file:///C:/ProgramData/Zitenops/snp.sc

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 28 Dec 2015 15:14

Sass sve sam uradio kako si napisao i evo šta je izbacilo što je na slici.Kompjuter se nije restartovao ništa.



Dopuna: 28 Dec 2015 15:40

Zoek.exe v5.0.0.1 Updated 27-December-2015
Tool run by dejan on Mon 12/28/2015 at 15:03:27.90.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\dejan\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12/28/2015 3:05:35 PM Zoek.exe System Restore Point Created Successfully.

==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsm.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\kingsoft\ksdef\ksdefserver.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\dejan\AppData\Local\Viber\Viber.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\TeamViewer\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\Users\dejan\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k swprv

==== Drivers(whitelist) ======================
Powered by E Dev

R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
R3 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys
R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys
R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys
R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys
R0 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys
R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]
R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
R0 - [Disk] - Disk Driver - C:\Windows\system32\Drivers\Disk.sys
R0 - [fvevol] - Bitlocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys
R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
R0 - [intelide] - intelide - C:\Windows\system32\Drivers\intelide.sys
R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys
R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys
R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys
R0 - [storflt] - Disk Virtual Machine Bus Acceleration Filter Driver - C:\Windows\system32\Drivers\storflt.sys [x]
R0 - [Tcpip] - TCP/IP Protocol Driver - C:\Windows\system32\Drivers\Tcpip.sys
R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys
R0 - [vmbus] - Virtual Machine Bus - C:\Windows\system32\Drivers\vmbus.sys
R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys
R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
R1 - [tdx] - NetIO Legacy TDI Support Driver - C:\Windows\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\dejan\AppData\Local\Temp ====
2015-12-25 20:02:48 F656CA9753E7CDB4D63343D4660BC48B 231080 ----a-w- C:\Users\dejan\AppData\Local\Temp\SPOON\CACHE\0x36DE955244B6FFF3\sxs\x86_Microsoft.VC90.CRT@9.0.21022.8\msvcm90.dll
2015-12-25 20:02:48 8D8325E8CDC31FFD3BA95E69D9A5BF91 652968 ----a-w- C:\Users\dejan\AppData\Local\Temp\SPOON\CACHE\0x36DE955244B6FFF3\sxs\x86_Microsoft.VC90.CRT@9.0.21022.8\msvcr90.dll
2015-12-25 20:02:48 30AFAF23C37C439C2C83EC6518287076 565928 ----a-w- C:\Users\dejan\AppData\Local\Temp\SPOON\CACHE\0x36DE955244B6FFF3\sxs\x86_Microsoft.VC90.CRT@9.0.21022.8\msvcp90.dll
2015-12-25 20:02:37 CA5BCBAD81B9A2814B75703EB2492348 890576 ----a-w- C:\Users\dejan\AppData\Local\Temp\SPOON\CACHE\0x36DE955244B6FFF3\sxs\_comdll.X@1.3.5.1\WRLiloPlugin.dll
2015-12-25 20:02:37 8F350C12A58C3E2DB1C887AC5A06A46A 1955536 ----a-w- C:\Users\dejan\AppData\Local\Temp\SPOON\CACHE\0x36DE955244B6FFF3\sxs\_comdll.X@10.0.0.21596\AdobeHunspellPlugin.dll
====== Java Cache =====
2015-12-15 23:23:47 A84999749ABACF73860F65B6F8007E7A 434 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\763b03d3-89fde9a6d09e11839479d877c41925f1f431a0a80c8c327d61791fd80522f8e3-6.0.lap
2015-12-27 22:16:11 4205B62C9EBB277F6F4A5873A3D56D56 434 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\72253d5c-f29194319674000f221bbcdb62c21bb9f0255b84cc7dd0ab11496ace8754c179-6.0.lap
2015-12-23 23:59:20 F20C3A821EF80E8201986EB95401AACE 434 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\4a532e1d-75e2eed90b5cfdbd20fbc8d1d49e25663863bc3e3912251b68078c8e5aa9a1cb-6.0.lap
2015-12-27 22:29:39 911DC365A210F4F3885CD737AB7895A7 95 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\3890779f-6dab2f2ef6049bc044e74fdaed9fb278b78d3bb5aa69415f53ea7a07cc401fc1-6.0.lap
2015-12-22 21:39:39 DCE923942AC7DCD1CD78D7BE7F188935 434 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\3e21502c-8378e8fb1d622c6aed6a025412f1d456db892b6ae9a7797a540e26b510b6beb5-6.0.lap
2015-12-08 21:51:17 9C9C83C0A5687C1257DCEC43C5B0DD94 434 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\3d040fb1-f1ff58b46754666bccd02a63a2d5dd2f37095d5988e70b117fe9b46783e96970-6.0.lap
2015-12-12 21:22:41 AA6EE9AF77E3D87CED8E82CA66429D5C 434 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\40b26e35-4b67116f2e9c1dccc9c20610abe67be20903be190889cd0034cc910c83f5013c-6.0.lap
2015-12-10 00:12:34 309FD24C3ABF23A2375C9377851FA9FB 434 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\3f29bcff-0135043a44e7375750b4f86c1fadc83bf52062be6b79784b3d5716199f209a69-6.0.lap
====== C:\Windows\system32 =====
2015-12-26 15:15:54 72ACE09F5A636A007699A4D0B5A48DE8 14800 ----a-w- C:\Windows\System32\results.xml
2015-12-26 14:34:59 EA963F0BE61213E127253FE30BE03C5A 173080 ----a-w- C:\Windows\System32\igfxext.exe
2015-12-26 14:34:59 D4C0835D5E0B72650944A2AEB5AC4A3B 252952 ----a-w- C:\Windows\System32\igfxsrvc.exe
2015-12-26 14:34:59 CE7544B51C3A15D87A78C33FDDA9EC54 173592 ----a-w- C:\Windows\System32\hkcmd.exe
2015-12-26 14:34:59 8854C4474E4E31FCA0C18BB9BD3A9D47 141848 ----a-w- C:\Windows\System32\igfxtray.exe
2015-12-26 14:34:59 7DC66B6A4D2734BF1336803522B04CE0 672792 ----a-w- C:\Windows\System32\igfxcfg.exe
2015-12-26 14:34:59 5D836F63676305D99C179F024E2210CB 150552 ----a-w- C:\Windows\System32\igfxpers.exe
2015-12-26 14:34:59 458176507BE73EC2CF960D86B9442703 8198680 ----a-w- C:\Windows\System32\TVWSetup.exe
2015-12-20 18:17:48 65A5BD4A43ED3C029A514E7502CD804F 100896 ----a-w- C:\Windows\System32\RTNUninst32.dll
2015-12-20 18:17:47 C39C216B3E68AB28174D7362B4B70D65 76872 ----a-w- C:\Windows\System32\RtNicProp32.dll
2015-12-20 16:48:56 C54C3127819B7B2F94C6E3C4BF7FA222 53248 ----a-w- C:\Windows\System32\CSVer.dll
2015-12-17 13:14:19 155DEDA4BC9813314B1CF77762367D55 1660 ----a-w- C:\Windows\System32\ASOROSet.bin
2015-12-16 18:31:22 F110CF19D56F58606EAAE8A685279338 5619784 ----a-w- C:\Windows\System32\mfc110u.dll
====== C:\Windows\system32\drivers =====
2015-12-22 16:52:02 5023F594D5448E16F920157174C61358 170200 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-12-22 16:45:16 FDBDEDB746A33BAFC17394D1960ADEAF 94936 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-12-22 16:45:16 63254775FE0F974F5316B4EC3F163038 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-12-22 16:45:15 40C7F4B63337414F967AC53E0520B06B 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-12-20 18:17:47 B933DF7CE93CF2F803E8F6872422E337 718552 ----a-w- C:\Windows\System32\drivers\Rt86win7.sys
2015-12-20 18:12:14 5CE40AE6481A82AB9FDE2CCC9692E018 50280 ----a-w- C:\Windows\System32\drivers\RtTeam60.sys
2015-12-20 18:12:13 F2FEC929E9FA9902F0BB52A4522068D4 27648 ----a-w- C:\Windows\System32\drivers\RtNdPt60.sys
2015-12-20 18:12:13 EB1D22686F43B78243212298A5A15F6E 27752 ----a-w- C:\Windows\System32\drivers\RtVlan620.sys
2015-12-14 15:54:29 C32A26EEE46213716C9D0FB1108DEAAC 232296 ----a-w- C:\Windows\System32\drivers\KSSafe.sys
====== C:\Windows\Tasks ======
2015-12-25 13:01:34 319E74BA9F494BA34777139A9A8BFD0A 3036 ----a-w- C:\Windows\system32\Tasks\USER_ESRV_SVC_WILLAMETTE
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-12-26 23:30:58 -------- d-----w- C:\Program Files\Vitzo
2015-12-26 23:30:47 -------- d-----w- C:\Program Files\Free YouTube Downloader
2015-12-25 13:01:22 -------- d-----w- C:\Program Files\Intel Driver Update Utility
2015-12-25 12:46:29 -------- d-----w- C:\Program Files\realtech VR
2015-12-20 18:12:11 -------- d-----w- C:\Program Files\Realtek
2015-12-19 18:48:02 -------- d-----w- C:\Program Files\ESET
2015-12-19 18:46:56 -------- d-----w- C:\Program Files\Enigma Software Group
2015-12-14 15:54:26 -------- d-----w- C:\Program Files\kingsoft
2015-12-14 15:42:39 -------- d-----w- C:\Program Files\Windows 7 Activator
2015-12-09 13:16:47 -------- d-----w- C:\Program Files\Messenger for Desktop
2015-11-28 22:51:47 -------- d-----w- C:\Program Files\Topaz Labs
2015-11-28 22:51:46 -------- d-----w- C:\Program Files\Common Files\Topaz Labs
======= C: =====
====== C:\Users\dejan\AppData\Roaming ======
2015-12-26 23:31:24 -------- d-----w- C:\Users\dejan\AppData\Roaming\Vitzo
2015-12-26 23:31:05 -------- d-----w- C:\Users\dejan\AppData\Local\Free YouTube Downloader
2015-12-26 23:28:28 -------- d-----w- C:\Users\dejan\AppData\Roaming\SoftCDN
2015-12-26 14:31:15 -------- d-----w- C:\Users\dejan\AppData\Local\Intel
2015-12-26 14:26:45 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\CrashDumps
2015-12-25 20:07:04 -------- d-----w- C:\Users\dejan\AppData\Locallow\Adobe
2015-12-25 14:58:40 -------- d-----w- C:\Users\dejan\AppData\Local\realtech_VR
2015-12-25 12:46:30 -------- d-----w- C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR
2015-12-19 19:12:22 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\ESET
2015-12-17 12:48:45 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\LavasoftTcpService
2015-12-14 15:54:27 -------- d-----w- C:\Users\dejan\AppData\Roaming\ks
2015-12-14 15:53:00 -------- d-----w- C:\Users\dejan\AppData\Roaming\kingsoft
2015-12-09 13:16:59 -------- d-----w- C:\Users\dejan\AppData\Local\Messenger
====== C:\Users\dejan ======
2015-12-27 13:25:34 67B0906B68164E807BD5691C67696DA4 16563352 ----a-w- C:\Users\dejan\Desktop\mbar-1.09.3.1001.exe
2015-12-26 23:30:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader
2015-12-26 15:17:57 76F7569DB01B4D65431B0E6BBBDD261D 1743360 ----a-w- C:\Users\dejan\Desktop\AdwCleaner.exe
2015-12-26 14:34:52 -------- d-----w- C:\ProgramData\IntelDLM
2015-12-25 13:01:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-12-25 13:01:27 -------- d-----w- C:\ProgramData\Intel
2015-12-25 12:48:34 -------- d-----w- C:\ProgramData\Package Cache
2015-12-25 12:46:37 -------- d-----w- C:\ProgramData\realtech VR
2015-12-22 19:44:32 04788A5E23816233B2310028C6A20CA8 1721344 ----a-w- C:\Users\dejan\Desktop\FRST.exe
2015-12-20 18:12:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2015-12-19 18:48:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-12-19 18:48:10 -------- d-----w- C:\ProgramData\ESET
2015-12-14 17:02:00 -------- d-----w- C:\ProgramData\TXPCMGR
2015-12-14 15:46:39 -------- d-----w- C:\ProgramData\kingsoft

====== C: exe-files ==
2015-12-27 13:26:45 8D704E13B735D87D227D05B5495F1B1B 270136 ----a-w- C:\Users\dejan\Desktop\mbar\mbar.exe
2015-12-27 13:26:45 7A2EBC02187D471E16EF38D230C16D7E 54072 ----a-w- C:\Users\dejan\Desktop\mbar\mbamdor.exe
2015-12-27 13:26:45 4A5EA67F0B25AEF8AAD9EF1404230AFA 822584 ----a-w- C:\Users\dejan\Desktop\mbar\Plugins\fixdamage.exe
2015-12-27 13:25:34 67B0906B68164E807BD5691C67696DA4 16563352 ----a-w- C:\Users\dejan\Desktop\mbar-1.09.3.1001.exe
2015-12-26 23:32:11 49A1FB9954A83B90DC02CDD2B6573241 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IDJEAN8.exe
2015-12-26 23:32:00 F7AF7E85A4AE2416EA7E6F6DF93BB663 28491776 ----a-w- C:\Users\dejan\AppData\Local\Free YouTube Downloader\ffmpeg.exe
2015-12-26 23:30:55 C09872C3B717FB2C17B9A94A61A1D012 775880 ----a-w- C:\Program Files\Free YouTube Downloader\YouTubeDownloader.exe
2015-12-26 23:30:47 28CA9B91A3A27F9FD88F85B0C80A205F 829640 ----a-w- C:\Program Files\Free YouTube Downloader\unins000.exe
2015-12-26 23:25:33 1BA0957E10FAF06572E6A0D17DE49976 1984712 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$RDJEAN8.exe
2015-12-26 22:53:38 7DF81870FC896768320B98B476D25942 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$ISKJO4W.exe
2015-12-26 22:53:14 F87A8F8A802640713F4A45F15A85C78A 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IDFTW6K.exe
2015-12-26 22:53:14 D3C055844E8E2105DD463AA464D22F2D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IYWL0ND.exe
2015-12-26 22:53:14 BCD303123C2B53876567527B8F6AC527 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IMJ09N4.exe
2015-12-26 22:53:14 BC4492DF0BB19D5BC6F20DDE3FF00EED 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$ID1XY1P.exe
2015-12-26 22:53:14 B5BC5C2C01120965486C2A70EE265606 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IHR1E2Z.exe
2015-12-26 22:53:14 A46C17B82F30EDED4D0EA8B6DE6CF902 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IHO1ZJR.exe
2015-12-26 22:53:14 9FAADF607DEF37AAB64ABD8638AF373C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$I3YJ40R.exe
2015-12-26 22:53:14 7FF295DE69F6ABE8885288E6256AB327 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IRMG3PX.exe
2015-12-26 22:53:14 73CEF31FFE57B17358AC41AC48590C7E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IOBY6VJ.exe
2015-12-26 22:53:14 7308337F8B8D6D7CEDC6DE2B821F3FE0 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$I7QHG3D.exe
2015-12-26 22:53:14 5CA84D9DC0CA678FFFAD4A589A88CAF7 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IHGC74K.exe
2015-12-26 22:53:14 397171C3EFD802B3C2D9584A0D48EDB7 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IRUI9ZU.exe
2015-12-26 15:17:57 76F7569DB01B4D65431B0E6BBBDD261D 1743360 ----a-w- C:\Users\dejan\Desktop\AdwCleaner.exe
2015-12-26 14:46:06 EA963F0BE61213E127253FE30BE03C5A 173080 ----a-w- C:\Users\dejan\Downloads\Intel Components\win7_1512754\Graphics\igfxext.exe
2015-12-26 14:46:06 E2EC6E4E2009EB6FE809F76723E0C466 1002008 ----a-w- C:\Users\dejan\Downloads\Intel Components\win7_1512754\Graphics\igxpun.exe
2015-12-26 14:46:06 D4C0835D5E0B72650944A2AEB5AC4A3B 252952 ----a-w- C:\Users\dejan\Downloads\Intel Components\win7_1512754\Graphics\igfxsrvc.exe
2015-12-26 14:46:06 CE7544B51C3A15D87A78C33FDDA9EC54 173592 ----a-w- C:\Users\dejan\Downloads\Intel Components\win7_1512754\Graphics\hkcmd.exe
2015-12-26 14:46:06 8854C4474E4E31FCA0C18BB9BD3A9D47 141848 ----a-w- C:\Users\dejan\Downloads\Intel Components\win7_1512754\Graphics\igfxtray.exe
2015-12-26 14:46:06 7DC66B6A4D2734BF1336803522B04CE0 672792 ----a-w- C:\Users\dejan\Downloads\Intel Components\win7_1512754\Graphics\igfxcfg.exe
2015-12-26 14:46:06 62679F3D6ED0440A0BB365932AD3B9ED 1002008 ----a-w- C:\Users\dejan\Downloads\Intel Components\win7_1512754\Setup.exe
2015-12-26 14:46:06 5D836F63676305D99C179F024E2210CB 150552 ----a-w- C:\Users\dejan\Downloads\Intel Components\win7_1512754\Graphics\igfxpers.exe
2015-12-26 14:46:06 458176507BE73EC2CF960D86B9442703 8198680 ----a-w- C:\Users\dejan\Downloads\Intel Components\win7_1512754\Graphics\TVWSetup.exe
2015-12-25 13:01:27 F2A18DCB5ABB73BBF51D6C5363C8B4F2 19400 ----a-w- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\DiskTrace.exe
2015-12-25 13:01:27 CEE82B29552B8B7F7388E2A18754463B 383640 ----a-w- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2015-12-25 13:01:27 08ABEA7FDE29BFF7B7EF6DE120D7E459 431256 ----a-w- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2015-12-25 12:48:59 9E8253F0A993E53B4809DBD74B335227 1005568 ----a-w- C:\ProgramData\Package Cache\F6BA6F03C65C3996A258F58324A917463B2D6FF4\redist\dotNetFx45_Full_setup.exe
2015-12-25 12:48:34 86DD6F3363559EC21DD0CC8C97B4204E 664288 ------w- C:\ProgramData\Package Cache\{a699b395-cd93-4135-85ec-828113841355}\Intel Driver Update Utility Installer.exe
2015-12-25 12:48:07 468E1142DA069904C08BABCDF3013226 5074496 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$RHO1ZJR.exe
2015-12-25 12:46:30 020B2C67E2EB0BE7DF60C045D19A43DA 168313 ----a-w- C:\Program Files\realtech VR\OpenGL Extensions Viewer 4.1\uninst.exe
2015-12-25 12:46:02 16760D2119E75304C1DB1269CCCEC8AA 7733248 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$RHR1E2Z.exe
2015-12-23 14:25:40 3976BD5FCBB7CD13F0C12BB69AFC2ADC 3945501 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$RFC4XFR.1(2)\Windows_Loader_v2.2.1\Windows Loader\Windows Loader.exe
2015-12-22 19:53:37 04788A5E23816233B2310028C6A20CA8 1721344 ----a-w- C:\Users\dejan\AppData\Roaming\IDM\DwnlData\dejan\FRST_230\FRST.exe
2015-12-22 19:44:32 04788A5E23816233B2310028C6A20CA8 1721344 ----a-w- C:\Users\dejan\Desktop\FRST.exe
=== C: other files ==
2015-12-26 22:54:38 965D6703081D8C59BC6F48926B1D3920 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$I06QPAA.zip
2015-12-26 22:54:38 4C1F768D612C5CC893632FA11B7577E0 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$I0OFX07.zip
2015-12-26 22:54:35 95DEF14FFF76CFBB423E049862F6CBDE 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IF8UCSB.zip
2015-12-26 22:54:35 79A5D350F4217CA98F67FB44B2AFE893 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IQWFQ4U.zip
2015-12-26 22:54:35 31404E56D864C4F8DB2540C90D09CCFF 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IMOFLEP.zip
2015-12-26 22:52:41 5D7DAB8DC403952D2474EC79FAE5245B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IB5C9YO.zip
2015-12-26 22:52:41 46674B4F360430A1599849B34A77634E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$IUGHB63.zip
2015-12-26 18:12:37 A4C204FA23D4D94D010CF4FB0B9A7040 616544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$RUGHB63.zip
2015-12-26 15:53:09 0A422414DAEDE28A92D275294CDF6908 18093 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$RB5C9YO.zip
2015-12-26 14:46:05 264632ADE8127B7BAA2190CF6FAD435B 122880 ----a-w- C:\Users\dejan\Downloads\Intel Components\win7_1512754\HDMI\IntcHdmi.sys
2015-12-26 14:46:02 9467514EA189475A6E7FDC5D7BDE9D3F 4808192 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_8200805c8bcbb03e\igdkmd32.sys
2015-12-26 14:46:02 9467514EA189475A6E7FDC5D7BDE9D3F 4808192 ----a-w- C:\Users\dejan\Downloads\Intel Components\win7_1512754\Graphics\igdkmd32.sys
2015-12-26 14:34:14 193704BCD144E7DBA10E109CF5A690F8 23837140 ----a-w- C:\Users\dejan\Downloads\Intel Components\win7_1512754.zip
2015-12-25 13:01:33 E1600940E938D44BA1621EDF4757ED5F 180 ----a-w- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs
2015-12-25 13:01:33 1BAA1A3E242B133B46A17812D6C850CA 785 ----a-w- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.bat
2015-12-25 13:01:27 B043B5369AF7C48C90148D47E648664E 37147 ----a-w- C:\Program Files\Intel\SUR\WILLAMETTE\svc_install.bat
2015-12-25 13:01:27 8CB8C1D853237B2D2DA9066077E855BB 24747 ----a-w- C:\Program Files\Intel\SUR\WILLAMETTE\svc_uninstall.bat
2015-12-24 17:39:27 F4BF0FF0001D61734BBE30BAE0DE62D7 87118 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$R06QPAA.zip
2015-12-22 16:52:02 5023F594D5448E16F920157174C61358 170200 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-12-22 16:45:16 FDBDEDB746A33BAFC17394D1960ADEAF 94936 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-12-22 16:45:16 63254775FE0F974F5316B4EC3F163038 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-12-22 16:45:15 40C7F4B63337414F967AC53E0520B06B 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-12-21 15:33:45 AAA8C38B39F41568F77E95F31D480751 1794289 ----a-w- C:\$Recycle.Bin\S-1-5-21-1668144661-2884591123-2203260530-1001\$RMOFLEP.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1668144661-2884591123-2203260530-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Viber"="C:\Users\dejan\AppData\Local\Viber\Viber.exe StartMinimized"
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe /onboot"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Viber"="C:\Users\dejan\AppData\Local\Viber\Viber.exe StartMinimized"
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe /onboot"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner.exe\" /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUS EPM tray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EaseUS EPM tray"
"hkey"="HKLM"
"command"="C:\\Program Files\\EaseUS\\EaseUS Partition Master 10.8\\bin\\EpmNews.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUS EPM Tray Agent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EaseUS EPM Tray Agent"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\EaseUS\\EaseUS Partition Master 10.8\\bin\\TrayPopupE\\TrayTipAgentE.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FileZilla Server Interface]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="FileZilla Server Interface"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\FileZilla Server\\FileZilla Server Interface.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HotKeysCmds"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\hkcmd.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IDMan]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IDMan"
"hkey"="HKCU"
"command"="C:\\Program Files\\Internet Download Manager\\IDMan.exe /onboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IgfxTray"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\igfxtray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Persistence"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\igfxpers.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Viber]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Viber"
"hkey"="HKCU"
"command"="\"C:\\Users\\dejan\\AppData\\Local\\Viber\\Viber.exe\" StartMinimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vProt]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="vProt"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\AVG Web TuneUp\\vprot.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
"item"="Adobe Gamma Loader"
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Adobe Gamma Loader.lnk"
"backup"="C:\\Windows\\pss\\Adobe Gamma Loader.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12/13/2015 07:41 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [10/22/2015 01:34 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [10/22/2015 01:34 PM]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\USER_ESRV_SVC_WILLAMETTE" ["C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"]
"C:\Windows\system32\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe]
"C:\Windows\system32\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1ue1v8z1.default
user_pref("browser.startup.homepage", "http://www.google.com/");

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"mozilla_cc2@internetdownloadmanager.com"="C:\Program Files\Internet Download Manager\idmmzcc2.xpi" [09/23/2015 10:20 AM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1ue1v8z1.default
- Restart My Fox - %ProfilePath%\extensions\Restart-My-Fox@8pecxstudios.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- DownThemAll - %ProfilePath%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1ue1v8z1.default
3D1497F3F1A344FFB733CE616BB9096D - C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll - Google Update
F0E80E561C3F715DB01ACCC97B72463A - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
707BD8847C224D2FC54116BFBED8B504 - C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U65
163CE3EDEA7701198D1931B3084F29B8 - C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.650.17
5DF56521E8985BFD8F21A3D97A4D4574 - C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll - Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ngpampappnmepgilojfohadhhmbhlaek - C:\Program Files\Internet Download Manager\IDMGCExt.crx[07/10/2015 09:24 PM]

Google Slides - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
IDM Integration Module - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek
Chrome Web Store Payments - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== C:\zoek_backup content ======================

C:\zoek_backup (files=
==== EOF on Mon 12/28/2015 at 15:26:37.40 ======================

Dopuna: 28 Dec 2015 18:59

Ako sam dobro uradio ovo tj iskopirao šta je trebalo, i dalje se pojavljuje ovo kao na slici kao početna strana, i na Mozili i Chrome.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

Restart-My-Fox@8pecxstudios.com.xpi;ff
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadržaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pokrenuo sam Zoek drugi put sad, sto si mi kazao da iskopiram skriptu, vec skoro sat ipo i više radi nesto trenutno
CREATE BACKUPS 15:43 17.15.

KOLIKO JOŠ MORAM CEKATI DA ODRADI ZOEK, JER REKAO SI MI DA ZATVORIM SVE POKRENUTE PROGRAME.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Prekini Zoek i postavi mi nove FRST.txt i Addition.txt izvjetšaje.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

https://www.mycity.rs/must-login.png



https://www.mycity.rs/must-login.png

• 1Ovo se svidja korisniku: bobo 75
  
  Registruj se da bi pohvalio/la poruku!

Pokreni FRST.
U polje Search unesi snf
Klikni na Search registry i sačkeja da završi.
Kada završi, okači Search.txt koji će ti biti na Desktopu.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

https://www.mycity.rs/must-login.png

• 1Ovo se svidja korisniku: magna86
  
  Registruj se da bi pohvalio/la poruku!

Imamo problem sad jer izvještaji ne pokazuju da je problem prisutan.
Probajmo ovo:




Isprati ovo uputstvo za refreshovanje Firefoxa.
https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings


Ako to ne riješi problem, reinstaliraj Firefox.
Firefox možeš preuzeti odavde.
https://www.mozilla.org/en-US/firefox/all/#en-US


Što se Chromea tiče, kopiraj ovaj link u adress bar i lupi Enter.
chrome://settings/resetProfileSettings
i klikni na Reset.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ok Sass.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Kakvo je stanje sad?