qvo6.com u browseru ,pravi pakao ?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 08 Jul 2013 11:24

naseo sam prilikom skidanja novog antivirusa,bilo je nesto drugo,instalirao gomilu gluposti ,u mozzili mi izbacuje non stop qvo6.com i pokrece neke glupe aplikacije,avast je bespomocan kao i mallwarebytes ...

evo loga....


https://www.mycity.rs/must-login.png


https://www.mycity.rs/must-login.png



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16446
Run by vinko at 11:15:32 on 2013-07-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.381.1033.18.6046.3289 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Conexant\SA3\CxUtilSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\ProgramData\DatacardService\HWDeviceService64.exe
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\vinko\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Conexant\SA3\SmartAudio3.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\ProgramData\mts mobilni internet\OnlineUpdate\ouc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Elantech\ETDGesture.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
C:\Windows\SysWOW64\schtasks.exe
C:\ProgramData\eSafe\eGdpSvc.exe
C:\Users\vinko\AppData\Roaming\WebCake\WebCakeDesktop.exe
C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
C:\Program Files (x86)\WinZipper\winzipersvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\BitLord\BitLord.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=9620685D43CF70E8&affID=123511&tt=070713_91114&tsp=4937
uDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: WebCake: {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: SelectionLinks: {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [uTorrent] "C:\Users\vinko\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [WebCake Desktop] "C:\Users\vinko\AppData\Roaming\WebCake\WebCakeDesktop.exe"
uRun: [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
uRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
uRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f
uRunOnce: [adawarebp_DATA_FOLDER] cmd.exe /c rmdir "C:\ProgramData\Ad-Aware Browsing Protection" /s /q
uRunOnce: [adawarebp_INSTALL_FOLDER] cmd.exe /c rmdir "C:\Users\vinko\AppData\Local\adawarebp" /s /q
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce: [sevenzipwkms] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{061DF22E-C383-4A65-88C0-2B5310AD8C54} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{061DF22E-C383-4A65-88C0-2B5310AD8C54}\44D402B4F6D6562736 : DHCPNameServer = 178.79.22.6 178.79.0.3
TCP: Interfaces\{47A8B75B-7993-4F3E-8A36-B6073C560767} : NameServer = 195.178.38.3 195.178.38.8
TCP: Interfaces\{884AF92C-3E0E-4464-B8E1-A7352D83A02B} : NameServer = 195.178.38.3 195.178.38.8
TCP: Interfaces\{900C9A5D-A9CE-4B48-9F58-AD94B3D6AB6B} : NameServer = 195.178.38.3 195.178.38.8
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\safesa~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = DPPassFilter scecli
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
x64-mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
x64-mSearchAssistant = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=0
x64-mCustomizeSearch = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=0
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0 /dne /s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [ACPW06EN] "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06EN
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.homesearch-hub.info/?pid=1089&r=2013/06/17&hid=821402009&lg=EN&cc=RS&unqvl=20&l=1&q=
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: keyword.URL -
FF - prefs.js: browser.startup.homepage -
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - ExtSQL: 2013-06-17 09:51; {EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}; C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}
FF - ExtSQL: 2013-07-08 09:32; plugin@getwebcake.com; C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\plugin@getwebcake.com
FF - ExtSQL: 2013-07-08 10:33; ffxtlbr@delta.com; C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\ffxtlbr@delta.com
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.mixidj.tlbrSrchUrl -
FF - user.js: extensions.mixidj.id - 96208bd5000000000000685d43cf70e8
FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
FF - user.js: extensions.mixidj.instlDay - 15873
FF - user.js: extensions.mixidj.vrsn - 1.8.18.8
FF - user.js: extensions.mixidj.vrsni - 1.8.18.8
FF - user.js: extensions.mixidj.vrsnTs - 1.8.18.89:51:55
FF - user.js: extensions.mixidj.prtnrId - mixidj
FF - user.js: extensions.mixidj.prdct - mixidj
FF - user.js: extensions.mixidj.aflt - babsst
FF - user.js: extensions.mixidj.smplGrp - none
FF - user.js: extensions.mixidj.tlbrId - baseyh
FF - user.js: extensions.mixidj.instlRef - sst
FF - user.js: extensions.mixidj.dfltLng - en
FF - user.js: extensions.mixidj.excTlbr - false
FF - user.js: extensions.mixidj.ffxUnstlRst - false
FF - user.js: extensions.mixidj.admin - false
FF - user.js: extensions.mixidj.autoRvrt - false
FF - user.js: extensions.mixidj.rvrt - false
FF - user.js: extensions.mixidj.newTab - false
FF - user.js: extentions.webcake.installId - c4c565a1-0f7d-4c27-a3e5-35510cee505c
FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 96208bd5000000000000685d43cf70e8
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15894
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.510:33:01
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=123511&tt=070713_91114&tsp=4937
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-8-15 31872]
R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-4-19 14456]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-8-15 16152]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-8-15 22128]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-7-8 22664]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-7-8 377992]
R2 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-9-16 39528]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-15 235520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-7-8 33472]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-7-8 80888]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-7-8 45248]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-5-15 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-5-15 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-17 135952]
R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-8-15 109184]
R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-15 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-11 627936]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-8 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-8 701512]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-8-15 1695040]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208]
R2 SrvUpdater;Software Updater;C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [2012-12-21 31744]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-8-15 363800]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2011-8-18 3175728]
R2 WebCake Desktop Updater;WebCake Desktop Updater;C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [2013-7-8 23552]
R2 winzipersvc;WinZiper service;C:\Program Files (x86)\WinZipper\winzipersvc.exe [2013-7-8 424104]
R2 WsysSvc;Wsys Service;C:\ProgramData\eSafe\eGdpSvc.exe [2013-7-8 386112]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-3-29 2669840]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
R3 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-7-8 177672]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2012-2-13 95232]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2012-2-13 747008]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-8-15 176000]
R3 ETD;Dell Touchpad;C:\Windows\System32\drivers\ETD.sys [2012-8-15 201008]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-12-7 86016]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2012-3-21 60928]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-8-15 331264]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-8-15 14745600]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-8-15 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-8-15 787736]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-1-27 25496]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-7-8 25928]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-8-15 313448]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-8-15 646248]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_ACCEL.sys [2012-8-15 67184]
S0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-7-8 65408]
S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-7-8 1025880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-10 166912]
S2 mts mobilni internet. RunOuc;mts mobilni internet. OUC;C:\Program Files (x86)\mts mobilni internet\UpdateDog\ouc.exe [2012-12-7 239968]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
S3 athur;Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2012-11-22 1847296]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-5-15 1304912]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-12-7 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2012-12-7 13952]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\System32\drivers\ewusbwwan.sys [2012-12-7 421376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-3 1432400]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-1-27 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-3-29 273168]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-12-14 25072]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2013-07-08 08:36:59 -------- d-----w- C:\Users\vinko\AppData\Roaming\Malwarebytes
2013-07-08 08:36:53 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-08 08:36:52 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-07-08 08:36:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-08 08:33:12 -------- d-----w- C:\Users\vinko\AppData\Roaming\BabSolution
2013-07-08 08:33:01 -------- d-----w- C:\Program Files (x86)\Delta
2013-07-08 08:33:00 -------- d-----w- C:\Users\vinko\AppData\Roaming\Delta
2013-07-08 08:21:12 -------- d-----w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-07-08 08:10:08 -------- d-----w- C:\Program Files (x86)\Enigma Software Group
2013-07-08 08:00:25 -------- d-----w- C:\ProgramData\MCShield
2013-07-08 08:00:25 -------- d-----w- C:\Program Files (x86)\MCShield
2013-07-08 07:54:08 -------- d-----w- C:\Program Files\Enigma Software Group
2013-07-08 07:53:50 -------- d-----w- C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-08 07:46:49 -------- d-----w- C:\Users\vinko\AppData\Roaming\337
2013-07-08 07:44:15 -------- d-----w- C:\Program Files (x86)\Omiga Plus
2013-07-08 07:44:02 -------- d-----w- C:\Users\vinko\AppData\Roaming\WinZipper
2013-07-08 07:44:02 -------- d-----w- C:\Program Files (x86)\WinZipper
2013-07-08 07:43:23 80888 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-07-08 07:43:23 71064 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-07-08 07:43:23 65408 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-07-08 07:43:23 22664 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2013-07-08 07:43:23 177672 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-07-08 07:43:23 1025880 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-07-08 07:42:56 41664 ----a-w- C:\Windows\avastSS.scr
2013-07-08 07:32:22 -------- d-----w- C:\Users\vinko\AppData\Roaming\WebCake
2013-07-08 07:32:22 -------- d-----w- C:\Program Files (x86)\WebCake
2013-07-08 07:32:10 -------- d-----w- C:\ProgramData\Tarma Installer
2013-07-08 07:32:09 -------- d-----w- C:\ProgramData\eSafe
2013-07-08 07:32:05 -------- d-----w- C:\Users\vinko\AppData\Roaming\Desk 365
2013-07-08 07:32:05 -------- d-----w- C:\Program Files (x86)\Desk 365
2013-07-08 07:31:39 -------- d-----w- C:\Users\vinko\AppData\Roaming\eIntaller
2013-07-08 07:31:38 -------- d-----w- C:\Users\vinko\AppData\Local\SwvUpdater
2013-07-08 07:31:25 -------- d-----w- C:\ProgramData\BrowserDefender
2013-07-08 07:31:08 -------- d-----w- C:\Program Files (x86)\SoftwareUpdater
2013-07-06 06:19:30 -------- d-----w- C:\Users\vinko\AppData\Roaming\ACD Systems
2013-07-06 06:19:30 -------- d-----w- C:\Users\vinko\AppData\Local\ACD Systems
2013-07-06 06:19:09 -------- d-----w- C:\ProgramData\ACD Systems
2013-07-06 06:19:05 -------- d-----w- C:\Program Files\Common Files\ACD Systems
2013-07-06 06:19:05 -------- d-----w- C:\Program Files\ACD Systems
2013-07-06 06:18:29 -------- d-----w- C:\Users\vinko\AppData\Local\Downloaded Installations
2013-07-03 08:53:27 -------- d-----w- C:\Users\vinko\AppData\Roaming\Photo DVD Slideshow
2013-07-03 08:53:12 -------- d-----w- C:\Program Files (x86)\Photo DVD Slideshow Professional
2013-07-03 08:06:13 -------- d-----w- C:\MySlideshow
2013-07-02 07:45:34 -------- d-----w- C:\ProgramData\ArcSoft
2013-07-02 07:45:33 -------- d-----w- C:\Users\vinko\AppData\Local\ArcSoft
2013-07-02 07:45:08 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-07-02 07:45:08 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-07-02 07:45:08 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-07-02 07:45:08 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-07-02 07:45:08 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-07-02 06:38:17 -------- d-----w- C:\ProgramData\Anvsoft
2013-07-02 06:38:09 -------- d-----w- C:\Program Files (x86)\DVD Photo Slideshow Professional
2013-06-20 08:38:33 -------- d-----w- C:\Users\vinko\AppData\Local\4A Games
2013-06-20 08:18:56 -------- d-----w- C:\Program Files (x86)\Metro Last Light
2013-06-19 11:32:31 -------- d-----w- C:\Users\vinko\AppData\Local\ApplicationHistory
2013-06-17 07:51:29 -------- d-----w- C:\Users\vinko\AppData\Roaming\Babylon
2013-06-17 07:51:29 -------- d-----w- C:\ProgramData\Babylon
2013-06-17 07:51:23 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-06-17 07:50:58 -------- d-----w- C:\Program Files (x86)\OApps
2013-06-17 07:31:52 -------- d-----w- C:\Users\vinko\AppData\Roaming\uTorrent
2013-06-17 07:27:29 -------- d-----w- C:\ProgramData\StarApp
2013-06-17 07:27:08 -------- d-----w- C:\Program Files (x86)\WebSearch
2013-06-17 07:26:54 -------- d-----w- C:\Program Files (x86)\Optimizer Pro
2013-06-17 07:26:31 -------- d-----w- C:\Program Files (x86)\SafeSaver
2013-06-17 07:25:51 -------- d-----w- C:\ProgramData\InstallMate
2013-06-14 11:38:52 -------- d-----w- C:\ProgramData\YTD Video Downloader
2013-06-14 11:38:50 -------- d-----w- C:\Program Files (x86)\GreenTree Applications
2013-06-13 06:27:49 -------- d-----w- C:\YuRecnik
2013-06-12 08:28:47 -------- d-----w- C:\Program Files (x86)\8monkey Labs
2013-06-12 08:23:45 9089416 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-06-12 07:17:57 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
2013-06-12 06:56:34 -------- d-----w- C:\Users\vinko\AppData\Roaming\StarTrekPC
2013-06-12 06:40:55 -------- d-----w- C:\Program Files (x86)\Star Trek
2013-06-11 13:23:21 -------- d-----w- C:\Program Files (x86)\Manual
2013-06-11 13:23:21 -------- d-----w- C:\Program Files (x86)\Common Files\Digidesign
2013-06-11 13:23:20 5811712 ----a-w- C:\Program Files (x86)\Nexus.dll
2013-06-11 13:23:20 1332224 ----a-w- C:\Windows\SysWow64\SYNSOEMU.DLL
2013-06-11 13:23:20 -------- d-----w- C:\Program Files (x86)\Uninstall Nexus
.
==================== Find3M ====================
.
2013-06-12 08:23:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 08:23:55 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-04-19 18:22:54 14456 ----a-w- C:\Windows\System32\drivers\gfibto.sys
2013-04-19 14:20:57 27256 ----a-w- C:\Windows\System32\drivers\FixZeroAccess.sys
.
============= FINISH: 11:16:15,98 ===============

Dopuna: 08 Jul 2013 11:38

evo report od cleaner-a preuzetog sa foruma .... ,nema ga vise,neka mi kaze neko strucniji dali je zavrsio posao....

# AdwCleaner v2.304 - Logfile created 07/08/2013 at 11:32:53
# Updated 03/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : vinko - VINKO-PC
# Boot Mode : Normal
# Running from : C:\Users\vinko\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : SrvUpdater

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\eSafe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml
File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\qvo6.xml
File Deleted : C:\Users\vinko\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\vinko\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\bprotector_extensions.sqlite
File Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\bprotector_prefs.js
File Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\searchplugins\Babylon.xml
File Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\searchplugins\delta.xml
File Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\searchplugins\mixidj.xml
File Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\searchplugins\WebSearch.xml
File Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
File Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
File Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
File Disinfected : C:\Users\vinko\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
File Disinfected : C:\Users\vinko\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
File Disinfected : C:\Users\vinko\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
File Disinfected : C:\Users\vinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
File Disinfected : C:\Users\vinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
File Disinfected : C:\Users\vinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
File Disinfected : C:\Users\vinko\Desktop\Internet Explorer (64-bit).lnk
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Delta
Folder Deleted : C:\Program Files (x86)\Desk 365
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\SoftwareUpdater
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\search protection
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\vinko\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn
Folder Deleted : C:\Users\vinko\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\vinko\AppData\Roaming\337
Folder Deleted : C:\Users\vinko\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\vinko\AppData\Roaming\Babylon
Folder Deleted : C:\Users\vinko\AppData\Roaming\Delta
Folder Deleted : C:\Users\vinko\AppData\Roaming\Desk 365
Folder Deleted : C:\Users\vinko\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\ffxtlbr@delta.com
Folder Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\plugin@getwebcake.com
Folder Deleted : C:\Users\vinko\AppData\Roaming\WebCake

***** [Registry] *****

Data Deleted : HKLM\...\StartMenuInternet\FIREFOX.EXE [(Default)] = C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
Data Deleted : HKLM\...\StartMenuInternet\Google Chrome [(Default)] = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
Data Deleted : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\safesa~1\sprote~1.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\websea~1\sprote~1.dll
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\delta LTD
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\520dcd9bc6eb844
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Desksvc
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\qvo6Software
Key Deleted : HKLM\Software\SoftwareUpdater
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\SOFTWARE\Wow6432Node\520dcd9bc6eb844
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16446

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=9620685D43CF70E8&affID=123511&tt=070713_91114&tsp=4937 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717 --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\prefs.js

C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\user.js ... Deleted !

Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=9620685D43CF70E8&a[...]
Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.homesearch-hub.info/?pid=1089&r=2013/06/17&[...]
Deleted : user_pref("browser.search.selectedEngine", "Delta Search");
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("extensions.delta.admin", false);
Deleted : user_pref("extensions.delta.aflt", "babsst");
Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Deleted : user_pref("extensions.delta.autoRvrt", "false");
Deleted : user_pref("extensions.delta.bbDpng", "8");
Deleted : user_pref("extensions.delta.cntry", "RS");
Deleted : user_pref("extensions.delta.dfltLng", "en");
Deleted : user_pref("extensions.delta.excTlbr", false);
Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Deleted : user_pref("extensions.delta.hdrMd5", "25F4B51CDF02368E7C1F2C90554E2112");
Deleted : user_pref("extensions.delta.id", "96208bd5000000000000685d43cf70e8");
Deleted : user_pref("extensions.delta.instlDay", "15894");
Deleted : user_pref("extensions.delta.instlRef", "sst");
Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.21.510:33:01");
Deleted : user_pref("extensions.delta.newTab", false);
Deleted : user_pref("extensions.delta.prdct", "delta");
Deleted : user_pref("extensions.delta.prtnrId", "delta");
Deleted : user_pref("extensions.delta.rvrt", "false");
Deleted : user_pref("extensions.delta.sg", "azb");
Deleted : user_pref("extensions.delta.smplGrp", "azb");
Deleted : user_pref("extensions.delta.tlbrId", "base");
Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.510:33:01");
Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Deleted : user_pref("extensions.delta_i.babExt", "");
Deleted : user_pref("extensions.delta_i.babTrack", "affID=123511&tt=070713_91114&tsp=4937");
Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Deleted : user_pref("extensions.enabledAddons", "%7BEB1EE743-FFA7-41AC-A370-49C3CA2AABD5%7D:1.5,plugin%40getwe[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://websearch.homesearch-hub.info[...]
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");

-\\ Google Chrome v27.0.1453.110

File : C:\Users\vinko\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.463] : urls_to_restore_on_startup ={"restore_on_startup": 4, [ "hxxp://www.delta-search.com/?babsrc=HP_s[...]

*************************

AdwCleaner[R1].txt - [21226 octets] - [08/07/2013 11:32:40]
AdwCleaner[S1].txt - [19059 octets] - [08/07/2013 11:32:53]

########## EOF - C:\AdwCleaner[S1].txt - [19120 octets] ##########

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zasto si pokretao AdwCleaner, sada si mi poremetio gorepostavljen DDS log.
> Ponovo pokreni DDS i postavi mi svez DDS.txt log

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

evo novih logova...


https://www.mycity.rs/must-login.png



https://www.mycity.rs/must-login.png



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16446
Run by vinko at 11:59:22 on 2013-07-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.381.1033.18.6046.3798 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\WinZipper\winzipersvc.exe
C:\ProgramData\eSafe\eGdpSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Conexant\SA3\SmartAudio3.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
C:\Users\vinko\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Conexant\SA3\CxUtilSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\ProgramData\DatacardService\HWDeviceService64.exe
C:\ProgramData\DatacardService\DCSHelper.exe
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\ProgramData\mts mobilni internet\OnlineUpdate\ouc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Elantech\ETDGesture.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\BitLord\BitLord.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\MCShield\MCShieldRTM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: SelectionLinks: {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} -
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [uTorrent] "C:\Users\vinko\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{061DF22E-C383-4A65-88C0-2B5310AD8C54} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{061DF22E-C383-4A65-88C0-2B5310AD8C54}\44D402B4F6D6562736 : DHCPNameServer = 178.79.22.6 178.79.0.3
TCP: Interfaces\{47A8B75B-7993-4F3E-8A36-B6073C560767} : NameServer = 195.178.38.3 195.178.38.8
TCP: Interfaces\{884AF92C-3E0E-4464-B8E1-A7352D83A02B} : NameServer = 195.178.38.3 195.178.38.8
TCP: Interfaces\{900C9A5D-A9CE-4B48-9F58-AD94B3D6AB6B} : NameServer = 195.178.38.3 195.178.38.8
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = DPPassFilter scecli
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.google.com
x64-mDefault_Page_URL = hxxp://www.google.com
x64-mSearchAssistant = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=0
x64-mCustomizeSearch = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=0
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0 /dne /s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [ACPW06EN] "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06EN
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - ExtSQL: 2013-06-17 09:51; {EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}; C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}
FF - ExtSQL: 2013-07-08 09:43; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-8-15 31872]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-7-8 65408]
R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-4-19 14456]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-8-15 16152]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-8-15 22128]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-7-8 22664]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-7-8 1025880]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-7-8 377992]
R2 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-9-16 39528]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-15 235520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-7-8 33472]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-7-8 80888]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-7-8 45248]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-5-15 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-5-15 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-17 135952]
R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-8-15 109184]
R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-15 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-11 627936]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-8-15 1695040]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-8-15 363800]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2011-8-18 3175728]
R2 winzipersvc;WinZiper service;C:\Program Files (x86)\WinZipper\winzipersvc.exe [2013-7-8 424104]
R2 WsysSvc;Wsys Service;C:\ProgramData\eSafe\eGdpSvc.exe [2013-7-8 386112]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-3-29 2669840]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2012-2-13 95232]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2012-2-13 747008]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-8-15 176000]
R3 ETD;Dell Touchpad;C:\Windows\System32\drivers\ETD.sys [2012-8-15 201008]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-12-7 86016]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2012-3-21 60928]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-8-15 331264]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-8-15 14745600]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-8-15 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-8-15 787736]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-1-27 25496]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-8-15 313448]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-8-15 646248]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_ACCEL.sys [2012-8-15 67184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-10 166912]
S2 mts mobilni internet. RunOuc;mts mobilni internet. OUC;C:\Program Files (x86)\mts mobilni internet\UpdateDog\ouc.exe [2012-12-7 239968]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
S3 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-7-8 177672]
S3 athur;Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2012-11-22 1847296]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-5-15 1304912]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-12-7 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2012-12-7 13952]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\System32\drivers\ewusbwwan.sys [2012-12-7 421376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-3 1432400]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-1-27 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-3-29 273168]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-12-14 25072]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2013-07-08 09:39:03 -------- d-----w- C:\ProgramData\MCShield
2013-07-08 09:39:03 -------- d-----w- C:\Program Files (x86)\MCShield
2013-07-08 09:33:00 88 ----a-w- C:\Windows\DeleteOnReboot.bat
2013-07-08 08:36:59 -------- d-----w- C:\Users\vinko\AppData\Roaming\Malwarebytes
2013-07-08 08:36:53 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-08 08:21:12 -------- d-----w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-07-08 08:10:08 -------- d-----w- C:\Program Files (x86)\Enigma Software Group
2013-07-08 07:54:08 -------- d-----w- C:\Program Files\Enigma Software Group
2013-07-08 07:53:50 -------- d-----w- C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-08 07:44:02 -------- d-----w- C:\Users\vinko\AppData\Roaming\WinZipper
2013-07-08 07:44:02 -------- d-----w- C:\Program Files (x86)\WinZipper
2013-07-08 07:43:23 80888 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-07-08 07:43:23 71064 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-07-08 07:43:23 65408 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-07-08 07:43:23 22664 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2013-07-08 07:43:23 177672 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-07-08 07:43:23 1025880 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-07-08 07:42:56 41664 ----a-w- C:\Windows\avastSS.scr
2013-07-08 07:32:09 -------- d-----w- C:\ProgramData\eSafe
2013-07-06 06:19:30 -------- d-----w- C:\Users\vinko\AppData\Roaming\ACD Systems
2013-07-06 06:19:30 -------- d-----w- C:\Users\vinko\AppData\Local\ACD Systems
2013-07-06 06:19:09 -------- d-----w- C:\ProgramData\ACD Systems
2013-07-06 06:19:05 -------- d-----w- C:\Program Files\Common Files\ACD Systems
2013-07-06 06:19:05 -------- d-----w- C:\Program Files\ACD Systems
2013-07-06 06:18:29 -------- d-----w- C:\Users\vinko\AppData\Local\Downloaded Installations
2013-07-03 08:53:27 -------- d-----w- C:\Users\vinko\AppData\Roaming\Photo DVD Slideshow
2013-07-03 08:53:12 -------- d-----w- C:\Program Files (x86)\Photo DVD Slideshow Professional
2013-07-03 08:06:13 -------- d-----w- C:\MySlideshow
2013-07-02 07:45:34 -------- d-----w- C:\ProgramData\ArcSoft
2013-07-02 07:45:33 -------- d-----w- C:\Users\vinko\AppData\Local\ArcSoft
2013-07-02 07:45:08 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-07-02 07:45:08 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-07-02 07:45:08 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-07-02 07:45:08 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-07-02 07:45:08 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-07-02 06:38:17 -------- d-----w- C:\ProgramData\Anvsoft
2013-07-02 06:38:09 -------- d-----w- C:\Program Files (x86)\DVD Photo Slideshow Professional
2013-06-20 08:38:33 -------- d-----w- C:\Users\vinko\AppData\Local\4A Games
2013-06-20 08:18:56 -------- d-----w- C:\Program Files (x86)\Metro Last Light
2013-06-19 11:32:31 -------- d-----w- C:\Users\vinko\AppData\Local\ApplicationHistory
2013-06-17 07:51:23 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-06-17 07:31:52 -------- d-----w- C:\Users\vinko\AppData\Roaming\uTorrent
2013-06-17 07:27:29 -------- d-----w- C:\ProgramData\StarApp
2013-06-17 07:26:31 -------- d-----w- C:\Program Files (x86)\SafeSaver
2013-06-14 11:38:52 -------- d-----w- C:\ProgramData\YTD Video Downloader
2013-06-14 11:38:50 -------- d-----w- C:\Program Files (x86)\GreenTree Applications
2013-06-13 06:27:49 -------- d-----w- C:\YuRecnik
2013-06-12 08:28:47 -------- d-----w- C:\Program Files (x86)\8monkey Labs
2013-06-12 08:23:45 9089416 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-06-12 07:17:57 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
2013-06-12 06:56:34 -------- d-----w- C:\Users\vinko\AppData\Roaming\StarTrekPC
2013-06-12 06:40:55 -------- d-----w- C:\Program Files (x86)\Star Trek
2013-06-11 13:23:21 -------- d-----w- C:\Program Files (x86)\Manual
2013-06-11 13:23:21 -------- d-----w- C:\Program Files (x86)\Common Files\Digidesign
2013-06-11 13:23:20 5811712 ----a-w- C:\Program Files (x86)\Nexus.dll
2013-06-11 13:23:20 1332224 ----a-w- C:\Windows\SysWow64\SYNSOEMU.DLL
2013-06-11 13:23:20 -------- d-----w- C:\Program Files (x86)\Uninstall Nexus
.
==================== Find3M ====================
.
2013-06-12 08:23:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 08:23:55 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-04-19 18:22:54 14456 ----a-w- C:\Windows\System32\drivers\gfibto.sys
2013-04-19 14:20:57 27256 ----a-w- C:\Windows\System32\drivers\FixZeroAccess.sys
.
============= FINISH: 11:59:52,93 ===============

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:


emptyclsid;
iedefaults;
resetIEproxy;
C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5};f
ffdefaults;
WsysSvc;s
C:\ProgramData\eSafe;fs
C:\Program Files (x86)\MyPC Backup;fs
C:\ProgramData\StarApp;vs
C:\Windows\System32\drivers\FixZeroAccess.sys;f
ipconfig /flushdns >> %temp%\log.txt;b
emptyalltemp;
autoclean;
filesrcm;
startupall;
firefoxlook;
chromelook;



Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadrzaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zoek.exe Version 4.0.0.3 Updated 05-July-2013
Tool run by vinko on pon 08.07.2013 at 12:32:49,85.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected

==== Older Logs ======================

C:\zoek-results08.07.2013-1231.log 396 bytes
C:\zoek-results08.07.2013-1232.log 399 bytes

==== Possible Rootkit Infection ======================

C:\Windows\installer\{5348a7e9-edf8-61b7-a25a-20573d2bd329}\U

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\winzipersvc deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\prefs.js:
user_pref("browser.startup.homepage", "www.google.com");
user_pref("browser.search.defaultenginename", "");
user_pref("browser.search.defaultenginename,S", "");
user_pref("browser.search.selectedEngine,S", "");
user_pref("browser.search.order.1", "");
user_pref("browser.search.order.1,S", "");
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default

user.js not found
---- Lines mixidj removed from prefs.js ----

user_pref("extensions.mixidj.admin", false);
user_pref("extensions.mixidj.aflt", "babsst");
user_pref("extensions.mixidj.appId", "{A2773ED4-83BD-488A-A186-73590706C916}");
user_pref("extensions.mixidj.autoRvrt", "false");
user_pref("extensions.mixidj.bbDpng", "17");
user_pref("extensions.mixidj.cntry", "RS");
user_pref("extensions.mixidj.dfltLng", "en");
user_pref("extensions.mixidj.excTlbr", false);
user_pref("extensions.mixidj.ffxUnstlRst", false);
user_pref("extensions.mixidj.hdrMd5", "EDBCCE6C3086416AD3DE8282AC438D7E");
user_pref("extensions.mixidj.id", "96208bd5000000000000685d43cf70e8");
user_pref("extensions.mixidj.instlDay", "15873");
user_pref("extensions.mixidj.instlRef", "sst");
user_pref("extensions.mixidj.lastVrsnTs", "1.8.18.89:51:55");
user_pref("extensions.mixidj.newTab", false);
user_pref("extensions.mixidj.prdct", "mixidj");
user_pref("extensions.mixidj.prtnrId", "mixidj");
user_pref("extensions.mixidj.rvrt", "false");
user_pref("extensions.mixidj.smplGrp", "none");
user_pref("extensions.mixidj.tlbrId", "baseyh");
user_pref("extensions.mixidj.tlbrSrchUrl", "");
user_pref("extensions.mixidj.vrsn", "1.8.18.8");
user_pref("extensions.mixidj.vrsni", "1.8.18.8");
user_pref("extensions.mixidj.vrsnTs", "1.8.18.89:51:55");

---- Lines mixidj modified from prefs.js ----


---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 3);

---- Lines browser.startup.page modified from prefs.js ----


---- FireFox user.js and prefs.js backups ----

prefs_08.07.2013_1235_.backup

==== Batch Command(s) Run By Tool======================


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

==== Deleting Files \ Folders ======================

"C:\windows\SysNative\drivers\FixZeroAccess.sys" deleted
"C:\Users\vinko\AppData\Roaming\All CPU MeterV3_Settings.ini" deleted
"C:\windows\SysNative\Tasks\EPUpdater" deleted
"C:\Users\vinko\Desktop\YTD Video Downloader.lnk" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\chrome.manifest" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\install.rdf" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\install.rdf.old" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content\.DS_Store" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content\firefoxOverlay.xul" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content\installid.js" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content\overlay.js" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content\vfdownload.js" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content\vfdownload.js.old" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\defaults\.DS_Store" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\locale\.DS_Store" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\skin\overlay.css" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\defaults\preferences\.DS_Store" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\defaults\preferences\vfdownload.js" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\locale\en-US\.DS_Store" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\locale\en-US\._vfdownload.properties" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\locale\en-US\vfdownload.properties" deleted
"C:\Program Files (x86)\WinZipper\eshellctx64.dll" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}" deleted
"C:\Windows\installer\{5348a7e9-edf8-61b7-a25a-20573d2bd329}" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\defaults" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\locale" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\skin" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\defaults\preferences" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\locale\en-US" deleted
"C:\Windows\installer\{5348a7e9-edf8-61b7-a25a-20573d2bd329}\U" deleted
"C:\ProgramData\eSafe" deleted
"C:\Program Files (x86)\MyPC Backup" deleted
"C:\Program Files (x86)\WinZipper" not deleted
"C:\Program Files (x86)\MyPC Backup" deleted
"C:\Users\vinko\AppData\Roaming\WinZipper" deleted
"C:\ProgramData\eSafe" deleted
"C:\ProgramData\StarApp" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-07-08 09:33:00 FBD1D9D84539A98536228C420858FA31 88 ----a-w- C:\Windows\DeleteOnReboot.bat
2013-07-08 07:42:56 89FCD919CDD3AC855BB717BC080CE838 41664 ----a-w- C:\Windows\avastSS.scr
====== C:\Users\vinko\AppData\Local\Temp ====
2013-07-08 08:34:21 C39FC6F184C127F4FC5A8412BB27CB8A 573440 ----a-w- C:\Users\vinko\AppData\Local\Temp\OptimizerPro.exe
2013-07-08 08:32:38 586C879732A6790862EC0B0BE8FBF6BD 10956254 ----a-w- C:\Users\vinko\AppData\Local\Temp\MBAW_App_Installer.exe
2013-07-08 07:54:10 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\vinko\AppData\Local\Temp\ESGScanner.sys
2013-07-08 07:51:12 B575AB32F77C20EB24D2EB4822B0EFBA 46646352 ----a-w- C:\Users\vinko\AppData\Local\Temp\SHSetup.exe
2013-07-08 07:30:40 AD2BA9E9F4B8A4BC85654E6B735DA0CC 131956321 ----a-w- C:\Users\vinko\AppData\Local\Temp\Avast_App_Installer.exe
2013-07-08 07:20:38 E565BD591BF472D62B580324164B0DAB 43545 ------w- C:\Users\vinko\AppData\Local\Temp\Setup.exe
2013-07-05 05:28:33 F10E9620F1D0EDEC56C0C1E1790CEAB9 31668328 ----a-w- C:\Users\vinko\AppData\Local\Temp\SkypeSetup.exe
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2013-07-08 07:43:23 FA5820B2A57D098EE2DFDBF77A924A4D 22664 ----a-w- C:\Windows\Sysnative\drivers\aswKbd.sys
2013-07-08 07:43:23 CF6A24076F978BF9C1FE61EE8595DB66 80888 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys
2013-07-08 07:43:23 AB1403AF5CC781D5148096216DA3A2A3 377992 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys
2013-07-08 07:43:23 76A2BD420185B468B6DE89AED1EEAE40 65408 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys
2013-07-08 07:43:23 6A2D4BB9DDAA7D74839936403BB31F06 68992 ----a-w- C:\Windows\Sysnative\drivers\aswTdi.sys
2013-07-08 07:43:23 5EB2FC36BD4639097A2F9BB68C825604 1025880 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys
2013-07-08 07:43:23 4CA8E3A70263C3029935551204586701 33472 ----a-w- C:\Windows\Sysnative\drivers\aswFsBlk.sys
2013-07-08 07:43:23 24EB5B96B8D215BAC4FC280D39B73049 71064 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys
2013-07-08 07:43:23 0A83FFF1AEF6113EF8DCBB32D5014AB1 177672 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys
====== C:\Windows\Tasks ======
2013-07-08 07:44:20 32ADA11C3519DA96AB8F98D6B4BCA87F 3408 ----a-w- C:\Windows\Sysnative\Tasks\Omiga Plus RunAsStdUser
2013-07-08 07:43:21 BBAB6EED976117B9BB0DA36443D5AA7C 3924 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update
2013-07-08 07:32:08 5130A509A9C85811729FC21CD12EFEB0 3384 ----a-w- C:\Windows\Sysnative\Tasks\Desk 365 RunAsStdUser
2013-06-11 09:53:45 DCD17F3CA3C49514E05FAB0930E8EB9D 3086 ----a-w- C:\Windows\Sysnative\Tasks\{B9EBE40D-A29C-4F67-88F3-D89282F8302A}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-07-08 07:54:08 -------- d-----w- C:\Program Files\Enigma Software Group
2013-07-06 06:19:05 -------- d-----w- C:\Program Files\Common Files\ACD Systems
2013-07-06 06:19:05 -------- d-----w- C:\Program Files\ACD Systems
======= C:\Program Files (x86) =====
2013-07-08 09:39:03 -------- d-----w- C:\Program Files (x86)\MCShield
2013-07-08 08:10:08 -------- d-----w- C:\Program Files (x86)\Enigma Software Group
2013-07-08 07:44:02 -------- d-----w- C:\Program Files (x86)\WinZipper
2013-07-03 08:53:12 -------- d-----w- C:\Program Files (x86)\Photo DVD Slideshow Professional
2013-07-02 07:45:24 -------- d-----w- C:\Program Files (x86)\ArcSoft
2013-07-02 07:45:23 -------- d-----w- C:\Program Files (x86)\Common Files\ArcSoft
2013-07-02 06:38:09 -------- d-----w- C:\Program Files (x86)\DVD Photo Slideshow Professional
2013-06-20 08:18:56 -------- d-----w- C:\Program Files (x86)\Metro Last Light
2013-06-17 07:26:31 -------- d-----w- C:\Program Files (x86)\SafeSaver
2013-06-14 11:38:50 -------- d-----w- C:\Program Files (x86)\GreenTree Applications
2013-06-12 08:28:47 -------- d-----w- C:\Program Files (x86)\8monkey Labs
2013-06-12 07:17:57 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
2013-06-12 06:40:55 -------- d-----w- C:\Program Files (x86)\Star Trek
2013-06-11 13:23:21 -------- d-----w- C:\Program Files (x86)\Manual
2013-06-11 13:23:21 -------- d-----w- C:\Program Files (x86)\Common Files\Digidesign
2013-06-11 13:23:20 5811712 ----a-w- C:\Program Files (x86)\Nexus.dll
2013-06-11 13:23:20 -------- d-----w- C:\Program Files (x86)\Uninstall Nexus
======= C: =====
2013-07-08 09:32:53 093F97FDADD0C7C330E5B38BAADEDFD0 19134 ----a-w- C:\AdwCleaner[S1].txt
2013-07-08 09:32:40 77E8D75A68A83373CC5807B4260C3F37 21226 ----a-w- C:\AdwCleaner[R1].txt
2013-07-08 07:54:25 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
====== C:\Users\vinko\AppData\Roaming ======
2013-07-06 06:19:30 -------- d-----w- C:\users\vinko\AppData\Roaming\ACD Systems
2013-07-06 06:19:30 -------- d-----w- C:\users\vinko\AppData\Local\ACD Systems
2013-07-06 06:18:29 -------- d-----w- C:\users\vinko\AppData\Local\Downloaded Installations
2013-07-03 08:53:27 -------- d-----w- C:\users\vinko\AppData\Roaming\Photo DVD Slideshow
2013-07-03 08:53:13 -------- d-----w- C:\users\vinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Photo DVD Slideshow Professional
2013-07-02 07:45:33 -------- d-----w- C:\users\vinko\AppData\Local\ArcSoft
2013-07-02 07:45:09 -------- d-----w- C:\users\vinko\AppData\Roaming\ArcSoft
2013-07-02 06:38:10 -------- d-----w- C:\users\vinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Photo Slideshow Professional
2013-06-20 08:38:33 -------- d-----w- C:\users\vinko\AppData\Local\4A Games
2013-06-19 11:32:31 -------- d-----w- C:\users\vinko\AppData\Local\ApplicationHistory
2013-06-17 07:31:52 -------- d-----w- C:\users\vinko\AppData\Roaming\uTorrent
2013-06-13 06:27:50 -------- d-----w- C:\users\vinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YuRecnik
2013-06-12 06:56:34 -------- d-----w- C:\users\vinko\AppData\Roaming\StarTrekPC
====== C:\Users\vinko ======
2013-07-08 09:39:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2013-07-08 09:39:03 -------- d-----w- C:\ProgramData\MCShield
2013-07-08 09:31:33 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 ----a-w- C:\Users\vinko\Downloads\adwcleaner.exe
2013-07-08 07:51:04 EEA0B34B60632083F2A75352BAE365FB 726464 ----a-w- C:\Users\vinko\Downloads\SpyHunter-Installer.exe
2013-07-08 07:44:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
2013-07-08 07:43:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Pro Antivirus
2013-07-06 06:19:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2013-07-06 06:19:09 -------- d-----w- C:\ProgramData\ACD Systems
2013-07-02 07:45:34 -------- d-----w- C:\ProgramData\ArcSoft
2013-07-02 07:45:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Panorama Maker 6
2013-07-02 06:38:17 -------- d-----w- C:\ProgramData\Anvsoft
2013-07-02 06:38:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Photo Slideshow Professional
2013-06-17 07:51:26 075B0DA82E23780FA2DD7F2EA0464FD4 258 --sha-r- C:\Users\vinko\ntuser.pol
2013-06-14 11:38:52 -------- d-----w- C:\ProgramData\YTD Video Downloader
2013-06-12 06:44:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Trek
2013-06-11 13:23:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX

====== C: exe-files ==
2013-07-08 09:39:05 6211B1C6CE499D34C73612DA746215EE 212148 ----a-w- C:\Program Files (x86)\MCShield\MCS-uninstall.exe
2013-07-08 09:39:04 EE14F6C5305455A743A8EC8D58B39B61 2616742 ----a-w- C:\ProgramData\MCShield\MCShield-Setup.exe
2013-07-08 09:31:33 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 ----a-w- C:\Users\vinko\Downloads\adwcleaner.exe
2013-07-08 08:34:21 C39FC6F184C127F4FC5A8412BB27CB8A 573440 ----a-w- C:\Users\vinko\AppData\Local\Temp\OptimizerPro.exe
2013-07-08 08:32:47 8C8B135897470CB8DF7F34BDA3ED3538 1110212 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E2E50N7S\SevenZip-setup-on[1].exe
2013-07-08 08:32:46 E8EFB9EF24C1E0CED84CFA3C2AE9DC2F 782832 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0NP8AAT\DeltaTB[1].exe
2013-07-08 08:32:38 586C879732A6790862EC0B0BE8FBF6BD 10956254 ----a-w- C:\Users\vinko\AppData\Local\Temp\MBAW_App_Installer.exe
2013-07-08 08:27:14 0376FEDC5ADB49075343025E4ACB7923 131039 ----a-w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP\WiseCustomCalla.exe
2013-07-08 08:22:03 C5129AAED888B5A223A2425464F371FA 15397208 ----a-w- C:\Program Files (x86)\BitLord\Downloads\SpyHunter 4.1.11.0 + (zabranjeno) [dazz1][h33t]\SpyHunter.4.1.11\setup\spyhunterS.exe
2013-07-08 08:22:03 4FAEE05B33E3F48B93860D12FC7F56A8 3021720 ----a-w- C:\Program Files (x86)\BitLord\Downloads\SpyHunter 4.1.11.0 + (zabranjeno) [dazz1][h33t]\SpyHunter.4.1.11\(zabranjeno)\SpyHunter4.exe
2013-07-08 08:21:12 EE2BBFA13ABF5DA559FD7753CEC411AF 131991 ----a-w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP\WiseCustomCalla11.exe
2013-07-08 08:18:24 E1A8AEAD6FAF66FB291B6386DDEDD375 259584 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\patch.exe
2013-07-08 08:18:05 E1A8AEAD6FAF66FB291B6386DDEDD375 259584 ----a-w- C:\Program Files (x86)\BitLord\Downloads\SpyHunter 4.12.13.4202 + Patch\Patch\patch.exe
2013-07-08 08:18:05 944689AADEF12AA5778AEC6A8A72EDE4 44046416 ----a-w- C:\Program Files (x86)\BitLord\Downloads\SpyHunter 4.12.13.4202 + Patch\spyhunterS4.exe
2013-07-08 08:09:49 25D473D7805261C752DA738B13E35816 185271 ----a-w- C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCalla31.exe
2013-07-08 08:06:18 C5129AAED888B5A223A2425464F371FA 15397208 ----a-w- C:\Program Files (x86)\BitLord\Downloads\SpyHunter 4.1.11.0 + (zabranjeno)\spyhunterS.exe
2013-07-08 08:06:18 4FAEE05B33E3F48B93860D12FC7F56A8 3021720 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
2013-07-08 07:53:50 22D3D73B2FA74C01D8D1CBA813D574B8 190411 ----a-w- C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCalla37.exe
2013-07-08 07:51:12 B575AB32F77C20EB24D2EB4822B0EFBA 46646352 ----a-w- C:\Users\vinko\AppData\Local\Temp\SHSetup.exe
2013-07-08 07:51:04 EEA0B34B60632083F2A75352BAE365FB 726464 ----a-w- C:\Users\vinko\Downloads\SpyHunter-Installer.exe
2013-07-08 07:44:18 1B107CF237334E9BA5A8D980D5BC1E7E 1281720 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CJ2Q6XY\Wallpaper[1].exe
2013-07-08 07:44:15 D3CD1858930DA0B7D666658020EEF300 1461928 ----a-w- C:\Users\vinko\AppData\Local\Temp\Omigaplus\eInstall\eInstall.exe
2013-07-08 07:44:03 640D75DC77F6D0CFE654F7EA5BFE1421 386112 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78\eGdpSvc[1].exe
2013-07-08 07:42:14 008E57288E2F742F992F2C4EF8B5B758 135436440 ----a-w- C:\Users\vinko\Desktop\Avast Pro Antivirus 2013 v8.0.1482 Final + License [-=GOLDENSHARK=-]\Avast Pro 2013 v8.0.1428.exe
2013-07-08 07:38:26 8484C1CD1EC86F516F1CEDBBF8A16342 2899184 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0NP8AAT\omigaplus[1].exe
2013-07-08 07:38:25 1BEECE52530426B1067A4D98A2204350 3124032 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0NP8AAT\WinZipper[1].exe
2013-07-08 07:33:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CJ2Q6XY\OptimizerPro[2].exe
2013-07-08 07:32:11 FE6B34DA2D16E6C6D10B6C126B137C15 1212288 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78\WebCakesetup[1].exe
2013-07-08 07:31:06 FB9AE1D55B5CDDB16EE12E60418B9292 528784 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78\SoftwareUpdater[1].exe
2013-07-08 07:30:40 AD2BA9E9F4B8A4BC85654E6B735DA0CC 131956321 ----a-w- C:\Users\vinko\AppData\Local\Temp\Avast_App_Installer.exe
2013-07-08 07:21:20 47F16705F32E4F22F3EFAB0B069A0F2C 132023142 ----a-w- C:\data files\Avast PRO Antivirus 2013 v8.0.1482 Incl Key\Avast.PRO.Antivirus.2013.v8.0.1482-Setup.exe
2013-07-08 07:20:38 E565BD591BF472D62B580324164B0DAB 43545 ------w- C:\Users\vinko\AppData\Local\Temp\Setup.exe
2013-07-05 05:28:33 F10E9620F1D0EDEC56C0C1E1790CEAB9 31668328 ----a-w- C:\Users\vinko\AppData\Local\Temp\SkypeSetup.exe
2013-07-03 08:53:23 769BB98BD6D5CDD7A3F280F4CD85EA85 82177 ----a-w- C:\Program Files (x86)\Photo DVD Slideshow Professional\uninst.exe
2013-07-02 07:45:28 DC365A89B95366FE68DC41680C6EF9BA 897024 ----a-w- C:\Program Files (x86)\ArcSoft\Panorama Maker 6\PMK.exe
2013-07-02 07:45:27 8E2F605CA8FD63E95EE19EC134B336A5 323896 ----a-w- C:\Program Files (x86)\ArcSoft\Panorama Maker 6\OPHistory.exe
2013-07-02 07:45:24 672EDE5ED8FD49F8CCB9915AFCCEA962 72192 ----a-w- C:\Program Files (x86)\Common Files\ArcSoft\Media Browser\ArcMediaService.exe
2013-07-02 07:45:23 1AEB989E361AF85F5099DE3DA25457F4 56320 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{E9CBC8FA-BF1F-4956-8B75-0D314682FE5F}\Setup.exe
2013-07-02 07:45:08 B3FD01873BD5FD163AB465779271C58F 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-07-02 06:38:13 EB450B392830A32EC6165F5179EC8BA3 76398 ----a-w- C:\Program Files (x86)\DVD Photo Slideshow Professional\uninst.exe
=== C: other files ==
2013-07-08 09:33:00 FBD1D9D84539A98536228C420858FA31 88 ----a-w- C:\Windows\DeleteOnReboot.bat
2013-07-08 07:54:25 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
2013-07-08 07:54:12 64F7854468F5D54389D9E0500FD47FE8 7529344 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\SH4.com
2013-07-08 07:54:10 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\vinko\AppData\Local\Temp\ESGScanner.sys
2013-07-08 07:43:23 FA5820B2A57D098EE2DFDBF77A924A4D 22664 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2013-07-08 07:43:23 CF6A24076F978BF9C1FE61EE8595DB66 80888 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-07-08 07:43:23 AB1403AF5CC781D5148096216DA3A2A3 377992 ----a-w- C:\Windows\System32\drivers\aswSP.sys
2013-07-08 07:43:23 76A2BD420185B468B6DE89AED1EEAE40 65408 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-07-08 07:43:23 6A2D4BB9DDAA7D74839936403BB31F06 68992 ----a-w- C:\Windows\System32\drivers\aswTdi.sys
2013-07-08 07:43:23 5EB2FC36BD4639097A2F9BB68C825604 1025880 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-07-08 07:43:23 4CA8E3A70263C3029935551204586701 33472 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys
2013-07-08 07:43:23 24EB5B96B8D215BAC4FC280D39B73049 71064 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-07-08 07:43:23 0A83FFF1AEF6113EF8DCBB32D5014AB1 177672 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-07-08 07:34:22 AED66BB669FDDD6536F5FB7875BDAE56 135445706 ----a-w- C:\data files\Avast Pro Antivirus 2013 v8.0.1482 Final + License- [EC].zip
2013-07-08 07:20:38 77FD8D70DB4ADCE798E14B27B7BE1B2D 127 ----a-w- C:\Users\vinko\AppData\Local\Temp\Install.vbs
2013-07-08 07:20:30 1C2E7047DE358A375546B710AAA6F26F 148 ----a-w- C:\Users\vinko\AppData\Local\Temp\Install.bat
2013-07-06 06:20:07 D503914C4ED8654B1A48EAACEF029E15 123623 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78\prosale-EN2[1].zip
2013-07-03 12:45:27 D09B7D350A6610DEE044B6BD5399B030 87 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78\facebook[1].com
2013-07-03 10:37:30 362304E36267E4BB62448BCBFDD2BED4 85 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78\google[2].com
2013-07-03 05:59:12 542FBEE69A0836048DC774A488908A37 87 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E2E50N7S\instagram[1].com

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"uTorrent"="C:\Users\vinko\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"RemoteControl9"="C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
"PDVD9LanguageShortcut"="C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
"Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2"
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe"
"PWRISOVM.EXE"="C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"uTorrent"="C:\Users\vinko\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0 /dne /s"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"ACPW06EN"="C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe /pid ACPW06EN"
"ETDCtrl"="C:\Program Files\Elantech\ETDCtrl.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12.06.2013 10:23]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22.11.2012 21:26]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22.11.2012 21:26]

==== Firefox Extensions ======================

ProfilePath: C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default
- avast WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Lavasoft Search Plugin - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

Profilepath: C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash


==== Deleting Files \ Folders ======================

"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
hpcpjjneoenndcngkpmlffpcobobkggg - C:\Program Files (x86)\OApps\chrome-sl.crx[]
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[28.02.2013 09:33]
lfffjahnfbocnaooecgijfnbpcfekoik - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14.05.2013 13:27]

avast WebRep - vinko - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hpcpjjneoenndcngkpmlffpcobobkggg deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\vinko\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78 will be deleted at reboot
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0NP8AAT will be deleted at reboot
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\vinko\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\vinko\AppData\Local\Mozilla\Firefox\Profiles\f8luua6q.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\vinko\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\vinko\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\vinko\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Program Files (x86)\WinZipper" not found
"C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78" not found
"C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0NP8AAT" not found

==== EOF on pon 08.07.2013 at 12:41:02,54 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pokreni Zoek.exe jos jednom kao malopre sto si ali preko ove skripte:


resethosts;
C:\Users\vinko\AppData\Local\Temp\OptimizerPro.exe;f
C:\Users\vinko\AppData\Local\Temp\Setup.exe;f
hpcpjjneoenndcngkpmlffpcobobkggg;chr
C:\Program Files (x86)\OApps;fs
lfffjahnfbocnaooecgijfnbpcfekoik;chr
C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx;f
emptytemp;
emptyflash;
chrdefaults;
autoclean;


Postavi sveze kreiran zoek log ovde.



Dodatna Provera:

Preuzmi aswMBR i sacuvaj ga na Desktop.

Dvoklikom pokreni aswMBR.

Ukoliko dobijes sledecu poruku:
Would you like to download latest Avast! virus definitions?
Klikni na dugme Yes i pricekaj da se proces preuzimanja definicija zavrsi.

Proveri da je pod AV Scan: izabrana opcija QuickScan

Klikni na Scan.

Kada zavrsi skeniranje ( Scan finished successfully ) klikni Save log.
Sacuvaj aswMBR log na Desktop.
Sadrzaj tog loga iskopiraj u temi.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 08 Jul 2013 13:14

Zoek.exe Version 4.0.0.3 Updated 05-July-2013
Tool run by vinko on pon 08.07.2013 at 13:06:56,56.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected

==== System Restore Info ======================

8.7.2013 13:07:13 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\Users\vinko\AppData\Local\Temp\OptimizerPro.exe" not found
"C:\Users\vinko\AppData\Local\Temp\Setup.exe" not found
"C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx" not found
"C:\Program Files (x86)\OApps" not found

==== Firefox Extensions ======================

ProfilePath: C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default
- avast WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

Profilepath: C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[28.02.2013 09:33]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14.05.2013 13:27]

avast WebRep - vinko - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\users\vinko\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\users\vinko\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C7J6ATKQ will be deleted at reboot
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PP7KT1LN will be deleted at reboot
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\vinko\AppData\Local\Mozilla\Firefox\Profiles\f8luua6q.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\vinko\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\vinko\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C7J6ATKQ" not found
"C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PP7KT1LN" not found

==== EOF on pon 08.07.2013 at 13:12:33,19 ======================

Dopuna: 08 Jul 2013 13:21



https://www.mycity.rs/must-login.png



aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-08 13:14:16
-----------------------------
13:14:16.698 OS Version: Windows x64 6.1.7601 Service Pack 1
13:14:16.698 Number of processors: 8 586 0x3A09
13:14:16.698 ComputerName: VINKO-PC UserName: vinko
13:14:18.368 Initialize success
13:14:18.461 AVAST engine defs: 13070800
13:14:24.826 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:14:24.826 Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
13:14:24.920 Disk 0 MBR read successfully
13:14:24.920 Disk 0 MBR scan
13:14:24.935 Disk 0 Windows VISTA default MBR code
13:14:24.935 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
13:14:24.935 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12442 MB offset 81920
13:14:24.951 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 375548 MB offset 25563136
13:14:24.951 Disk 0 Partition - 00 0F Extended LBA 327373 MB offset 794685440
13:14:24.982 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 327372 MB offset 794687488
13:14:24.998 Disk 0 scanning C:\Windows\system32\drivers
13:14:31.971 Service scanning
13:14:45.496 Modules scanning
13:14:45.496 Disk 0 trace - called modules:
13:14:45.527 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
13:14:45.527 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005b01790]
13:14:45.527 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> [0xfffffa8006a84cb0]
13:14:45.527 5 stdcfltn.sys[fffff88001d25d12] -> nt!IofCallDriver -> [0xfffffa8005b00340]
13:14:45.543 7 ACPI.sys[fffff88000fae7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007d8d050]
13:14:46.619 AVAST engine scan C:\Windows
13:14:48.507 AVAST engine scan C:\Windows\system32
13:16:31.643 AVAST engine scan C:\Windows\system32\drivers
13:16:37.750 AVAST engine scan C:\Users\vinko
13:18:05.557 Disk 0 MBR has been saved successfully to "C:\Users\vinko\Desktop\MBR.dat"
13:18:05.563 The log file has been saved successfully to "C:\Users\vinko\Desktop\aswMBR.txt"
13:18:29.365 AVAST engine scan C:\ProgramData
13:20:41.976 Scan finished successfully
13:21:06.582 Disk 0 MBR has been saved successfully to "C:\Users\vinko\Desktop\MBR.dat"
13:21:06.587 The log file has been saved successfully to "C:\Users\vinko\Desktop\aswMBR.txt"

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

To je to.

Uklanjamo koriscene alate i njihove fajlove.

Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings

Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.
Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

# DelFix v10.3 - Logfile created 09/07/2013 at 08:06:44
# Updated 08/06/2013 by Xplode
# Username : vinko - VINKO-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\AdwCleaner[R1].txt
Deleted : C:\AdwCleaner[S1].txt
Deleted : C:\zoek-results.log
Deleted : C:\Users\vinko\Downloads\adwcleaner.exe
Deleted : C:\Users\vinko\Downloads\aswMBR(1).exe
Deleted : C:\Users\vinko\Downloads\aswMBR.exe
Deleted : C:\Users\vinko\Downloads\dds(1).scr
Deleted : C:\Users\vinko\Downloads\dds.scr
Deleted : C:\Users\vinko\Downloads\zoek.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKCU\console_combofixbackup
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #108 [Installed ACDSee Pro 6. | 07/06/2013 06:18:49]
Deleted : RP #109 [avast! Free Antivirus Instalacija | 07/08/2013 07:01:43]
Deleted : RP #110 [avast! Pro Antivirus Instalacija | 07/08/2013 07:42:34]
Deleted : RP #111 [Installed SpyHunter | 07/08/2013 07:53:52]
Deleted : RP #112 [Installed SpyHunter | 07/08/2013 08:09:16]
Deleted : RP #113 [Removed SpyHunter | 07/08/2013 08:21:01]
Deleted : RP #114 [Installed SpyHunter | 07/08/2013 08:22:36]
Deleted : RP #115 [Removed SpyHunter | 07/08/2013 08:27:06]
Deleted : RP #116 [zoek.exe restore point | 07/08/2013 11:07:05]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########