trojanci ne mogu da se sklone

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

zoek upravo odradjuje(pisem sa drugog kompa)a kasperski nije nasao nista

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

elizabeta1 ::zoek upravo odradjuje(pisem sa drugog kompa)a kasperski nije nasao nista

Ok. Bez obzira na to sto TDSSK nije detektovao nista, meni je potrebno da vidim i njegov log te ga kaci ovde zajedno sa zoek izvestajem.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]






Zoek.exe Version 4.0.0.4 Updated 11-September-2013
Tool run by kiki on 14/09/2013 at 16:05:29,67.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\kiki\Desktop\zoek.exe [Script inserted]

==== System Restore Info ======================

14/09/2013 16:06:40 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\Users\kiki\bass.dll" deleted
"C:\Users\kiki\dbghelp.dll" deleted
"C:\Users\kiki\j2k-codec.dll" deleted
"C:\windows\SysNative\Tasks\Express FilesUpdate" deleted
"C:\Windows\Tasks\Express FilesUpdate.job" deleted
"C:\windows\SysNative\tasks\LyricsSay-1-chromeinstaller" deleted
"C:\windows\SysNative\tasks\LyricsSay-1-codedownloader" deleted
"C:\windows\SysNative\tasks\LyricsSay-1-enabler" deleted
"C:\windows\SysNative\tasks\LyricsSay-1-firefoxinstaller" deleted
"C:\windows\SysNative\tasks\LyricsSay-1-updater" deleted
"C:\Users\kiki\Desktop\opet\SoftonicDownloader_pour_windows-live-messenger.exe" deleted
"c:\programdata\BoxUpdChk\updchk.exe" deleted
"c:\programdata\BoxUpdChk\logs\main_1000.log" deleted
"c:\programdata\BoxUpdChk\logs\main_1010.log" deleted
"c:\program files (x86)\predm" deleted
"c:\programdata\BoxUpdChk" deleted
"C:\Temp" deleted
"c:\users\kiki\AppData\Roaming\.mono" deleted
"c:\programdata\BoxUpdChk\logs" deleted
"C:\Temp\Iminent" deleted
"c:\users\kiki\AppData\Roaming\.mono\certs" deleted
"c:\users\kiki\AppData\Roaming\.mono\certs\CA" deleted
"c:\users\kiki\AppData\Roaming\.mono\certs\Trust" deleted
"C:\found.000" deleted
"C:\Users\kiki\AppData\Roaming\YoudaGames" deleted
"C:\Users\kiki\AppData\Local\Software" deleted
"C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted
"C:\Users\kiki\AppData\Local\Software" deleted
"C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted
"C:\Users\kiki\AppData\Local\Software" deleted
"C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted
"C:\Users\kiki\AppData\Local\Software" deleted
"C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted
"C:\Users\kiki\AppData\Local\Software" deleted
"C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted
"C:\Users\kiki\AppData\Local\Software" deleted
"C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted
"C:\Users\kiki\AppData\Local\Software" deleted
"C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted
"C:\Users\kiki\AppData\Local\Software" deleted
"C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted
"C:\Users\kiki\AppData\Local\Software" deleted
"C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-09-13 22:52:45 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2013-09-13 22:52:45 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2013-09-13 22:52:45 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2013-09-13 22:52:45 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2013-09-13 22:52:45 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
====== C:\Users\kiki\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2013-09-13 18:10:53 ACA17F8E1F9E8891DE15E2527D8D74D0 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe
2013-09-13 18:10:39 6BEE003DB3FEF04151F614303EBB1E7B 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-11 18:14:38 BCA4913CDE903B4BDEEDAD1D6DBF5E2A 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll
2013-09-11 18:14:38 06EEAD5864F357ADC618F65A2F2C5156 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 18:14:36 7E540E07B97DCBCF8F76FA743B486BF2 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2013-09-11 18:14:36 43852485D0B78C021A47E9548A4CFFE0 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 18:14:36 000B55B43992179E69C2E83CCB8F1126 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2013-09-11 18:14:35 3B74EADF1B70251D3CDB87BC338DC34D 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 18:14:35 281A720B0A984E325599EE1F0342E8FB 2048000 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2013-09-11 18:14:32 2EC47CF6A36F6A83BB8B98C1425B4D41 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 18:14:31 00531B52C9468929F2C651B3BCADCBC9 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll
2013-09-11 18:14:30 79DC575FE905D5DD5C5A4C5993A7C7F9 2876928 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2013-09-11 18:14:29 E5D91D6B81A293AB6854CAD112240A4B 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2013-09-11 18:14:26 7C63629508BB87227C3C861355A155B4 39424 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 18:14:26 535F6263035F2530A62D5D64EF6E73D3 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll
2013-09-11 18:14:24 4FCC53B82D91607FB9AE24E617108BB2 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2013-09-11 18:14:19 5D2D7E7850CE963C2F401D4DEE7BB32A 14332928 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2013-09-11 11:49:12 1A9E4EE88B31750E5CA207424143F99C 3968960 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 11:49:10 5D0325AEF9DE48330908EC2E2DB0359F 3913664 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 11:49:08 57EC6102661E0E1D156C1EC251E7CAF8 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 11:49:08 365A5034093AD9E04F433046C4CDF6AB 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2013-09-11 11:49:08 1B7343C3765638D4D17CB925F84F8ABE 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 11:49:08 0184CC60AB10C8124D69AFB332C6AF1C 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll
2013-09-11 11:49:07 73EF27E157855E3CB18B021BC9622E4C 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2013-09-11 11:49:06 B83592F532FB320F0001F8099ECC192B 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2013-09-11 11:49:06 8489D083E46BFD2096A6CECFF6C7C227 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2013-09-11 11:49:06 812A161FC470FA832C3F0CC3D7ACA2F9 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 11:49:06 3808FD7522646BEB1CCEA94C45D4228C 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2013-09-11 11:48:21 E02781D4871844DCD30DF1D69A650F78 12872704 ----a-w- C:\Windows\SysWOW64\shell32.dll
2013-09-11 11:48:21 2C4A87CA8C00E98EFDCFA2E8EC9A3503 180224 ----a-w- C:\Windows\SysWOW64\shdocvw.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-09-11 18:14:38 C016B4170A836CBA9DF98F02CD055C1B 526336 ----a-w- C:\Windows\Sysnative\ieui.dll
2013-09-11 18:14:38 B98DDA3209E252884F6F9431A43424B3 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2013-09-11 18:14:36 91573C042B3D9163F29CB1E1E51FF51A 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll
2013-09-11 18:14:36 7248896237039BBC477DBB9C62C37FCB 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll
2013-09-11 18:14:35 8E9898BF21FF4232EE07BD5D1D1C6281 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll
2013-09-11 18:14:35 73BA149C61D2B164E25E1455D9D7F648 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
2013-09-11 18:14:35 390231BA1644AFE0ADD5A7F186EF6FA4 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll
2013-09-11 18:14:35 3581F49B7B32B4514FFD9481ED8BAE61 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2013-09-11 18:14:32 DCAE7117A97F5922B853981D6D491D71 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2013-09-11 18:14:31 CF57F63E6878BEA029B1098D03143AED 855552 ----a-w- C:\Windows\Sysnative\jscript.dll
2013-09-11 18:14:30 C6DBD79D39061F189A3F1055D44E1590 3959296 ----a-w- C:\Windows\Sysnative\jscript9.dll
2013-09-11 18:14:29 35552F806607A86E65B6047BF695D34B 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll
2013-09-11 18:14:27 537394CF1A70BFFB0B3C7510404CF91C 53248 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2013-09-11 18:14:25 AAFA952E774DDDB0956D3BDFAE5B5B99 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll
2013-09-11 18:14:23 08F6335D55310C334B13B9616E61D13D 15404544 ----a-w- C:\Windows\Sysnative\ieframe.dll
2013-09-11 18:14:21 CC4AE7E2ECAEE7612B3C0D3AB302375C 19246592 ----a-w- C:\Windows\Sysnative\mshtml.dll
2013-09-11 11:49:09 63B563F1FC047AB3E21530DBBE773260 5550528 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2013-09-11 11:49:09 5B79D52A0388D8DEC5BF68411EA05A02 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll
2013-09-11 11:49:08 F0970A4BC8395659C22BF53D0FADF16F 112640 ----a-w- C:\Windows\Sysnative\smss.exe
2013-09-11 11:49:08 D8973E71F1B35CD3F3DEA7C12D49D0F0 1161216 ----a-w- C:\Windows\Sysnative\kernel32.dll
2013-09-11 11:49:08 BF95EA5809E3BBF55370F7CB309FEBD0 338432 ----a-w- C:\Windows\Sysnative\conhost.exe
2013-09-11 11:49:08 B22C00ED0491FD7B8803D7DDE2849F4C 424448 ----a-w- C:\Windows\Sysnative\KernelBase.dll
2013-09-11 11:49:08 AA913C4E63B6F3F52E20BC9932205BCC 243712 ----a-w- C:\Windows\Sysnative\wow64.dll
2013-09-11 11:49:08 9209EA3F29DFC339A87EFD604E035FE4 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll
2013-09-11 11:49:08 88EDD0B34EED542745931E581AD21A32 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll
2013-09-11 11:49:08 659D71E315FB40FFE9AD46CB0588BEB1 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll
2013-09-11 11:49:08 49CEA3942A2B99A906EAFC94B853EDBD 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll
2013-09-11 11:49:08 216BABD555BC550952320EEA89C25DDF 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll
2013-09-11 11:49:06 70A1D465390C393AA118D9764E065B06 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll
2013-09-11 11:48:27 42A88ECF903BFE11411D188DCE830E84 3155456 ----a-w- C:\Windows\Sysnative\win32k.sys
2013-09-11 11:48:22 AD662B34B161198B9D66A564EDDA7D43 14172672 ----a-w- C:\Windows\Sysnative\shell32.dll
2013-09-11 11:48:21 23B001185B7C3CB1F4BDEB143E6B45B7 197120 ----a-w- C:\Windows\Sysnative\shdocvw.dll
====== C:\Windows\Sysnative\drivers =====
2013-09-11 11:49:14 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys
2013-09-04 23:43:42 4494718783294ECFFBA7E89D82BAE6E1 45880 ----a-w- C:\Windows\Sysnative\drivers\avgrkx64.sys
2013-08-27 21:34:42 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys
2013-08-27 21:34:41 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
====== C:\Windows\Tasks ======
2013-09-05 11:38:45 87D2280DF232783FD73C39E3E0DCAA24 3282 ----a-w- C:\Windows\Sysnative\Tasks\BoxSoftwareUpdate
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-09-13 19:55:38 -------- d-----w- C:\Program Files\GridinSoft Trojan Killer
2013-09-13 18:35:39 -------- d-----w- C:\Program Files\Enigma Software Group
======= C:\Program Files (x86) =====
2013-09-13 18:11:22 -------- d-----w- C:\Program Files (x86)\Common Files\Java
2013-09-05 11:37:54 -------- d-----w- C:\Program Files (x86)\Software
======= C: =====
2013-09-13 21:08:46 6634DAD616B977ACF8C6905356DE49D4 14033 ----a-w- C:\AdwCleaner[S1].txt
2013-09-13 21:08:26 096E08BB3DCAB40B9B1874DE5B529F6E 15282 ----a-w- C:\AdwCleaner[R1].txt
2013-09-13 18:36:25 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
====== C:\Users\kiki\AppData\Roaming ======
2013-09-14 13:39:18 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp
2013-09-14 13:39:18 -------- d-----w- C:\Users\Public\AppData\Local\temp
2013-09-14 13:39:18 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-09-14 13:39:18 -------- d-----w- C:\Users\Default User\AppData\Local\temp
2013-09-13 19:12:19 CBAFAD91FC95AACF0AA1B533CFCF2CAA 575300 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\~FontCache-System.dat
2013-09-13 12:36:45 58249F891F6ABB4F2E11659C40C8C014 8388608 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\~FontCache-S-1-5-21-2297441588-3035617399-1011442276-1001.dat
2013-09-05 11:39:03 -------- d-----w- C:\Users\kiki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2013-09-02 09:01:35 F7BCADDC2E780BC40B076F4349076DA9 190 ----a-w- C:\Users\kiki\AppData\Locallow\rbxcsettings.rbx
2013-09-02 09:01:33 -------- d-----w- C:\Users\kiki\AppData\Local\Roblox
2013-09-01 12:49:56 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\MFAData
2013-09-01 12:49:56 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\MFAData
2013-08-30 12:01:04 -------- d-----w- C:\Users\kiki\AppData\Locallow\splitscreen
====== C:\Users\kiki ======
2013-09-13 23:07:58 -------- d-----w- C:\Users\Public\AppData
2013-09-13 21:17:31 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\kiki\Desktop\kzut51kq.exe
2013-09-13 18:11:25 -------- d-----w- C:\ProgramData\Oracle
2013-09-13 18:10:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2013-09-13 13:52:57 -------- d-----w- C:\ProgramData\4shared Desktop
2013-09-13 12:44:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2013-09-05 10:59:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2013-09-05 10:59:07 D0D1DD69810CFBB477BA6644D7D374E9 5054266 ----a-w- C:\Users\kiki\Desktop\samp03ainstall.exe
2013-08-30 19:13:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTA San Andreas
2013-08-28 10:42:06 -------- d-----w- C:\ProgramData\NexonEU

====== C: exe-files ==
2013-09-14 14:01:22 93AAFCE5EB0BA6C77E53B892E9440BC4 2748256 ----a-w- C:\Users\kiki\AppData\Local\Opera\Opera\temporary_downloads\tdsskiller.exe
2013-09-14 13:40:47 720CBF9C4E60540122BED3EA8CC0EAAC 1037278 ----a-w- C:\Users\kiki\AppData\Local\Opera\Opera\temporary_downloads\AdwCleaner.exe
2013-09-13 22:52:45 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2013-09-13 22:52:45 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2013-09-13 22:52:45 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2013-09-13 22:52:45 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2013-09-13 22:52:45 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
2013-09-13 21:17:31 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\kiki\Desktop\kzut51kq.exe
2013-09-13 19:49:56 6B694061D38768EC7D059465ACAD9A85 23334896 ----a-w- C:\Users\kiki\Desktop\trj688\Trojan Remover 6.8.8 Build 2622\trjsetup688.exe
2013-09-13 18:10:53 ACA17F8E1F9E8891DE15E2527D8D74D0 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe
2013-09-13 18:10:31 FE62A080B6B3846FB18F04B488BF686F 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
2013-09-13 18:10:31 FB81754A3C79379C3882128875C8C948 48552 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe
2013-09-13 18:10:31 F744671F237351A00580DEBDA7B13C58 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe
2013-09-13 18:10:31 F07B981F68160C8932BD7E2A056E3542 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe
2013-09-13 18:10:31 ED2542D50B46FACB647E9ACE15376F71 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
2013-09-13 18:10:31 EC94122E6DCB6E731D8513A89AC9CF12 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe
2013-09-13 18:10:31 EC2A0F271C0FD4AD57B137845577F539 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe
2013-09-13 18:10:31 DE16D31DDE767A35C4727D4F5C4F5165 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe
2013-09-13 18:10:31 ACA17F8E1F9E8891DE15E2527D8D74D0 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe
2013-09-13 18:10:31 A5937B2A94424CF1B13A4AD503AF6B2E 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe
2013-09-13 18:10:31 8BAE06DA395B81D5BB9D335719B4C71F 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe
2013-09-13 18:10:31 8B060210811F4C88280BB1FE097C8D18 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe
2013-09-13 18:10:31 879FBD4327A0411AD856CD256E05ACC8 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe
2013-09-13 18:10:31 85369335B06BA3EF80DBB2463BD75FC6 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe
2013-09-13 18:10:31 79E6E98DD340052FB62E85FC5C0F40B9 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe
2013-09-13 18:10:31 46D4A740A9CD31274B372AB31FDAB767 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe
2013-09-13 18:10:31 3F17C8C96551E1DFADAD909282D7A53B 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe
2013-09-13 18:10:31 33329EE40961C9F75753135EEFEE5215 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe
2013-09-13 18:10:31 20238A6FE9CA82DB6AA17CB08F4906CF 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe
2013-09-13 18:10:31 20121F1F03EA62AE7DBE20A5C065E62B 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe
2013-09-13 18:10:31 14478E73336D593E396FEE603118DF73 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe
2013-09-13 12:41:41 5A2F938939EAAD5B3328867D57F21ABE 7648648 ----a-w- C:\Windows\System32\config\systemprofile\AppData\Local\Avg2013\update\backup\avgmfapx.exe
2013-09-13 12:41:41 568CE6380A90B1C9E1A007DE0DA8D878 7655864 ----a-w- C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
2013-09-11 18:14:36 43852485D0B78C021A47E9548A4CFFE0 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 18:14:35 73BA149C61D2B164E25E1455D9D7F648 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-11 18:14:35 3581F49B7B32B4514FFD9481ED8BAE61 51712 ----a-w- C:\Windows\System32\ie4uinit.exe
2013-09-11 18:14:33 37287D98A1BF5D56AA729CEB9B27C6B1 770648 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2013-09-11 18:14:32 351657C79B62B91E16A95AD23EA3710D 775256 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-09-11 11:49:12 1A9E4EE88B31750E5CA207424143F99C 3968960 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 11:49:10 5D0325AEF9DE48330908EC2E2DB0359F 3913664 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 11:49:09 63B563F1FC047AB3E21530DBBE773260 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-09-11 11:49:08 F0970A4BC8395659C22BF53D0FADF16F 112640 ----a-w- C:\Windows\System32\smss.exe
2013-09-11 11:49:08 BF95EA5809E3BBF55370F7CB309FEBD0 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-09-11 11:49:06 B83592F532FB320F0001F8099ECC192B 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2013-09-11 11:49:06 8489D083E46BFD2096A6CECFF6C7C227 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2013-09-11 11:49:06 3808FD7522646BEB1CCEA94C45D4228C 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2013-09-11 11:38:00 DDA295A5373A642F6B9ABB86D29921B9 1024 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\setup0[1].exe
=== C: other files ==
2013-09-13 21:24:40 C0DEAD6535A42FFEBA6EF12DA1C5B066 4038 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309754693634.zip
2013-09-13 21:24:40 BE333E4879924C94A3773032DF166A3D 1237432 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309754637384.zip
2013-09-13 21:24:40 A27565D0A1EFA4F7106C2D192BBA3008 1528 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309754704745.zip
2013-09-13 21:24:39 2E19A44C1CBE3339BC7E576FDA007744 5056 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309754613542.zip
2013-09-13 21:24:39 0ACD6B0E5E23752C79E793CAD2EA039F 299 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309754625347.zip
2013-09-13 20:41:53 2265AB485CBDD1299E44B3C36106126D 119048 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309457565625.zip
2013-09-13 20:41:52 E0748356EE1CC96A3B13CB4CE3D6DC06 138783 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309457399537.zip
2013-09-13 20:41:50 823D3C236A3B0ECBE15091B770E24027 449083 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309457237037.zip
2013-09-13 20:41:49 BC875D87F9D0EA418B2EF5971075240F 2362135 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309457043866.zip
2013-09-13 20:41:46 9EB8D5B174BC9CDB7EF20EA6B5DCF37A 3269939 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309456769444.zip
2013-09-13 20:41:45 53E9634F71FF0B6E2E28F38AE51266DA 1093198 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309456605093.zip
2013-09-13 20:41:41 54521935FD9EF4C128A8FCC6DD8F3061 12009527 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309456146528.zip
2013-09-13 20:41:36 8AD9A64DCFAA644586D37F6A42D1EB1E 12009527 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309455534375.zip
2013-09-13 20:41:35 53D9E49855416A57D942AD2963D20654 219147 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309455465741.zip
2013-09-13 20:41:33 C72C90057532E50F9E95A9C41F97E39C 72191 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309454043055.zip
2013-09-13 20:41:22 410A465AD1B326264BE18BA40F13510F 10625 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309453983449.zip
2013-09-13 20:41:20 83FFBBC2D515AF561415E44091BB24E3 1373688 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309453690972.zip
2013-09-13 20:41:19 953C97802856F3248809CAF8C11A349B 1373959 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309453589815.zip
2013-09-13 20:41:17 D6D3CAFB8D575B4E7FA1CC3E42332546 115743 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309453326157.zip
2013-09-13 20:41:17 CE92845770B1B24FC3E28A2B3437880C 1373959 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309453409259.zip
2013-09-13 20:41:16 F0B7AD2292255973FD122BF4E037AD39 111297 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309453241319.zip
2013-09-13 20:41:15 6E6652D0FA68F5C46DFFD17E497C5C5C 733844 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309453100463.zip
2013-09-13 20:41:13 EBBECDC524EBCF3BACC2BC243E016C4D 2014512 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309452937963.zip
2013-09-13 20:41:12 353AB175376CDBC41F42D9AF66FA4667 454468 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309452797222.zip
2013-09-13 20:41:11 F61506AEF6AFB4BE0B86003772AFCBF1 294575 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309452719560.zip
2013-09-13 20:41:10 3F248B21DCBFBAE0934FDD8AD5B8236F 562387 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309452616667.zip
2013-09-13 20:41:10 1ED251AC1DE607AA7DA3658E78C90B61 228074 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309452549769.zip
2013-09-13 20:41:09 4C25A6494FB0548FED811CD072E7771C 227331 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309452486574.zip
2013-09-13 20:41:08 0EA1E7B03ABEB095CFDF1C6414C829BE 91561 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309452392708.zip
2013-09-13 20:41:07 E29AFC775E01ABE1BFED359AB774AB14 733844 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309452230208.zip
2013-09-13 20:41:06 27BD45B27E493B46B627BECE2DF6FBDB 2014512 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309452084028.zip
2013-09-13 20:41:04 D58E202ED924F0AD3B88CAD982562B1F 3269939 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309451883565.zip
2013-09-13 20:41:03 D5426ADCEBFD6D98264F174079050712 866344 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309451730093.zip
2013-09-13 20:41:01 083EE598982A8C78640FDB02DAAA90E1 91561 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309451500810.zip
2013-09-13 20:41:00 803BE101E95C535A23A04FDFE5CADC04 379 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309451332870.zip
2013-09-13 20:40:56 2F0C783AEC1F490CB88060458F33A0E4 3217185 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309450762269.zip
2013-09-13 20:40:44 077198D1143B35D5D0F09E6C0C3E0551 5786 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309449464120.zip
2013-09-13 20:40:08 33E5BE83740E25CFC5C0229E8A3A11F2 1760 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309445183102.zip
2013-09-13 20:39:14 2913246516D484DBCE176CD140A1D7C9 19374 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309438997338.zip
2013-09-13 20:37:49 862CE143F7F097B0327F83E13072E498 208374 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309428729167.zip
2013-09-13 20:35:07 727CC827DC0FC85FD8778DF9B011E1B0 2228 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309410548958.zip
2013-09-13 20:35:07 4F01EFFA6ABD33585B12B24C46737144 6314 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309410561574.zip
2013-09-13 20:35:07 3237094D1730C69A9B31201CFDDF6099 29943 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309410576042.zip
2013-09-13 20:35:06 65D16F1A2CF0111E0FF103DB319CF492 1211192 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309410482176.zip
2013-09-13 20:35:06 22AD3E6163261F35ECAF91551E79C68A 99379 ----a-w- C:\Program Files\GridinSoft Trojan Killer\storage\415309410456944.zip
2013-09-13 19:47:39 121120F0F22555B5F4E6DDF4F9399A9A 48906591 ----a-w- C:\Users\kiki\Desktop\gtk.2.1.8.7.SilenT.zip
2013-09-13 18:36:25 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
2013-09-13 18:10:31 8C636C988365FC3E61F1B5C5ACECCB55 18675 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip
2013-09-13 12:45:12 0F12F47268CE663E833F98A986379950 1374879 ----a-w- C:\Program Files (x86)\AVG\AVG2013\banners\banners.zip
2013-09-11 11:49:14 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-09-11 11:48:27 42A88ECF903BFE11411D188DCE830E84 3155456 ----a-w- C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2297441588-3035617399-1011442276-1004\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2297441588-3035617399-1011442276-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe"
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""
"hkey"="HKLM"
"item"="Adobe Reader Speed Launcher"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray]
"command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe"
"hkey"="HKLM"
"item"="ADSMTray"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]
"command"="C:\\Windows\\AsScrPro.exe"
"hkey"="HKLM"
"item"="ASUS Screen Saver Protector"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
"hkey"="HKLM"
"item"="RtHDVCpl"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"


==== Startup Folders ======================

2012-03-30 13:45:55 2617 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
2012-04-02 22:37:48 2099 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/09/2013 15:15]

==== Firefox Extensions ======================

ProfilePath: C:\Users\kiki\AppData\Roaming\Mozilla\Firefox\Profiles\y9zukbso.default
- LyricsSay-1 - %ProfilePath%\extensions\71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com
- Smart Display - %ProfilePath%\extensions\jid1-FCM5fDwCW5M3AQ@jetpack.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\kiki\AppData\Roaming\Mozilla\Firefox\Profiles\y9zukbso.default
AF661355EBAB898EB92D5454AEF93CE0 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.400.43
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jnndabgpaolaioppcenapjehpkecmhhd - C:\ProgramData\TheBflix\jnndabgpaolaioppcenapjehpkecmhhd.crx[]

LyricsSay-1 - kiki - Default\Extensions\pbjcbkbcncfkoljakenekllbfdonhjef
Iminent Chrome Toolbar - kiki - Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb

==== Chrome Fix ======================

C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage deleted successfully
C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage-journal deleted successfully
C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_facebook.conduitapps.com_0.localstorage deleted successfully
C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_facebook.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.apps.conduit.com_0.localstorage deleted successfully
C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.apps.conduit.com_0.localstorage-journal deleted successfully
C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrentbarfr.ourtoolbar.com_0.localstorage deleted successfully
C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrentbarfr.ourtoolbar.com_0.localstorage-journal deleted successfully
C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_sb.scorecardresearch.com_0.localstorage deleted successfully
C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_sb.scorecardresearch.com_0.localstorage-journal deleted successfully
C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjcbkbcncfkoljakenekllbfdonhjef deleted successfully
C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jnndabgpaolaioppcenapjehpkecmhhd deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\kiki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\kiki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\kiki\AppData\Local\Mozilla\Firefox\Profiles\y9zukbso.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\kiki\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 14/09/2013 at 16:17:51,60 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ponovo pokreni zoek kao malopre sto si ali ovaj put preko ove scripte i postavi ovde dobijene rezultate.


emptyclsid;
C:\Windows\Sysnative\Tasks\BoxSoftwareUpdate;f
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\setup0[1].exe;f
C:\autoexec.bat;f
ffdefaults;
chrdefaults;
[Link mogu videti samo ulogovani korisnici];ff
[Link mogu videti samo ulogovani korisnici];ff
jnndabgpaolaioppcenapjehpkecmhhd;chr
C:\ProgramData\TheBflix;fs
emptyalltemp;


Reci mi kako ti se racunar sad ponasa?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 14 Sep 2013 18:03

sad je ok nema ono kad itvorim brow. q6

Dopuna: 14 Sep 2013 18:09

[Link mogu videti samo ulogovani korisnici]





Zoek.exe Version 4.0.0.4 Updated 14-September-2013
Tool run by kiki on 14/09/2013 at 18:03:30,97.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\kiki\Desktop\zoek.com [Script inserted]

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== FireFox Fix ======================

Deleted from C:\Users\kiki\AppData\Roaming\Mozilla\Firefox\Profiles\y9zukbso.default\prefs.js:
user_pref("browser.startup.homepage", );

Added to C:\Users\kiki\AppData\Roaming\Mozilla\Firefox\Profiles\y9zukbso.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\kiki\AppData\Roaming\Mozilla\Firefox\Profiles\y9zukbso.default

user.js not found
---- Lines [Link mogu videti samo ulogovani korisnici] removed from prefs.js ----


---- Lines [Link mogu videti samo ulogovani korisnici] modified from prefs.js ----


---- Lines [Link mogu videti samo ulogovani korisnici] removed from prefs.js ----


---- Lines [Link mogu videti samo ulogovani korisnici] modified from prefs.js ----


---- FireFox user.js and prefs.js backups ----

prefs_092013_1804_.backup

==== Deleting Files \ Folders ======================

"C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\setup0[1].exe" not found
"C:\ProgramData\TheBflix" not found
"C:\Windows\Sysnative\Tasks\BoxSoftwareUpdate" deleted
"C:\autoexec.bat" deleted
"C:\Users\kiki\AppData\Roaming\Mozilla\Firefox\Profiles\y9zukbso.default\extensions\jid1-FCM5fDwCW5M3AQ@jetpack.xpi" deleted
"C:\Users\kiki\AppData\Roaming\Mozilla\Firefox\Profiles\y9zukbso.default\extensions\71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com" deleted

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\kiki\AppData\Roaming\Mozilla\Firefox\Profiles\y9zukbso.default
AF661355EBAB898EB92D5454AEF93CE0 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.400.43
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Reset Google Chrome ======================

C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\kiki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\kiki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\kiki\AppData\Local\Mozilla\Firefox\Profiles\y9zukbso.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\kiki\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\kiki\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 14/09/2013 at 18:07:34,66 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ok-et. To je onda to.





Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.



----- potom -----


Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings

Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.
Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt



----- preporuke -----


Proveri da li su tvoje aplikacije ažurirane, preko Secunia Online Scannera:


Poseti ovaj sajt: Online Software Inspector (OSI)

Klikni na dugme Start Scanner.
Dozvoli pokretanje Jave i po potrebi pričekaj Status/Currently proces.

Klikni na dugme Start da bi započeo analizu.
Vreme skeniranja ne bi trebalo da traje duže od jedne minute.

Kada se završi analiza, ispod sekcije Programs / Result: izlistaće se neažurirane aplikacije kao i download linkovi za preuzimanje ažurnih verzija.

Preuzmi i instaliraj navedena ažuriranja/aplikacije.






Preporučujem ti da koristiš program MCShield za zaštitu USB memorijskih uređaja.

Program možeš preuzeti sa OVOG linka. Nakon instalacije programa, priključi USB memorijske uređaje, i oni će biti skenirani. Na kraju skeniranja ćeš dobiti izveštaj da je uređaj čist ili obaveštenje o uklonjenom malware-u.


Takođe, poseti ovu temu da vidiš da li ti je pretraživač ranjiv i instaliraš ažurirane komponente
[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 14 Sep 2013 18:18

[Link mogu videti samo ulogovani korisnici]

Dopuna: 14 Sep 2013 18:26

samo jos 1 pitanje,sta da postavim da blokira internet adrese koje su zarazene i programe kad moj sin kida igre itd

Dopuna: 14 Sep 2013 18:30

sve je azurirano,hvala puno!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Citat:sta da postavim da blokira internet adrese koje su zarazene i programe kad moj sin kida igre itd

To je vecita borba izmedju dobra i zla. Tvoj AVG AntiVirus poseduje opseg malicioznih IP adresa i po tome on vrsi kontrolu.

Moja je preporuka da otvoris novu temu u Zastita forumu i postavis to pitanje tamo. Ovde iskljucivo radimo na detekciji i uklanjanje malware-a i dalje od te tematike u ovom podforumu ne idemo.
U Zastita podforumu i drugi ce moci postaviti svoje predloge i iskustva.

Citat:sve je azurirano,hvala puno!

Drago mi je da sam pomogao.

• 1Ovo se svidja korisniku: magna86
  
  Registruj se da bi pohvalio/la poruku!

drugarcina si