MyCity » Ambulanta -> Arhiva Ambulante » Problem sa pretraživačima

Problem sa pretraživačima

Napisano na dan: 22.5.2015

Strana:
1
2

Problem sa pretraživačima

Pagination

Prethodna strana

Odgovori

Strana:
1
2

aleksandar996 Poslao: 24 Maj 2015 00:30 Idi na vrh
offline aleksandar996 Građanin Student by day. Hacker by night Pridružio: 11 Maj 2014 Poruke: 189 Gde živiš: 192.168.0.1	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! I ja mislim da je mnogo bolje, pošto mi za sada ne izbacuje nikakav virus, i radi bez problema chrome evo ga izveštaj Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01 Ran by Aca (administrator) on ACA-PC on 24-05-2015 00:29:53 Running from C:\Users\Aca\Desktop\FRST Loaded Profiles: Aca (Available Profiles: Aca) Platform: Windows 7 Ultimate (X64) OS Language: English (United States) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (BitTorrent Inc.) C:\Users\Aca\AppData\Roaming\uTorrent\uTorrent.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Program Files\Microsoft Dynamics NAV\70\Service\Microsoft.Dynamics.Nav.Server.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [676608 2013-08-30] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [BCSSync] => D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.) HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\Run: [uTorrent] => C:\Users\Aca\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-07] (BitTorrent Inc.) HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5585136 2015-03-31] (Disc Soft Ltd) HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\MountPoints2: {12a919c5-f099-11e4-bae7-448a5b2af474} - F:\AutoRun.exe HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\MountPoints2: {12a919d4-f099-11e4-bae7-448a5b2af474} - F:\AutoRun.exe HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\MountPoints2: {12a91a0f-f099-11e4-bae7-448a5b2af474} - F:\AutoRun.exe HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\MountPoints2: {12a91a23-f099-11e4-bae7-448a5b2af474} - F:\AutoRun.exe HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\MountPoints2: {12a91a38-f099-11e4-bae7-448a5b2af474} - F:\AutoRun.exe HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\MountPoints2: {12a91a4b-f099-11e4-bae7-448a5b2af474} - F:\AutoRun.exe HKU\S-1-5-21-776529118-1432443362-4020625924-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2009-07-14] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-02] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = istartsurf.com/web/?type=ds&ts=14323633.....6ENGGSX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = istartsurf.com/web/?type=ds&ts=14323633.....6ENGGSX&q={searchTerms} HKU\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp SearchScopes: HKU\S-1-5-21-776529118-1432443362-4020625924-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = google.com/search?q={searchTerms} BHO: PriceMinus -> {06188F08-EFC8-477A-A741-E0BDC1439F3F} -> C:\Program Files (x86)\PriceMinus\qNe4ex5ohWIgmo.x64.dll No File BHO: bestadblocker -> {5A1CEC30-FF69-45FE-B0A1-C639D62CEC3B} -> C:\Program Files (x86)\bestadblocker\aHbCnJVzEBUimj.x64.dll No File BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-02] (Avast Software s.r.o.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files (x86)\Java\bin\ssv.dll [2015-04-29] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-02] (Avast Software s.r.o.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files (x86)\Java\bin\jp2ssv.dll [2015-04-29] (Oracle Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 FireFox: ======== FF ProfilePath: C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default FF NewTab: about:newtab FF Homepage: google.rs FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-29] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-29] () FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> D:\Program Files (x86)\Java\bin\dtplugin\npDeployJava1.dll [2015-04-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> D:\Program Files (x86)\Java\bin\plugin2\npjp2.dll [2015-04-29] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-08-01] (Nitro PDF) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll No File FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin HKU\S-1-5-21-776529118-1432443362-4020625924-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Aca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS) FF Extension: Youtube playlist converter to MP3 - C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\Extensions\jid0-oxBE8TGrmyDm30WPvO8i9EFHmtQ@jetpack.xpi [2015-04-29] FF Extension: YouTube Flash Video Player - C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2015-04-18] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-02] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-23] CHR Extension: (Google Docs) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-23] CHR Extension: (Google Drive) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-11] CHR Extension: (YouTube) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-11] CHR Extension: (Google Search) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-11] CHR Extension: (Avast SafePrice) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-05-23] CHR Extension: (Google Sheets) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-23] CHR Extension: (AdBlock) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-23] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-11] CHR Extension: (Google Wallet) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-11] CHR Extension: (Gmail) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-11] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-02] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-08-30] (Advanced Micro Devices, Inc.) [] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-02] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-02] (Avast Software) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1277680 2015-03-31] (Disc Soft Ltd) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company) S3 Microsoft SharePoint Workspace Audit Service; D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation) R2 MicrosoftDynamicsNavServer$DynamicsNAV70; C:\Program Files\Microsoft Dynamics NAV\70\Service\Microsoft.Dynamics.Nav.Server.exe [136960 2012-09-07] (Microsoft Corporation) S3 MicrosoftDynamicsNavVSS; C:\Program Files\Microsoft Dynamics NAV\70\Service\Microsoft.Dynamics.Nav.Server.VSSWriterService.exe [16168 2012-09-07] (Microsoft Corporation) S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [] S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [] S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [] S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [] R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software) R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [418312 2014-08-01] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-13] (TeamViewer GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-02] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-02] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-02] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-02] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-02] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-02] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-02] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-02] () R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-12] (Disc Soft Ltd) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-02] (Avast Software) S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X] S1 {2eb930fb-5d92-450f-a5ff-14c391caa31b}Gw64; system32\drivers\{2eb930fb-5d92-450f-a5ff-14c391caa31b}Gw64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-23 18:48 - 2015-05-23 18:46 - 00024064 _____ () C:\Windows\zoek-delete.exe 2015-05-23 18:46 - 2015-05-23 13:26 - 00041331 _____ () C:\zoek-results2015-05-23-112610.log 2015-05-23 13:31 - 2015-05-23 13:31 - 02494880 _____ () C:\Users\Aca\Downloads\cs-497-hns_neighbourhood.zip 2015-05-23 13:01 - 2015-05-23 09:32 - 00001251 _____ () C:\zoek-results2015-05-23-073207.log 2015-05-23 09:31 - 2015-05-23 09:28 - 00070415 _____ () C:\zoek-results2015-05-23-072820.log 2015-05-23 08:58 - 2015-05-23 19:04 - 00055414 _____ () C:\zoek-results.log 2015-05-23 08:57 - 2015-05-23 18:46 - 00000000 ____D () C:\zoek_backup 2015-05-23 08:56 - 2015-05-23 08:56 - 01308672 _____ () C:\Users\Aca\Downloads\zoek.exe 2015-05-22 21:58 - 2015-05-22 21:58 - 00000097 _____ () C:\Users\Aca\Downloads\FRST.txt 2015-05-22 21:57 - 2015-05-22 22:02 - 00000000 ____D () C:\Users\Aca\Desktop\FRST 2015-05-22 21:57 - 2015-05-22 21:58 - 00044296 _____ () C:\Users\Aca\Downloads\Addition.txt 2015-05-22 21:56 - 2015-05-24 00:29 - 00000000 ____D () C:\FRST 2015-05-22 16:41 - 2015-05-22 16:41 - 00000836 _____ () C:\Users\Aca\Desktop\Counter-Strike WaRzOnE.lnk 2015-05-22 16:41 - 2015-05-22 16:41 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 2015-05-22 15:58 - 2015-05-22 15:58 - 00000000 ____D () C:\Users\Aca\Desktop\Ples 2015-05-21 17:38 - 2015-05-22 18:09 - 00000414 _____ () C:\Windows\Tasks\Bidaily Synchronize Task[pr].job 2015-05-21 17:36 - 2015-05-23 08:55 - 00000000 ____D () C:\Program Files (x86)\Sense 2015-05-21 17:36 - 2015-05-23 08:50 - 00000000 ____D () C:\Program Files (x86)\Ge-Force 2015-05-21 17:35 - 2015-05-21 17:35 - 00000000 ____D () C:\Users\Aca\AppData\Local\BrowserHelper 2015-05-21 17:34 - 2015-05-21 17:34 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Opera Software 2015-05-21 17:34 - 2015-05-21 17:34 - 00000000 ____D () C:\Users\Aca\AppData\Local\Opera Software 2015-05-21 17:33 - 2015-05-21 17:36 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-05-21 17:32 - 2015-05-23 08:46 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-05-21 17:32 - 2015-05-21 17:33 - 00000000 ____D () C:\Program Files (x86)\CinemaPlus-3.2cV17.05 2015-05-20 20:42 - 2015-05-20 20:52 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2015-05-20 20:42 - 2015-05-20 20:42 - 00001003 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-05-20 20:42 - 2015-05-20 20:42 - 00000991 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-05-20 20:42 - 2015-05-20 20:42 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\TeamViewer 2015-05-19 18:13 - 2015-05-19 18:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-05-16 14:55 - 2015-05-16 14:55 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab 2015-05-10 21:37 - 2015-05-10 21:37 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS 2015-05-10 21:37 - 2015-05-10 21:37 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life 2015-05-09 22:29 - 2015-05-09 22:30 - 00000000 ____D () C:\Users\Aca\Desktop\HTML_Programiranje 2015-05-09 22:28 - 2015-05-10 20:37 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Notepad++ 2015-05-09 22:28 - 2015-05-09 22:28 - 00001009 _____ () C:\Users\Aca\Desktop\Notepad++.lnk 2015-05-09 22:28 - 2015-05-09 22:28 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-05-09 22:28 - 2015-05-09 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-05-09 22:28 - 2015-05-09 22:28 - 00000000 ____D () C:\Program Files (x86)\Notepad++ 2015-05-08 14:26 - 2015-05-08 14:26 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Unity 2015-05-07 14:58 - 2015-05-19 20:50 - 00000000 ____D () C:\Users\Aca\Downloads\Game.of.Thrones.S03.HDTV.x264 2015-05-05 14:59 - 2015-05-05 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-05-05 14:58 - 2015-05-05 14:58 - 00000000 ____D () C:\Program Files\HP 2015-05-05 14:58 - 2012-09-18 15:27 - 00501760 _____ () C:\Windows\system32\ZSHP1020.EXE 2015-05-05 14:58 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\system32\ZLhp1020.DLL 2015-05-05 14:57 - 2015-05-05 15:48 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Nitro 2015-05-05 14:57 - 2015-05-05 14:57 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\HP 2015-05-05 14:57 - 2015-05-05 14:57 - 00000000 ____D () C:\hp_lj1020_Full_Solution 2015-05-05 14:57 - 2012-12-17 15:01 - 00574100 _____ () C:\Windows\system32\hp1022n.img 2015-05-05 14:57 - 2012-12-17 15:01 - 00245248 _____ () C:\Windows\system32\zshp1020s.dll 2015-05-05 14:57 - 2012-12-17 15:01 - 00206768 _____ () C:\Windows\system32\hp1022.img 2015-05-05 14:57 - 2012-12-17 15:01 - 00128820 _____ () C:\Windows\system32\hp1020.img 2015-05-05 14:57 - 2012-12-17 15:01 - 00010632 _____ () C:\Windows\system32\ZSHP1020.CHM 2015-05-05 14:55 - 2015-05-05 14:55 - 00001932 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk 2015-05-05 14:55 - 2015-05-05 14:55 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Downloaded Installations 2015-05-05 14:55 - 2015-05-05 14:55 - 00000000 ____D () C:\ProgramData\Nitro 2015-05-05 14:55 - 2015-05-05 14:55 - 00000000 ____D () C:\Program Files\Nitro 2015-05-05 14:55 - 2015-05-05 14:55 - 00000000 ____D () C:\Program Files\Common Files\Nitro 2015-05-05 14:55 - 2015-05-05 14:55 - 00000000 ____D () C:\Program Files (x86)\Nitro 2015-05-05 14:55 - 2014-08-01 14:22 - 00029704 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon9.dll 2015-05-05 14:55 - 2014-08-01 14:22 - 00017928 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui9.dll 2015-05-05 14:52 - 2015-05-05 14:52 - 00000000 ____D () C:\Program Files (x86)\Hp 2015-05-05 14:52 - 2015-05-05 14:52 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard 2015-05-05 14:51 - 2015-05-05 14:51 - 00000000 ____D () C:\Windows\SysWOW64\vbox 2015-05-05 14:51 - 2015-05-05 14:51 - 00000000 ____D () C:\Windows\system32\vbox 2015-05-05 14:48 - 2015-05-05 14:48 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-05-05 14:48 - 2015-05-05 14:48 - 00000000 ____D () C:\Windows\system32\appraiser 2015-05-05 13:15 - 2015-03-23 03:51 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-05-05 13:15 - 2015-03-23 03:51 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-05-05 13:15 - 2015-03-23 03:51 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-05-05 13:15 - 2015-03-23 03:51 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-05-05 13:15 - 2015-03-23 03:51 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-05-05 13:15 - 2015-03-23 03:51 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-05-05 13:15 - 2015-03-23 03:47 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-05-05 13:15 - 2015-01-28 01:23 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-05-05 13:15 - 2014-12-04 04:31 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-05-04 22:07 - 2015-05-04 22:07 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2015-05-04 22:07 - 2015-05-04 22:07 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help 2015-05-04 18:21 - 2015-05-04 18:21 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Wargaming.net 2015-05-04 13:33 - 2014-09-15 02:44 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-05-04 13:27 - 2015-05-04 13:27 - 00000000 __RHD () C:\MSOCache 2015-05-02 13:08 - 2009-03-31 10:35 - 00562688 _____ (darmiles) C:\Users\Aca\Desktop\Universal MasterCode.exe 2015-05-02 13:03 - 2015-05-02 13:03 - 00064000 _____ (CellSolutions) C:\Users\Aca\Desktop\Huawei Unlocker.exe 2015-05-02 12:50 - 2015-05-02 12:50 - 00000000 ____D () C:\ProgramData\Telenor Internet 2015-05-02 12:41 - 2015-05-02 12:41 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Microsoft Dynamics NAV 2015-05-02 12:41 - 2015-05-02 12:41 - 00000000 ____D () C:\Users\Aca\AppData\Local\IsolatedStorage 2015-05-02 12:39 - 2015-05-02 13:14 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner 2015-05-02 12:27 - 2015-05-21 17:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-05-02 12:27 - 2015-05-04 13:10 - 00000000 ____D () C:\Windows\System32\Tasks\AVAST Software 2015-05-02 12:27 - 2015-05-02 12:27 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\AVAST Software 2015-05-02 12:27 - 2015-05-02 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-05-02 12:26 - 2015-05-02 12:38 - 00039913 _____ () C:\hwupgradewizard.log 2015-05-02 12:26 - 2015-05-02 12:26 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys 2015-05-02 12:26 - 2015-05-02 12:26 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys 2015-05-02 12:26 - 2015-05-02 12:26 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe 2015-05-02 12:26 - 2015-05-02 12:26 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-05-02 12:26 - 2015-05-02 12:26 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys 2015-05-02 12:26 - 2015-05-02 12:26 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys 2015-05-02 12:26 - 2015-05-02 12:26 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-05-02 12:26 - 2015-05-02 12:26 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-05-02 12:26 - 2015-05-02 12:26 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr 2015-05-02 12:26 - 2015-05-02 12:26 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-05-02 12:26 - 2010-05-13 12:13 - 32194560 _____ (Huawei Technologies Co., Ltd.) C:\Users\Aca\Desktop\Customized Mobile Partner.exe 2015-05-02 12:24 - 2015-05-02 12:49 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2015-05-02 12:24 - 2015-05-02 12:49 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll 2015-05-02 12:24 - 2015-05-02 12:24 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf 2015-05-02 12:24 - 2015-05-02 12:24 - 00000000 ____D () C:\ProgramData\mts mobilni internet 2015-05-02 12:24 - 2015-05-02 12:24 - 00000000 ____D () C:\ProgramData\AVAST Software 2015-05-02 12:24 - 2015-05-02 12:24 - 00000000 ____D () C:\Program Files\AVAST Software 2015-05-02 12:23 - 2015-05-02 13:13 - 00000000 ____D () C:\ProgramData\DatacardService 2015-05-02 12:22 - 2015-05-02 12:23 - 00553472 _____ (darmiles) C:\Users\Aca\Desktop\Universal_MasterCode - v2.exe 2015-04-29 21:52 - 2015-04-29 21:52 - 00000000 ____D () C:\Windows\Sun 2015-04-29 21:51 - 2015-04-29 21:51 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-04-29 21:51 - 2015-04-29 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-04-29 21:45 - 2015-04-29 21:45 - 00000000 _____ () C:\Windows\system32\REN821F.tmp 2015-04-29 21:42 - 2015-04-29 21:42 - 00000000 _____ () C:\Windows\system32\REN12F9.tmp 2015-04-29 20:18 - 2015-04-29 20:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-04-29 20:18 - 2015-04-29 20:18 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-04-29 20:18 - 2015-04-29 20:18 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2015-04-29 20:18 - 2015-04-29 20:18 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Macromedia 2015-04-29 20:18 - 2015-04-29 20:18 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Adobe 2015-04-29 20:18 - 2015-04-29 20:18 - 00000000 ____D () C:\Users\Aca\AppData\Local\Macromedia 2015-04-29 20:17 - 2015-04-29 20:17 - 00000000 ____D () C:\Windows\system32\Macromed 2015-04-29 20:09 - 2015-04-29 20:09 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Ashampoo 2015-04-29 20:09 - 2015-04-29 20:09 - 00000000 ____D () C:\Users\Aca\AppData\Local\ashampoo 2015-04-29 20:09 - 2015-04-29 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2015-04-29 20:09 - 2015-04-29 20:09 - 00000000 ____D () C:\ProgramData\Ashampoo 2015-04-29 20:09 - 2015-04-29 20:09 - 00000000 ____D () C:\Program Files (x86)\Ashampoo 2015-04-29 16:40 - 2015-04-29 16:41 - 00032768 _____ () C:\Users\Aca\AppData\Roaming\fin.zup 2015-04-29 12:50 - 2015-04-29 12:50 - 00000000 ____D () C:\Users\Aca\Documents\Autodata 2015-04-29 12:48 - 2015-04-29 12:48 - 00001427 _____ () C:\Users\Public\Desktop\Autodata 3.38.lnk 2015-04-29 12:47 - 2015-04-29 13:40 - 00000000 ____D () C:\ADCDA2 2015-04-29 12:28 - 2015-04-29 16:37 - 00001172 _____ () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Dynamics NAV 2013 Administration Shell.lnk 2015-04-29 12:28 - 2015-04-29 12:28 - 00000000 ____D () C:\Program Files\Microsoft Dynamics NAV 2015-04-29 12:26 - 2015-04-29 16:36 - 00002249 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Dynamics NAV Administration.lnk 2015-04-29 12:26 - 2015-04-29 16:36 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Dynamics NAV 2013 Development Environment.lnk 2015-04-29 12:26 - 2015-04-29 16:36 - 00001303 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Dynamics NAV 2013.lnk 2015-04-29 12:24 - 2015-04-29 12:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Dynamics NAV 2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\Windows\SysWOW64\1033 2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\Windows\system32\1033 2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012 Report Builder 3.0 2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\Program Files (x86)\Open XML SDK 2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Chart Controls 2015-04-29 12:17 - 2015-05-02 12:41 - 00802216 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-04-29 12:14 - 2015-04-29 12:15 - 00000000 ____D () C:\Users\Aca\Desktop\Navision 2013 2015-04-28 10:38 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-04-28 10:38 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-04-28 10:38 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-04-28 10:38 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-04-28 10:38 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-04-28 10:38 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-04-28 10:38 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-04-28 10:38 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-04-28 10:38 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-04-27 21:01 - 2015-04-27 21:01 - 00083656 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys 2015-04-27 21:01 - 2015-04-27 21:01 - 00043720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys 2015-04-27 21:00 - 2015-04-27 21:00 - 00002772 _____ () C:\Windows\System32\Tasks\CarambisDriverUpdaterUACDisablingTask 2015-04-27 21:00 - 2015-04-27 21:00 - 00001186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Driver Updater.lnk 2015-04-27 21:00 - 2015-04-27 21:00 - 00001180 _____ () C:\Users\Public\Desktop\Driver Updater.lnk 2015-04-27 21:00 - 2015-04-27 21:00 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Carambis 2015-04-27 21:00 - 2015-04-27 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carambis 2015-04-27 21:00 - 2015-04-27 21:00 - 00000000 ____D () C:\Program Files (x86)\Carambis 2015-04-27 17:00 - 2015-04-28 11:46 - 00000000 ____D () C:\Users\Aca\Desktop\226V3L driver V1 CCR 2015-04-24 15:35 - 2015-05-23 08:49 - 00002340 _____ () C:\Users\Aca\Desktop\Chrome App Launcher.lnk 2015-04-24 15:35 - 2015-04-24 15:35 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-24 00:30 - 2015-04-11 13:10 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\uTorrent 2015-05-23 19:09 - 2009-07-14 07:13 - 00789470 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-23 19:05 - 2015-04-11 13:08 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-23 19:04 - 2015-04-12 09:27 - 00148720 _____ () C:\Windows\PFRO.log 2015-05-23 19:04 - 2015-04-11 12:36 - 01443885 _____ () C:\Windows\WindowsUpdate.log 2015-05-23 19:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-23 19:04 - 2009-07-14 06:51 - 00032867 _____ () C:\Windows\setupact.log 2015-05-23 09:35 - 2015-04-13 20:07 - 00000000 ____D () C:\KMPlayer 2015-05-23 09:21 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini 2015-05-23 09:20 - 2015-04-11 13:01 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2015-05-23 09:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System 2015-05-23 08:49 - 2015-04-18 10:44 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-05-23 08:49 - 2015-04-18 10:44 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-05-23 08:49 - 2015-04-11 13:08 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-23 08:49 - 2015-04-11 12:35 - 00001409 _____ () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2015-05-23 08:49 - 2015-04-11 12:35 - 00001403 _____ () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-05-21 17:47 - 2015-04-18 10:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-05-21 17:46 - 2009-07-14 06:45 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-21 17:46 - 2009-07-14 06:45 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-21 17:46 - 2009-07-14 01:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll 2015-05-21 17:46 - 2009-07-14 01:52 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll 2015-05-21 17:46 - 2009-07-14 01:38 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-05-21 17:46 - 2009-07-14 01:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll 2015-05-21 17:46 - 2009-07-14 01:24 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-05-21 10:01 - 2015-04-11 13:04 - 00109968 _____ () C:\Users\Aca\AppData\Local\GDIPFONTCACHEV1.DAT 2015-05-21 10:00 - 2009-07-14 06:45 - 00412432 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-20 21:02 - 2015-04-11 13:07 - 00000000 ____D () C:\Users\Aca\AppData\Local\Deployment 2015-05-18 14:14 - 2015-04-11 13:08 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-18 14:14 - 2015-04-11 13:08 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-18 14:14 - 2015-04-11 13:08 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-14 14:13 - 2015-04-13 15:46 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-05-06 07:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2015-05-05 20:06 - 2015-04-12 09:53 - 00001787 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2015-04-29 21:42 - 2015-04-18 10:35 - 00000000 ____D () C:\Windows\system32\appmgmt 2015-04-29 17:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache ==================== Files in the root of some directories ======= 2015-04-29 16:40 - 2015-04-29 16:41 - 0032768 _____ () C:\Users\Aca\AppData\Roaming\fin.zup ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-24 00:22 ==================== End of log ============================

Profil

magna86 Poslao: 24 Maj 2015 12:14 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	1Ovo se svidja korisniku: aleksandar996 Registruj se da bi pohvalio/la poruku! 'vako, tucemo neke bezopasne ostatke, dodatno tusiramo sistem, ispravljamo Chrome browser i radimo dodatnu ARK proveru. Korak #1 Uklanjamo ostatke i dodatno tusiramo sistem ... 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start CreateRestorePoint: REG: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f CloseProcesses: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=14323633.....6ENGGSX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=14323633.....6ENGGSX&q={searchTerms} BHO: PriceMinus -> {06188F08-EFC8-477A-A741-E0BDC1439F3F} -> C:\Program Files (x86)\PriceMinus\qNe4ex5ohWIgmo.x64.dll No File BHO: bestadblocker -> {5A1CEC30-FF69-45FE-B0A1-C639D62CEC3B} -> C:\Program Files (x86)\bestadblocker\aHbCnJVzEBUimj.x64.dll No File Hosts: C:\Program Files (x86)\PriceMinus C:\Program Files (x86)\bestadblocker EmptyTemp: End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. Korak #2 Deinstaliraj trenutnu verziju Google Chrome browsera jer je ta verzija promenjena u developer verziju da bi se adware lakse filtrirao u browser. Prilikom deinstalacije opcija 'Also delete your browsing data' mora biti selektovana. Po deinstalaciji preuzmis svez browser sa neta, instaliraj ga, prijavi ga na google nalog i tvoji licni podatci i setovanja ce biti synced. Na ovaj nacin ces ponovo aktivirati sve sigurnosne okidace na tom browseru te su manje sance da te maliciozne extenzije ponovo explatisu tvoj browser a tako i sistem. Korak #3 Vrsimo dodatnu ARK (antirootkit) proveru da se postaramo da ne postoji neki uspavani malware ili mozda aktivan rootkit koji bi se krio od nasih alata; Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

aleksandar996 Poslao: 24 Maj 2015 13:26 Idi na vrh
offline aleksandar996 Građanin Student by day. Hacker by night Pridružio: 11 Maj 2014 Poruke: 189 Gde živiš: 192.168.0.1	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: #Korak1 Fix result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015 01 Ran by Aca at 2015-05-24 12:52:15 Run:1 Running from C:\Users\Aca\Desktop\FRST Loaded Profiles: Aca (Available Profiles: Aca) Boot Mode: Normal ============================================== fixlist content: *************** Start CreateRestorePoint: REG: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f CloseProcesses: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = istartsurf.com/web/?type=ds&ts=14323633.....6ENGGSX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = istartsurf.com/web/?type=ds&ts=14323633.....6ENGGSX&q={searchTerms} BHO: PriceMinus -> {06188F08-EFC8-477A-A741-E0BDC1439F3F} -> C:\Program Files (x86)\PriceMinus\qNe4ex5ohWIgmo.x64.dll No File BHO: bestadblocker -> {5A1CEC30-FF69-45FE-B0A1-C639D62CEC3B} -> C:\Program Files (x86)\bestadblocker\aHbCnJVzEBUimj.x64.dll No File Hosts: C:\Program Files (x86)\PriceMinus C:\Program Files (x86)\bestadblocker EmptyTemp: End *************** Restore point was successfully created. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= The operation completed successfully. ========= End of Reg: ========= Processes closed successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value restored successfully HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value restored successfully HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value restored successfully HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value restored successfully HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value restored successfully HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value restored successfully "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06188F08-EFC8-477A-A741-E0BDC1439F3F}" => key Removed successfully "HKCR\CLSID\{06188F08-EFC8-477A-A741-E0BDC1439F3F}" => key Removed successfully "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A1CEC30-FF69-45FE-B0A1-C639D62CEC3B}" => key Removed successfully "HKCR\CLSID\{5A1CEC30-FF69-45FE-B0A1-C639D62CEC3B}" => key Removed successfully C:\Windows\System32\Drivers\etc\hosts => Moved successfully. Hosts restored successfully. "C:\Program Files (x86)\PriceMinus" => File/Folder not found. "C:\Program Files (x86)\bestadblocker" => File/Folder not found. EmptyTemp: => Removed 475 MB temporary data. The system needed a reboot. ==== End of Fixlog 12:52:48 ==== # Korak2 - urađenooo #Korak3 Malwarebytes Anti-Rootkit BETA 1.09.1.1004 malwarebytes.org Database version: main: v2015.05.24.01 rootkit: v2015.05.16.01 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 Aca :: ACA-PC [administrator] 5/24/2015 1:14:25 PM mbar-log-2015-05-24 (13-14-25).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 342679 Time elapsed: 9 minute(s), 46 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) A evo ga i fajl mycity.rs/must-login.png

Profil

magna86 Poslao: 24 Maj 2015 15:22 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	1Ovo se svidja korisniku: aleksandar996 Registruj se da bi pohvalio/la poruku! • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) - Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix - DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

aleksandar996 Poslao: 24 Maj 2015 16:04 Idi na vrh
offline aleksandar996 Građanin Student by day. Hacker by night Pridružio: 11 Maj 2014 Poruke: 189 Gde živiš: 192.168.0.1	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradio sam i to, kao što si rekao. Nisi rekao nikakav izveštaj da okačim, tako da su mi neki obrisani, a neke sam ručno i obrisao kao što si i napisao. Da li je to, to? Ako jeste, hvala na strpljenju i pomoći

Profil

magna86 Poslao: 24 Maj 2015 16:11 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da, to je to, zavrsili smo ovde. Sada pamet u glavu i pazi kako instaliras programe i sta sve dozvoljavas da se instalira.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa pretraživačima

Ko je trenutno na forumu

Ukupno su 672 korisnika na forumu :: 24 registrovanih, 4 sakrivenih i 644 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: AC-DC, anta, Battlehammer, benne, bladesu, brundo65, crnitrn, djuradj, dragoljub11987, ILGromovnik, kljift, Kriglord, mikki jons, milenko crazy north, Milos82, mushroom, opt1, procesor, sovanova95, trutcina, vaso1, vlad4, zlaya011, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by