MyCity » Ambulanta -> Arhiva Ambulante » Reklame

Reklame

Napisano na dan: 3.1.2015

Strana:
1
2

Reklame

Sledeća strana

Pagination

Odgovori

Strana:
1
2

adelita Poslao: 03 Jan 2015 20:59 Idi na vrh
offline adelita Građanin Pridružio: 02 Okt 2007 Poruke: 50	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Postovani, Kada otvorim google chrom non stop mi se pojavljuje reklame i kada idam na close za da ih zatvorim nece da se zatvore. To mi se desava od pre dva dana, nakon toga sam skenirala sam sa avastom anti virusom i nasao je trojance ama ne znam tocno tocan naziv. Posle izvesno vreme opet sam skenirala i ne je nasao trojance. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2015 03 Ran by Home (administrator) on HOME-PC on 03-01-2015 20:47:57 Running from C:\Users\Home\Desktop\New folder (3) Loaded Profile: Home (Available profiles: Home) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Windows\SysWOW64\PnkBstrB.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (iWebar) C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-6.exe (Object Browser) C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-6.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2868496 2012-02-14] (Synaptics Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software) HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1456.0.0.0\jsdrv.exe [3224576 2014-12-30] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-448369867-836560375-4160285859-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1456.0.0.0\jsdrv.exe [3224576 2014-12-30] () IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKU\S-1-5-21-448369867-836560375-4160285859-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-448369867-836560375-4160285859-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Main,Start Page = search.ask.com/?o=APN11459&gct=hp&a.....06&t=4 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG1&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope value is missing. SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG1&q={searchTerms} SearchScopes: HKU\S-1-5-21-448369867-836560375-4160285859-1000 -> DefaultScope {E5D7AF04-69FF-4450-84A5-8756B6A0AA07} URL = search.yahoo.com/search?fr=chr-greentree_ie.....453&p={searchTerms} SearchScopes: HKU\S-1-5-21-448369867-836560375-4160285859-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG1&q={searchTerms} SearchScopes: HKU\S-1-5-21-448369867-836560375-4160285859-1000 -> {E5D7AF04-69FF-4450-84A5-8756B6A0AA07} URL = search.yahoo.com/search?fr=chr-greentree_ie.....453&p={searchTerms} BHO: Sense -> {11111111-1111-1111-1111-110611901159} -> C:\Program Files (x86)\Sense\Sense-bho64.dll (Object Browser) BHO: Ge-Force -> {11111111-1111-1111-1111-110611911129} -> C:\Program Files (x86)\Ge-Force\Ge-Force-bho64.dll (iWebar) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Sense -> {11111111-1111-1111-1111-110611901159} -> C:\Program Files (x86)\Sense\Sense-bho.dll (Object Browser) BHO-x32: Ge-Force -> {11111111-1111-1111-1111-110611911129} -> C:\Program Files (x86)\Ge-Force\Ge-Force-bho.dll (iWebar) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler: WSWSVCUchrome - No CLSID Value Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default FF NewTab: google.com FF SearchEngineOrder.1: Ask.com FF Homepage: hxxp:/www.google.com.mk FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=128&systemid=488&v=a13350-406&apn_dtid=TCH001&apn_ptnrs=AG1&apn_uid=1502151513464573&o=APN11459&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-448369867-836560375-4160285859-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Home\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKU\S-1-5-21-448369867-836560375-4160285859-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-448369867-836560375-4160285859-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer) FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\searchplugins\Ask.xml FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\searchplugins\yahoo_ff.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml FF Extension: hosts - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com [2013-11-07] FF Extension: Sense - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.com [2014-12-31] FF Extension: 4shared Desktop Plugin - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\4sharedCopyLinks [2013-08-20] FF Extension: Ge-Force - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.com [2014-12-31] FF Extension: save ona - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\khcsaa@uyeooe.co.uk [2014-06-20] FF Extension: Shopper-Pro - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-12-31] FF Extension: Smartest Bookmarks Bar - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\{b442f4c0-c292-4998-aabe-48608a73ba75} [2013-07-11] FF Extension: GoPhotoIt - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\gophoto@gophoto.it.xpi [2013-08-08] FF Extension: Stylish - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-07-11] FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-24] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-22] Chrome: ======= CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-02] CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-02] CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-02] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-02] CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-02] CHR Extension: (Adblock Plus) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-03] CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-02] CHR Extension: (Avast SafePrice) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-02] CHR Extension: (Google Sheets) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-02] CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-02] CHR Extension: (RealDownloader) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-01-02] CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-02] CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-02] CHR HKLM-x32\...\Chrome\Extension: [dbpebffoameokfhnaaedmefjncfboino] - C:\Program Files (x86)\SecretSauce\dbpebffoameokfhnaaedmefjncfboino.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-06] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06] CHR HKLM-x32\...\Chrome\Extension: [hgojaaaiddhmiiakpejiklijbalpckih] - C:\Users\Home\AppData\Roaming\StatusWinks\statuswinks.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software) S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-31] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-31] (globalUpdate) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation) R2 MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed] S3 MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed] S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-08] (Microsoft Corporation) [File not signed] S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-08] (Microsoft Corporation) [File not signed] S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-08] (Microsoft Corporation) [File not signed] S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-08] (Microsoft Corporation) [File not signed] R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2012-10-23] () R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2012-10-23] () R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] () S3 SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-25] (DT Soft Ltd) S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated) R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-02-14] (Synaptics Incorporated) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [862704 2013-02-25] (Duplex Secure Ltd.) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 PBDOWNFORCE_SERVICE; \??\C:\Users\Home\Desktop\CS\PBDownforce.sys [X] S3 PBDOWNFORCE_TEST_SERVICE; \??\C:\Users\Home\Desktop\CS\Test.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-03 20:47 - 2015-01-03 20:48 - 00000000 ____D () C:\FRST 2015-01-03 20:37 - 2015-01-03 20:47 - 00000000 ____D () C:\Users\Home\Desktop\New folder (3) 2015-01-03 20:01 - 2015-01-03 20:01 - 00155103 _____ () C:\Users\Home\Desktop\Dumb.and.Dumber.To.2014.KORSUB.720p.HDRip.x264.AAC-RARBG.Ssa 2015-01-03 18:31 - 2015-01-03 18:31 - 00143179 _____ () C:\Users\Home\Desktop\A Walk Among the Tombstones.Ssa 2015-01-03 01:21 - 2015-01-03 14:05 - 00000112 _____ () C:\Windows\setupact.log 2015-01-03 01:21 - 2015-01-03 01:21 - 00001014 _____ () C:\Windows\PFRO.log 2015-01-03 01:21 - 2015-01-03 01:21 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-03 00:57 - 2015-01-03 00:57 - 00000089 _____ () C:\Users\Home\Desktop\2015.txt 2015-01-03 00:33 - 2015-01-03 01:19 - 00000000 ____D () C:\Users\Home\Downloads\Empire State (2013) 2015-01-03 00:32 - 2015-01-03 00:32 - 00008166 _____ () C:\Users\Home\Downloads\[kickass.so]empire.state.2013.720p.brrip.x264.yify.torrent 2015-01-03 00:28 - 2015-01-03 00:28 - 00000000 ____D () C:\Users\Home\Downloads\Empire State (2013) BRRip AC3 XViD -ViCKY 2015-01-02 23:26 - 2015-01-02 23:26 - 00014970 _____ () C:\Users\Home\Downloads\[kickass.so]empire.state.2013.brrip.ac3.xvid.vicky.torrent 2015-01-02 23:17 - 2015-01-03 01:29 - 00000000 ____D () C:\Users\Home\Downloads\The Drop (2014) 2015-01-02 23:16 - 2015-01-02 23:16 - 00008786 _____ () C:\Users\Home\Downloads\[kickass.so]the.drop.2014.720p.brrip.x264.yify.torrent 2015-01-02 23:06 - 2015-01-02 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-01-02 16:52 - 2015-01-03 14:10 - 00010193 _____ () C:\Windows\WindowsUpdate.log 2015-01-02 16:49 - 2015-01-03 14:06 - 00003336 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-448369867-836560375-4160285859-1000 2015-01-02 16:49 - 2015-01-03 14:06 - 00003200 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-448369867-836560375-4160285859-1000 2015-01-02 14:50 - 2015-01-02 14:50 - 00019087 _____ () C:\Users\Home\Downloads\[kickass.so]a.walk.among.the.tombstones.2014.1080p.hdrip.x264.aac2.0.rarbg.torrent 2015-01-02 14:48 - 2015-01-02 14:48 - 00008824 _____ () C:\Users\Home\Downloads\[kickass.so]a.walk.among.the.tombstones.2014.720p.brrip.x264.yify.torrent 2015-01-02 14:47 - 2015-01-02 14:47 - 00011560 _____ () C:\Users\Home\Downloads\[kickass.so]a.walk.among.the.tombstones.2014.1080p.hdrip.x264.anoxmous.torrent 2015-01-01 13:47 - 2015-01-01 13:47 - 00000209 _____ () C:\Users\Home\.swfinfo 2015-01-01 11:10 - 2015-01-03 14:07 - 00002982 _____ () C:\Windows\System32\Tasks\AutoKMS 2014-12-31 13:31 - 2015-01-02 13:16 - 00000000 ____D () C:\Users\Home\Documents\GTA San Andreas User Files 2014-12-31 13:28 - 2014-12-31 13:31 - 00000000 ____D () C:\Users\Home\Desktop\GTA San Andreas 2014-12-31 12:52 - 2014-12-31 12:52 - 00017503 _____ () C:\Users\Home\Downloads\[kickass.so]gta.san.andreas.rar.torrent 2014-12-31 12:43 - 2015-01-03 18:43 - 00002756 _____ () C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5_user.job 2014-12-31 12:43 - 2015-01-03 18:43 - 00002756 _____ () C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5.job 2014-12-31 12:43 - 2014-12-31 12:43 - 00005786 _____ () C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5 2014-12-31 12:42 - 2015-01-03 19:36 - 00001334 _____ () C:\Windows\Tasks\BTHQYZ.job 2014-12-31 12:42 - 2015-01-03 18:43 - 00002762 _____ () C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5_user.job 2014-12-31 12:42 - 2015-01-03 18:42 - 00004460 _____ () C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4.job 2014-12-31 12:42 - 2015-01-03 18:42 - 00003756 _____ () C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1.job 2014-12-31 12:42 - 2015-01-03 18:42 - 00003744 _____ () C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1.job 2014-12-31 12:42 - 2015-01-03 18:42 - 00002762 _____ () C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5.job 2014-12-31 12:42 - 2015-01-03 18:42 - 00002418 _____ () C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2.job 2014-12-31 12:42 - 2015-01-03 18:42 - 00002412 _____ () C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2.job 2014-12-31 12:42 - 2014-12-31 12:43 - 00005792 _____ () C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5 2014-12-31 12:42 - 2014-12-31 12:43 - 00005442 _____ () C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2 2014-12-31 12:42 - 2014-12-31 12:42 - 01500648 _____ (Object Browser) C:\Users\Home\AppData\Roaming\BTHQYZ.exe 2014-12-31 12:42 - 2014-12-31 12:42 - 00007490 _____ () C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4 2014-12-31 12:42 - 2014-12-31 12:42 - 00006786 _____ () C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1 2014-12-31 12:42 - 2014-12-31 12:42 - 00006774 _____ () C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1 2014-12-31 12:42 - 2014-12-31 12:42 - 00005448 _____ () C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2 2014-12-31 12:42 - 2014-12-31 12:42 - 00004356 _____ () C:\Windows\System32\Tasks\BTHQYZ 2014-12-31 12:41 - 2015-01-03 20:47 - 00001682 _____ () C:\Windows\Tasks\TWWAODCJ.job 2014-12-31 12:41 - 2015-01-03 20:41 - 00005834 _____ () C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6.job 2014-12-31 12:41 - 2015-01-03 20:41 - 00005828 _____ () C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6.job 2014-12-31 12:41 - 2015-01-03 18:46 - 00000906 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2014-12-31 12:41 - 2015-01-03 18:42 - 00004810 _____ () C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4.job 2014-12-31 12:41 - 2015-01-03 18:41 - 00005490 _____ () C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7.job 2014-12-31 12:41 - 2015-01-03 18:41 - 00005484 _____ () C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7.job 2014-12-31 12:41 - 2015-01-03 14:06 - 00000902 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2014-12-31 12:41 - 2014-12-31 12:43 - 00000000 ____D () C:\Program Files (x86)\Sense 2014-12-31 12:41 - 2014-12-31 12:43 - 00000000 ____D () C:\Program Files (x86)\Ge-Force 2014-12-31 12:41 - 2014-12-31 12:42 - 00008856 _____ () C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6 2014-12-31 12:41 - 2014-12-31 12:42 - 00008514 _____ () C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7 2014-12-31 12:41 - 2014-12-31 12:42 - 00007840 _____ () C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4 2014-12-31 12:41 - 2014-12-31 12:41 - 01980392 _____ (Object Browser) C:\Users\Home\AppData\Roaming\TWWAODCJ.exe 2014-12-31 12:41 - 2014-12-31 12:41 - 00008862 _____ () C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6 2014-12-31 12:41 - 2014-12-31 12:41 - 00008520 _____ () C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7 2014-12-31 12:41 - 2014-12-31 12:41 - 00004704 _____ () C:\Windows\System32\Tasks\TWWAODCJ 2014-12-31 12:41 - 2014-12-31 12:41 - 00003904 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA 2014-12-31 12:41 - 2014-12-31 12:41 - 00003650 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore 2014-12-31 12:41 - 2014-12-31 12:41 - 00000000 ____D () C:\Users\Home\AppData\Local\globalUpdate 2014-12-31 12:41 - 2014-12-31 12:41 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2014-12-31 12:41 - 2014-12-31 12:41 - 00000000 ____D () C:\Program Files (x86)\cb8e403a-9661-4359-9325-cd809514026b 2014-12-31 12:41 - 2014-12-31 12:41 - 00000000 ____D () C:\Program Files (x86)\2a114235-2581-485d-826a-c49e1f26726c 2014-12-31 12:40 - 2015-01-02 16:02 - 00000000 ____D () C:\ProgramData\ShopperPro 2014-12-31 12:40 - 2015-01-02 15:46 - 00000000 ____D () C:\Program Files (x86)\ShopperPro 2014-12-31 12:40 - 2014-12-31 12:40 - 00003578 _____ () C:\Windows\System32\Tasks\YTDownloader 2014-12-31 12:40 - 2014-12-31 12:40 - 00003488 _____ () C:\Windows\System32\Tasks\SPDriver 2014-12-31 12:40 - 2014-12-31 12:40 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro 2014-12-31 12:39 - 2014-12-31 12:39 - 00000000 ____D () C:\Users\Home\AppData\Local\CrashRpt 2014-12-30 18:28 - 2014-12-30 18:28 - 00114403 _____ () C:\Users\Home\Downloads\[kickass.so]annabelle.2014.hc.hdrip.xvid.ac3.juggs.etrg.torrent 2014-12-28 01:39 - 2014-12-28 19:48 - 00000000 ____D () C:\Users\Home\Downloads\The November Man (2014) [1080p] 2014-12-28 01:39 - 2014-12-28 01:39 - 00017493 _____ () C:\Users\Home\Downloads\[kickass.so]the.november.man.2014.1080p.brrip.x264.yify.torrent 2014-12-27 17:25 - 2014-12-27 17:25 - 00039973 _____ () C:\Users\Home\Downloads\193458-lets.be.cops.2014.brrip.xvid.ac3evo.zip 2014-12-27 17:00 - 2014-12-27 17:25 - 00000000 ____D () C:\Users\Home\Downloads\Let's Be Cops (2014) 2014-12-27 16:59 - 2014-12-27 16:59 - 00008755 _____ () C:\Users\Home\Downloads\[kickass.so]let.s.be.cops.2014.720p.brrip.x264.yify.torrent 2014-12-24 11:52 - 2015-01-03 20:01 - 00000000 ____D () C:\Users\Home\Downloads\Dumb And Dumber To 2014 READNFO 480p HDRip XviD AC3 HQ TOPOL-M 2014-12-24 11:52 - 2014-12-24 11:52 - 00152379 _____ () C:\Users\Home\Downloads\[kickass.so]dumb.and.dumber.to.2014.readnfo.480p.hdrip.xvid.ac3.hq.topol.m.torrent 2014-12-21 18:55 - 2014-12-21 19:09 - 00000000 ____D () C:\Users\Home\Desktop\ski za facebook 2014-12-21 18:46 - 2014-12-21 18:57 - 00000000 ____D () C:\Users\Home\Desktop\SLJIKI 2014-12-15 22:06 - 2014-12-24 11:52 - 00000000 ____D () C:\Users\Home\Downloads\The.Equalizer.2014.BRRip.XviD.AC3-EVO 2014-12-15 22:05 - 2014-12-15 22:05 - 00009464 _____ () C:\Users\Home\Downloads\The.Equalizer.2014.BRRip.XviD.AC3-EVO.torrent 2014-12-14 20:13 - 2014-12-14 20:13 - 00000000 ____D () C:\Users\Home\Desktop\New folder (2) 2014-12-04 19:55 - 2014-12-08 12:12 - 00000000 ____D () C:\Users\Home\Desktop\ssofjustice ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-03 20:42 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-03 20:42 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-03 20:15 - 2012-10-23 20:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-03 20:09 - 2014-11-26 16:33 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-03 19:39 - 2013-06-02 18:06 - 00000000 ____D () C:\Users\Home\Desktop\mia rodenden 2015-01-03 18:13 - 2013-11-08 11:48 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-448369867-836560375-4160285859-1000UA.job 2015-01-03 15:13 - 2013-11-08 11:48 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-448369867-836560375-4160285859-1000Core.job 2015-01-03 14:12 - 2009-07-14 06:13 - 00812188 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-03 14:07 - 2013-02-18 16:46 - 00000292 _____ () C:\Windows\Tasks\AutoKMS.job 2015-01-03 14:06 - 2014-11-26 16:33 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-03 14:06 - 2012-10-31 17:26 - 00151552 _____ () C:\Windows\KMSEmulator.exe 2015-01-03 14:06 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-03 03:27 - 2013-02-24 12:58 - 00000000 ____D () C:\Users\Home\AppData\Roaming\uTorrent 2015-01-02 23:06 - 2012-10-23 16:32 - 00000000 ____D () C:\Program Files (x86)\Google 2015-01-02 23:06 - 2012-10-23 16:31 - 00000000 ____D () C:\Users\Home\AppData\Local\Google 2015-01-02 23:04 - 2014-11-26 16:33 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-01-02 23:04 - 2014-11-26 16:33 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-01-02 16:50 - 2014-02-22 20:24 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-01-02 11:40 - 2014-08-11 23:40 - 00000000 ____D () C:\Program Files (x86)\steelseries cs 1.6 by PoLe 2015-01-01 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System 2015-01-01 13:47 - 2012-10-21 17:45 - 00000000 ____D () C:\Users\Home 2014-12-31 13:31 - 2013-02-17 23:10 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-12-31 12:41 - 2014-01-11 17:40 - 00000000 ____D () C:\Program Files (x86)\AdeptPDF 2014-12-31 12:41 - 2012-10-28 18:19 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-12-28 18:18 - 2014-07-19 20:12 - 00000000 ____D () C:\Users\Home\AppData\Roaming\XnView 2014-12-28 18:17 - 2013-01-20 15:20 - 00000000 ____D () C:\Users\Home\Desktop\sliki 2014-12-27 15:56 - 2012-12-08 16:41 - 00000000 ____D () C:\Users\Home\AppData\Roaming\vlc 2014-12-21 18:57 - 2013-03-18 21:11 - 00000000 ____D () C:\Users\Home\Desktop\Adelita 2014-12-11 21:15 - 2012-10-23 20:03 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-12-11 21:15 - 2012-10-23 20:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-12-11 21:15 - 2012-10-23 20:03 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-12-08 14:03 - 2014-01-17 17:03 - 00000000 ____D () C:\Users\Home\Desktop\Excel Document ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-25 21:43 ==================== End Of Log ============================ mycity.rs/must-login.png

Profil

Sass Drake Poslao: 04 Jan 2015 14:12 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe: Ge-Force Sense Shopper-Pro UpdateChecker Driver Genius Korak 2 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. Start HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1456.0.0.0\jsdrv.exe [3224576 2014-12-30] () HKU\S-1-5-21-448369867-836560375-4160285859-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1456.0.0.0\jsdrv.exe [3224576 2014-12-30] () IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKU\S-1-5-21-448369867-836560375-4160285859-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-448369867-836560375-4160285859-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN11459&gct=hp&a.....06&t=4 SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG1&q={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG1&q={searchTerms} SearchScopes: HKU\S-1-5-21-448369867-836560375-4160285859-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG1&q={searchTerms} BHO: Sense -> {11111111-1111-1111-1111-110611901159} -> C:\Program Files (x86)\Sense\Sense-bho64.dll (Object Browser) BHO: Ge-Force -> {11111111-1111-1111-1111-110611911129} -> C:\Program Files (x86)\Ge-Force\Ge-Force-bho64.dll (iWebar) BHO-x32: Sense -> {11111111-1111-1111-1111-110611901159} -> C:\Program Files (x86)\Sense\Sense-bho.dll (Object Browser) BHO-x32: Ge-Force -> {11111111-1111-1111-1111-110611911129} -> C:\Program Files (x86)\Ge-Force\Ge-Force-bho.dll (iWebar) FF SearchEngineOrder.1: Ask.com FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=128&systemid=488&v=a13350-406&apn_dtid=TCH001&apn_ptnrs=AG1&apn_uid=1502151513464573&o=APN11459&q= FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml FF Extension: hosts - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com [2013-11-07] FF Extension: Sense - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.com [2014-12-31] FF Extension: 4shared Desktop Plugin - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\4sharedCopyLinks [2013-08-20] FF Extension: Ge-Force - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.com [2014-12-31] FF Extension: save ona - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\khcsaa@uyeooe.co.uk [2014-06-20] FF Extension: Shopper-Pro - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-12-31] FF Extension: GoPhotoIt - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\gophoto@gophoto.it.xpi [2013-08-08] CHR Extension: (Avast SafePrice) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-02] CHR HKLM-x32\...\Chrome\Extension: [dbpebffoameokfhnaaedmefjncfboino] - C:\Program Files (x86)\SecretSauce\dbpebffoameokfhnaaedmefjncfboino.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [hgojaaaiddhmiiakpejiklijbalpckih] - C:\Users\Home\AppData\Roaming\StatusWinks\statuswinks.crx [Not Found] S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-31] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-31] (globalUpdate) [File not signed] Task: {0EAA1583-E05F-4DBB-99E5-EFFE64D17170} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {14157FF5-221E-4914-9F78-B61EA180B80E} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5 => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-5.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {175DA36F-1465-429F-8FBA-697B6BA6E551} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2 => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-2.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {17BC3984-569F-4D0F-A615-802A066C5322} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro\JSDriver\1456.0.0.0\jsdrv.exe [2014-12-30] () <==== ATTENTION Task: {1D3F26C7-13FD-4D01-979A-52EEAB4E8CF3} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5 => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-5.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {22574E71-290E-4098-83F7-632ECC07D825} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {33422571-00DF-4AFF-85C2-6D2723E5964D} - System32\Tasks\{96C479DA-6DF7-48F8-97B8-9083A023445B} => pcalua.exe -a "D:\Downloads\counter strike setup.exe" -d D:\Downloads Task: {3AE40E12-9491-441C-BBBB-1574AC8F4BF2} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6 => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-6.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {4071BC8C-2364-4405-819F-A0F3A35811D8} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-12-31] (globalUpdate) <==== ATTENTION Task: {4502801A-6108-4595-B7B9-31DC88A26F6E} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1 => C:\Program Files (x86)\Ge-Force\Ge-Force-codedownloader.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {4DA8C4D9-27AB-443E-A736-2C05CA25C616} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7 => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-7.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {564F9390-81F6-4A5B-ACB7-9B5D7490715A} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6 => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-6.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {5AFEA43A-1C9C-4CC3-A424-29794EAF102B} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7 => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-7.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {61B19077-A084-4D37-BEC3-B03F90D8A9A8} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5_user => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-5.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {91D69D0E-A9EB-4EF9-A1D4-F619FAABADB4} - \BrowserDefendert No Task File <==== ATTENTION Task: {993C0E0E-0A6B-4C66-8F9D-C09F4ADBA088} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2 => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-2.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {9E1434CD-09BA-42F0-A78E-97439481EA0F} - \EPUpdater No Task File <==== ATTENTION Task: {B957D768-40BF-4455-84FA-173FE236D35E} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4 => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-4.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {BFB437F2-293B-49AE-BB88-AFEA5EA57F77} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ATTENTION Task: {CB9E319B-D13A-4BEA-BA7E-7979DEC9A639} - System32\Tasks\BTHQYZ => C:\Users\Home\AppData\Roaming\BTHQYZ.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {D0888DAD-7909-44AC-8118-3599E6CAC231} - System32\Tasks\TWWAODCJ => C:\Users\Home\AppData\Roaming\TWWAODCJ.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {DF9DC0A2-685E-4487-AD16-BE76A2BF00D9} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4 => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-4.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {E3D6966F-D5F3-4B8D-970B-E6837FB64B84} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5_user => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-5.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {F22EA650-437B-44C2-A6C1-697214CABB50} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-12-31] (globalUpdate) <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1.job => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2.job => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-2.exe <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4.job => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-4.exe <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5.job => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-5.exe <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5_user.job => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-5.exe <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6.job => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-6.exe <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7.job => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-7.exe <==== ATTENTION Task: C:\Windows\Tasks\BTHQYZ.job => C:\Users\Home\AppData\Roaming\BTHQYZ.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1.job => C:\Program Files (x86)\Ge-Force\Ge-Force-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2.job => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-2.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4.job => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-4.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5.job => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-5.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5_user.job => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-5.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6.job => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-6.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7.job => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-7.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\TWWAODCJ.job => C:\Users\Home\AppData\Roaming\TWWAODCJ.exe <==== ATTENTION cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NextLive" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtection" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateChecker" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WebCake Desktop" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YourFile DownloaderInstaller Starter" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YTDownloader" /f C:\Program Files (x86)\Ge-Force C:\Program Files (x86)\Sense C:\Program Files (x86)\ShopperPro C:\Program Files (x86)\globalUpdate C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5_user.job C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5.job C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5 C:\Windows\Tasks\BTHQYZ.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5_user.job C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1.job C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2.job C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2.job C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5 C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2 C:\Users\Home\AppData\Roaming\BTHQYZ.exe C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4 C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1 C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1 C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2 C:\Windows\System32\Tasks\BTHQYZ C:\Windows\Tasks\TWWAODCJ.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6.job C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6.job C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7.job C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7.job C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6 C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7 C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4 C:\Users\Home\AppData\Roaming\TWWAODCJ.exe C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6 C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7 C:\Windows\System32\Tasks\TWWAODCJ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore C:\Users\Home\AppData\Local\globalUpdate C:\Program Files (x86)\cb8e403a-9661-4359-9325-cd809514026b C:\Program Files (x86)\2a114235-2581-485d-826a-c49e1f26726c C:\ProgramData\ShopperPro C:\Windows\System32\Tasks\YTDownloader C:\Windows\System32\Tasks\SPDriver C:\Users\Public\Documents\ShopperPro C:\Users\Home\AppData\Roaming\BTHQYZ.exe C:\Users\Home\AppData\Roaming\TWWAODCJ.exe C:\Program Files (x86)\Mobogenie C:\Users\Home\AppData\Roaming\newnext.me C:\Users\Home\AppData\Roaming\Search Protection C:\Users\Home\AppData\Local\Popajar C:\Users\Home\AppData\Roaming\Web Cake C:\Program Files (x86)\YTDownloader EmptyTemp: End U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Korak 3 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. u EULA prozoru klikni na I agree. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Clean i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl" Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

Profil

adelita Poslao: 04 Jan 2015 16:51 Idi na vrh
offline adelita Građanin Pridružio: 02 Okt 2007 Poruke: 50	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Postovani, Uradila sam sve korake koji ste trazili i sad vam saljem txt.fileove koji ste trazili ... Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-01-2015 03 Ran by Home at 2015-01-04 16:29:39 Run:1 Running from C:\Users\Home\Desktop\New folder (3) Loaded Profile: Home (Available profiles: Home) Boot Mode: Normal ============================================== Content of fixlist: *************** Start HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1456.0.0.0\jsdrv.exe [3224576 2014-12-30] () HKU\S-1-5-21-448369867-836560375-4160285859-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1456.0.0.0\jsdrv.exe [3224576 2014-12-30] () IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKU\S-1-5-21-448369867-836560375-4160285859-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-448369867-836560375-4160285859-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Main,Start Page = search.ask.com/?o=APN11459&gct=hp&a.....06&t=4 SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG1&q={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG1&q={searchTerms} SearchScopes: HKU\S-1-5-21-448369867-836560375-4160285859-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG1&q={searchTerms} BHO: Sense -> {11111111-1111-1111-1111-110611901159} -> C:\Program Files (x86)\Sense\Sense-bho64.dll (Object Browser) BHO: Ge-Force -> {11111111-1111-1111-1111-110611911129} -> C:\Program Files (x86)\Ge-Force\Ge-Force-bho64.dll (iWebar) BHO-x32: Sense -> {11111111-1111-1111-1111-110611901159} -> C:\Program Files (x86)\Sense\Sense-bho.dll (Object Browser) BHO-x32: Ge-Force -> {11111111-1111-1111-1111-110611911129} -> C:\Program Files (x86)\Ge-Force\Ge-Force-bho.dll (iWebar) FF SearchEngineOrder.1: Ask.com FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=128&systemid=488&v=a13350-406&apn_dtid=TCH001&apn_ptnrs=AG1&apn_uid=1502151513464573&o=APN11459&q= FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml FF Extension: hosts - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com [2013-11-07] FF Extension: Sense - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.com [2014-12-31] FF Extension: 4shared Desktop Plugin - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\4sharedCopyLinks [2013-08-20] FF Extension: Ge-Force - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.com [2014-12-31] FF Extension: save ona - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\khcsaa@uyeooe.co.uk [2014-06-20] FF Extension: Shopper-Pro - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-12-31] FF Extension: GoPhotoIt - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\gophoto@gophoto.it.xpi [2013-08-08] CHR Extension: (Avast SafePrice) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-02] CHR HKLM-x32\...\Chrome\Extension: [dbpebffoameokfhnaaedmefjncfboino] - C:\Program Files (x86)\SecretSauce\dbpebffoameokfhnaaedmefjncfboino.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [hgojaaaiddhmiiakpejiklijbalpckih] - C:\Users\Home\AppData\Roaming\StatusWinks\statuswinks.crx [Not Found] S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-31] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-31] (globalUpdate) [File not signed] Task: {0EAA1583-E05F-4DBB-99E5-EFFE64D17170} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {14157FF5-221E-4914-9F78-B61EA180B80E} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5 => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-5.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {175DA36F-1465-429F-8FBA-697B6BA6E551} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2 => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-2.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {17BC3984-569F-4D0F-A615-802A066C5322} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro\JSDriver\1456.0.0.0\jsdrv.exe [2014-12-30] () <==== ATTENTION Task: {1D3F26C7-13FD-4D01-979A-52EEAB4E8CF3} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5 => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-5.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {22574E71-290E-4098-83F7-632ECC07D825} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {33422571-00DF-4AFF-85C2-6D2723E5964D} - System32\Tasks\{96C479DA-6DF7-48F8-97B8-9083A023445B} => pcalua.exe -a "D:\Downloads\counter strike setup.exe" -d D:\Downloads Task: {3AE40E12-9491-441C-BBBB-1574AC8F4BF2} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6 => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-6.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {4071BC8C-2364-4405-819F-A0F3A35811D8} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-12-31] (globalUpdate) <==== ATTENTION Task: {4502801A-6108-4595-B7B9-31DC88A26F6E} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1 => C:\Program Files (x86)\Ge-Force\Ge-Force-codedownloader.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {4DA8C4D9-27AB-443E-A736-2C05CA25C616} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7 => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-7.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {564F9390-81F6-4A5B-ACB7-9B5D7490715A} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6 => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-6.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {5AFEA43A-1C9C-4CC3-A424-29794EAF102B} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7 => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-7.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {61B19077-A084-4D37-BEC3-B03F90D8A9A8} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5_user => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-5.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {91D69D0E-A9EB-4EF9-A1D4-F619FAABADB4} - \BrowserDefendert No Task File <==== ATTENTION Task: {993C0E0E-0A6B-4C66-8F9D-C09F4ADBA088} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2 => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-2.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {9E1434CD-09BA-42F0-A78E-97439481EA0F} - \EPUpdater No Task File <==== ATTENTION Task: {B957D768-40BF-4455-84FA-173FE236D35E} - System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4 => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-4.exe [2014-12-31] (iWebar) <==== ATTENTION Task: {BFB437F2-293B-49AE-BB88-AFEA5EA57F77} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ATTENTION Task: {CB9E319B-D13A-4BEA-BA7E-7979DEC9A639} - System32\Tasks\BTHQYZ => C:\Users\Home\AppData\Roaming\BTHQYZ.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {D0888DAD-7909-44AC-8118-3599E6CAC231} - System32\Tasks\TWWAODCJ => C:\Users\Home\AppData\Roaming\TWWAODCJ.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {DF9DC0A2-685E-4487-AD16-BE76A2BF00D9} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4 => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-4.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {E3D6966F-D5F3-4B8D-970B-E6837FB64B84} - System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5_user => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-5.exe [2014-12-31] (Object Browser) <==== ATTENTION Task: {F22EA650-437B-44C2-A6C1-697214CABB50} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-12-31] (globalUpdate) <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1.job => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2.job => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-2.exe <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4.job => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-4.exe <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5.job => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-5.exe <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5_user.job => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-5.exe <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6.job => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-6.exe <==== ATTENTION Task: C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7.job => C:\Program Files (x86)\Sense\1dea94ba-c355-4441-b610-cc748d7f297c-7.exe <==== ATTENTION Task: C:\Windows\Tasks\BTHQYZ.job => C:\Users\Home\AppData\Roaming\BTHQYZ.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1.job => C:\Program Files (x86)\Ge-Force\Ge-Force-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2.job => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-2.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4.job => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-4.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5.job => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-5.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5_user.job => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-5.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6.job => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-6.exe <==== ATTENTION Task: C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7.job => C:\Program Files (x86)\Ge-Force\cec51f3d-bb28-4b23-86d8-1b036862730d-7.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\TWWAODCJ.job => C:\Users\Home\AppData\Roaming\TWWAODCJ.exe <==== ATTENTION cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NextLive" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtection" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateChecker" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WebCake Desktop" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YourFile DownloaderInstaller Starter" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YTDownloader" /f C:\Program Files (x86)\Ge-Force C:\Program Files (x86)\Sense C:\Program Files (x86)\ShopperPro C:\Program Files (x86)\globalUpdate C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5_user.job C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5.job C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5 C:\Windows\Tasks\BTHQYZ.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5_user.job C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1.job C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2.job C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2.job C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5 C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2 C:\Users\Home\AppData\Roaming\BTHQYZ.exe C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4 C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1 C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1 C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2 C:\Windows\System32\Tasks\BTHQYZ C:\Windows\Tasks\TWWAODCJ.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6.job C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6.job C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4.job C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7.job C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7.job C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6 C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7 C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4 C:\Users\Home\AppData\Roaming\TWWAODCJ.exe C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6 C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7 C:\Windows\System32\Tasks\TWWAODCJ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore C:\Users\Home\AppData\Local\globalUpdate C:\Program Files (x86)\cb8e403a-9661-4359-9325-cd809514026b C:\Program Files (x86)\2a114235-2581-485d-826a-c49e1f26726c C:\ProgramData\ShopperPro C:\Windows\System32\Tasks\YTDownloader C:\Windows\System32\Tasks\SPDriver C:\Users\Public\Documents\ShopperPro C:\Users\Home\AppData\Roaming\BTHQYZ.exe C:\Users\Home\AppData\Roaming\TWWAODCJ.exe C:\Program Files (x86)\Mobogenie C:\Users\Home\AppData\Roaming\newnext.me C:\Users\Home\AppData\Roaming\Search Protection C:\Users\Home\AppData\Local\Popajar C:\Users\Home\AppData\Roaming\Web Cake C:\Program Files (x86)\YTDownloader EmptyTemp: End *************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SPDriver => value deleted successfully. HKU\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SPDriver => value deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe" => Key deleted successfully. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. "HKU\S-1-5-21-448369867-836560375-4160285859-1000\SOFTWARE\Policies\Google" => Key deleted successfully. "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\S-1-5-21-448369867-836560375-4160285859-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. HKU\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}" => Key deleted successfully. HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} => Key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}" => Key deleted successfully. HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} => Key not found. "HKU\S-1-5-21-448369867-836560375-4160285859-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}" => Key deleted successfully. HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} => Key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611901159} => Key not found. HKCR\CLSID\{11111111-1111-1111-1111-110611901159} => Key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611911129} => Key not found. HKCR\CLSID\{11111111-1111-1111-1111-110611911129} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611901159} => Key not found. HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611901159} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611911129} => Key not found. HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611911129} => Key not found. Firefox SearchEngineOrder.1 deleted successfully. Firefox Keyword.URL deleted successfully. "HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully. "HKLM\Software\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10" => Key deleted successfully. C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll => Moved successfully. "HKLM\Software\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4" => Key deleted successfully. C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll not found. C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml => Moved successfully. C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com => Moved successfully. C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.com not found. C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\4sharedCopyLinks => Moved successfully. C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.com => Moved successfully. C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\khcsaa@uyeooe.co.uk => Moved successfully. C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} => Moved successfully. C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\Extensions\gophoto@gophoto.it.xpi => Moved successfully. C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck directory not found. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dbpebffoameokfhnaaedmefjncfboino" => Key deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hgojaaaiddhmiiakpejiklijbalpckih" => Key deleted successfully. globalUpdate => Service deleted successfully. globalUpdatem => Service deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EAA1583-E05F-4DBB-99E5-EFFE64D17170} => Key not found. C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1dea94ba-c355-4441-b610-cc748d7f297c-1 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14157FF5-221E-4914-9F78-B61EA180B80E} => Key not found. C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cec51f3d-bb28-4b23-86d8-1b036862730d-5 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{175DA36F-1465-429F-8FBA-697B6BA6E551} => Key not found. C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1dea94ba-c355-4441-b610-cc748d7f297c-2 => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{17BC3984-569F-4D0F-A615-802A066C5322}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17BC3984-569F-4D0F-A615-802A066C5322}" => Key deleted successfully. C:\Windows\System32\Tasks\SPDriver => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D3F26C7-13FD-4D01-979A-52EEAB4E8CF3} => Key not found. C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1dea94ba-c355-4441-b610-cc748d7f297c-5 => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22574E71-290E-4098-83F7-632ECC07D825}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22574E71-290E-4098-83F7-632ECC07D825}" => Key deleted successfully. C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33422571-00DF-4AFF-85C2-6D2723E5964D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33422571-00DF-4AFF-85C2-6D2723E5964D}" => Key deleted successfully. C:\Windows\System32\Tasks\{96C479DA-6DF7-48F8-97B8-9083A023445B} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{96C479DA-6DF7-48F8-97B8-9083A023445B}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AE40E12-9491-441C-BBBB-1574AC8F4BF2} => Key not found. C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1dea94ba-c355-4441-b610-cc748d7f297c-6 => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4071BC8C-2364-4405-819F-A0F3A35811D8}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4071BC8C-2364-4405-819F-A0F3A35811D8}" => Key deleted successfully. C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4502801A-6108-4595-B7B9-31DC88A26F6E} => Key not found. C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cec51f3d-bb28-4b23-86d8-1b036862730d-1 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DA8C4D9-27AB-443E-A736-2C05CA25C616} => Key not found. C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cec51f3d-bb28-4b23-86d8-1b036862730d-7 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{564F9390-81F6-4A5B-ACB7-9B5D7490715A} => Key not found. C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cec51f3d-bb28-4b23-86d8-1b036862730d-6 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AFEA43A-1C9C-4CC3-A424-29794EAF102B} => Key not found. C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1dea94ba-c355-4441-b610-cc748d7f297c-7 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61B19077-A084-4D37-BEC3-B03F90D8A9A8} => Key not found. C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5_user not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cec51f3d-bb28-4b23-86d8-1b036862730d-5_user => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91D69D0E-A9EB-4EF9-A1D4-F619FAABADB4}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91D69D0E-A9EB-4EF9-A1D4-F619FAABADB4}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{993C0E0E-0A6B-4C66-8F9D-C09F4ADBA088} => Key not found. C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cec51f3d-bb28-4b23-86d8-1b036862730d-2 => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E1434CD-09BA-42F0-A78E-97439481EA0F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E1434CD-09BA-42F0-A78E-97439481EA0F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B957D768-40BF-4455-84FA-173FE236D35E} => Key not found. C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cec51f3d-bb28-4b23-86d8-1b036862730d-4 => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BFB437F2-293B-49AE-BB88-AFEA5EA57F77}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFB437F2-293B-49AE-BB88-AFEA5EA57F77}" => Key deleted successfully. C:\Windows\System32\Tasks\YTDownloader => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloader" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB9E319B-D13A-4BEA-BA7E-7979DEC9A639} => Key not found. C:\Windows\System32\Tasks\BTHQYZ not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BTHQYZ => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0888DAD-7909-44AC-8118-3599E6CAC231} => Key not found. C:\Windows\System32\Tasks\TWWAODCJ not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TWWAODCJ => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF9DC0A2-685E-4487-AD16-BE76A2BF00D9} => Key not found. C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1dea94ba-c355-4441-b610-cc748d7f297c-4 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3D6966F-D5F3-4B8D-970B-E6837FB64B84} => Key not found. C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5_user not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1dea94ba-c355-4441-b610-cc748d7f297c-5_user => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F22EA650-437B-44C2-A6C1-697214CABB50}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F22EA650-437B-44C2-A6C1-697214CABB50}" => Key deleted successfully. C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => Key deleted successfully. C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1.job not found. C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2.job not found. C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4.job not found. C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5.job not found. C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5_user.job not found. C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6.job not found. C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7.job not found. C:\Windows\Tasks\BTHQYZ.job not found. C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1.job not found. C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2.job not found. C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4.job not found. C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5.job not found. C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5_user.job not found. C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6.job not found. C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7.job not found. C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => Moved successfully. C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => Moved successfully. C:\Windows\Tasks\TWWAODCJ.job not found. ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon" /f ========= The operation completed successfully. ========= End of CMD: ========= ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NextLive" /f ========= The operation completed successfully. ========= End of CMD: ========= ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtection" /f ========= The operation completed successfully. ========= End of CMD: ========= ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateChecker" /f ========= The operation completed successfully. ========= End of CMD: ========= ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WebCake Desktop" /f ========= The operation completed successfully. ========= End of CMD: ========= ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YourFile DownloaderInstaller Starter" /f ========= The operation completed successfully. ========= End of CMD: ========= ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YTDownloader" /f ========= The operation completed successfully. ========= End of CMD: ========= "C:\Program Files (x86)\Ge-Force" => File/Directory not found. "C:\Program Files (x86)\Sense" => File/Directory not found. C:\Program Files (x86)\ShopperPro => Moved successfully. C:\Program Files (x86)\globalUpdate => Moved successfully. "C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5_user.job" => File/Directory not found. "C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5.job" => File/Directory not found. "C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-5" => File/Directory not found. "C:\Windows\Tasks\BTHQYZ.job" => File/Directory not found. "C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5_user.job" => File/Directory not found. "C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4.job" => File/Directory not found. "C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1.job" => File/Directory not found. "C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1.job" => File/Directory not found. "C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5.job" => File/Directory not found. "C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2.job" => File/Directory not found. "C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2.job" => File/Directory not found. "C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-5" => File/Directory not found. "C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-2" => File/Directory not found. C:\Users\Home\AppData\Roaming\BTHQYZ.exe => Moved successfully. "C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-4" => File/Directory not found. "C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-1" => File/Directory not found. "C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-1" => File/Directory not found. "C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-2" => File/Directory not found. "C:\Windows\System32\Tasks\BTHQYZ" => File/Directory not found. "C:\Windows\Tasks\TWWAODCJ.job" => File/Directory not found. "C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6.job" => File/Directory not found. "C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6.job" => File/Directory not found. "C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job" => File/Directory not found. "C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4.job" => File/Directory not found. "C:\Windows\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7.job" => File/Directory not found. "C:\Windows\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7.job" => File/Directory not found. "C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job" => File/Directory not found. "C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-6" => File/Directory not found. "C:\Windows\System32\Tasks\1dea94ba-c355-4441-b610-cc748d7f297c-7" => File/Directory not found. "C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-4" => File/Directory not found. C:\Users\Home\AppData\Roaming\TWWAODCJ.exe => Moved successfully. "C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-6" => File/Directory not found. "C:\Windows\System32\Tasks\cec51f3d-bb28-4b23-86d8-1b036862730d-7" => File/Directory not found. "C:\Windows\System32\Tasks\TWWAODCJ" => File/Directory not found. "C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA" => File/Directory not found. "C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore" => File/Directory not found. C:\Users\Home\AppData\Local\globalUpdate => Moved successfully. "C:\Program Files (x86)\cb8e403a-9661-4359-9325-cd809514026b" => File/Directory not found. "C:\Program Files (x86)\2a114235-2581-485d-826a-c49e1f26726c" => File/Directory not found. C:\ProgramData\ShopperPro => Moved successfully. "C:\Windows\System32\Tasks\YTDownloader" => File/Directory not found. "C:\Windows\System32\Tasks\SPDriver" => File/Directory not found. C:\Users\Public\Documents\ShopperPro => Moved successfully. "C:\Users\Home\AppData\Roaming\BTHQYZ.exe" => File/Directory not found. "C:\Users\Home\AppData\Roaming\TWWAODCJ.exe" => File/Directory not found. "C:\Program Files (x86)\Mobogenie" => File/Directory not found. C:\Users\Home\AppData\Roaming\newnext.me => Moved successfully. "C:\Users\Home\AppData\Roaming\Search Protection" => File/Directory not found. C:\Users\Home\AppData\Local\Popajar => Moved successfully. "C:\Users\Home\AppData\Roaming\Web Cake" => File/Directory not found. "C:\Program Files (x86)\YTDownloader" => File/Directory not found. EmptyTemp: => Removed 6.2 GB temporary data. The system needed a reboot. ==== End of Fixlog 16:29:52 ==== mycity.rs/must-login.png Pozdrav i hvala na pomocu.

Profil

ivance95 Poslao: 04 Jan 2015 18:03 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav. srećna Nova godina. Ja ću odmeniti kolegu. Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: `quickscan;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

adelita Poslao: 04 Jan 2015 19:35 Idi na vrh
offline adelita Građanin Pridružio: 02 Okt 2007 Poruke: 50	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav i Vama nek Vam bude srecnu novu 2015 godinu i srecan bozic Uradila sam sve sta si mi rekao i evo to iz zoek-a Zoek.exe v5.0.0.0 Updated 31-12-2014 Tool run by Home on 04.01.2015 at 19:20:51,10. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Home\Desktop\New folder (3)\New folder\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 04.01.2015 19:22:28 Zoek.exe System Restore Point Created Succesfully. ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Home\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2015-01-04 14:13:15 6CAC4FCD994FF74115604873794F24A3 3336 ----a-w- C:\Windows\Sysnative\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-448369867-836560375-4160285859-1000 2015-01-03 23:39:28 F4FA0104DD6F64A72338EA7A42934799 3890 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2015-01-03 23:39:28 BD717C4665AA1ECDBEE5826C12CD8E72 894 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-03 23:39:27 521E2BF6004E3AC9E6B72A92A25D8C33 890 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-03 23:39:27 4B3DB3949EAFD6D96739A14F44AE2720 3638 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2015-01-01 10:10:17 266E0F9A747199B1BBC89B1E51D71F20 2982 ----a-w- C:\Windows\Sysnative\Tasks\AutoKMS ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Home\AppData\Roaming ====== ====== C:\Users\Home ====== 2015-01-03 23:40:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-01-01 12:47:06 2AF7C692C9D60FD7A231768BE327A572 209 ----a-w- C:\Users\Home\.swfinfo ====== C: exe-files == 2015-01-04 15:35:39 9208E5A0A844FCCB39B5252C07B4E860 2173952 ----a-w- C:\Users\Home\Desktop\New folder (3)\AdwCleaner.exe 2015-01-03 23:40:37 205E775B4B2C165922203A390B115523 40747600 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\39.0.2171.95\39.0.2171.95_chrome_installer.exe 2015-01-03 23:39:24 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2015-01-03 23:39:24 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe 2015-01-03 23:39:24 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe 2015-01-03 23:39:24 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe 2015-01-03 23:39:24 A10AFFE40FDC67217AC5D8105E528F40 880784 ----a-w- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe 2015-01-03 23:39:24 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe 2015-01-03 23:39:24 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe 2015-01-03 23:39:24 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe 2015-01-03 19:37:14 9F6F049192D4F5AF27C1A7E8C52FFAEE 2123776 ----a-w- C:\Users\Home\Desktop\New folder (3)\FRST64.exe 2014-12-31 12:31:38 170B3A9108687B26DA2D8901C6948A18 14383616 ----a-w- C:\Users\Home\Desktop\GTA San Andreas\gta_sa.exe 2014-12-31 11:41:17 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe 2014-12-31 11:41:17 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\GoogleUpdate.exe 2014-12-31 11:41:17 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe 2014-12-31 11:41:16 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe 2014-12-31 11:41:16 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe 2014-12-31 11:40:26 138DABE98F9748FC0B130DA8D9FB1377 3224576 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\ShopperPro\JSDriver\1456.0.0.0\jsdrv.exe 2014-12-30 18:10:20 138DABE98F9748FC0B130DA8D9FB1377 3224576 ----a-w- C:\FRST\Quarantine\C\Program Files (x86)\ShopperPro\JSDriver\jsdrv.exe === C: other files == 2015-01-04 18:18:34 7BFD6A2BE6F28058585A8EC0FC734ECA 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-448369867-836560375-4160285859-1000\$IW33J9Y.zip 2015-01-04 18:17:35 ACF859FFA1DEEE59B526D45F83EE99CD 4132138 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-448369867-836560375-4160285859-1000\$RW33J9Y.zip 2015-01-04 12:56:11 5123A5A77CB3F1AAFC098134E185350A 68896 ----a-w- C:\Users\Home\Downloads\197385-gone.girl.2014.1080p.bluray.dtshd.x264barc0dehr.zip ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BitTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Home\\AppData\\Roaming\\BitTorrent\\BitTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Facebook Update" "hkey"="HKCU" "command"="\"C:\\Users\\Home\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"D:\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RTHDVCPL" "hkey"="HKLM" "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TkBellExe" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\update\\realsched.exe\" -osboot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Home\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Viber] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Viber" "hkey"="HKCU" "command"="\"C:\\Users\\Home\\AppData\\Local\\Viber\\Viber.exe\" StartMinimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wondershare Helper Compact.exe] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Wondershare Helper Compact.exe" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\Wondershare\\Wondershare Helper Compact\\WSHelper.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11.12.2014 21:15] C:\Windows\tasks\AutoKMS.job --a------ C:\Windows\AutoKMS\AutoKMS.exe [01.11.2012 20:00] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-448369867-836560375-4160285859-1000Core.job --a------ C:\Users\Home\AppData\Local\Facebook\Update\FacebookUpdate.exe [11.11.2013 15:08] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-448369867-836560375-4160285859-1000UA.job --a------ C:\Users\Home\AppData\Local\Facebook\Update\FacebookUpdate.exe [11.11.2013 15:08] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04.01.2015 00:39] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04.01.2015 00:39] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-448369867-836560375-4160285859-1000Core" [C:\Users\Home\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-448369867-836560375-4160285859-1000UA" [C:\Users\Home\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-448369867-836560375-4160285859-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-448369867-836560375-4160285859-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\{0D3EC205-B368-402E-99F3-B7071118D18D}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\{778E35FA-A580-4E85-BF7C-CA443FDBF2B1}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\{8EBC4AC6-DEF1-4EF8-B779-1D7893B3DA6D}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\{A4BB4763-4DCA-4A3D-9A91-84A95C35EAD0}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\{F3CC2E04-ECAC-4422-B323-2F4D5E70533E}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default user_pref("browser.newtab.url", "about:newtab"); user_pref("browser.search.defaultengine", "Google"); ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\x64rfly2.default user_pref("browser.search.defaultenginename", "Yahoo!"); user_pref("browser.search.selectedEngine", "Yahoo!"); user_pref("keyword.URL", "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407453&p="); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.08.2014 15:17] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default - avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Undetermined - {b442f4c0-c292-4998-aabe-48608a73ba75} - Undetermined - {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - Undetermined - wrc@avast.com - Undetermined - {746505DC-0E21-4667-97F8-72EA6BCF5EEF} - Undetermined - e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.com - Undetermined - 0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.com - jid1vasLCl9ZsexfAQjetpack - %ProfilePath%\extensions\jid1-vasLCl9ZsexfAQ@jetpack - Smartest Bookmarks Bar - %ProfilePath%\extensions\{b442f4c0-c292-4998-aabe-48608a73ba75} - Stylish - %ProfilePath%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\x64rfly2.default - SmileysWeLove: Smileys for use with Facebook GMail and more - %ProfilePath%\extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi ExtDir: C:\Users\Home\AppData\Roaming\Mozilla\Extensions - Special Savings - %ExtDir%\specialsavings@vshsolutions.com - SpeedAnalysis.com - %ExtDir%\speedanalysis@SpeedAnalysis.com - Smiley Bar for Facebook - %ExtDir%\statuswinks@StatusWinks AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default 9860727E477F17B88E39AF8B69B0407A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll - Shockwave Flash 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Home\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 65C1D9F74004E775F9A8598476ABE5EE - C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player EEEB86077BB4682B3FCFEDA5AED3E396 - D:\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4 BADFB0DCCD9B7E9F2F6EB7954D24EED1 - D:\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4 1153F58FACBC9731AF6CDF313F76DF29 - D:\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4 9E4F520270BF7301CC24E8FA67791C22 - D:\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4 E50A1DB5DE70D656287511297B42F9F2 - D:\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4 FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) 0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) 06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) 558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06.08.2014 15:17] idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29.11.2012 20:35] save ona - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obngdbafefdbcknpnkokcdfbkkmebbfe save ona - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obngdbafefdbcknpnkokcdfbkkmebbfe Google Docs - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Voice Search Hotword (Beta) - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn YouTube - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Avast Online Security - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki RealDownloader - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Google Wallet - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda pgmjaihnmedpcdkjcgigocogcbffgkbn - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmjaihnmedpcdkjcgigocogcbffgkbn Gmail - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia save ona - Home\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obngdbafefdbcknpnkokcdfbkkmebbfe save ona - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\obngdbafefdbcknpnkokcdfbkkmebbfe ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on 04.01.2015 at 19:26:00,96 ====================== Hvala puno .

Profil

ivance95 Poslao: 04 Jan 2015 22:36 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo pokreni zoek ; zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; U beli okvir prozora iskopiraj sledeći tekst: obngdbafefdbcknpnkokcdfbkkmebbfe;chr SmileysWeLove;ff Special Savings;ff SpeedAnalysis.com;ff Smiley Bar for Facebook;ff SmileysWeLove: Smileys for use with Facebook GMail and more;ff jid1-vW9nopuIAJiRHw@jetpack.xpi;ff C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8};f C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF};f C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\msmq2oxw.default\e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.com;f C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\extensions\0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.com;f C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi;f C:\Users\Home\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com;f C:\Users\Home\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com;f C:\Users\Home\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks;f C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\x64rfly2.default\extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi;f autoclean; Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

adelita Poslao: 05 Jan 2015 01:32 Idi na vrh
offline adelita Građanin Pridružio: 02 Okt 2007 Poruke: 50	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Postovani, Uradio sam sve korake i evo izvestaj od zoek-a Zoek.exe v5.0.0.0 Updated 31-12-2014 Tool run by Home on 05.01.2015 at 0:54:03,75. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Home\Desktop\New folder (3)\New folder\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-01-04-182600.log 19405 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\en_zf deleted successfully C:\PROGRA~2\Subtitle Workshop deleted successfully C:\PROGRA~3\4shared Desktop deleted successfully C:\PROGRA~3\CloudSoft deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\Home\AppData\Roaming\Media Player Classic deleted successfully C:\Users\Home\AppData\Roaming\Publish Providers deleted successfully C:\Users\Home\AppData\Roaming\Wondershare Video Converter Ultimate deleted successfully C:\Users\Home\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} deleted successfully C:\Users\Home\AppData\Local\cache deleted successfully C:\Users\Home\AppData\Local\Ubisoft Game Launcher deleted successfully C:\Users\Home\AppData\Local\VirtualStore deleted successfully C:\Users\Home\AppData\Local\WMTools Downloaded Files deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E5D7AF04-69FF-4450-84A5-8756B6A0AA07} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{111FCEBF-2849-454C-AFF5-4B155B8A595} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19961053-6F4E-47F8-B833-95393BCBCAAC} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19985321-AB79-496B-BD3C-8BE3ED53B96F} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BDDD64A-FFEC-4EB2-8E14-FA1C31F2F438} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BE36B12-D50D-436A-A7B3-5B488EE039BA} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D7AABCE-A640-4F86-BAD6-6D8D7B10658E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DBB504E-3E67-4A17-972B-7F58BB213C90} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EED0B98-D688-4647-8E78-12E1ADD1A54} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F25E17-5CF-4BD2-AA89-35A322D6779A} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{200549D3-3906-4F5C-90DE-6A13509586A4} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{200BBF4-A6D8-42D9-BEFD-3992B28E22C0} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20CC6D33-1770-44BE-BE57-B34274853171} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20EC794E-20DE-4239-ADF-256870A5589D} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20FB45FA-D715-4A58-8ED9-1B3FA25C2143} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22D6EB6D-9379-4B52-B36A-70E9E98D40} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23489A27-FE14-44ED-A421-C233E8345D4} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2903DA93-4123-4034-A56D-AD7911D38273} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29328C5C-CF29-4C5C-B6C4-B1B728220B4} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2966C9E1-FB32-4C93-B0B5-F252FFAB252} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A0F2DDA-8CA4-4223-9B21-9EBA52148FC4} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BC67CD1-F1D4-4758-A59-C34F29B69B77} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BD74B80-1005-42A2-82BF-DB62C3C74D30} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DCD2106-5170-43D7-89D0-1594D86E15BB} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6BA107-4ED5-46DB-9233-6175F111E35A} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F56EB0F-BB9E-4267-A443-157FE4A97EC} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{302B6450-5008-447D-A37-D6498F744B8} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30496BFC-4201-46C0-8C18-B75FBC543A65} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{304B83F6-99D6-4EB9-A69B-1FE2CFD1C09C} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3285F9CB-D105-4A2B-9598-201ED36347C4} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33330042-4494-4D27-94B8-F95F542B2B3E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348B3391-B4A9-4802-B396-34277936EE13} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{353B4E7E-360E-42E8-BFB1-737F6F02EFE} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{353F672D-9A05-4BA5-B8E-4A69143163B9} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{358BB181-E97A-4056-ABF8-EB4AB18B5160} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36BDF461-62C2-4D62-95C3-C0C5BF5F9CAE} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38DD688-4868-4E99-9164-2D53BD4B144} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A2AF0D1-AB2A-4D35-80B5-87B9ADE36730} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AB896A3-A6C4-4251-B6E1-1AF6EA3CFA20} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BB51F40-ABB5-4E48-841F-9EAD4B63144} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BFB770C-9914-47FA-A947-EE9C556E7CA3} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{405C373B-DED6-48A0-B8E4-1F6649321DF} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40D23C88-3114-4A28-AC1F-B85DB9E15080} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41DF393D-CF6A-4652-BA7B-48303A512B32} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{439CB6D-83E1-4E4F-9254-68B5661A8D13} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4421A5AE-2C82-42CB-A692-D66A8A90D547} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{454F7A79-9DA4-48AD-8A78-6333671D545D} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{469533A5-2EA0-4DF1-A8D9-2A59D5189AE} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47513DA9-B93-492F-B574-2AD070B71A0} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4754F21-A54A-4D42-B020-1EA8431EAC9C} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48045DE0-1A6F-4C94-A83D-E5659D48E66} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48CBAEC6-E5AB-497F-A79C-FBB61CA869AD} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48E98D47-9692-41FC-8A4A-5A82C4C925D3} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49002289-95E0-4CA5-9046-AF8BF7CEEAA} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49147EFF-602F-416E-94BD-5174D3C265FC} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49C9B2CA-B476-45E0-BE8F-A34AF5AC10B5} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4ACB81F7-56E0-4AB0-BE33-757D17D96A0} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B0506BB-FE8C-4032-B9FF-DCF4A24F6AF0} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4CEB75CF-B93D-488C-8ABC-A358D1FD7CFC} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D999AD0-E8F-44D8-A1B3-ADB43E3AB2D8} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E148966-48E0-4774-A3FE-74463EEA3F2D} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51082AC3-B71C-47FC-A073-54432678EAC} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{514D8CE2-F25C-4A91-A2D8-1EFD9591C591} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5182D8E3-B0AC-463D-AD23-31DEFBB5E0AF} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51AF91CF-39B9-4C1C-88C7-5E38BDC4516B} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{527C4217-212-4E2B-A0C6-82F2EFA3BEEC} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52A6FE7E-47FF-4CB9-BC7C-DE2A676BB41} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52F7D99B-6E1F-402E-A86D-B877FF519819} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5360164A-17EF-4749-8349-1A15A7554B80} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5390473E-9D67-472F-A443-36BE3A513420} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{559EB32B-92AC-4563-ABF6-E81ECE53FA6E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5621E8EE-E1D5-40F5-9FAD-E14550727E52} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57367761-1B9D-42F7-B835-281678ADEF6B} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{575CC92-E43A-468A-B3E-16E71DB8C09A} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57C9194D-508F-4982-997D-ACDB37B9889} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58265D24-B8C3-4F2D-B69D-A2EF2A781FE3} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5910477C-169F-4912-AB39-944563089E3} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59B1AFFA-2F89-4842-90FB-AF64B7981AC8} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A9A52A0-4DF3-47DF-8266-8C68F0FE95C7} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B371700-1008-438E-9970-73D545B46462} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B56BEDB-8C5E-4C2F-926-6718E785CDD0} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C1ECF74-E9FA-4382-9094-F34BA19F22B} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CDD9F94-80EA-4B27-98F9-CDB2A4F11172} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D19CF52-41AA-46A9-8E32-C17BA6BE7B51} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603194E7-6235-4397-BE5F-523A927336D7} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{607C5E30-768D-4C33-8F4E-35C01986363} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61EF4A1F-FB42-4A3F-B6DB-DAF47B2955C} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{634D2834-D8CD-4BD6-AE55-ABAA180EBC7} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6444B59E-16E4-413E-8D5C-4997BA618894} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6527048D-7A31-4D5D-81B9-57488EFDE5D7} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67DF13FB-1748-44D7-8BD3-E4A92D3A9EDF} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68E09FF-FF4-4FD9-9FA5-E74F56F0678C} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ACDBCE8-8136-4D60-AABB-B481BE4871B4} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B8EBE35-3592-4765-BBE6-A1C94FC38FC} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B932072-3F1A-4CD7-8AE2-71718C63ABC7} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DA7DEE8-5A91-424C-9FCA-4E3DA5AE51E2} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71A13208-D1C8-458D-8815-8B8CE88534A8} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7401B529-D2A0-45C4-B1C2-1EED14496370} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{741FEA74-6E89-4A2B-AB5F-6446E94E54A8} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74B37F49-EF8A-4CF2-8179-DCC5D209280} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75A779C8-736A-4030-AA16-4ED81684C73B} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7622B307-862C-468A-A474-F9F3639CA322} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76C8D1B7-5049-4C68-ACE0-10349A388FD9} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{773708A7-984C-4D13-8C43-A1FA125B1A50} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{774940B7-5520-4F82-985-BC5EA9D564F0} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7847E77F-84E-41BF-BF42-7A4BEB98ABA2} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A943386-DBF-45F2-BDBB-B8A769C0F5B3} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BF30DAB-7B5B-4A09-A7AE-B1CB5D1A19DE} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CF3C124-CE11-4DBA-A67-6D98947A237E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E38A7E4-4D81-4B44-9AF6-B5CA80DB532D} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E82EED3-11FF-4D22-A5D4-99CD8844AB44} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7EFD192A-C681-4091-8CC-DAD4DFEAD9E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F251CF5-F197-48C0-82E9-B6A04F5F7AA8} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FB45B37-14BB-4009-94B3-955FCCCA750} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8210D68E-FB59-49E5-9596-C6F02FFB51} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8311A780-A5FA-4072-987F-3BC1EC5C2E5} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CC941B-C20E-47F2-BC8C-D8AC859FB385} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84F53AA8-351-4DF5-B239-30C9AD19D078} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{852D7836-2CC3-4920-84F-D5A4275A0EB} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{854544BB-B91E-491C-A661-0BDC66C2AD2} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86F8DB3F-942B-4D73-BDB5-1CD8B1E5FD0} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877A5463-DED1-4922-AE25-48569FF8AC6E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{878977BF-ABBB-4D45-88AC-F788C96430D2} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{897A8F9F-3246-4ED2-921B-E57F6DEB560} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89B7C629-4FE4-41D3-98CD-ABE54CB691F} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D0B3F73-B62A-4AA3-B4CF-46B0D9FF38CF} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8DC0700-3A66-4705-A441-4696AF8E951B} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E9FD5B0-B372-4E2F-AB68-C87CB863F4E4} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EEC0A23-9CA0-472C-8AA7-82D37A19688B} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F1A2C68-E273-4E28-9032-A25197F2DE6} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90A28B62-C5D8-4A75-AF8B-73BC8F1D53E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92FD69D0-13B4-4DF9-A87F-D22658BDEF1} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{944CF5BB-FCBA-4118-A2C4-09F9D9EAEA1} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{947C9EFD-31FF-4056-90E1-98987690416A} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95B1FA01-FDD5-4C25-9921-E832AA84949F} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9605D289-A828-444C-BC66-C8DCB5745653} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9689213B-F325-4462-A141-8764F462CFB7} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97222C65-E0C4-4584-90D8-EE72FE86BE75} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{975F8EDA-5611-415D-8BFF-E3D9ACC6D7} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A794786-5608-4E9B-A5A2-F83E584E9F2D} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C328FA9-E961-4112-94CF-42351ED46F80} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C6872B2-103F-4FB0-B782-5B51D8106F91} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D042961-9232-4BA9-AF6F-7E46AD21C4AA} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F3DF9E5-B5F9-4675-821-2EB0172AEA} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F3E285C-14D7-4288-8291-659AEAC9431} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A01A4BEC-9286-4F95-A8F0-89135D95CE4B} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0ACD7D5-87AD-46D8-9E1C-DC8FB9FABD21} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0CC321A-CEF1-432B-8361-6A62995027FE} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A136301C-9DAE-43C1-BEC3-D52653AEDD3} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A139490C-1034-4EEC-BC89-374EB4A9C91E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1EA28AC-989C-4304-AA97-61B1D8B9E0B3} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3665870-74D9-406F-96CA-AAD67FA3D381} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A51B0B79-1903-439B-8EBF-C08091BB4B87} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5543E3D-C573-4B0E-AEFA-BF975627A34} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A56CB95D-E011-4788-85C-66A352D14F4E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5745BF3-3509-40CF-8EC8-961D61F5DC0} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5E409C5-87E5-41B6-A84E-697DCC2DA746} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A669D2BE-42C8-42A5-9AC-30783C4E521} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A73CA31C-63FA-4E80-96EB-C78619C4F51E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8B8FA7-F7E1-492C-ACD-C67186183490} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A92A4221-F785-4C32-BB76-3FC52C511D28} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA43D755-68D7-49A8-A416-C7DB516F3F99} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACD3D634-AE01-4907-B922-26CCD6F88970} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD6B3F6-540E-45CD-B4C4-349A38D2475} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE995778-6957-4520-9A11-685A94C1328A} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B064D65A-6E57-4BF4-B6A6-A3B1AE96FE48} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2C852C-B72B-478C-83F3-C0B9507EE10} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B36B28EA-7C09-4945-8B1F-FFFE8E4EBE92} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B48135C8-9B7E-4749-9E58-1080264C8868} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5996921-474D-4D7C-BD5C-C637EE9EFD62} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5E5DDA5-4594-4FFF-8EB2-EC7431B42FD8} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7D47F68-3B9C-4767-ACFF-2164A37EC0FD} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7D53220-FBE0-43CC-BE2F-C5B3996807E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B95C883C-190F-4D0C-BF1F-A9ED4AA81F5D} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA3826CE-73D2-4BF1-BADA-533A5E36E049} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAED0A45-6689-43F7-A15B-FD62F899E1FC} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB1D0A8F-A8FE-4928-862D-CE9CFF179517} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD72EA68-6ADC-458A-887E-4476F3D8A7D} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE66A19-89B6-463E-AE98-D394B7CE52C9} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFAAE6E5-AEFA-4D48-8DD-D51CC25711B6} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0EE4593-AF95-4296-9883-69172DB4660} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C380E8E6-5B9C-42B2-9EB1-7880D1E4882E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5E459DE-50D2-43DD-BE46-42DA8DE2E693} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6B627C8-D927-4701-8968-3EDD123C17BE} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C91D14AB-4AD3-4257-ADE4-C097B2CDC927} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C933DA85-1FD0-4CD2-B699-3D1B4DEAB667} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D02C7424-B302-4EE2-A3E4-6A3968DC1EE3} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0E9BA58-3BC6-4A37-A3D5-7CA8582D9D} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2BF19BE-249D-4DC5-86AE-165AD0AB582A} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D589F6D0-9608-406F-BE64-94EEF265D66E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5E1943A-6A12-44A4-AD2E-4ABBD35B51E} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7ECA5FC-FB2B-45F2-89FB-E3B65F34BAB} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9320FC4-FF3-4FDB-99C8-EBF8F5CAA88} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAF4B2DE-9F57-48E4-A1FD-6D5AEE5A417B} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC0CB873-EF7-4F3C-80C0-8CF64D4E2F} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCC20EC1-627E-4E34-9F92-DBC983C9C81B} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD7039E4-820C-41F0-A2B7-BE5FD5F08D76} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0D40B57-FE34-45B7-A840-2A8EB0F23E70} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1FF6B1B-56E5-4C5D-BC35-9572A9E3B241} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E22D9384-4B79-43FB-945E-A160768EC81B} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E38B13C-83D9-476E-A24C-B1EC3BB7D7B9} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3C9C9D1-8A5D-42FB-BD33-60AC59B46468} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3F7B2C0-4B66-4C35-A5E9-943AEF3DEFDA} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4869DDA-72FD-40DD-9166-8C5F323B3F22} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4E1681A-6B7D-4E95-A445-ED3D01C2592} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E821FE32-C7C4-4296-8CE6-A92E3C38CA46} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E94D965E-CF24-4A63-8F4F-851DB2B807} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA3D2A01-E877-4DBB-90D8-F4DC9B1D7190} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC30E4C8-8D79-4F03-85E4-8DBDC75C17AB} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC35EBCD-337F-439D-B9CB-F46280B822D3} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC441AE3-F39C-4351-B0B4-37FCFD682621} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED50BF2-30EC-477F-B19-59B393D9D17A} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE4452FF-862D-43EB-AFCC-4D1B5D598564} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1956184-1AB5-48BC-9A6F-854B6585B97C} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3242449-9551-4A1B-9363-A25089638AF9} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F33E72F9-F14C-4AF2-AD14-410E4923ACC} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F38209F5-6351-4EA9-86E9-238149B4DAB1} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3C98179-129F-4F49-BFD8-9DC0B082E56F} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F42AB48C-AC52-43EF-8D9-4830D4EEBD5B} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6855C7F-AA72-458A-9220-A1931EA671} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6E96581-F722-4EB0-ABC9-D1EFCCDD858C} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7568416-49F5-4E54-8C29-5865E1A7F1} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA8CE247-3B9B-4E9E-BA5-83879EDFEF3D} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA9C5236-3B52-40A9-9793-AEB128EE74C8} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC05479A-2FB8-4E0A-B8C4-7AFF7CCAAE6} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD06E82A-7958-4DBD-861C-C5F1F15D1394} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD7B6A6D-9412-4DC2-BD33-78585A882F6} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE21958A-F46-4E9A-B674-5AE44DBF6811} deleted successfully HKEY_USERS\S-1-5-21-448369867-836560375-4160285859-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFB7E10C-57C5-4F60-A83D-F7A758AB6A8} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default user.js not found ---- Lines SmileysWeLove removed from prefs.js ---- user_pref("smileyswelove@sim.com.installtime", "1392396234.154"); user_pref("smileyswelove@sim.com.server", "http://api29.webovernet.com"); user_pref("smileyswelove@sim.com.src", "798"); user_pref("smileyswelove@sim.com.user_id", "24014428642991"); ---- Lines SecretSauce removed from prefs.js ---- user_pref("extensions.SecretSauce.aul", "1389916967958"); user_pref("extensions.SecretSauce.irl", true); user_pref("extensions.SecretSauce.is", "fmxqtmk"); user_pref("extensions.SecretSauce.ug", "37BBB124-F11D-4F4D-9F35-744D754A7EB2"); ---- Lines a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382 removed from prefs.js ---- user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.active", true); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.addressbar", "NA"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.addressbarenhanced", ""); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.asyncdb_dbWasSet", true); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.asyncdb_dbWasSet_FF25_FIX", true); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.asyncinternaldb_dbWasSet", true); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.asyncinternaldb_dbWasSet_FF25_FIX", true); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.backgroundver", 34); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.can_run_bg_code", true); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.certdomaininstaller", ""); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.changeprevious", false); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.geo.expiration", "Sat Nov 16 2013 10:19:5 user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.geo.value", "%22MK%22"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.InstallationTime.expiration", "Fri Feb 01 user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.InstallationTime.value", "1376162749"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.InstallerParams.expiration", "Fri Feb 01 user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.jw_token.expiration", "Fri Feb 01 2030 00 user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.jw_token.value", "%221880ef57-246c-af9f-b user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.description", "hosts"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.domain", ""); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.enablesearch", false); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.homepage", ""); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.iframe", false); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationThankYouPage", false); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationTime", 1376162749); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationUserSettings.searchUserConifrmation" user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationUserSettings.setHomepage", false); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationUserSettings.setNewTab", false); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationUserSettings.setSearch", false); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.__GEO__.expiration", "Sun Nov 10 2013 user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.__GEO__.value", "%22MK%22"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.InstallerIdentifiers.expiration", "Fr user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.InstallerIdentifiers.value", "%7B%22i user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_appVer.expiration", "Fri Fe user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_appVer.value", "94"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_lastVersion.expiration", "F user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_lastVersion.value", "71"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_meta.expiration", "Fri Feb user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_meta.value", "%7B%7D"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_nextCheck.expiration", "Sat user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_nextCheck.value", "true"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_queue.expiration", "Fri Feb user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_queue.value", "%7B%7D"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_remote_resources.expiration user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_remote_resources.value", "% user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_resource_remote_3.expiratio user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.lastDailyReport", "1383988366507"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.lastUpdate", "1383988367289"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.manifesturl", ""); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.name", "hosts"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.newtab", ""); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.opensearch", ""); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_1.name", "base"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_1.ver", 7); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_13.ver", 3); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_136.code", "(function() {\nvar sc user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_136.name", "arcadi4"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_136.ver", 2); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_14.ver", 9); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_16.name", "FFAppAPIWrapper"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_16.ver", 10); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_17.name", "jQuery"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_17.ver", 4); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_21.name", "debug"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_21.ver", 4); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_22.name", "resources"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_22.ver", 5); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_28.name", "initializer"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_28.ver", 3); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_4.name", "jquery_1_7_1"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_4.ver", 4); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_47.name", "resources_background") user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_47.ver", 3); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_64.name", "appApiMessage"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_64.ver", 3); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_72.name", "appApiValidation"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_72.ver", 3); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_78.ver", 4); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_98.name", "omniCommands"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_98.ver", 2); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins_lists.plugins_0", "4,14,78,16,64,47,72,9 user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1 user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins_lists.plugins_5", "4,14,78,13,16,64,47,7 user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plu user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.pluginsversion", 17); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.publisher", "Irismedia"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.searchstatus", 0); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.setnewtab", false); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.thankyou", ""); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.updateinterval", 360); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.ver", 94); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.adsOldValue", -1); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.apps", "35382"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.bic", "1406e786ed13e05a4e60c29a27c3341a"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.cid", 35382); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.firstrun", false); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.hadappinstalled", true); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.installationdate", 1376242921); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.lastcheck", 22960849); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.lastcheckitem", 22960866); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.modetype", "production"); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.reportInstall", true); user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.statsDailyCounter", 116); ---- Lines ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129 removed from prefs.js ---- user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.active", true); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.addressbar", "NA"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.addressbarenhanced", ""); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.asyncdb.was_copied", "true"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.asyncinternaldb.was_copied", "true"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.backgroundver", 1); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.certdomaininstaller", ""); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.changeprevious", false); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.cookie.InstallationTime.value", "%221420026067%22"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00: user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22001 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.cookie.uc.expiration", "Thu Jan 15 2015 19:15:26 GMT+0100 ( user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.cookie.uc.value", "%22%5C%22MK%5C%22%22"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.description", "Ge-Force"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.domain", ""); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.coma user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.coma user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.coma user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.coma user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.coma user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.coma user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.enablesearch", false); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.homepage", ""); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.iframe", false); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.InstallationThankYouPage", false); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.InstallationTime", 1420026067); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.__defualt_browser__.expiration", "Fri Feb 01 203 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.__defualt_browser__.value", "%22ch%22"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.installer.value", "%7B%22InstallerIdentifiers%22 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 20 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.InstallerIdentifiers.value", "%7B%22installer_bi user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%2 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 20 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.InstallerParamsCache.value", "%7B%22source_id%22 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.InstallerUserIdentifiersCache.expiration", "Fri user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.InstallerUserIdentifiersCache.value", "%7B%22ins user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.monetization_plugin_bundledUrls.expiration", "Fr user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.monetization_plugin_bundledWithHash.expiration", user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.monetization_plugin_bundledWithHash.value", "nul user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.monetization_plugin_notBundledArr_.expiration", user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.monetization_plugin_notBundledArr_.value", "%5B% user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.monetization_plugin_regBundledWithSoftware.expir user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.monetization_plugin_regBundledWithSoftware.value user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.reporting_user_key.expiration", "Sun Dec 29 2024 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.reporting_user_key.value", "false"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 0 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_appVer.value", "10"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_lastVersion.value", "1"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00: user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_nextCheck.expiration", "Fri Jan 02 201 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_nextCheck.value", "true"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_queue.value", "%7B%7D"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_remote_resources.expiration", "Fri Feb user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_remote_resources.value", "%7B%22remote user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_resource_948852.expiration", "Wed Apr user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_resource_948853.expiration", "Wed Apr user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_resource_948854.expiration", "Wed Apr user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_resource_948855.expiration", "Wed Apr user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_resource_948856.expiration", "Wed Apr user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_resource_948857.expiration", "Wed Apr user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_resource_948857.value", "%22//Javascri user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_resource_948858.expiration", "Wed Apr user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_resource_948859.expiration", "Wed Apr user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_resource_948860.expiration", "Wed Apr user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.internaldb.Resources_resource_948861.expiration", "Wed Apr user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.lastDailyReport", "1420136107593"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.lastUpdate", "1420136104607"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.manifesturl", ""); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.name", "Ge-Force"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.newtab", ""); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.opensearch", ""); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.pluginsurl", "http://js.newstatsdatanet.com/plugin/apps/691 user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.pluginsversion", 6); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.publisher", "iWebar"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.searchstatus", 0); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.setnewtab", false); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.thankyou", ""); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.updateinterval", 360); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.69129.ver", 10); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.apps", "69129"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.bic", "14aa0e0cf93ac57a74a8e28f37b14ecd"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.cid", 69129); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.firstrun", false); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.hadappinstalled", true); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.installationdate", 1420038295); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.modetype", "production"); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.reportInstall", true); user_pref("extensions.ae2b0dff561784e3db84ed9e2815a71a2f5d474691ed6bbee47c02com69129.statsDailyCounter", 2); ---- Lines poweraddon removed from prefs.js ---- user_pref("extensions.poweraddon.nextReportTime", "1420222525313"); user_pref("extensions.poweraddon.uuid", "54787cb4b8d24c3eb5720a34d3b0b8ac"); ---- Lines gophoto.it removed from prefs.js ---- user_pref("extensions.bootstrappedAddons", "{\"gophoto@gophoto.it\":{\"version\":\"1.6\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Home\\ user_pref("extensions.gophoto@gophoto.it.install-event-fired", true); ---- Lines gophoto.it modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{ABDE892B-13A8-4d1b-88E6-365A6E755758}\":{\"descriptor\":\"C:\\\\ ---- Lines extensions.swKa removed from prefs.js ---- user_pref("extensions.swKa.epoch", "1417102375"); user_pref("extensions.swKa.url", "http://jobsidian.net/sync2/?q=hfZ9ofq7B75MCyVUojw8qdaMg708BNmGWj8qiGhGheDUojw9rdgGrdw7rjn9rihIC7n0rjnEqHs8rdsEqTn5tN ---- FireFox user.js and prefs.js backups ---- prefs__0113_.backup ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\x64rfly2.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs__0113_.backup ==== Deleting Files \ Folders ====================== "C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}" not found "C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}" not found "C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\msmq2oxw.default\e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.com" not found "C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\extensions\0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.com" not found "C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi" not found C:\PROGRA~3\Cloud Software LTD deleted C:\Users\Home\.android deleted C:\PROGRA~2\BitLord 2 deleted C:\PROGRA~2\COMMON~1\Wondershare deleted C:\Users\Home\AppData\Roaming\BitLord deleted C:\PROGRA~3\Wondershare Video Converter Ultimate deleted C:\PROGRA~3\InstallMate deleted C:\Users\Home\AppData\Local\Wondershare deleted C:\Windows\wininit.ini deleted C:\Windows\Launcher.exe deleted C:\windows\SysNative\GroupPolicy\User deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\Home\Documents\Add-in Express deleted C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\jetpack deleted C:\Users\Home\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com deleted C:\Users\Home\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks deleted C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default\extensions\{b442f4c0-c292-4998-aabe-48608a73ba75} deleted "C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\x64rfly2.default\extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi" deleted "C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\x64rfly2.default\extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi" deleted "C:\Users\Home\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com\chrome.manifest" deleted "C:\Users\Home\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com\install.rdf" deleted "C:\Users\Home\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com\content\128.png" deleted "C:\Users\Home\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com\content\overlay.js" deleted "C:\Users\Home\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com\content\overlay.xul" deleted "C:\Users\Home\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com\defaults\preferences\prefs.js" deleted "C:\Users\Home\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com" deleted "C:\Users\Home\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com\content" deleted "C:\Users\Home\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com\defaults" deleted "C:\Users\Home\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com\defaults\preferences" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default user_pref("browser.newtab.url", "about:newtab"); user_pref("browser.search.defaultengine", "Google"); ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\x64rfly2.default user_pref("browser.search.defaultenginename", "Yahoo!"); user_pref("browser.search.selectedEngine", "Yahoo!"); user_pref("keyword.URL", "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407453&p="); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.08.2014 15:17] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default - avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Undetermined - {b442f4c0-c292-4998-aabe-48608a73ba75} - Undetermined - {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - Undetermined - wrc@avast.com - Undetermined - {746505DC-0E21-4667-97F8-72EA6BCF5EEF} - Undetermined - e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.com - Undetermined - 0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.com - jid1vasLCl9ZsexfAQjetpack - %ProfilePath%\extensions\jid1-vasLCl9ZsexfAQ@jetpack - Stylish - %ProfilePath%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default 9860727E477F17B88E39AF8B69B0407A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll - Shockwave Flash 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Home\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 65C1D9F74004E775F9A8598476ABE5EE - C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player EEEB86077BB4682B3FCFEDA5AED3E396 - D:\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4 BADFB0DCCD9B7E9F2F6EB7954D24EED1 - D:\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4 1153F58FACBC9731AF6CDF313F76DF29 - D:\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4 9E4F520270BF7301CC24E8FA67791C22 - D:\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4 E50A1DB5DE70D656287511297B42F9F2 - D:\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4 FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) 0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) 06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) 558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Home\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Home\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06.08.2014 15:17] idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29.11.2012 20:35] Google Docs - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Voice Search Hotword (Beta) - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn YouTube - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Avast Online Security - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki RealDownloader - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Google Wallet - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda pgmjaihnmedpcdkjcgigocogcbffgkbn - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmjaihnmedpcdkjcgigocogcbffgkbn Gmail - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{875AF52D-FB16-8B5B-9CA3-65597423103D} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ACB9EE84-98CB-9E70-0334-475629DE43DE} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=291 folders=108 117478326 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Home\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Home\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on 05.01.2015 at 1:21:09,64 ====================== Hvala puno na pomoc koji ste mi dali do sad .

Profil

ivance95 Poslao: 05 Jan 2015 12:51 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Moramo da izvršimo još jednu proveru da budemo sigurni da je kompjuter sada čist. Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

adelita Poslao: 05 Jan 2015 16:27 Idi na vrh
offline adelita Građanin Pridružio: 02 Okt 2007 Poruke: 50	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Zdavo, evo nastavak,ovde prilazem taj file koji ste trazili medjutim opet se ponavlaju dosadne reklame hvala Vam na pomoci: Malwarebytes Anti-Rootkit BETA 1.08.2.1001 malwarebytes.org Database version: v2015.01.05.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Home :: HOME-PC [administrator] 05.01.2015 15:51:03 mbar-log-2015-01-05 (15-51-03).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 389495 Time elapsed: 24 minute(s), 17 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) mycity.rs/must-login.png

Profil

ivance95 Poslao: 05 Jan 2015 17:25 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Možeš li da napraviš screenshoot kada se pojavi neka reklama i da ih prikačiš uz poruku? Uputstvo je na ovom linku: http://www.mycity.rs/Pitanja-i-predlozi/Pravljenje-screenshota.html

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Reklame

Ko je trenutno na forumu

Ukupno su 885 korisnika na forumu :: 34 registrovanih, 8 sakrivenih i 843 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., aleksandarbl, Apok, bokisha253, cavatina, djo97, Djokislav, doktor1964, drimer, FileFinder, JimmyNapoli, Kubovac, laki_bb, laurusri, Mercury, mik7, milos.cbr, milutin134, Ne doznajem se u oružje, nuke92, powSrb, Ripanjac, Shinobi, Sir Budimir, Sirius, t84dar, vlajkox, W123, wolf431, zdrebac, zillbg, zziko, 125

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by