offline
- Pridružio: 08 Maj 2014
- Poruke: 98
|
Na vecinu sajtova na koje hocu da udje iskoci captcha problem.
One more step
Please complete the security check to access
Primer je serijal.com , tamo vise odjednom nmg da gledam serije. Problem se javlja i na firefox-u i chromu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
Ran by PC (administrator) on PC-PC (12-12-2015 07:41:19)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: engleski (SAD)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FontExpertType1Loader] => D:\Program Files (x86)\FontExpert\Type1Loader.exe [295800 2012-10-16] (Proxima Software)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-558768503-1695780235-3176175885-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\MCShieldRTM.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-558768503-1695780235-3176175885-1000\...\Run: [Facebook Update] => C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-15] (Facebook Inc.)
HKU\S-1-5-21-558768503-1695780235-3176175885-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-558768503-1695780235-3176175885-1000\...\Run: [LightShot] => C:\Users\PC\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-558768503-1695780235-3176175885-1000\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group)
HKU\S-1-5-21-558768503-1695780235-3176175885-1000\...\Run: [Flvto Youtube Downloader] => C:\Program Files (x86)\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe [494592 2015-02-18] (Hotger)
HKU\S-1-5-21-558768503-1695780235-3176175885-1000\...\Run: [ESL Wire] => C:\Program Files\EslWire\wire.exe [3771904 2014-12-09] (Turtle Entertainment GmbH)
HKU\S-1-5-21-558768503-1695780235-3176175885-1000\...\Run: [MyComGames] => C:\Users\PC\AppData\Local\MyComGames\MyComGames.exe [4688840 2015-12-10] (MY.COM B.V.)
HKU\S-1-5-21-558768503-1695780235-3176175885-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-558768503-1695780235-3176175885-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-02-11] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{0FD10FC8-D2BE-4C3C-8FD4-7B342BD1A06D}: [DhcpNameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.oursurfing.com/?type=hp&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.oursurfing.com/?type=hp&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.oursurfing.com/web/?type=ds&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.oursurfing.com/web/?type=ds&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.oursurfing.com/?type=hp&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.oursurfing.com/?type=hp&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX&q={searchTerms}
HKU\S-1-5-21-558768503-1695780235-3176175885-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/webhp?ie=utf-8&oe=utf-8
HKU\S-1-5-21-558768503-1695780235-3176175885-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.oursurfing.com/?type=hp&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX&q={searchTerms}
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=3992&r=2015/01/30&hid=13284396016379351693&lg=EN&cc=RS&unqvl=74
SearchScopes: HKU\S-1-5-21-558768503-1695780235-3176175885-1000 -> DefaultScope {82419EC9-DBBA-45FC-A872-C926D90621E0} URL = hxxp://search.findwide.com/serp?guid={9D286490-47FD-4750-97ED-DEF589B2EF8C}&action=default_search&k={searchTerms}
SearchScopes: HKU\S-1-5-21-558768503-1695780235-3176175885-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-558768503-1695780235-3176175885-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-558768503-1695780235-3176175885-1000 -> {5F591810-2C7A-4FB3-8A7C-E61EBD2EB9D7} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11147
SearchScopes: HKU\S-1-5-21-558768503-1695780235-3176175885-1000 -> {82419EC9-DBBA-45FC-A872-C926D90621E0} URL = hxxp://search.findwide.com/serp?guid={9D286490-47FD-4750-97ED-DEF589B2EF8C}&action=default_search&k={searchTerms}
SearchScopes: HKU\S-1-5-21-558768503-1695780235-3176175885-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=3992&r=2015/01/30&hid=13284396016379351693&lg=EN&cc=RS&unqvl=74
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-12] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-12] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-558768503-1695780235-3176175885-1000 -> No Name - {1737A8F1-9541-4387-9920-A89FAE9C85D6} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1434208559&z=f32c18233135c103f081c45gdz9caz9odefb0w6w9b&from=exp&uid=ST320LT020-9YG142_W04BNKMXXXXXW04BNKMX
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\c407as5w.default
FF NewTab: hxxps://www.google.com/webhp?ie=utf-8&oe=utf-8
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://www.google.com/search?&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-02-11] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\PC\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-02-11] (Adobe Systems)
FF Plugin HKU\S-1-5-21-558768503-1695780235-3176175885-1000: @my.com/Games -> C:\Users\PC\AppData\Local\MyComGames\NPMyComDetector.dll [2015-09-30] (My.com, Inc)
FF Plugin HKU\S-1-5-21-558768503-1695780235-3176175885-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\PC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-558768503-1695780235-3176175885-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-23] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\c407as5w.default\searchplugins\mozilla-support.xml [2015-12-08]
FF Extension: Greasemonkey - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\c407as5w.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-20]
FF Extension: CutThePriice - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\c407as5w.default\Extensions\7wjU@m.org [2015-07-25] [not signed]
FF Extension: bestadblocker - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\c407as5w.default\Extensions\W1qQ@I0P.com [2015-07-25] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\c407as5w.default\extensions\searchffv2@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\c407as5w.default\extensions\sweetsearch@gmail.com => not found
Chrome:
=======
CHR HomePage: Default -> hxxps://mail.ru/cnt/9852088
CHR StartupUrls: Default -> "hxxp://websearch.thesearchpage.info/?pid=3992&r=2015/01/30&hid=13284396016379351693&lg=EN&cc=RS&unqvl=74"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=501549&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSuggestURL: Default -> hxxp://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google презентације) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-24] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google документи) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-05] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-28]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-28]
CHR Extension: (Google табеле) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-24] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google новчаник) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-20] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-28]
CHR Extension: (uuNIsaLeess) - C:\ProgramData\lgkjkifepnlncoocjbjmgnbenccjecjn\ []
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6849808 2015-11-10] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-14] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S2 SPDRIVER_1.37.0.1368; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1368\jsdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-12 07:41 - 2015-12-12 07:42 - 00022660 _____ C:\Users\PC\Desktop\FRST.txt
2015-12-12 07:40 - 2015-12-12 07:41 - 00000000 ____D C:\FRST
2015-12-12 07:39 - 2015-12-12 07:39 - 02369024 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-12-09 17:25 - 2015-12-09 17:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\AVG
2015-12-09 17:16 - 2015-12-09 17:16 - 00000896 _____ C:\Users\Public\Desktop\AVG.lnk
2015-12-09 17:16 - 2015-12-09 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2015-12-09 17:15 - 2015-12-09 17:21 - 00000000 ____D C:\ProgramData\Avg
2015-11-28 04:02 - 2015-12-09 22:17 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-28 04:02 - 2015-11-28 04:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-28 04:00 - 2015-12-12 07:12 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-28 04:00 - 2015-12-12 06:47 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-28 04:00 - 2015-12-01 17:07 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-11-28 04:00 - 2015-12-01 17:07 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-15 22:02 - 2015-11-15 22:02 - 00000000 ____D C:\Users\PC\Tracing
2015-11-15 22:01 - 2015-11-15 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-14 22:40 - 2015-11-14 22:40 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2015-11-14 22:40 - 2015-11-14 22:40 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-12 07:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-12 07:36 - 2014-02-12 10:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-12 07:25 - 2014-09-15 18:18 - 00000916 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-558768503-1695780235-3176175885-1000UA.job
2015-12-12 07:25 - 2014-02-12 09:37 - 00000000 ____D C:\Users\PC
2015-12-12 07:16 - 2014-10-23 22:35 - 00000382 _____ C:\Windows\Tasks\update-S-1-5-21-558768503-1695780235-3176175885-1000.job
2015-12-12 07:12 - 2014-07-14 22:51 - 00000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2015-12-12 06:54 - 2009-07-14 05:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-12 06:54 - 2009-07-14 05:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-12 06:48 - 2015-09-30 02:36 - 00000000 ____D C:\Users\PC\AppData\Local\MyComGames
2015-12-12 06:48 - 2015-04-18 11:43 - 00000000 ____D C:\Users\PC\AppData\Local\ESL Wire Game Client
2015-12-12 06:48 - 2014-05-09 17:20 - 00000000 ____D C:\ProgramData\MCShield
2015-12-12 06:47 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-12 06:09 - 2014-10-28 10:20 - 00000000 ____D C:\ProgramData\Oracle
2015-12-12 06:07 - 2014-10-28 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-12 06:07 - 2014-02-12 10:42 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-12 06:06 - 2015-08-28 08:52 - 00000000 ____D C:\Users\PC\.oracle_jre_usage
2015-12-12 06:06 - 2015-06-05 21:00 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-12-12 06:06 - 2014-02-12 11:09 - 00000000 ____D C:\ProgramData\MFAData
2015-12-12 06:01 - 2015-07-25 23:01 - 00000432 _____ C:\Windows\Tasks\VirtuosoPro.job
2015-12-12 05:18 - 2015-07-25 23:02 - 00000000 ____D C:\ProgramData\kjkmngllnkmeenhbcldhjfbackaajjln
2015-12-12 05:18 - 2015-07-25 23:02 - 00000000 ____D C:\ProgramData\flnokgfofjehnilojnpbpfkledehedkf
2015-12-12 05:18 - 2015-01-30 13:04 - 00000000 ____D C:\ProgramData\famkmpcckpngcglceblhfjmockhdpcml
2015-12-12 05:17 - 2015-06-13 16:16 - 00000000 ____D C:\Program Files (x86)\YourFileDownloader
2015-12-12 04:58 - 2015-06-01 22:28 - 00000000 ____D C:\Users\PC\AppData\Local\Avg
2015-12-12 02:00 - 2014-02-20 20:06 - 00000000 ____D C:\Users\PC\AppData\Local\Adobe
2015-12-11 19:25 - 2014-09-15 18:18 - 00000894 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-558768503-1695780235-3176175885-1000Core.job
2015-12-09 21:20 - 2014-10-24 22:34 - 00000000 ____D C:\ProgramData\AVG2015
2015-12-09 21:20 - 2014-02-12 11:11 - 00000000 ____D C:\Program Files (x86)\AVG
2015-12-09 21:16 - 2014-12-24 16:58 - 00000000 ____D C:\Users\PC\AppData\Local\by_dimabal100000
2015-12-09 21:05 - 2014-02-19 18:17 - 00000000 ____D C:\Users\PC\AppData\Roaming\BitTorrent
2015-12-09 17:24 - 2014-03-31 09:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-12-09 17:24 - 2014-02-12 11:11 - 00000000 ___HD C:\$AVG
2015-12-09 17:23 - 2015-06-15 11:04 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-09 02:36 - 2014-02-12 10:41 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 02:36 - 2014-02-12 10:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 02:36 - 2014-02-12 10:41 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-07 23:20 - 2014-10-23 19:04 - 00000128 _____ C:\Users\PC\Desktop\WOT.txt
2015-12-05 04:02 - 2014-05-20 22:35 - 00000000 ____D C:\Users\PC\AppData\Local\Google
2015-12-02 03:22 - 2014-09-09 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks - Common Test
2015-11-28 04:02 - 2014-05-20 22:35 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-26 04:57 - 2014-02-12 10:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\AIMP3
2015-11-26 03:19 - 2014-02-12 10:57 - 00000000 ____D C:\Users\PC\AppData\Roaming\vlc
2015-11-15 22:09 - 2014-02-12 10:51 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2015-11-15 22:01 - 2014-12-12 19:24 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-15 22:01 - 2014-02-12 10:51 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-15 22:01 - 2014-02-12 10:50 - 00000000 ____D C:\ProgramData\Skype
2015-11-15 11:14 - 2014-02-12 10:15 - 00075768 _____ C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-15 11:01 - 2009-07-14 05:45 - 05003440 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-14 22:40 - 2014-08-14 22:36 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-14 22:03 - 2014-11-09 10:26 - 00000069 _____ C:\Windows\NeroDigital.ini
==================== Files in the root of some directories =======
2014-08-14 16:37 - 2014-08-14 16:39 - 0034816 _____ () C:\Users\PC\AppData\Roaming\RZR_00607753483ab95086c56f8d0543.db
2014-07-09 20:22 - 2014-07-09 20:33 - 0034816 _____ () C:\Users\PC\AppData\Roaming\RZR_00609c9740c7ba38470ce34fdfe3.db
2015-04-01 21:49 - 2015-04-01 21:49 - 0000037 ___SH () C:\Users\PC\AppData\Local\20986331705021ca58edc424.96250074
2014-04-02 17:18 - 2014-04-02 17:19 - 169927680 _____ () C:\Users\PC\AppData\Local\ACCCx2_5_1_369.zip.aamdownload
2014-04-02 17:18 - 2014-04-02 17:19 - 0002069 _____ () C:\Users\PC\AppData\Local\ACCCx2_5_1_369.zip.aamdownload.aamd
2014-02-27 21:24 - 2014-02-27 21:24 - 0000003 _____ () C:\Users\PC\AppData\Local\updater.log
2014-02-27 21:24 - 2014-10-23 22:35 - 0000431 _____ () C:\Users\PC\AppData\Local\UserProducts.xml
2014-02-12 10:11 - 2014-02-12 10:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\PC\AppData\Local\Temp\comver.dll
C:\Users\PC\AppData\Local\Temp\EslWireSetup-1.18.0.8101-x64.exe
C:\Users\PC\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\PC\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\PC\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\PC\AppData\Local\Temp\nsisdt.dll
C:\Users\PC\AppData\Local\Temp\SkypeSetup.exe
C:\Users\PC\AppData\Local\Temp\Uninstall.exe
C:\Users\PC\AppData\Local\Temp\utils.dll
C:\Users\PC\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-12-11 20:11
==================== End of FRST.txt ============================
mycity.rs/must-login.png
|