Update

Problem sa Windows Update

Napisano na dan: 3.1.2015
1

Problem sa Windows Update
Sledeća strana Pagination

Idi na vrh

Poslao: 03 Jan 2015 18:00
Idi na vrh
offline
  • Pridružio: 17 Sep 2013
  • Poruke: 100

Napisano: 03 Jan 2015 17:59

Pozdrav svim saradnicima i zelim im Srecnu Novu 2015. Godinu Very Happy .
Vec duze vreme imam problem sa Wind.Update ne mogu nikako da instaliram od onoga sto bi trebao da azuriram a imam instalirano na Laptopu. A sad mi se pojavio problem i taj da ne mogu da otvorim Chrome koji najcesce koristim. Zena je skidala neku muziku sa Torenta i nesto je izgleda nakacila. Koristim WiFi u stanu,jedini smo korisnici te mreze. Dostavljavam izvestaj Frst i Adit.txt. U Prilogu dostavljam i sliku stScan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-01-2015 02
Ran by Korisnik (administrator) on KORISNIK-PC on 03-01-2015 17:36:09
Running from D:\Downloads
Loaded Profile: Korisnik (Available profiles: Korisnik)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCService.exe
(IOBit) C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCAvSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
() C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(TODO: <Company name>) C:\Program Files\STab\ProtectService.exe
(SearchProtect) C:\Program Files\STab\CmdShell.exe
(TODO: <Company name>) C:\Program Files\STab\HPNotify.exe
(RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_svc.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe
(RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_bg.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate 7\Monitor.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\AVG Web TuneUp\vprot.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe
(Ashampoo Media GmbH & Co. KG) C:\Program Files\Ashampoo\Ashampoo Snap 7\ashsnap.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BDRuntimeHost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files\IObit\Advanced SystemCare Ultimate 7\RealTimeProtector.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcfgex.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BingDesktop] => C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-04] (Microsoft Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12111576 2014-12-21] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2419440 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [3060248 2014-11-06] ()
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2008-01-04] (Nero AG)
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe [2562368 2013-12-02] (IObit)
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\...\Run: [AshSnap] => C:\Program Files\Ashampoo\Ashampoo Snap 7\ashsnap.exe [5729112 2014-11-27] (Ashampoo Media GmbH & Co. KG)
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1045504 2014-12-11] (Informer Technologies, Inc.)
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-06] (Microsoft Corporation)
BootExecute: autocheck autochk * bddel.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-1383390980-3402701400-3600522666-1000] => localhost:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = istart.webssearches.com/?type=hppp&ts=14191.....X89SGT1CVT /verysilent /hideuninstall
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = istart.webssearches.com/web/?type=ds&ts=141.....SGT1CVT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = istart.webssearches.com/?type=hppp&ts=14191.....X89SGT1CVT /verysilent /hideuninstall
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = istart.webssearches.com/web/?type=ds&ts=141.....SGT1CVT&q={searchTerms}
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\Software\Microsoft\Internet Explorer\Main,Search Page = istart.webssearches.com/web/?type=dspp&ts=1.....X89SGT1CVT /verysilent /hideuninstall&q={searchTerms}
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\Software\Microsoft\Internet Explorer\Main,Start Page = msn.com/?ocid=iehp
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = istart.webssearches.com/?type=hppp&ts=14191.....X89SGT1CVT /verysilent /hideuninstall
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = istart.webssearches.com/web/?type=dspp&ts=1.....X89SGT1CVT /verysilent /hideuninstall&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe istart.webssearches.com/?type=sc&ts=1419165.....X89SGT1CVT
SearchScopes: HKLM -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1383390980-3402701400-3600522666-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1383390980-3402701400-3600522666-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = istart.webssearches.com/web/?type=dspp&ts=1.....X89SGT1CVT /verysilent /hideuninstall&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1383390980-3402701400-3600522666-1000 -> {38719E6A-7179-49CA-AD0A-89B164B5A85C} URL = search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1383390980-3402701400-3600522666-1000 -> {4280C4F6-E71E-4AA9-91D0-ED654EB5134D} URL = google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1383390980-3402701400-3600522666-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = mysearch.avg.com/search?cid={ED99ABB2-DCD3-4C0C-A577-672E9847A129}&mid=6f40ffb3de9d4b029149811c20204cbf-f4afef8f0dc3c8d01f9dddb76065d10b51394aed&lang=sr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 19:35:12&v=4.0.0.19&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1383390980-3402701400-3600522666-1000 -> {E5031DD5-0192-403B-B91E-B504926E4311} URL = google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll (AVG)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: {233C1507-6A77-46A4-9443-F871F945D258} fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - No CLSID Value -
Handler: msnim - No CLSID Value -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll (AVG Secure Search)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50

FireFox:
========
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\u8t4mo0q.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: AVG Secure Search
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchoholic.info/?pid=21069&r=2014/12/26&hid=3798250394645889834&lg=EN&cc=RS&unqvl=72&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: AVG Secure Search
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\u8t4mo0q.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\u8t4mo0q.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\u8t4mo0q.default\Extensions\ascsurfingprotection@iobit.com [2014-10-20]
FF Extension: AVG Web TuneUp - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\u8t4mo0q.default\Extensions\avg@toolbar [2014-11-06]
FF Extension: Adblock Plus - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\u8t4mo0q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-20]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-31]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hppp&ts=1419165637&from=exp&uid=TOSHIBAXMK5055GSX_89SGT1CVTXX89SGT1CVT\t/verysilent /hideuninstall
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hppp&ts=1419165637&from=exp&uid=TOSHIBAXMK5055GSX_89SGT1CVTXX89SGT1CVT\t/verysilent /hideuninstall"
CHR DefaultSearchKeyword: Default -> webssearches
CHR DefaultSearchURL: Default -> istart.webssearches.com/web/?type=dspp&ts=1.....X89SGT1CVT\t/verysilent /hideuninstall&q={searchTerms}
CHR DefaultSuggestURL: Default -> toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Radio) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh [2014-01-08]
CHR Extension: (Google Docs) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-10]
CHR Extension: (Google Drive) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-10]
CHR Extension: (AVG Secure Search) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-11-09]
CHR Extension: (Google Search) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-10]
CHR Extension: (PartyCloud DJ) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\defekohaofmambflfpfoojkmfdpcbgko [2014-01-08]
CHR Extension: (Box Office) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhbbohlkjglcppclgngklojecglglinl [2014-04-09]
CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhnkognlohdkpjkjongioociddgoibk [2014-01-28]
CHR Extension: (Google Play) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-01-08]
CHR Extension: (Google Wallet) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Radio Stations) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifknnkenefocicoebedkklgknfjlflf [2014-01-08]
CHR Extension: (Viewster - Watch Free Movies Online) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh [2014-01-08]
CHR Extension: (Gmail) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-10]
CHR Extension: (Music) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmbgagameijdgopipkfgalamncphhikd [2014-01-08]
CHR Extension: (RSS Feed Reader) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2014-07-09]
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe istart.webssearches.com/?type=sc&ts=1419165.....X89SGT1CVT

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCService.exe [886592 2013-11-15] (IObit)
R2 ASCAntivirusSrv; C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ascavsvc.exe [646976 2013-11-28] (IOBit)
R2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-04] (Microsoft Corp.)
R2 CLHNServiceForPowerDVD; C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [85568 2013-08-06] ()
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [77576 2014-02-12] (CyberLink)
R3 CyberLink PowerDVD 11.0 Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [294664 2014-02-12] (CyberLink)
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-26] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-26] (globalUpdate) [File not signed]
R2 IHProtect Service; C:\Program Files\STab\ProtectService.exe [158864 2014-11-10] (TODO: <Company name>)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-20] (IObit)
R2 Unchecky; C:\Program Files\Unchecky\bin\unchecky_svc.exe [111208 2014-12-22] (RaMMicHaeL)
R2 vToolbarUpdater18.1.10; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [1849368 2014-11-06] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2014-05-27] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2014-05-27] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis.sys [74240 2014-05-27] (LG Electronics Inc.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38472 2013-12-05] (The OpenVPN Project)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [213784 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-11-06] (AVG Technologies)
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2014-03-25] (Phoenix Technologies) [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2014-12-16] (REALiX(tm))
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-12-27] (Malwarebytes Corporation)
R2 ntk_PowerDVD; C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [71664 2013-08-06] (Cyberlink Corp.)
R3 pimou; C:\Windows\System32\DRIVERS\pimou.sys [21432 2013-11-30] (Christian Gulden)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-31] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [28656 2014-12-06] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-05-03] ()
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [17960 2009-04-10] (Chicony Electronics Co., Ltd.)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [26824 2014-02-12] (CyberLink Corp.)
S3 LgBttPort; system32\DRIVERS\lgbtport.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-03 17:35 - 2015-01-03 17:36 - 00000000 ____D () C:\FRST
2015-01-03 17:28 - 2015-01-03 17:28 - 00000374 _____ () C:\Windows\PFRO.log
2015-01-03 17:28 - 2015-01-03 17:28 - 00000056 _____ () C:\Windows\setupact.log
2015-01-03 17:28 - 2015-01-03 17:28 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-03 10:47 - 2015-01-03 10:48 - 00000000 ____D () C:\ProgramData\Sophos
2015-01-03 10:43 - 2015-01-03 10:43 - 00002747 _____ () C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2015-01-03 10:43 - 2015-01-03 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2015-01-03 10:43 - 2015-01-03 10:43 - 00000000 ____D () C:\Program Files\Sophos
2015-01-02 22:53 - 2015-01-02 22:53 - 10951768 _____ () C:\Users\Korisnik\Downloads\ProcessLassoPro76.zip
2015-01-02 10:13 - 2015-01-02 10:13 - 00000197 _____ () C:\Users\Korisnik\Desktop\ELTA (English Language Teachers' Association) Serbia   Learning Technologies for the Classroom.url
2014-12-31 15:16 - 2014-12-31 15:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-28 09:37 - 2014-12-28 09:37 - 00000816 _____ () C:\Users\Korisnik\Desktop\µTorrent.lnk
2014-12-28 09:37 - 2014-12-28 09:37 - 00000796 _____ () C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-12-28 09:35 - 2014-12-28 14:53 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\uTorrent
2014-12-27 12:34 - 2014-12-27 12:39 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\Abelssoft
2014-12-27 12:17 - 2014-12-27 12:17 - 00001265 _____ () C:\Users\Korisnik\Desktop\Win Fix.lnk
2014-12-26 19:11 - 2014-12-27 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
2014-12-26 19:11 - 2014-12-26 19:12 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\SkypEmoticons
2014-12-26 19:10 - 2014-12-26 19:11 - 00000000 ____D () C:\Program Files\YouTubbeAdBloCkee
2014-12-26 19:10 - 2014-12-26 19:11 - 00000000 ____D () C:\Program Files\uniSauLess
2014-12-26 19:10 - 2014-12-26 19:11 - 00000000 ____D () C:\Program Files\unisalaes
2014-12-26 19:10 - 2014-12-26 19:10 - 00000000 ____D () C:\ProgramData\ifpdnahnenhijinlnpgkmbkdmndiogkb
2014-12-26 19:10 - 2014-12-26 19:10 - 00000000 ____D () C:\ProgramData\17449749365239099028
2014-12-26 19:07 - 2014-12-26 19:07 - 00020982 _____ () C:\Users\Korisnik\Downloads\[kickass.so]madonna.iconic.demos.torrent
2014-12-26 18:57 - 2014-12-26 18:57 - 00020982 _____ () C:\Users\Korisnik\Downloads\[limetorrents.cc]Madonna.-.ICONIC.[Demos] (2).torrent
2014-12-26 18:51 - 2015-01-03 17:33 - 00005514 _____ () C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-6.job
2014-12-26 18:51 - 2015-01-03 17:28 - 00005514 _____ () C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-7.job
2014-12-26 18:51 - 2015-01-03 17:28 - 00004834 _____ () C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-4.job
2014-12-26 18:51 - 2015-01-03 17:28 - 00003464 _____ () C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-1.job
2014-12-26 18:51 - 2015-01-03 17:28 - 00002442 _____ () C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-5_user.job
2014-12-26 18:51 - 2015-01-03 17:28 - 00002442 _____ () C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-5.job
2014-12-26 18:51 - 2015-01-03 17:28 - 00002106 _____ () C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-2.job
2014-12-26 18:51 - 2015-01-03 17:28 - 00001346 _____ () C:\Windows\Tasks\OTYM.job
2014-12-26 18:51 - 2014-12-26 18:51 - 00000000 ____D () C:\Program Files\52497789-01f0-4851-a59b-803cc8e9eb7c
2014-12-26 18:50 - 2015-01-03 17:28 - 00001346 _____ () C:\Windows\Tasks\TTMW.job
2014-12-26 18:45 - 2014-12-26 18:45 - 00020982 _____ () C:\Users\Korisnik\Downloads\[limetorrents.cc]Madonna.-.ICONIC.[Demos] (1) (1).torrent
2014-12-26 18:43 - 2014-12-26 18:43 - 00020982 _____ () C:\Users\Korisnik\Downloads\[limetorrents.cc]Madonna.-.ICONIC.[Demos] (1).torrent
2014-12-26 18:40 - 2014-12-26 18:40 - 00020982 _____ () C:\Users\Korisnik\Downloads\[limetorrents.cc]Madonna.-.ICONIC.[Demos].torrent
2014-12-21 22:12 - 2014-12-21 22:12 - 00719576 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2014-12-21 22:12 - 2014-12-21 22:12 - 00076872 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2014-12-21 21:17 - 2014-12-21 21:17 - 13789440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 11878656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO30.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-12-21 21:17 - 2014-12-21 21:17 - 04713224 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 03343832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-12-21 21:17 - 2014-12-21 21:17 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 02513264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 02354544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 01468608 _____ (Conexant Systems Inc.) C:\Windows\system32\CX32APO.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-12-21 21:17 - 2014-12-21 21:17 - 01175888 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 01145600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO60.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 01053208 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 00945456 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 00927448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 00844192 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 00818000 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 00519368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 00386072 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 00276128 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO.dll
2014-12-21 21:17 - 2014-12-21 21:17 - 00087864 _____ () C:\Windows\system32\audioLibVc.dll
2014-12-21 15:25 - 2015-01-03 17:28 - 00004834 _____ () C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-4.job
2014-12-21 15:25 - 2015-01-03 17:28 - 00003464 _____ () C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-1.job
2014-12-21 15:25 - 2015-01-03 17:28 - 00002442 _____ () C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-5_user.job
2014-12-21 15:25 - 2015-01-03 17:28 - 00002442 _____ () C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-5.job
2014-12-21 15:25 - 2015-01-03 17:28 - 00002106 _____ () C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-2.job
2014-12-21 15:25 - 2015-01-03 17:28 - 00001342 _____ () C:\Windows\Tasks\EQ.job
2014-12-21 15:24 - 2015-01-03 17:28 - 00005514 _____ () C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-6.job
2014-12-21 15:24 - 2015-01-03 17:28 - 00005178 _____ () C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-7.job
2014-12-21 15:24 - 2015-01-03 17:28 - 00001350 _____ () C:\Windows\Tasks\AGLKGR.job
2014-12-21 15:24 - 2014-12-21 15:24 - 00000000 ____D () C:\Program Files\31b8b388-de10-4f50-abab-d3bc5bca1d54
2014-12-21 15:17 - 2014-12-25 21:06 - 00000000 ____D () C:\Program Files\GoForFiles
2014-12-21 15:17 - 2014-12-21 15:17 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\GoforFiles
2014-12-21 15:17 - 2014-12-21 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\GoForFiles
2014-12-21 15:16 - 2014-12-21 15:16 - 00474928 _____ () C:\Users\Korisnik\Downloads\YourDownload.exe
2014-12-21 15:15 - 2014-12-21 15:15 - 00015786 _____ () C:\Users\Korisnik\Downloads\[limetorrents.cc]Madonna.Rebel.Heart.[iTunes.Plus.AAC.M4A].Pre-Order.2014 (1).torrent
2014-12-21 15:11 - 2014-12-21 15:11 - 00015786 _____ () C:\Users\Korisnik\Downloads\[limetorrents.cc]Madonna.Rebel.Heart.[iTunes.Plus.AAC.M4A].Pre-Order.2014.torrent
2014-12-21 13:40 - 2014-12-21 13:40 - 00000236 _____ () C:\Users\Korisnik\Desktop\337GAMES.url
2014-12-21 13:38 - 2014-12-21 15:17 - 00000000 ____D () C:\Program Files\GoForFilesUpdater
2014-12-21 13:38 - 2014-12-21 13:38 - 04178792 _____ (http://goforfiles.com) C:\Users\Korisnik\Downloads\Madonna_Rebel_Heart_Pre-Order_2014_downloader.exe
2014-12-21 13:38 - 2014-12-21 13:38 - 00015767 _____ () C:\Users\Korisnik\Downloads\Madonna.Rebel.Heart..Pre-Order.2014.torrent
2014-12-20 13:19 - 2014-12-21 13:40 - 00000000 ____D () C:\Program Files\STab
2014-12-20 13:19 - 2014-12-20 13:19 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-12-20 13:19 - 2014-12-20 13:19 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2014-12-20 13:18 - 2015-01-03 17:28 - 00005508 _____ () C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-6.job
2014-12-20 13:18 - 2015-01-03 17:28 - 00005172 _____ () C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-7.job
2014-12-20 13:18 - 2015-01-03 17:28 - 00004148 _____ () C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-4.job
2014-12-20 13:18 - 2015-01-03 17:28 - 00003452 _____ () C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-1.job
2014-12-20 13:18 - 2015-01-03 17:28 - 00002436 _____ () C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-5_user.job
2014-12-20 13:18 - 2015-01-03 17:28 - 00002436 _____ () C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-5.job
2014-12-20 13:18 - 2015-01-03 17:28 - 00002100 _____ () C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-2.job
2014-12-20 13:18 - 2015-01-03 17:28 - 00001344 _____ () C:\Windows\Tasks\WBT.job
2014-12-20 13:18 - 2014-12-20 13:24 - 00000000 ____D () C:\Program Files\f03cb373-cad7-4308-b93d-fb72de5778fa
2014-12-20 13:17 - 2015-01-03 17:28 - 00002442 _____ () C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-5_user.job
2014-12-20 13:17 - 2015-01-03 17:28 - 00002442 _____ () C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-5.job
2014-12-20 13:17 - 2015-01-03 17:28 - 00002106 _____ () C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-2.job
2014-12-20 13:17 - 2015-01-03 17:28 - 00001698 _____ () C:\Windows\Tasks\SSYQVJQM.job
2014-12-20 13:17 - 2014-12-20 13:25 - 00000000 ____D () C:\Program Files\The-Go-Photo-it-v11
2014-12-20 13:16 - 2015-01-03 17:28 - 00005514 _____ () C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-6.job
2014-12-20 13:16 - 2015-01-03 17:28 - 00005178 _____ () C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-7.job
2014-12-20 13:16 - 2015-01-03 17:28 - 00004834 _____ () C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-4.job
2014-12-20 13:16 - 2015-01-03 17:28 - 00003464 _____ () C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-1.job
2014-12-20 13:16 - 2015-01-03 17:28 - 00001696 _____ () C:\Windows\Tasks\UNZMIZU.job
2014-12-20 13:16 - 2015-01-03 17:28 - 00001346 _____ () C:\Windows\Tasks\JFBZ.job
2014-12-20 13:16 - 2015-01-03 17:28 - 00000898 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-12-20 13:16 - 2015-01-03 12:56 - 00000902 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-12-20 13:16 - 2014-12-29 23:43 - 00000000 ____D () C:\Program Files\TornPlusTV_version1.11
2014-12-20 13:16 - 2014-12-20 13:24 - 00000000 ____D () C:\Program Files\c4088188-b7a1-4314-8ed4-28d4603b68a6
2014-12-20 13:16 - 2014-12-20 13:16 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\globalUpdate
2014-12-20 13:16 - 2014-12-20 13:16 - 00000000 ____D () C:\Program Files\globalUpdate
2014-12-17 20:52 - 2014-12-28 18:00 - 00000000 ___RD () C:\Users\Korisnik\Desktop\Madonna - Unapologetic Bitch
2014-12-17 20:24 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 20:16 - 2014-12-17 20:52 - 122291037 _____ () C:\Users\Korisnik\Downloads\mddnubtch15.rar
2014-12-16 21:13 - 2014-12-16 21:13 - 00003288 ____N () C:\bootsqm.dat
2014-12-16 21:01 - 2014-12-16 21:01 - 00005400 _____ () C:\Users\Korisnik\Documents\Disk Doctor report.log
2014-12-16 19:56 - 2014-12-16 19:56 - 00001214 _____ () C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-12-16 19:56 - 2014-12-16 19:56 - 00001190 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-12-16 19:54 - 2014-12-16 19:54 - 17528608 _____ (IObit) C:\Users\Korisnik\Downloads\iobituninstaller.exe
2014-12-16 19:48 - 2014-12-16 19:48 - 00023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2014-12-16 19:47 - 2014-12-16 19:48 - 10602536 _____ (IObit ) C:\Users\Korisnik\Downloads\driver_booster_v2_1_cnet.exe
2014-12-16 19:33 - 2014-12-16 19:33 - 00207856 _____ () C:\Users\Korisnik\Downloads\AVG Web TuneUp (1).exe
2014-12-16 19:22 - 2014-12-16 19:22 - 00207856 _____ () C:\Users\Korisnik\Downloads\AVG Web TuneUp.exe
2014-12-13 22:47 - 2015-01-03 08:02 - 00000000 ____D () C:\Users\Korisnik\Desktop\fb paris
2014-12-12 00:55 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 22:15 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 22:15 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 22:15 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 22:15 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 22:15 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 22:15 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 22:15 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 22:15 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 22:15 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 22:15 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 22:15 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 22:15 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 22:15 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 22:15 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 22:15 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 22:15 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 22:15 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 22:15 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 22:15 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 22:15 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 22:15 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 22:15 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 22:15 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 22:15 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 22:15 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 22:15 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 22:15 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 22:15 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 22:15 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 22:15 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 22:15 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 22:14 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 22:14 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 22:14 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 22:14 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 22:14 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 22:14 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 22:14 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-06 11:40 - 2014-12-06 11:40 - 00028656 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-03 17:34 - 2014-11-20 14:58 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\Software Informer
2015-01-03 17:34 - 2014-09-17 01:06 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-03 17:33 - 2014-10-13 20:48 - 01681059 _____ () C:\Windows\WindowsUpdate.log
2015-01-03 17:33 - 2009-07-14 05:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-03 17:33 - 2009-07-14 05:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-03 17:29 - 2014-10-01 21:25 - 00000000 ____D () C:\ProgramData\MCShield
2015-01-03 17:28 - 2013-04-10 17:28 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-03 17:28 - 2012-03-14 00:59 - 00000000 ____D () C:\Windows\Panther
2015-01-03 17:28 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-03 14:18 - 2012-03-13 18:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-03 14:11 - 2012-04-09 13:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-03 13:41 - 2013-04-10 17:28 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-03 08:01 - 2012-03-13 16:08 - 00785390 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-02 21:12 - 2014-03-14 22:57 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-02 09:11 - 2014-10-13 20:45 - 00406024 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-02 09:02 - 2012-09-28 09:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-29 21:19 - 2014-09-28 10:20 - 00000406 _____ () C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job
2014-12-28 09:36 - 2014-09-11 19:16 - 00000000 ____D () C:\ProgramData\Unchecky
2014-12-27 11:04 - 2014-05-09 03:54 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-27 09:09 - 2009-07-14 05:53 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-21 22:12 - 2014-03-23 22:33 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2014-12-21 21:19 - 2014-03-23 22:53 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-12-21 15:24 - 2014-10-13 20:34 - 00000000 ____D () C:\Program Files\Ashampoo
2014-12-21 13:39 - 2012-03-13 18:05 - 00001333 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-21 13:39 - 2012-03-13 16:10 - 00001629 _____ () C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-21 12:13 - 2014-11-20 14:58 - 00000000 ____D () C:\Program Files\Software Informer
2014-12-20 13:24 - 2014-09-28 00:31 - 00000000 ____D () C:\ProgramData\AVG2015
2014-12-16 20:49 - 2014-11-09 11:54 - 62459904 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-12-16 20:49 - 2014-11-09 11:54 - 01642496 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-12-16 20:49 - 2014-11-09 11:54 - 00061440 _____ () C:\Windows\system32\config\SAM.iobit
2014-12-16 20:49 - 2014-11-09 11:54 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-12-16 20:49 - 2012-03-13 16:09 - 00000000 ____D () C:\Users\Korisnik
2014-12-16 19:56 - 2014-03-14 22:58 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\IObit
2014-12-16 19:51 - 2014-11-02 12:52 - 00002094 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2014-12-16 19:48 - 2014-11-02 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-12-16 19:32 - 2014-07-09 21:52 - 00000000 ____D () C:\Users\Korisnik\Documents\Calibre Library
2014-12-16 19:29 - 2014-07-09 21:51 - 00000930 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2014-12-16 19:29 - 2014-07-09 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2014-12-16 19:29 - 2014-07-09 21:51 - 00000000 ____D () C:\Program Files\Calibre2
2014-12-16 19:20 - 2014-10-31 20:49 - 00001142 _____ () C:\Users\Public\Desktop\Ashampoo Snap 7.lnk
2014-12-16 19:19 - 2014-10-13 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-12-16 19:19 - 2014-10-13 20:34 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-12-16 19:14 - 2014-05-09 03:54 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-16 19:14 - 2014-05-09 03:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-16 19:14 - 2014-05-09 03:54 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-12-12 01:01 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-12 01:01 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-12-12 01:01 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-12-12 01:01 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-12-12 00:52 - 2013-09-01 23:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 00:48 - 2012-03-13 17:39 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 23:38 - 2012-04-09 13:03 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-11 23:38 - 2012-03-13 18:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-11 22:31 - 2014-10-20 20:31 - 00002236 _____ () C:\Users\Public\Desktop\Advanced SystemCare Ultimate 7.lnk
2014-12-11 22:29 - 2014-01-27 20:58 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-06 10:41 - 2014-09-28 00:33 - 00000947 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-12-06 10:41 - 2014-09-28 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 19:20

==================== End Of Log ============================a mi prikazuje da ne mogu da uradim update.
mycity.rs/must-login.png

Dopuna: 03 Jan 2015 18:00

Poslao: 03 Jan 2015 19:30
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Biće ovdje posla. Imaš 4 koraka da ispratiš, ako negdje zapneš, obavezno pitaj.

Arrow Korak 1

Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe. Ako neki od njih odbije deinstalaciju, preskoči ga i pređi na sljedeći.

AVG Web TuneUp
GoForFiles
SkypEmoticons
Software Informer 1.4.1200.0
TornPlusTV_version1.11
Update Service GoForFiles
webssearches uninstall

Advanced SystemCare Ultimate 7
Driver Booster 2.1
Surfing Protection




Arrow Korak 2

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

Start

HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [3060248 2014-11-06] ()
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1045504 2014-12-11] (Informer Technologies, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-1383390980-3402701400-3600522666-1000] => localhost:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hppp&ts=14191.....X89SGT1CVT   /verysilent /hideuninstall
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=141.....SGT1CVT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hppp&ts=14191.....X89SGT1CVT   /verysilent /hideuninstall
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=141.....SGT1CVT&q={searchTerms}
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=dspp&ts=1.....X89SGT1CVT   /verysilent /hideuninstall&q={searchTerms}
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=dspp&ts=1.....X89SGT1CVT   /verysilent /hideuninstall&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1419165.....X89SGT1CVT
SearchScopes: HKU\S-1-5-21-1383390980-3402701400-3600522666-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=dspp&ts=1.....X89SGT1CVT   /verysilent /hideuninstall&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1383390980-3402701400-3600522666-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={ED99ABB2-DCD3-4C0C-A577-672E9847A129}&mid=6f40ffb3de9d4b029149811c20204cbf-f4afef8f0dc3c8d01f9dddb76065d10b51394aed&lang=sr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 19:35:12&v=4.0.0.19&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll (AVG)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll (AVG Secure Search)
FF DefaultSearchEngine: AVG Secure Search
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchoholic.info/?pid=21069&r=2014/12/26&hid=3798250394645889834&lg=EN&cc=RS&unqvl=72&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: AVG Secure Search
FF SelectedSearchEngine,S: WebSearch
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF SearchPlugin: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\u8t4mo0q.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: AVG Web TuneUp - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\u8t4mo0q.default\Extensions\avg@toolbar [2014-11-06]
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hppp&ts=1419165637&from=exp&uid=TOSHIBAXMK5055GSX_89SGT1CVTXX89SGT1CVT\t/verysilent /hideuninstall
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hppp&ts=1419165637&from=exp&uid=TOSHIBAXMK5055GSX_89SGT1CVTXX89SGT1CVT\t/verysilent /hideuninstall"
CHR DefaultSearchKeyword: Default -> webssearches
CHR DefaultSearchURL: Default -> http://istart.webssearches.com/web/?type=dspp&ts=1.....X89SGT1CVT\t/verysilent /hideuninstall&q={searchTerms}
CHR DefaultSuggestURL: Default -> http://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AVG Secure Search) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-11-09]
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?type=sc&ts=1419165.....X89SGT1CVT
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-26] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-26] (globalUpdate) [File not signed]
R2 IHProtect Service; C:\Program Files\STab\ProtectService.exe [158864 2014-11-10] (TODO: <Company name>)
R2 vToolbarUpdater18.1.10; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [1849368 2014-11-06] (AVG Secure Search)
Task: {024C04DF-0DCC-47F9-B4B4-59AD156F511E} - System32\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-2 => C:\Program Files\TornPlusTV_version1.11\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-2.exe [2014-12-21] (Qwerty) <==== ATTENTION
Task: {04A97C5A-2804-4BED-9D02-9DCCE28FE43F} - System32\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-5 => C:\Program Files\TornPlusTV_version1.11\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-5.exe <==== ATTENTION
Task: {1027BD30-0233-408D-B981-81103B8627E5} - System32\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-5_user => C:\Program Files\The-Go-Photo-it-v11\60a4dcae-a958-4f6e-8e78-54858e1f7db1-5.exe <==== ATTENTION
Task: {1376B69F-4260-40BD-9E63-E53B2F54148D} - System32\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-5_user => C:\Program Files\TornPlusTV_version1.11\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-5.exe <==== ATTENTION
Task: {25FA9C6A-42D3-4D2D-A841-507B601B9976} - System32\Tasks\AGLKGR => C:\Users\Korisnik\AppData\Roaming\AGLKGR.exe <==== ATTENTION
Task: {2DDA587F-F438-4120-BC32-A456A989706E} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2014-12-11] (Informer Technologies, Inc.)
Task: {308E3C0B-89FB-4B66-8A70-4E39CDC1CE9B} - System32\Tasks\SSYQVJQM => C:\Users\Korisnik\AppData\Roaming\SSYQVJQM.exe <==== ATTENTION
Task: {373A680B-78D5-4E0D-97A4-9AEFFA38A802} - System32\Tasks\{D6986CE4-FD1A-4697-99A3-1E09F56609E3} => pcalua.exe -a "C:\Users\Korisnik\Desktop\8187B_WindowsDriver_5_6.1158.0113.2009 (1)\(090310)RTL8187B_WindowsDriver_5_6.1158.0113.2009_ISS_1.01.0087\Setup.exe"
Task: {50B4FA7E-43E5-43FB-B94A-C2AD4F146686} - System32\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-4 => C:\Program Files\TornPlusTV_version1.11\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-4.exe <==== ATTENTION
Task: {59E54249-A9B9-481E-9DD6-9BD69D767AF5} - System32\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-7 => C:\Program Files\The-Go-Photo-it-v11\60a4dcae-a958-4f6e-8e78-54858e1f7db1-7.exe <==== ATTENTION
Task: {5BAFF58E-339C-473D-A566-9E4729DD99E0} - System32\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-7 => C:\Program Files\TornPlusTV_version1.11\3c1db567-911e-4d78-9d39-7436d1275118-7.exe <==== ATTENTION
Task: {5CC56F0F-3570-488C-9D69-A29F0279973C} - System32\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-2 => C:\Program Files\TornPlusTV_version1.11\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-2.exe <==== ATTENTION
Task: {63C7F291-D09F-428B-9A86-95D0AA5EF10D} - System32\Tasks\Update Service GoForFiles => C:\Program Files\GoForFilesUpdater\GoForFilesUpdater.exe <==== ATTENTION
Task: {649040F4-5ADA-42EA-B33C-42A5BF2C7353} - System32\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-2 => C:\Program Files\The-Go-Photo-it-v11\60a4dcae-a958-4f6e-8e78-54858e1f7db1-2.exe <==== ATTENTION
Task: {690B4163-6B97-4832-86BB-82ED0A5E362B} - System32\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-5_user => C:\Program Files\TornPlusTV_version1.11\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-5.exe <==== ATTENTION
Task: {6B7468C1-06C9-455D-A368-A50FD64B0E94} - System32\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-1 => C:\Program Files\TornPlusTV_version1.11\TornPlusTV_version1.11-codedownloader.exe <==== ATTENTION
Task: {6DE81F2E-9870-4E73-9A1E-7966C51B55B8} - System32\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-7 => C:\Program Files\TornPlusTV_version1.11\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-7.exe <==== ATTENTION
Task: {6DF15D51-82DC-44C6-AAFF-23EB27C74161} - System32\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-1 => C:\Program Files\TornPlusTV_version1.11\TornPlusTV_version1.11-codedownloader.exe <==== ATTENTION
Task: {6E504119-FAF1-4123-801A-5752FD218556} - System32\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-6 => C:\Program Files\TornPlusTV_version1.11\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-6.exe [2014-12-21] (Qwerty) <==== ATTENTION
Task: {7BD53A6F-5BD9-4E00-814E-09F3B5A2B578} - System32\Tasks\WBT => C:\Users\Korisnik\AppData\Roaming\WBT.exe <==== ATTENTION
Task: {7F4E8A46-4B5F-4ADA-9D0F-4B715656A32D} - System32\Tasks\EQ => C:\Users\Korisnik\AppData\Roaming\EQ.exe <==== ATTENTION
Task: {82711EDD-4BCC-4D08-B525-3F0FFC2650DD} - System32\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-5_user => C:\Program Files\TornPlusTV_version1.11\3c1db567-911e-4d78-9d39-7436d1275118-5.exe <==== ATTENTION
Task: {83512137-D259-48CB-972A-228C578CC65E} - System32\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-4 => C:\Program Files\TornPlusTV_version1.11\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-4.exe <==== ATTENTION
Task: {85A07491-45FA-4732-B09B-3F7FB99F2B4C} - System32\Tasks\UNZMIZU => C:\Users\Korisnik\AppData\Roaming\UNZMIZU.exe <==== ATTENTION
Task: {87BD7D3A-CE70-433B-BD23-B20693B9709A} - System32\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-4 => C:\Program Files\TornPlusTV_version1.11\3c1db567-911e-4d78-9d39-7436d1275118-4.exe <==== ATTENTION
Task: {94928304-70C3-48A4-B1C3-BDA6C2509E15} - System32\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-2 => C:\Program Files\TornPlusTV_version1.11\3c1db567-911e-4d78-9d39-7436d1275118-2.exe <==== ATTENTION
Task: {98BBE9D4-04CB-45B8-8820-3EC52427458C} - System32\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-5 => C:\Program Files\TornPlusTV_version1.11\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-5.exe <==== ATTENTION
Task: {9BE59618-6190-40FC-A3D1-603844A8AEA2} - System32\Tasks\OTYM => C:\Users\Korisnik\AppData\Roaming\OTYM.exe <==== ATTENTION
Task: {9E623E7D-F1B9-414F-AACE-CC3BC59A2055} - System32\Tasks\JFBZ => C:\Users\Korisnik\AppData\Roaming\JFBZ.exe <==== ATTENTION
Task: {9EB9BDBA-6BF8-4416-8633-D97788A3EA54} - System32\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-7 => C:\Program Files\TornPlusTV_version1.11\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-7.exe <==== ATTENTION
Task: {A32BE7DC-C982-41BF-BBDF-C7A9E601FCBC} - System32\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-6 => C:\Program Files\The-Go-Photo-it-v11\60a4dcae-a958-4f6e-8e78-54858e1f7db1-6.exe <==== ATTENTION
Task: {A37B88B2-3D6D-41F9-882B-0A84E375C5D7} - System32\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-1 => C:\Program Files\TornPlusTV_version1.11\TornPlusTV_version1.11-codedownloader.exe <==== ATTENTION
Task: {B4E6EE19-07DB-4850-B8D9-9979864468BA} - System32\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-5 => C:\Program Files\The-Go-Photo-it-v11\60a4dcae-a958-4f6e-8e78-54858e1f7db1-5.exe <==== ATTENTION
Task: {BAA95784-3EA6-413C-8B16-FFD63B7A74E8} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-12-26] (globalUpdate) <==== ATTENTION
Task: {BE7055E6-390C-4781-8864-DE978D0CDAFC} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-12-26] (globalUpdate) <==== ATTENTION
Task: {C297DB5E-5E18-4F10-9A72-114DA6946231} - System32\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-6 => C:\Program Files\TornPlusTV_version1.11\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-6.exe <==== ATTENTION
Task: {CCCCBF34-78B3-4018-A9F6-5BCD9B37DE2F} - System32\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-6 => C:\Program Files\TornPlusTV_version1.11\3c1db567-911e-4d78-9d39-7436d1275118-6.exe [2014-12-26] (Qwerty) <==== ATTENTION
Task: {D0DA31AF-0ED0-4F39-B9BA-3B4DC3FFB5C9} - System32\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-5 => C:\Program Files\TornPlusTV_version1.11\3c1db567-911e-4d78-9d39-7436d1275118-5.exe <==== ATTENTION
Task: {EC9219A1-B6A0-4160-9B51-966B2DF128FF} - System32\Tasks\TTMW => C:\Users\Korisnik\AppData\Roaming\TTMW.exe <==== ATTENTION
Task: {F795B92A-D063-4B89-85C9-3DA593DEF165} - System32\Tasks\{6B3C42FB-D2C9-4AB7-A9C5-8C688AD4FAFF} => pcalua.exe -a C:\Users\Korisnik\AppData\Roaming\Allmyapps\AllmyappsManager.exe -d C:\Windows\system32
Task: {F8C8E436-CF80-4271-9A0F-BFF4089EEF9B} - System32\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-4 => C:\Program Files\The-Go-Photo-it-v11\60a4dcae-a958-4f6e-8e78-54858e1f7db1-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-1.job => C:\Program Files\TornPlusTV_version1.11\TornPlusTV_version1.11-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-2.job => C:\Program Files\TornPlusTV_version1.11\3c1db567-911e-4d78-9d39-7436d1275118-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-4.job => C:\Program Files\TornPlusTV_version1.11\3c1db567-911e-4d78-9d39-7436d1275118-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-5.job => C:\Program Files\TornPlusTV_version1.11\3c1db567-911e-4d78-9d39-7436d1275118-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-5_user.job => C:\Program Files\TornPlusTV_version1.11\3c1db567-911e-4d78-9d39-7436d1275118-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-6.job => C:\Program Files\TornPlusTV_version1.11\3c1db567-911e-4d78-9d39-7436d1275118-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\3c1db567-911e-4d78-9d39-7436d1275118-7.job => C:\Program Files\TornPlusTV_version1.11\3c1db567-911e-4d78-9d39-7436d1275118-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-1.job => C:\Program Files\TornPlusTV_version1.11\TornPlusTV_version1.11-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-2.job => C:\Program Files\TornPlusTV_version1.11\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-4.job => C:\Program Files\TornPlusTV_version1.11\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-5.job => C:\Program Files\TornPlusTV_version1.11\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-5_user.job => C:\Program Files\TornPlusTV_version1.11\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-6.job => C:\Program Files\TornPlusTV_version1.11\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-7.job => C:\Program Files\TornPlusTV_version1.11\5d1383e1-4c82-4f4f-9c01-40dbd9f8cea7-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-1.job => C:\Program Files\The-Go-Photo-it-v11\The-Go-Photo-it-v11-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-2.job => C:\Program Files\The-Go-Photo-it-v11\60a4dcae-a958-4f6e-8e78-54858e1f7db1-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-4.job => C:\Program Files\The-Go-Photo-it-v11\60a4dcae-a958-4f6e-8e78-54858e1f7db1-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-5.job => C:\Program Files\The-Go-Photo-it-v11\60a4dcae-a958-4f6e-8e78-54858e1f7db1-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-5_user.job => C:\Program Files\The-Go-Photo-it-v11\60a4dcae-a958-4f6e-8e78-54858e1f7db1-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-6.job => C:\Program Files\The-Go-Photo-it-v11\60a4dcae-a958-4f6e-8e78-54858e1f7db1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-7.job => C:\Program Files\The-Go-Photo-it-v11\60a4dcae-a958-4f6e-8e78-54858e1f7db1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\AGLKGR.job => C:\Users\Korisnik\AppData\Roaming\AGLKGR.exe <==== ATTENTION
Task: C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-1.job => C:\Program Files\TornPlusTV_version1.11\TornPlusTV_version1.11-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-2.job => C:\Program Files\TornPlusTV_version1.11\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-4.job => C:\Program Files\TornPlusTV_version1.11\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-5.job => C:\Program Files\TornPlusTV_version1.11\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-5_user.job => C:\Program Files\TornPlusTV_version1.11\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-6.job => C:\Program Files\TornPlusTV_version1.11\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-7.job => C:\Program Files\TornPlusTV_version1.11\e860fff3-0c2c-40a4-b1b7-6896439eeaa3-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\EQ.job => C:\Users\Korisnik\AppData\Roaming\EQ.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\JFBZ.job => C:\Users\Korisnik\AppData\Roaming\JFBZ.exe <==== ATTENTION
Task: C:\Windows\Tasks\OTYM.job => C:\Users\Korisnik\AppData\Roaming\OTYM.exe <==== ATTENTION
Task: C:\Windows\Tasks\SSYQVJQM.job => C:\Users\Korisnik\AppData\Roaming\SSYQVJQM.exe <==== ATTENTION
Task: C:\Windows\Tasks\TTMW.job => C:\Users\Korisnik\AppData\Roaming\TTMW.exe <==== ATTENTION
Task: C:\Windows\Tasks\UNZMIZU.job => C:\Users\Korisnik\AppData\Roaming\UNZMIZU.exe <==== ATTENTION
Task: C:\Windows\Tasks\WBT.job => C:\Users\Korisnik\AppData\Roaming\WBT.exe <==== ATTENTION
C:\Program Files\STab
C:\Program Files\Common Files\AVG Secure Search
C:\Program Files\Software Informer
C:\Program Files\AVG Web TuneUp
C:\Program Files\globalUpdate
C:\Program Files\YouTubbeAdBloCkee
C:\Program Files\uniSauLess
C:\Program Files\unisalaes
C:\ProgramData\ifpdnahnenhijinlnpgkmbkdmndiogkb
C:\ProgramData\17449749365239099028
C:\Program Files\GoForFiles
C:\Users\Korisnik\AppData\Roaming\GoforFiles
C:\ProgramData\WindowsMangerProtect
C:\ProgramData\IHProtectUpDate
C:\Program Files\The-Go-Photo-it-v11
C:\Program Files\TornPlusTV_version1.11
C:\Users\Korisnik\AppData\Local\globalUpdate
C:\Users\Korisnik\AppData\Roaming\Software Informer
C:\Users\Korisnik\AppData\Roaming\AGLKGR.exe
C:\Program Files\GoForFilesUpdater
C:\Users\Korisnik\AppData\Roaming\WBT.exe
C:\Users\Korisnik\AppData\Roaming\EQ.exe
C:\Users\Korisnik\AppData\Roaming\UNZMIZU.exe
C:\Users\Korisnik\AppData\Roaming\OTYM.exe
C:\Users\Korisnik\AppData\Roaming\JFBZ.exe
C:\Users\Korisnik\AppData\Roaming\TTMW.exe

Task: {EED79662-67D9-47F4-807B-D3BA96F35F1F} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe
Task: C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files\Wise\Wise Care 365\WiseTray.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

EmptyTemp:

End


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).




Arrow Korak 3

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt




Arrow Korak 4

Imaš instaliranu developer verziju Google Chrome-a.
Idi u Control Idi u Start -> Control Panel -> Programs and Features i deinstaliraj Google Chrome. Obavezno označni opciju Also delete your browsing data.
Bookmarkse možeš da izvezeš i da ih kasnije opet ubaciš.

Kada ga deinstaliraš, skini ga sa Google sajta, https://www.google.com/chrome/browser/ i instaliraj opet.

Poslao: 03 Jan 2015 22:09
Idi na vrh
offline
  • Pridružio: 17 Sep 2013
  • Poruke: 100

Obrisao sve. Evo izvestaji.
mycity.rs/must-login.png

mycity.rs/must-login.png
Kako da spasim lozinke koje imam sacuvane na Chrom-u,posto jos uvek ne mogu da otvorim Chrome.

Poslao: 04 Jan 2015 01:36
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Pretpostavljam da ga još nisi reinstalirao po uputstvu kojeg sam ti dao. Lozinke možeš da vidiš pomoću ovog alata:

http://www.nirsoft.net/utils/chromepass.html


Kada izvučeš lozinke, odradi i korak br. 4.

Poslao: 04 Jan 2015 09:51
Idi na vrh
offline
  • Pridružio: 17 Sep 2013
  • Poruke: 100

Deinstalirao Chrome. Samo ga obrisao,nista mi nije izaslo da obrisem Browsing data.

Poslao: 04 Jan 2015 12:58
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ako koristiš Chrome, instaliraj ga sa linka kojeg sam ti dao. Sada ćemo obaviti još neke provjere:


Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

process;
startupall;
drivers-services-list;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.

Poslao: 04 Jan 2015 19:22
Idi na vrh
offline
  • Pridružio: 17 Sep 2013
  • Poruke: 100

mycity.rs/must-login.png
Dok je ZOEK bio u radu lap je prijavio (DaS 21 da je stoped). Chrome sam instalirao medjutim nemogu da ga pokrenem,kad sam ga instalirao prijavio je da je (corupt).

Poslao: 04 Jan 2015 19:54
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

ASCAntivirusSrv;s
C:\Program Files\52497789-01f0-4851-a59b-803cc8e9eb7c;fs
C:\Program Files\31b8b388-de10-4f50-abab-d3bc5bca1d54;fs
C:\Program Files\f03cb373-cad7-4308-b93d-fb72de5778fa;fs
C:\Program Files\c4088188-b7a1-4314-8ed4-28d4603b68a6;fs
C:\Users\Korisnik\AppData\Local\AVG Web TuneUp;fs
C:\Users\Korisnik\AppData\Locallow\TornPlusTV_version1.11;fs
C:\Windows\system32\tasks\60a4dcae-a958-4f6e-8e78-54858e1f7db1-1;fs
C:\Program Files\The-Go-Photo-it-v11;fs
ablnpmdakdiclnimkjfcaibpgjhapkbl;chr
emptyalltemp;
emptyclsid;
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.

Poslao: 04 Jan 2015 20:53
Idi na vrh
offline
  • Pridružio: 17 Sep 2013
  • Poruke: 100

mycity.rs/must-login.png
Evo izvestaja. Lap se restartovao,Chrom sad otvara,kad sam otvorio Chrom u podesavanjima je pisalo da ima Coruptid file i preporucio je da vratim na njegova podesavanja fabricka i to sam uradio.

Poslao: 04 Jan 2015 21:22
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

OK, odradićemo sad i ARK provjeru.

Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;


• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.




>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.




Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa Windows Update

Ko je trenutno na forumu
 

Ukupno su 821 korisnika na forumu :: 4 registrovanih, 0 sakrivenih i 817 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: draggan, pein, Shilok, šumar bk2