na pretrazivacu mi se otvaraju nezeljene stranice i reklame

1

na pretrazivacu mi se otvaraju nezeljene stranice i reklame

offline
  • Pridružio: 03 Maj 2012
  • Poruke: 209

kao u naslovu sto sam napisao, kako da otvorim samo ono sto zelim na pretrazivacu a da mi se uz to jos ne otvore neke 2-3 nezeljene stranice ili neke reklame,ili naprimer u pretragi na forumu cim ukucam jedno slovo otvori mi se neka stranica nezeljena,koristim operu,hvala!
kada sceniram sistem sa avastom ne pronadje mi nista,jos samo da navedem da ovo nije samo kod opere nego i kad koristim google isto se desava.
FRST.txt-kopiran
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-08-2014 03
Ran by kbobo (administrator) on LIZA on 17-08-2014 16:04:12
Running from C:\Users\kbobo\Desktop
Platform: Microsoft Windows 8.1 Enterprise (X86) OS Language: engleski (SAD)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Corporation) C:\Program Files\Stardock\WindowFX\WindowFXSRV.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\Adanak\updateAdanak.exe
() C:\Program Files\Stardock\WindowFX\wfx32.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
() C:\Program Files\Adanak\bin\utilAdanak.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.75\opera.exe
() C:\Program Files\Opera\23.0.1522.75\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.75\opera.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.75\opera.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.75\opera.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.75\opera.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.75\opera.exe
() C:\Program Files\Adanak\bin\Adanak.PurBrowse.exe
() C:\Program Files\Adanak\bin\Adanak.BrowserAdapter.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-992004499-3144148575-427957581-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-992004499-3144148575-427957581-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4529944 2014-05-20] (Piriform Ltd)
HKU\S-1-5-21-992004499-3144148575-427957581-1001\...\Run: [uTorrent] => C:\Users\kbobo\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-03] (BitTorrent Inc.)
HKU\S-1-5-21-992004499-3144148575-427957581-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-992004499-3144148575-427957581-1001\...\Run: [CubeDesktop] => [X]
HKU\S-1-5-21-992004499-3144148575-427957581-1001\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-992004499-3144148575-427957581-1001\...\Run: [APISupport] => "C:\Windows\system32\Rundll32.exe" "C:\Users\kbobo\AppData\Local\TB\APISupport\APISupport.dll",DLLRunAPISupport <===== ATTENTION
AppInit_DLLs: c:\progra~1\suppor~1\suppor~1.dll => c:\progra~1\suppor~1\suppor~1.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_kms&affID=128235&tt=120814_new&mntrid=C20278D38D03FA6A&tsp=5341
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEFDC75DCDF71CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-Latn-BA,sr-Latn;q=0.8,en-US;q=0.5,en;q=0.3
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope {158A0B80-EA39-448E-B01D-D04C19108FA7} URL =
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {158A0B80-EA39-448E-B01D-D04C19108FA7} URL = http://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091&CUI=UN40746802042680324&UM=7
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=C20278D38D03FA6A&affID=128235&tt=120814_new&tsp=5341
SearchScopes: HKCU - {158A0B80-EA39-448E-B01D-D04C19108FA7} URL = http://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091&CUI=UN40746802042680324&UM=7
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {82B3A07C-329A-4354-AC1A-D18E92B9596A} URL = http://www.buenosearch.com/?babsrc=SP_kms&affID=128235&tt=120814_new&mntrid=C20278D38D03FA6A&tsp=5341&q={searchTerms}&r=749
BHO: HDPlus-V1.9 -> {11111111-1111-1111-1111-110511951170} -> C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-bho.dll (HDPlus)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 87.250.97.250 208.67.222.222

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_114.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

Chrome:
=======
CHR HomePage: hxxp://trovi.com/?ctid=CT2504091&SearchSource=48&CUI=UN41105731803025228&UM=7&SAT=SCH
CHR StartupUrls: "hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=C20278D38D03FA6A&affID=128235&tt=120814_new&tsp=5341"
CHR DefaultSearchKeyword: buenosearch.com
CHR DefaultSearchURL: http://trovi.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN41105731803025228&ctid=CT2504091&UM=7&SAT=SCH
CHR DefaultNewTabURL:
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
CHR Extension: (priocecHaop) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpbbagbhcefhpciedopikliepohhbgji [2014-07-17]
CHR Extension: (HDPlus-V1.9) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2014-08-01]
CHR Extension: (Google Wallet) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-29]
CHR Extension: (Trovi) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk [2014-08-07]
CHR Extension: (priocecHaop) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpbbagbhcefhpciedopikliepohhbgji\3.9 [2014-07-17]
CHR HKLM\...\Chrome\Extension: [edfohacdfdemjkeejihknkmjkabndgkg] - C:\Users\kbobo\AppData\Local\CRE\edfohacdfdemjkeejihknkmjkabndgkg.crx [2014-07-17]
CHR HKLM\...\Chrome\Extension: [fnelgfmpooffemibikhmcklfnnimgijo] - C:\Users\kbobo\AppData\Local\CRE\fnelgfmpooffemibikhmcklfnnimgijo.crx [2014-07-17]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-28]
CHR HKLM\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\kbobo\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2014-08-03]
CHR HKCU\...\Chrome\Extension: [edfohacdfdemjkeejihknkmjkabndgkg] - C:\Users\kbobo\AppData\Local\CRE\edfohacdfdemjkeejihknkmjkabndgkg.crx [2014-08-03]
CHR HKCU\...\Chrome\Extension: [fnelgfmpooffemibikhmcklfnnimgijo] - C:\Users\kbobo\AppData\Local\CRE\fnelgfmpooffemibikhmcklfnnimgijo.crx [2014-08-03]
CHR HKCU\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\kbobo\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2014-08-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-28] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-05-28] (AVAST Software)
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-13] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-13] (globalUpdate) [File not signed]
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [391472 2013-06-26] (Ralink Technology, Corp.)
S2 RaMediaServer; C:\Program Files\Ralink\Common\RaMediaServer.exe [1863680 2012-07-07] (Ralink) [File not signed]
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 Update Adanak; C:\Program Files\Adanak\updateAdanak.exe [323352 2014-08-17] ()
R2 Util Adanak; C:\Program Files\Adanak\bin\utilAdanak.exe [323352 2014-08-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [279784 2014-03-24] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2014-03-24] (Microsoft Corporation)
R2 WindowFX; C:\Program Files\Stardock\WindowFX\WindowFXSrv.exe [181904 2012-03-08] (Stardock Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1210368 2014-04-03] (Microsoft Corporation)
S2 40030ae4; "C:\Windows\system32\rundll32.exe" "c:\progra~1\suppor~1\SupporterSvc.dll",service

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [15528 2012-09-23] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-05-28] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-05-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-05-28] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [270240 2014-05-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-05-28] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-05-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-05-28] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-05-28] ()
S3 athur; C:\Windows\system32\DRIVERS\athuw8.sys [2193408 2013-06-02] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB3.sys [200704 2014-03-11] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2014-07-09] ()
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [243128 2014-05-22] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] ()
S3 GPIO; C:\Windows\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2014-07-09] ()
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [47216 2014-05-13] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv.sys [29936 2014-05-13] (Visicom Media Inc.)
R3 netr28u; C:\Windows\system32\DRIVERS\netr28u.sys [1733808 2013-09-07] (Ralink Technology Corp.)
S3 USBET; C:\Windows\system32\DRIVERS\ETdrv.sys [5122688 2011-07-08] (Etron) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [92504 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\Windows\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
S3 WUDFSensorLP; C:\Windows\System32\drivers\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
R1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w; C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w.sys [52920 2014-06-25] (StdLib)
R1 {2f0ff925-183b-4210-98f5-cb2ffd917f2b}w; C:\Windows\System32\drivers\{2f0ff925-183b-4210-98f5-cb2ffd917f2b}w.sys [52920 2014-07-16] (StdLib)
S3 anvsnddrv; \SystemRoot\system32\drivers\anvsnddrv.sys [X]
S3 CV2K1; \SystemRoot\system32\DRIVERS\cv2k1.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-17 16:04 - 2014-08-17 16:04 - 00017696 _____ () C:\Users\kbobo\Desktop\FRST.txt
2014-08-17 16:03 - 2014-08-17 16:04 - 00000000 ____D () C:\FRST
2014-08-17 16:03 - 2014-08-17 15:59 - 01093632 _____ (Farbar) C:\Users\kbobo\Desktop\FRST.exe
2014-08-17 15:59 - 2014-08-17 15:59 - 01093632 _____ (Farbar) C:\Users\kbobo\Downloads\FRST.exe
2014-08-17 00:08 - 2014-08-17 16:03 - 00079823 _____ () C:\Windows\WindowsUpdate.log
2014-08-16 13:58 - 2014-08-16 14:04 - 30766047 _____ () C:\Users\kbobo\Downloads\FIFA14_Summer_Transfers_FIFAX.net_12082014.rar
2014-08-16 13:50 - 2014-08-16 13:51 - 05553543 _____ () C:\Users\kbobo\Downloads\FIFA14_Updated_Rosters_16.08.2014_FIFAX.net.zip
2014-08-16 12:28 - 2014-08-16 12:28 - 00000000 ____D () C:\Users\kbobo\Downloads\Subs
2014-08-16 10:50 - 2014-08-16 11:21 - 00000000 ____D () C:\Users\kbobo\Downloads\Survivor.2014.BRRip.XviD-AQOS
2014-08-15 13:11 - 2014-08-15 13:11 - 00031069 _____ () C:\Users\kbobo\Downloads\172477-theblackwatersofechospond_2009_.zip
2014-08-15 12:31 - 2014-07-16 06:09 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\{2f0ff925-183b-4210-98f5-cb2ffd917f2b}w.sys
2014-08-15 11:26 - 2014-08-15 12:31 - 00000000 ____D () C:\Program Files\Adanak
2014-08-14 17:49 - 2014-08-14 17:49 - 00001048 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-08-14 17:48 - 2014-08-14 17:50 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\DivX
2014-08-14 17:48 - 2014-08-14 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-08-14 17:48 - 2014-08-14 17:49 - 00000000 ____D () C:\Program Files\DivX
2014-08-14 17:48 - 2014-08-14 17:48 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-08-14 17:47 - 2014-08-14 17:49 - 00000000 ____D () C:\ProgramData\DivX
2014-08-14 08:56 - 2014-08-14 08:56 - 00000000 ____D () C:\ProgramData\InstallMate
2014-08-13 23:22 - 2014-08-14 11:54 - 00000000 ____D () C:\Users\kbobo\Downloads\Teenage Mutant Ninja Turtles 2014 CAM READNFO x264 AAC-BBK
2014-08-13 22:53 - 2014-08-13 22:51 - 01180099 _____ () C:\Windows\unins001.exe
2014-08-13 21:31 - 2014-08-13 21:31 - 00000000 ____D () C:\Users\kbobo\AppData\Local\MajorSilence
2014-08-13 21:30 - 2014-08-13 21:30 - 00000000 ____D () C:\Users\kbobo\AppData\Local\fontconfig
2014-08-13 21:26 - 2014-08-13 21:26 - 00000096 _____ () C:\Users\kbobo\AppData\Roaming\settings.xml
2014-08-13 21:26 - 2014-08-13 21:26 - 00000000 ____D () C:\Users\kbobo\AppData\Local\SkinSoft
2014-08-13 21:25 - 2014-08-13 21:25 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\Convert Audio Free
2014-08-13 21:20 - 2014-08-13 21:20 - 00000000 ____D () C:\Users\kbobo\AppData\Local\CrashRpt
2014-08-13 12:42 - 2014-08-13 12:42 - 00000000 ____D () C:\Users\kbobo\AppData\Local\Aiseesoft Studio
2014-08-13 11:54 - 2014-08-13 11:54 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\dvdcss
2014-08-12 16:06 - 2012-02-07 20:32 - 00000000 ____D () C:\Users\kbobo\Desktop\D3DOverrider DX11
2014-08-07 16:51 - 2014-08-07 16:58 - 00000000 ____D () C:\Program Files\Tbccint
2014-08-07 16:51 - 2014-08-07 16:51 - 00000000 ____D () C:\Users\kbobo\AppData\Local\TB
2014-08-07 16:51 - 2014-08-07 16:51 - 00000000 ____D () C:\Users\kbobo\.swt
2014-08-07 16:51 - 2014-08-07 16:51 - 00000000 ____D () C:\ProgramData\Tbccint
2014-08-07 16:50 - 2014-08-07 21:00 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\Azureus
2014-08-06 22:59 - 2014-08-06 22:59 - 00000307 _____ () C:\Users\kbobo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Korpa za otpatke.lnk
2014-08-05 20:25 - 2014-08-05 20:25 - 00001040 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-05 20:25 - 2014-08-05 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-05 18:47 - 2014-08-05 18:48 - 00000021 _____ () C:\Users\kbobo\Desktop\Novi tekstualni dokument.txt
2014-08-03 15:46 - 2013-08-22 05:25 - 00229376 _____ (Microsoft Corporation) C:\Users\kbobo\Desktop\fsquirt.exe
2014-08-01 11:15 - 2014-08-01 11:15 - 00000000 ____D () C:\Users\kbobo\Documents\My Games
2014-08-01 11:14 - 2014-08-01 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goat Simulator
2014-07-31 23:13 - 2014-07-31 23:13 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\FreeLanguageTranslator
2014-07-30 23:03 - 2014-08-06 14:34 - 00000000 ____D () C:\Users\kbobo\Documents\FIFA World
2014-07-30 22:16 - 2014-07-30 22:16 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-30 22:16 - 2014-07-30 22:16 - 00176552 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-30 22:16 - 2014-07-30 22:16 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-30 22:16 - 2014-07-30 22:16 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-30 22:16 - 2014-07-30 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-30 22:16 - 2014-07-30 22:16 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-30 22:11 - 2014-07-30 22:11 - 00000000 ____D () C:\Program Files\TakeaTheeCoupoon
2014-07-30 18:41 - 2014-07-30 18:41 - 00001159 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
2014-07-28 22:18 - 2014-07-28 22:19 - 01766673 _____ () C:\Users\kbobo\Downloads\AviSub.zip
2014-07-27 20:45 - 2014-08-14 17:20 - 00000000 ____D () C:\The KMPlayer
2014-07-27 15:14 - 2014-08-14 17:13 - 00899274 _____ () C:\Users\kbobo\Downloads\AVIAddXSub.zip
2014-07-27 11:07 - 2014-07-30 17:26 - 00000000 ____D () C:\Program Files\Origin Games
2014-07-27 11:06 - 2014-08-02 10:42 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\Origin
2014-07-27 11:06 - 2014-07-27 11:07 - 00000000 ____D () C:\Users\kbobo\AppData\Local\Origin
2014-07-27 11:03 - 2014-08-06 13:50 - 00000000 ____D () C:\Program Files\Origin
2014-07-24 13:37 - 2014-08-13 21:41 - 00000000 ____D () C:\ProgramData\TakeaTheeCoupoon
2014-07-23 08:09 - 2014-07-23 08:09 - 00000822 _____ () C:\Users\kbobo\Desktop\Play FIFA 14.lnk
2014-07-18 14:11 - 2014-07-18 14:11 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-07-18 14:09 - 2014-07-18 14:09 - 00000000 __RHD () C:\Users\kbobo\AppData\Roaming\SecuROM
2014-07-18 14:00 - 2014-07-18 14:00 - 00107888 _____ (Sony DADC Austria AG.) C:\Windows\system32\CmdLineExt.dll
2014-07-18 13:59 - 2005-12-05 18:07 - 00061136 _____ (Microsoft Corporation) C:\Windows\system32\SETC26A.tmp
2014-07-18 13:58 - 2014-07-18 13:58 - 00000000 ____D () C:\Windows\system32\xlive
2014-07-18 13:58 - 2014-07-18 13:58 - 00000000 ____D () C:\Program Files\Microsoft Games for Windows - LIVE

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-17 16:04 - 2014-08-17 16:04 - 00017696 _____ () C:\Users\kbobo\Desktop\FRST.txt
2014-08-17 16:04 - 2014-08-17 16:03 - 00000000 ____D () C:\FRST
2014-08-17 16:03 - 2014-08-17 00:08 - 00079823 _____ () C:\Windows\WindowsUpdate.log
2014-08-17 16:03 - 2013-08-22 08:13 - 00000306 _____ () C:\Windows\win.ini
2014-08-17 16:00 - 2013-08-22 10:17 - 00000000 ____D () C:\Windows\system32\sru
2014-08-17 15:59 - 2014-08-17 16:03 - 01093632 _____ (Farbar) C:\Users\kbobo\Desktop\FRST.exe
2014-08-17 15:59 - 2014-08-17 15:59 - 01093632 _____ (Farbar) C:\Users\kbobo\Downloads\FRST.exe
2014-08-17 15:58 - 2014-07-11 10:29 - 00001454 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-7.job
2014-08-17 15:53 - 2014-07-11 10:29 - 00003446 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-11.job
2014-08-17 15:53 - 2014-07-11 10:29 - 00002420 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-3.job
2014-08-17 15:53 - 2014-07-11 10:29 - 00002186 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-4.job
2014-08-17 15:53 - 2014-07-11 10:29 - 00001524 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-6.job
2014-08-17 15:53 - 2014-07-11 10:29 - 00001524 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-1.job
2014-08-17 15:53 - 2014-07-11 10:29 - 00001438 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user.job
2014-08-17 15:53 - 2014-07-11 10:29 - 00001420 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5.job
2014-08-17 15:53 - 2014-07-11 10:29 - 00001328 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-2.job
2014-08-17 15:53 - 2014-07-11 10:29 - 00000950 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-08-17 15:53 - 2014-05-28 22:40 - 00001632 _____ () C:\Windows\Tasks\fbe97edd-eb2f-44c5-b8f7-f44c01ece1de-2.job
2014-08-17 15:53 - 2014-05-11 06:33 - 00000000 __RDO () C:\Users\kbobo\OneDrive
2014-08-17 15:53 - 2014-05-06 07:12 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-17 12:22 - 2014-05-06 07:12 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-17 12:13 - 2014-05-06 07:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-17 00:08 - 2014-05-06 07:35 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\uTorrent
2014-08-17 00:08 - 2013-08-22 10:17 - 00000000 ____D () C:\Windows\AppReadiness
2014-08-16 21:26 - 2014-07-11 10:29 - 00000954 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-08-16 20:25 - 2014-06-25 19:06 - 00000000 ____D () C:\Users\kbobo\Documents\FIFA 14
2014-08-16 14:04 - 2014-08-16 13:58 - 30766047 _____ () C:\Users\kbobo\Downloads\FIFA14_Summer_Transfers_FIFAX.net_12082014.rar
2014-08-16 13:51 - 2014-08-16 13:50 - 05553543 _____ () C:\Users\kbobo\Downloads\FIFA14_Updated_Rosters_16.08.2014_FIFAX.net.zip
2014-08-16 12:35 - 2014-05-11 23:25 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\vlc
2014-08-16 12:28 - 2014-08-16 12:28 - 00000000 ____D () C:\Users\kbobo\Downloads\Subs
2014-08-16 11:21 - 2014-08-16 10:50 - 00000000 ____D () C:\Users\kbobo\Downloads\Survivor.2014.BRRip.XviD-AQOS
2014-08-15 13:11 - 2014-08-15 13:11 - 00031069 _____ () C:\Users\kbobo\Downloads\172477-theblackwatersofechospond_2009_.zip
2014-08-15 12:31 - 2014-08-15 11:26 - 00000000 ____D () C:\Program Files\Adanak
2014-08-15 11:26 - 2014-06-18 22:20 - 00000000 ____D () C:\ProgramData\DSearchLink
2014-08-14 17:50 - 2014-08-14 17:48 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\DivX
2014-08-14 17:49 - 2014-08-14 17:49 - 00001048 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-08-14 17:49 - 2014-08-14 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-08-14 17:49 - 2014-08-14 17:48 - 00000000 ____D () C:\Program Files\DivX
2014-08-14 17:49 - 2014-08-14 17:47 - 00000000 ____D () C:\ProgramData\DivX
2014-08-14 17:48 - 2014-08-14 17:48 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-08-14 17:20 - 2014-07-27 20:45 - 00000000 ____D () C:\The KMPlayer
2014-08-14 17:13 - 2014-07-27 15:14 - 00899274 _____ () C:\Users\kbobo\Downloads\AVIAddXSub.zip
2014-08-14 11:54 - 2014-08-13 23:22 - 00000000 ____D () C:\Users\kbobo\Downloads\Teenage Mutant Ninja Turtles 2014 CAM READNFO x264 AAC-BBK
2014-08-14 08:56 - 2014-08-14 08:56 - 00000000 ____D () C:\ProgramData\InstallMate
2014-08-14 04:24 - 2013-08-22 10:05 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-13 22:54 - 2013-08-22 09:23 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-13 22:53 - 2014-05-28 23:45 - 00002002 _____ () C:\Windows\unins001.dat
2014-08-13 22:53 - 2013-08-22 08:13 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-13 22:51 - 2014-08-13 22:53 - 01180099 _____ () C:\Windows\unins001.exe
2014-08-13 22:25 - 2014-06-19 17:54 - 00000000 ____D () C:\Program Files\Bandicam
2014-08-13 21:41 - 2014-07-24 13:37 - 00000000 ____D () C:\ProgramData\TakeaTheeCoupoon
2014-08-13 21:39 - 2014-05-22 10:17 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-13 21:31 - 2014-08-13 21:31 - 00000000 ____D () C:\Users\kbobo\AppData\Local\MajorSilence
2014-08-13 21:26 - 2014-08-13 21:26 - 00000096 _____ () C:\Users\kbobo\AppData\Roaming\settings.xml
2014-08-13 21:26 - 2014-08-13 21:26 - 00000000 ____D () C:\Users\kbobo\AppData\Local\SkinSoft
2014-08-13 21:25 - 2014-08-13 21:25 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\Convert Audio Free
2014-08-13 21:21 - 2014-05-06 07:12 - 00000000 ____D () C:\Program Files\Google
2014-08-13 21:20 - 2014-08-13 21:20 - 00000000 ____D () C:\Users\kbobo\AppData\Local\CrashRpt
2014-08-13 12:42 - 2014-08-13 12:42 - 00000000 ____D () C:\Users\kbobo\AppData\Local\Aiseesoft Studio
2014-08-13 11:54 - 2014-08-13 11:54 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\dvdcss
2014-08-13 11:11 - 2014-05-06 07:32 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\BSplayer Pro
2014-08-12 16:50 - 2014-06-15 23:40 - 00009728 _____ () C:\Users\kbobo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-12 14:44 - 2014-05-06 07:35 - 00000000 ____D () C:\Program Files\Opera
2014-08-07 21:00 - 2014-08-07 16:50 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\Azureus
2014-08-07 16:58 - 2014-08-07 16:51 - 00000000 ____D () C:\Program Files\Tbccint
2014-08-07 16:58 - 2014-05-06 07:32 - 00000000 ____D () C:\Users\kbobo\AppData\Local\tbccint
2014-08-07 16:51 - 2014-08-07 16:51 - 00000000 ____D () C:\Users\kbobo\AppData\Local\TB
2014-08-07 16:51 - 2014-08-07 16:51 - 00000000 ____D () C:\Users\kbobo\.swt
2014-08-07 16:51 - 2014-08-07 16:51 - 00000000 ____D () C:\ProgramData\Tbccint
2014-08-07 16:51 - 2014-05-06 07:36 - 00000009 _____ () C:\END
2014-08-07 16:51 - 2014-05-06 07:32 - 00000000 ____D () C:\Users\kbobo\AppData\Local\NativeMessaging
2014-08-07 16:51 - 2014-05-06 07:32 - 00000000 ____D () C:\Users\kbobo\AppData\Local\CRE
2014-08-07 16:51 - 2014-05-06 05:55 - 00000000 ____D () C:\Users\kbobo
2014-08-06 22:59 - 2014-08-06 22:59 - 00000307 _____ () C:\Users\kbobo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Korpa za otpatke.lnk
2014-08-06 14:40 - 2013-08-22 10:17 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-06 14:35 - 2014-06-25 19:05 - 00000000 ____D () C:\ProgramData\Origin
2014-08-06 14:34 - 2014-07-30 23:03 - 00000000 ____D () C:\Users\kbobo\Documents\FIFA World
2014-08-06 13:50 - 2014-07-27 11:03 - 00000000 ____D () C:\Program Files\Origin
2014-08-05 20:25 - 2014-08-05 20:25 - 00001040 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-05 20:25 - 2014-08-05 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-05 20:25 - 2014-05-11 23:24 - 00000000 ____D () C:\Program Files\VideoLAN
2014-08-05 18:48 - 2014-08-05 18:47 - 00000021 _____ () C:\Users\kbobo\Desktop\Novi tekstualni dokument.txt
2014-08-02 13:35 - 2014-06-29 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-08-02 13:35 - 2014-06-27 22:08 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2014-08-02 10:42 - 2014-07-27 11:06 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\Origin
2014-08-01 11:15 - 2014-08-01 11:15 - 00000000 ____D () C:\Users\kbobo\Documents\My Games
2014-08-01 11:14 - 2014-08-01 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goat Simulator
2014-07-31 23:13 - 2014-07-31 23:13 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\FreeLanguageTranslator
2014-07-31 23:10 - 2013-08-22 08:21 - 00000000 ___RD () C:\Users\Public
2014-07-30 22:16 - 2014-07-30 22:16 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-30 22:16 - 2014-07-30 22:16 - 00176552 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-30 22:16 - 2014-07-30 22:16 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-30 22:16 - 2014-07-30 22:16 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-30 22:16 - 2014-07-30 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-30 22:16 - 2014-07-30 22:16 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-30 22:16 - 2014-05-06 07:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-30 22:11 - 2014-07-30 22:11 - 00000000 ____D () C:\Program Files\TakeaTheeCoupoon
2014-07-30 22:11 - 2014-05-28 20:39 - 00000000 ____D () C:\ProgramData\6a4b9e6d7a319f55
2014-07-30 18:41 - 2014-07-30 18:41 - 00001159 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
2014-07-30 17:26 - 2014-07-27 11:07 - 00000000 ____D () C:\Program Files\Origin Games
2014-07-28 22:19 - 2014-07-28 22:18 - 01766673 _____ () C:\Users\kbobo\Downloads\AviSub.zip
2014-07-27 11:07 - 2014-07-27 11:06 - 00000000 ____D () C:\Users\kbobo\AppData\Local\Origin
2014-07-27 11:03 - 2014-06-25 19:05 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-07-26 20:53 - 2014-05-06 06:03 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-23 20:01 - 2014-06-19 17:54 - 00000000 ____D () C:\Users\kbobo\Documents\Bandicam
2014-07-23 08:09 - 2014-07-23 08:09 - 00000822 _____ () C:\Users\kbobo\Desktop\Play FIFA 14.lnk
2014-07-22 16:21 - 2014-05-22 10:15 - 00000000 ____D () C:\Users\kbobo\AppData\Roaming\DAEMON Tools Lite
2014-07-18 18:29 - 2014-05-06 06:16 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-18 14:11 - 2014-07-18 14:11 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-07-18 14:09 - 2014-07-18 14:09 - 00000000 __RHD () C:\Users\kbobo\AppData\Roaming\SecuROM
2014-07-18 14:00 - 2014-07-18 14:00 - 00107888 _____ (Sony DADC Austria AG.) C:\Windows\system32\CmdLineExt.dll
2014-07-18 14:00 - 2014-06-25 23:25 - 00000000 ____D () C:\Windows\system32\directx
2014-07-18 13:58 - 2014-07-18 13:58 - 00000000 ____D () C:\Windows\system32\xlive
2014-07-18 13:58 - 2014-07-18 13:58 - 00000000 ____D () C:\Program Files\Microsoft Games for Windows - LIVE

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-30 13:43

==================== End Of Log ============================

addition pomocu opcije prikaci fajl

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe:

Adanak
Supporter 1.80



Arrow Korak 2

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

() C:\Program Files\Adanak\updateAdanak.exe
() C:\Program Files\Adanak\bin\utilAdanak.exe
() C:\Program Files\Adanak\bin\Adanak.PurBrowse.exe
() C:\Program Files\Adanak\bin\Adanak.BrowserAdapter.exe
R1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w; C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w.sys [52920 2014-06-25] (StdLib)
R1 {2f0ff925-183b-4210-98f5-cb2ffd917f2b}w; C:\Windows\System32\drivers\{2f0ff925-183b-4210-98f5-cb2ffd917f2b}w.sys [52920 2014-07-16] (StdLib)
HKU\S-1-5-21-992004499-3144148575-427957581-1001\...\Run: [APISupport] => "C:\Windows\system32\Rundll32.exe" "C:\Users\kbobo\AppData\Local\TB\APISupport\APISupport.dll",DLLRunAPISupport <===== ATTENTION
AppInit_DLLs: c:\progra~1\suppor~1\suppor~1.dll => c:\progra~1\suppor~1\suppor~1.dll File Not Found
C:\Windows\system32\Rundll32.exe" "C:\Users\kbobo\AppData\Local\TB
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_kms&affID=128235&tt=120814_new&mntrid=C20278D38D03FA6A&tsp=5341
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=C20278D38D03FA6A&affID=128235&tt=120814_new&tsp=5341
SearchScopes: HKCU - {158A0B80-EA39-448E-B01D-D04C19108FA7} URL = http://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091&CUI=UN40746802042680324&UM=7
SearchScopes: HKCU - {82B3A07C-329A-4354-AC1A-D18E92B9596A} URL = http://www.buenosearch.com/?babsrc=SP_kms&affID=128235&tt=120814_new&mntrid=C20278D38D03FA6A&tsp=5341&q={searchTerms}&r=749
BHO: HDPlus-V1.9 -> {11111111-1111-1111-1111-110511951170} -> C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-bho.dll (HDPlus)
C:\Program Files\HDPlus-V1.9
CHR HomePage: hxxp://trovi.com/?ctid=CT2504091&SearchSource=48&CUI=UN41105731803025228&UM=7&SAT=SCH
CHR StartupUrls: "hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=C20278D38D03FA6A&affID=128235&tt=120814_new&tsp=5341"
CHR DefaultSearchKeyword: buenosearch.com
CHR DefaultSearchURL: http://trovi.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN41105731803025228&ctid=CT2504091&UM=7&SAT=SCH
CHR Extension: (priocecHaop) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpbbagbhcefhpciedopikliepohhbgji [2014-07-17]
CHR Extension: (HDPlus-V1.9) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2014-08-01]
CHR Extension: (Trovi) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk [2014-08-07]
CHR Extension: (priocecHaop) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpbbagbhcefhpciedopikliepohhbgji\3.9 [2014-07-17]
CHR HKLM\...\Chrome\Extension: [edfohacdfdemjkeejihknkmjkabndgkg] - C:\Users\kbobo\AppData\Local\CRE\edfohacdfdemjkeejihknkmjkabndgkg.crx [2014-07-17]
CHR HKLM\...\Chrome\Extension: [fnelgfmpooffemibikhmcklfnnimgijo] - C:\Users\kbobo\AppData\Local\CRE\fnelgfmpooffemibikhmcklfnnimgijo.crx [2014-07-17]
C:\Users\kbobo\AppData\Local\CRE
CHR HKLM\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\kbobo\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2014-08-03]
CHR HKCU\...\Chrome\Extension: [edfohacdfdemjkeejihknkmjkabndgkg] - C:\Users\kbobo\AppData\Local\CRE\edfohacdfdemjkeejihknkmjkabndgkg.crx [2014-08-03]
CHR HKCU\...\Chrome\Extension: [fnelgfmpooffemibikhmcklfnnimgijo] - C:\Users\kbobo\AppData\Local\CRE\fnelgfmpooffemibikhmcklfnnimgijo.crx [2014-08-03]
CHR HKCU\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\kbobo\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2014-08-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-13] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-13] (globalUpdate) [File not signed]
C:\Program Files\globalUpdate
R2 Update Adanak; C:\Program Files\Adanak\updateAdanak.exe [323352 2014-08-17] ()
R2 Util Adanak; C:\Program Files\Adanak\bin\utilAdanak.exe [323352 2014-08-17] ()
C:\Program Files\Adanak
S2 40030ae4; "C:\Windows\system32\rundll32.exe" "c:\progra~1\suppor~1\SupporterSvc.dll",service
C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w.sys
C:\Windows\System32\drivers\{2f0ff925-183b-4210-98f5-cb2ffd917f2b}w.sys
C:\ProgramData\TakeaTheeCoupoon
CustomCLSID: HKU\S-1-5-21-992004499-3144148575-427957581-1001_Classes\CLSID\{1BBF13E0-551E-42DD-91F4-1A547443FFDA}\InprocServer32 -> C:\Users\kbobo\AppData\Local\Tbccint\Community Alerts\Alert.dll (ClientConnect Ltd.)
C:\Users\kbobo\AppData\Local\Tbccint
Task: {3B6A06AB-4DCA-4A1F-A7EF-C4329ED58201} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5 => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-5.exe [2014-07-11] (HDPlus)
Task: {3C9CF79E-3EF7-4132-8445-4E602FB26A34} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-6 => C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-novainstaller.exe [2014-07-11] (HDPlus)
Task: {3E9AA9AA-AE32-4D25-AD56-77C89DD97A70} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-08-13] (globalUpdate)
Task: {4C1D89D3-A1CA-4DB5-90F6-99D610CB98E7} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-5.exe [2014-07-11] (HDPlus)
Task: {527B75D8-B64F-4E28-A91D-00CB07FC8B99} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-7 => C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-nova.exe [2014-07-11] (HDPlus)
Task: {67CC9474-9A47-43DF-8B21-63AAA1D6627C} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-3 => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-3.exe [2014-07-11] (HDPlus)
Task: {82C03F27-4177-4D5F-95A5-A253ACE67E73} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-11 => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-11.exe [2014-07-11] (HDPlus)
Task: {A5FA4AB9-549A-4EEF-A506-17B1F5F546F9} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-08-13] (globalUpdate)
Task: {CEEE872B-F35E-45F1-BEB3-6ED956E013E3} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-4 => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-4.exe [2014-07-11] (HDPlus)
Task: {CFAD4C13-7063-47D5-8011-F3EAE5F7E36D} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-1 => C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-codedownloader.exe [2014-07-11] (HDPlus)
Task: {D5F03544-8D37-477E-BDD8-DF7AB8D3D665} - System32\Tasks\Update Service YourFileDownloader => C:\Program Files\YourFileDownloaderUpdater\YourFileDownloaderUpdater.exe <==== ATTENTION
Task: {D6E58B59-71B7-48A1-B5D7-B418A5F26146} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-2 => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-2.exe [2014-07-11] (HDPlus)
Task: {E72DF409-D1EF-4E8E-8AD9-BDDB127A759D} - System32\Tasks\fbe97edd-eb2f-44c5-b8f7-f44c01ece1de-2 => C:\Program Files\Sense\fbe97edd-eb2f-44c5-b8f7-f44c01ece1de-2.exe <==== ATTENTION
C:\Program Files\Sense
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-1.job => C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-codedownloader.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-11.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-11.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-2.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-2.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-3.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-3.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-4.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-4.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-5.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-5.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-6.job => C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-novainstaller.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-7.job => C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-nova.exe
Task: C:\Windows\Tasks\fbe97edd-eb2f-44c5-b8f7-f44c01ece1de-2.job => C:\Program Files\Sense\fbe97edd-eb2f-44c5-b8f7-f44c01ece1de-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum




Arrow Korak 3

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

offline
  • Pridružio: 03 Maj 2012
  • Poruke: 209

Zahvaljujem se na odazvanoj pomoci!
Adanak sam obrisao iz sistema,ali sa Supporter 1.80 imam problem sa brisanjem,tacnije vec sam ga prije par dana htjeo obrisati ali mi izbaci ovo:




korak 2
kopiro sam test i sve odradio,na Desktop-u ima fixlog.txt i njega cu kopirati,ali Notepad sa sadrzajem se nije otvorio.
fixlog.txt
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:16-08-2014 03
Ran by kbobo at 2014-08-17 19:31:45 Run:1
Running from C:\Users\kbobo\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
() C:\Program Files\Adanak\updateAdanak.exe
() C:\Program Files\Adanak\bin\utilAdanak.exe
() C:\Program Files\Adanak\bin\Adanak.PurBrowse.exe
() C:\Program Files\Adanak\bin\Adanak.BrowserAdapter.exe
R1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w; C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w.sys [52920 2014-06-25] (StdLib)
R1 {2f0ff925-183b-4210-98f5-cb2ffd917f2b}w; C:\Windows\System32\drivers\{2f0ff925-183b-4210-98f5-cb2ffd917f2b}w.sys [52920 2014-07-16] (StdLib)
HKU\S-1-5-21-992004499-3144148575-427957581-1001\...\Run: [APISupport] => "C:\Windows\system32\Rundll32.exe" "C:\Users\kbobo\AppData\Local\TB\APISupport\APISupport.dll",DLLRunAPISupport <===== ATTENTION
AppInit_DLLs: c:\progra~1\suppor~1\suppor~1.dll => c:\progra~1\suppor~1\suppor~1.dll File Not Found
C:\Windows\system32\Rundll32.exe" "C:\Users\kbobo\AppData\Local\TB
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_kms&affID=128235&tt=120814_new&mntrid=C20278D38D03FA6A&tsp=5341
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=C20278D38D03FA6A&affID=128235&tt=120814_new&tsp=5341
SearchScopes: HKCU - {158A0B80-EA39-448E-B01D-D04C19108FA7} URL = http://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091&CUI=UN40746802042680324&UM=7
SearchScopes: HKCU - {82B3A07C-329A-4354-AC1A-D18E92B9596A} URL = http://www.buenosearch.com/?babsrc=SP_kms&affID=128235&tt=120814_new&mntrid=C20278D38D03FA6A&tsp=5341&q={searchTerms}&r=749
BHO: HDPlus-V1.9 -> {11111111-1111-1111-1111-110511951170} -> C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-bho.dll (HDPlus)
C:\Program Files\HDPlus-V1.9
CHR HomePage: hxxp://trovi.com/?ctid=CT2504091&SearchSource=48&CUI=UN41105731803025228&UM=7&SAT=SCH
CHR StartupUrls: "hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=C20278D38D03FA6A&affID=128235&tt=120814_new&tsp=5341"
CHR DefaultSearchKeyword: buenosearch.com
CHR DefaultSearchURL: http://trovi.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN41105731803025228&ctid=CT2504091&UM=7&SAT=SCH
CHR Extension: (priocecHaop) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpbbagbhcefhpciedopikliepohhbgji [2014-07-17]
CHR Extension: (HDPlus-V1.9) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2014-08-01]
CHR Extension: (Trovi) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk [2014-08-07]
CHR Extension: (priocecHaop) - C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpbbagbhcefhpciedopikliepohhbgji\3.9 [2014-07-17]
CHR HKLM\...\Chrome\Extension: [edfohacdfdemjkeejihknkmjkabndgkg] - C:\Users\kbobo\AppData\Local\CRE\edfohacdfdemjkeejihknkmjkabndgkg.crx [2014-07-17]
CHR HKLM\...\Chrome\Extension: [fnelgfmpooffemibikhmcklfnnimgijo] - C:\Users\kbobo\AppData\Local\CRE\fnelgfmpooffemibikhmcklfnnimgijo.crx [2014-07-17]
C:\Users\kbobo\AppData\Local\CRE
CHR HKLM\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\kbobo\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2014-08-03]
CHR HKCU\...\Chrome\Extension: [edfohacdfdemjkeejihknkmjkabndgkg] - C:\Users\kbobo\AppData\Local\CRE\edfohacdfdemjkeejihknkmjkabndgkg.crx [2014-08-03]
CHR HKCU\...\Chrome\Extension: [fnelgfmpooffemibikhmcklfnnimgijo] - C:\Users\kbobo\AppData\Local\CRE\fnelgfmpooffemibikhmcklfnnimgijo.crx [2014-08-03]
CHR HKCU\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\kbobo\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2014-08-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-13] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-13] (globalUpdate) [File not signed]
C:\Program Files\globalUpdate
R2 Update Adanak; C:\Program Files\Adanak\updateAdanak.exe [323352 2014-08-17] ()
R2 Util Adanak; C:\Program Files\Adanak\bin\utilAdanak.exe [323352 2014-08-17] ()
C:\Program Files\Adanak
S2 40030ae4; "C:\Windows\system32\rundll32.exe" "c:\progra~1\suppor~1\SupporterSvc.dll",service
C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w.sys
C:\Windows\System32\drivers\{2f0ff925-183b-4210-98f5-cb2ffd917f2b}w.sys
C:\ProgramData\TakeaTheeCoupoon
CustomCLSID: HKU\S-1-5-21-992004499-3144148575-427957581-1001_Classes\CLSID\{1BBF13E0-551E-42DD-91F4-1A547443FFDA}\InprocServer32 -> C:\Users\kbobo\AppData\Local\Tbccint\Community Alerts\Alert.dll (ClientConnect Ltd.)
C:\Users\kbobo\AppData\Local\Tbccint
Task: {3B6A06AB-4DCA-4A1F-A7EF-C4329ED58201} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5 => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-5.exe [2014-07-11] (HDPlus)
Task: {3C9CF79E-3EF7-4132-8445-4E602FB26A34} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-6 => C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-novainstaller.exe [2014-07-11] (HDPlus)
Task: {3E9AA9AA-AE32-4D25-AD56-77C89DD97A70} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-08-13] (globalUpdate)
Task: {4C1D89D3-A1CA-4DB5-90F6-99D610CB98E7} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-5.exe [2014-07-11] (HDPlus)
Task: {527B75D8-B64F-4E28-A91D-00CB07FC8B99} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-7 => C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-nova.exe [2014-07-11] (HDPlus)
Task: {67CC9474-9A47-43DF-8B21-63AAA1D6627C} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-3 => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-3.exe [2014-07-11] (HDPlus)
Task: {82C03F27-4177-4D5F-95A5-A253ACE67E73} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-11 => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-11.exe [2014-07-11] (HDPlus)
Task: {A5FA4AB9-549A-4EEF-A506-17B1F5F546F9} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-08-13] (globalUpdate)
Task: {CEEE872B-F35E-45F1-BEB3-6ED956E013E3} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-4 => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-4.exe [2014-07-11] (HDPlus)
Task: {CFAD4C13-7063-47D5-8011-F3EAE5F7E36D} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-1 => C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-codedownloader.exe [2014-07-11] (HDPlus)
Task: {D5F03544-8D37-477E-BDD8-DF7AB8D3D665} - System32\Tasks\Update Service YourFileDownloader => C:\Program Files\YourFileDownloaderUpdater\YourFileDownloaderUpdater.exe <==== ATTENTION
Task: {D6E58B59-71B7-48A1-B5D7-B418A5F26146} - System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-2 => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-2.exe [2014-07-11] (HDPlus)
Task: {E72DF409-D1EF-4E8E-8AD9-BDDB127A759D} - System32\Tasks\fbe97edd-eb2f-44c5-b8f7-f44c01ece1de-2 => C:\Program Files\Sense\fbe97edd-eb2f-44c5-b8f7-f44c01ece1de-2.exe <==== ATTENTION
C:\Program Files\Sense
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-1.job => C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-codedownloader.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-11.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-11.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-2.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-2.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-3.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-3.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-4.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-4.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-5.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-5.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-6.job => C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-novainstaller.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-7.job => C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-nova.exe
Task: C:\Windows\Tasks\fbe97edd-eb2f-44c5-b8f7-f44c01ece1de-2.job => C:\Program Files\Sense\fbe97edd-eb2f-44c5-b8f7-f44c01ece1de-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
EmptyTemp:
*****************

C:\Program Files\Adanak\updateAdanak.exe => No running process found
C:\Program Files\Adanak\bin\utilAdanak.exe => No running process found
C:\Program Files\Adanak\bin\Adanak.PurBrowse.exe => No running process found
C:\Program Files\Adanak\bin\Adanak.BrowserAdapter.exe => No running process found
{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w => Service stopped successfully.
{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w => Service deleted successfully.
{2f0ff925-183b-4210-98f5-cb2ffd917f2b}w => Service stopped successfully.
{2f0ff925-183b-4210-98f5-cb2ffd917f2b}w => Service deleted successfully.
HKU\S-1-5-21-992004499-3144148575-427957581-1001\Software\Microsoft\Windows\CurrentVersion\Run\\APISupport => value deleted successfully.
"c:\progra~1\suppor~1\suppor~1.dll" => Value Data removed successfully.
"C:\Windows\system32\Rundll32.exe "C:\Users\kbobo\AppData\Local\TB" => File/Directory not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully.
"HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{158A0B80-EA39-448E-B01D-D04C19108FA7}" => Key deleted successfully.
"HKCR\CLSID\{158A0B80-EA39-448E-B01D-D04C19108FA7}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{82B3A07C-329A-4354-AC1A-D18E92B9596A}" => Key deleted successfully.
"HKCR\CLSID\{82B3A07C-329A-4354-AC1A-D18E92B9596A}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951170}" => Key deleted successfully.
"HKCR\CLSID\{11111111-1111-1111-1111-110511951170}" => Key deleted successfully.
C:\Program Files\HDPlus-V1.9 => Moved successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpbbagbhcefhpciedopikliepohhbgji => Moved successfully.
C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle => Moved successfully.
C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk => Moved successfully.
C:\Users\kbobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpbbagbhcefhpciedopikliepohhbgji\3.9 directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\edfohacdfdemjkeejihknkmjkabndgkg" => Key deleted successfully.
"C:\Users\kbobo\AppData\Local\CRE\edfohacdfdemjkeejihknkmjkabndgkg.crx" => File/Directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\fnelgfmpooffemibikhmcklfnnimgijo" => Key deleted successfully.
"C:\Users\kbobo\AppData\Local\CRE\fnelgfmpooffemibikhmcklfnnimgijo.crx" => File/Directory not found.
C:\Users\kbobo\AppData\Local\CRE => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk" => Key deleted successfully.
"C:\Users\kbobo\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx" => File/Directory not found.
"HKCU\SOFTWARE\Google\Chrome\Extensions\edfohacdfdemjkeejihknkmjkabndgkg" => Key deleted successfully.
"C:\Users\kbobo\AppData\Local\CRE\edfohacdfdemjkeejihknkmjkabndgkg.crx" => File/Directory not found.
"HKCU\SOFTWARE\Google\Chrome\Extensions\fnelgfmpooffemibikhmcklfnnimgijo" => Key deleted successfully.
"C:\Users\kbobo\AppData\Local\CRE\fnelgfmpooffemibikhmcklfnnimgijo.crx" => File/Directory not found.
"HKCU\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk" => Key deleted successfully.
"C:\Users\kbobo\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx" => File/Directory not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKCU\SOFTWARE\Policies\Google" => Key deleted successfully.
globalUpdate => Service deleted successfully.
globalUpdatem => Service deleted successfully.
C:\Program Files\globalUpdate => Moved successfully.
Update Adanak => Service not found.
Util Adanak => Service not found.
"C:\Program Files\Adanak" => File/Directory not found.
40030ae4 => Service deleted successfully.
C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w.sys => Moved successfully.
C:\Windows\System32\drivers\{2f0ff925-183b-4210-98f5-cb2ffd917f2b}w.sys => Moved successfully.
C:\ProgramData\TakeaTheeCoupoon => Moved successfully.
"HKU\S-1-5-21-992004499-3144148575-427957581-1001_Classes\CLSID\{1BBF13E0-551E-42DD-91F4-1A547443FFDA}" => Key deleted successfully.
C:\Users\kbobo\AppData\Local\Tbccint => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3B6A06AB-4DCA-4A1F-A7EF-C4329ED58201}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B6A06AB-4DCA-4A1F-A7EF-C4329ED58201}" => Key deleted successfully.
C:\Windows\System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\c9d77c59-0ff5-4036-8806-71115fd01f45-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3C9CF79E-3EF7-4132-8445-4E602FB26A34}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C9CF79E-3EF7-4132-8445-4E602FB26A34}" => Key deleted successfully.
C:\Windows\System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\c9d77c59-0ff5-4036-8806-71115fd01f45-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E9AA9AA-AE32-4D25-AD56-77C89DD97A70}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E9AA9AA-AE32-4D25-AD56-77C89DD97A70}" => Key deleted successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C1D89D3-A1CA-4DB5-90F6-99D610CB98E7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C1D89D3-A1CA-4DB5-90F6-99D610CB98E7}" => Key deleted successfully.
C:\Windows\System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{527B75D8-B64F-4E28-A91D-00CB07FC8B99}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{527B75D8-B64F-4E28-A91D-00CB07FC8B99}" => Key deleted successfully.
C:\Windows\System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\c9d77c59-0ff5-4036-8806-71115fd01f45-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{67CC9474-9A47-43DF-8B21-63AAA1D6627C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67CC9474-9A47-43DF-8B21-63AAA1D6627C}" => Key deleted successfully.
C:\Windows\System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\c9d77c59-0ff5-4036-8806-71115fd01f45-3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82C03F27-4177-4D5F-95A5-A253ACE67E73}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82C03F27-4177-4D5F-95A5-A253ACE67E73}" => Key deleted successfully.
C:\Windows\System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-11 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\c9d77c59-0ff5-4036-8806-71115fd01f45-11" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A5FA4AB9-549A-4EEF-A506-17B1F5F546F9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5FA4AB9-549A-4EEF-A506-17B1F5F546F9}" => Key deleted successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CEEE872B-F35E-45F1-BEB3-6ED956E013E3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEEE872B-F35E-45F1-BEB3-6ED956E013E3}" => Key deleted successfully.
C:\Windows\System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-4 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\c9d77c59-0ff5-4036-8806-71115fd01f45-4" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CFAD4C13-7063-47D5-8011-F3EAE5F7E36D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFAD4C13-7063-47D5-8011-F3EAE5F7E36D}" => Key deleted successfully.
C:\Windows\System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\c9d77c59-0ff5-4036-8806-71115fd01f45-1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D5F03544-8D37-477E-BDD8-DF7AB8D3D665}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5F03544-8D37-477E-BDD8-DF7AB8D3D665}" => Key deleted successfully.
C:\Windows\System32\Tasks\Update Service YourFileDownloader => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service YourFileDownloader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D6E58B59-71B7-48A1-B5D7-B418A5F26146}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6E58B59-71B7-48A1-B5D7-B418A5F26146}" => Key deleted successfully.
C:\Windows\System32\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\c9d77c59-0ff5-4036-8806-71115fd01f45-2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E72DF409-D1EF-4E8E-8AD9-BDDB127A759D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E72DF409-D1EF-4E8E-8AD9-BDDB127A759D}" => Key deleted successfully.
C:\Windows\System32\Tasks\fbe97edd-eb2f-44c5-b8f7-f44c01ece1de-2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fbe97edd-eb2f-44c5-b8f7-f44c01ece1de-2" => Key deleted successfully.
"C:\Program Files\Sense" => File/Directory not found.
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-1.job => Moved successfully.
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-11.job => Moved successfully.
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-2.job => Moved successfully.
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-3.job => Moved successfully.
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-4.job => Moved successfully.
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5.job => Moved successfully.
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user.job => Moved successfully.
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-6.job => Moved successfully.
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-7.job => Moved successfully.
C:\Windows\Tasks\fbe97edd-eb2f-44c5-b8f7-f44c01ece1de-2.job => Moved successfully.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
EmptyTemp: => Removed 10 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

korak 3
Nakon restarta otvorio se Notepad i evo fajla

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sada stanje sistema?

offline
  • Pridružio: 03 Maj 2012
  • Poruke: 209

Sass Drake ::Kakvo je sada stanje sistema?
uh,dosta bolje,malo sam oprobavao, sad brze i otvara stranice,jesam li pokupio neki virus?ili je nesto drugo.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Adware i potencijalno neželjen softver.
Obavićemo još jednu provjeru.


Arrow

Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.



Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);


Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

offline
  • Pridružio: 03 Maj 2012
  • Poruke: 209

neznam zasto ali od tri pokusaja stalno mi se program iskljucuje evo slike

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Onda ćemo ovako uraditi ARK provjeru.

Arrow Preuzmi instalaciju za Malwarebytes Anti-Malware (MBAM) ver.2.0 i instaliraj aplikaciju.
Dvoklik na mbam-setup.exe i prati uputstva za instalaciju. Instalacija je klasicna, "Next > I Agree . . > Next > Install" princip. Po zavrsenoj instalaciji, klikni Finish.
Napomena: 14 dana besplatna trail verzija je pre-selektovana. Mozes decekirati ovu opciju ako zelis.


- Po prvom pokretanju, MBAM ce zapoceti "Update" u nameri da preuzme najsvezije definicije.
Ili ... klik na 'Update Now >>' link ili dugme radi preuzimanja svezih definicija.

• Konfigurisati skener; Na 'Settings' tabu, Detection and Protection podesiti sledece opcije:
1. pod-tab Detection Options, cekirati kucicu za 'Scan for rootkits';
2. pod-tab Non-Malware Protection, za 'PUP detections', prostarati se da je selektovana 'Threat detections as malware' opcija.




• Izvrsiti 'Threat Scan';
Klik na Scan tab, zatim na 'Scan Now >>' da bi izvrsio skeniranje.
Ukoliko MBAM prijavi da je 'update' dostupan, klik na 'Update Now' a potom nastaviti do skeniranja.
Obavestenje: kod nekih teskih infekcija, moguce je dobiti sledecu poruku "Could not load DDA driver". U tom slucaju, klik Yes na tu poruku, dopustiti ucitavanje drajvera po restartu racunara, dozvoliti restart.
Potom, nastaviti sa ostatkom instrukcija.


• Po zavrsenom skeniranju, klik na Apply Action dugme ukoliko je pretnja detektovana. Sacekati da program zatrazi restart!
- Klik na Yes na poruku koja govori da ce se sistem restartovati.



• Postaviti izvestaj (export-ovati logfile) na uvid;
Ponovo pokrenuti MBAM, klik na History tab > Application Logs. Dvoklik na 'Scan Log' koji pokazuje vreme i datum upravo izvrsenog skeniranja.
1. U novom prozoru klik na 'Export' dugme, pa izabrati 'Text file (*.txt)';
2. Kada se pojavi Save File dialog, izabrati da se log sacuva na Desktop.
U tom istom prozoru, dole pod File name: upisi 'mbam' kao naziv izvestaja i klikni dugme Save.

- Po dobijenoj poruci ("Your file has been successfully exported") izvestaj koji si nazvao kao 'mbam' bice sacuvan na Desktop.




Arrow Okaci mbam.txt uz poruku koristeci opciju Prikači fajl.

offline
  • Pridružio: 03 Maj 2012
  • Poruke: 209

odradio sam jos jednu provjeru koristeci program gdje sam link i upustvo nasao u ambulati evo slika
nakon skeniranja pokazuje da je sistem cist.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Uradi kakao sam ti rekao i postavi mi izvještaj.

Ko je trenutno na forumu
 

Ukupno su 774 korisnika na forumu :: 31 registrovanih, 10 sakrivenih i 733 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Apok, blue, darkangel, Dorcolac, draganca, dragon986, Gama, goxin, goxsys, indja, janezek67, kaisarevic1, krlebgd77, madza, Mlav, Ognjen D., Oluj2.1, pein, Recce, Springfield, stegonosa, Toni, vasa.93, VJ, vlahale, vlvl, VUK65, W123, xJeremijAx, zexoni