Provera Racunara

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 15 Mar 2014 16:50

1) detaljan opis problema: Provera racunara
2) postavljanje dijagnostičkog izveštaja (log-a, logfile-a);

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.51.2
Run by Zorica at 16:46:05 on 2014-03-15
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.3562.1122 [GMT 1:00]
.
AV: AVG Internet Security 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2014\avgfws.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Users\Zorica\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe
C:\Windows\system32\WinFLService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
C:\Program Files\SerialTrunc\bin\utilSerialTrunc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Windows\System32\WinFLTray.exe
C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe
C:\Program Files\MCShield\MCShieldRTM.exe
C:\Program Files\NewSoftware's\Folder Lock\FLComServ.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\SerialTrunc\updateSerialTrunc.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Opera\17.0.1241.53\opera.exe
C:\Program Files\Opera\17.0.1241.53\opera_crashreporter.exe
C:\Program Files\Opera\17.0.1241.53\opera.exe
C:\Program Files\Opera\17.0.1241.53\opera.exe
C:\Program Files\Opera\17.0.1241.53\opera.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Zorica\AppData\Local\Skillbrains\lightshot\5.1.0.15\Lightshot.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uURLSearchHooks: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - <orphaned>
mWinlogon: Userinit = Userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - c:\users\zorica\appdata\roaming\defaulttab\defaulttab\DefaultTabBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SerialTrunc: {e76b4f24-4a2f-4e65-ad36-e2aa934e547c} - c:\program files\serialtrunc\SerialTruncbho.dll
uRun: [WinFLTray] c:\windows\system32\WinFLTray.exe
uRun: [FLBackup] c:\program files\newsoftware's\folder lock\FLComServCtrl.exe
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
uRun: [WinThemePack Logon] "c:\program files\winthemepack\magic the gathering logon screen\tweak.exe" /sequential
uRun: [svchost] regsvr32 /s "C:\Temp:0031ED2C.dat"
mRun: [Fences] "c:\program files\stardock\fences\Fences.exe" /startup
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
dRunOnce: [SPReview] "c:\windows\system32\spreview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: c:\users\zorica\appdata\roaming\micros~1\windows\startm~1\programs\startup\fences.lnk - c:\program files\stardock\fences\Fences.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: LogonType = dword:0
mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:0
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001051-0002-0051-ABCDEFFEDCBC} - <orphaned>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 89.216.1.40 89.216.1.50
TCP: Interfaces\{13978892-A382-43E0-80F1-D29699EEF638} : DHCPNameServer = 89.216.1.40 89.216.1.50
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\stardock\fences\FencesMenu.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.146\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\zorica\appdata\roaming\mozilla\firefox\profiles\pq6l3t1i.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=CCBED43D7E4AB2DF&affID=128235&tsp=5171
FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: c:\program files\intel\intel(r) management engine components\ipt\npIntelWebAPIIPT.dll
FF - plugin: c:\program files\intel\intel(r) management engine components\ipt\npIntelWebAPIUpdater.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\users\zorica\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\zorica\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
.
---- FIREFOX POLICIES ----
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
user_pref(extensions.autoDisableScopes,14);
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-1-31 149272]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-1-12 249112]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-2-6 106264]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-12-15 27416]
R0 FSProFilter;FSPro File Filter;c:\windows\system32\drivers\FSPFltd.sys [2013-9-14 41912]
R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc);c:\windows\system32\drivers\pe3ah4nc.sys [2007-5-18 64880]
R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);c:\windows\system32\drivers\ps6ah4nc.sys [2007-5-18 55160]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-1-19 122136]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2013-9-26 47928]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-2-6 196376]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-12-15 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-12-15 181016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-1-19 194328]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-8-19 242240]
R1 WinFLAdrv;WinFLAdrv;c:\windows\system32\WinFLAdrv.sys [2013-8-24 29184]
R2 avgfws;AVG zaštitni zid;c:\program files\avg\avg2014\avgfws.exe [2014-2-6 1510896]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2014-2-17 3746112]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2014-2-6 314048]
R2 DefaultTabUpdate;DefaultTabUpdate;c:\users\zorica\appdata\roaming\defaulttab\defaulttab\dtupdate.exe [2013-12-10 107520]
R2 FLService;FLService;c:\windows\system32\WinFLService.exe [2013-8-24 92360]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\intel\icls client\HeciServer.exe [2012-12-10 583680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\intel\intel(r) management engine components\dal\Jhi_service.exe [2013-8-20 165336]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-10-26 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-10-26 701512]
R2 NEWDRIVER;NEWDRIVER;c:\windows\system32\WinVDEdrv6.sys [2013-8-24 188176]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2013-1-18 383264]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesService32.exe [2013-12-18 1741624]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2013-8-20 366040]
R2 Update SerialTrunc;Update SerialTrunc;c:\program files\serialtrunc\updateSerialTrunc.exe [2014-2-26 348960]
R2 Util SerialTrunc;Util SerialTrunc;c:\program files\serialtrunc\bin\utilSerialTrunc.exe [2014-2-27 348960]
R2 WinVDEDrv;WinVDEDrv;c:\windows\system32\WinVDEdrv.sys [2013-8-24 228112]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-10-26 22856]
R3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2013-8-20 55104]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2013-8-19 514152]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesDriver32.sys [2013-12-16 12320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);c:\windows\system32\pr2ah4nc.exe svc --> c:\windows\system32\pr2ah4nc.exe svc [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\smhwadb.sys [2014-1-10 25728]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 hw_usbdev;HUAWEISERSP;c:\windows\system32\drivers\hw_usbdev.sys [2014-1-10 102272]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-3-12 108032]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\intel\icls client\SocketHeciServer.exe [2012-12-10 627744]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2014-2-3 14848]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2013-10-9 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2013-10-9 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2013-10-9 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2013-10-9 114216]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2013-10-9 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2013-10-9 115752]
S3 smhwser;USB Device for Legacy Serial Communication (Normal);c:\windows\system32\drivers\smhwser.sys [2014-1-10 108032]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2014-2-3 49664]
S3 USBET;USB 2.0 WebCAM;c:\windows\system32\drivers\ETdrv.sys [2013-10-5 5116544]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="c:\program files\opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-03-13 21:11:54 36152 ----a-w- c:\windows\system32\TURegOpt.exe
2014-03-13 21:11:53 25400 ----a-w- c:\windows\system32\authuitu.dll
2014-03-13 21:10:46 -------- d-----w- c:\users\zorica\appdata\roaming\AVG
2014-03-13 21:02:28 -------- d-----w- c:\programdata\AVG
2014-03-13 21:02:13 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-13 20:41:43 -------- d-----w- c:\users\zorica\appdata\roaming\AVG2014
2014-03-13 20:36:31 -------- d-----w- c:\users\zorica\appdata\roaming\TuneUp Software
2014-03-13 20:26:17 -------- d--h--w- C:\$AVG
2014-03-13 20:26:12 -------- d-----w- c:\programdata\AVG2014
2014-03-13 20:24:08 -------- d-----w- c:\program files\AVG
2014-03-13 20:15:37 -------- d-----w- c:\users\zorica\appdata\local\MFAData
2014-03-13 20:15:37 -------- d-----w- c:\users\zorica\appdata\local\Avg2014
2014-03-13 20:15:37 -------- d-----w- c:\programdata\MFAData
2014-03-12 17:31:32 -------- d---a-w- C:\Temp
2014-03-12 11:43:21 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-03-12 11:43:19 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-03-12 11:43:14 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-12 11:43:13 381440 ----a-w- c:\windows\system32\wer.dll
2014-03-11 07:47:49 7947048 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5d9f9d3d-adaa-4393-b825-1091607d8afb}\mpengine.dll
2014-03-04 13:08:34 -------- d-----r- c:\program files\Skype
2014-02-27 20:47:50 -------- d-----w- c:\program files\SerialTrunc
2014-02-27 20:47:13 -------- d-----w- c:\users\zorica\appdata\roaming\YourFileDownloader
2014-02-16 18:03:31 -------- d-----w- c:\program files\Plus-HD-8.1
2014-02-16 18:02:49 -------- d-----w- c:\programdata\DAEMON Tools Lite
.
==================== Find3M ====================
.
2014-03-12 17:38:08 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 17:38:08 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-01 04:11:20 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-03-01 04:10:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-01 03:52:43 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-01 03:38:23 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-01 03:37:35 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-01 03:31:30 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 03:14:15 4244480 ----a-w- c:\windows\system32\jscript9.dll
2014-03-01 03:00:08 1964032 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- c:\windows\system32\wininet.dll
2014-02-06 15:33:54 196376 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-02-04 02:04:11 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-31 10:41:48 149272 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-01-28 16:15:09 24 ----a-w- c:\windows\clofghls.dll
2014-01-19 22:32:40 194328 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-01-19 22:20:32 122136 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2014-01-12 22:27:24 249112 ----a-w- c:\windows\system32\drivers\avglogx.sys
2014-01-10 21:18:33 25728 ----a-w- c:\windows\system32\drivers\smhwadb.sys
2014-01-10 21:18:33 1419232 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2014-01-10 21:18:33 108032 ----a-w- c:\windows\system32\drivers\smhwser.sys
2014-01-10 21:18:33 100864 ----a-w- c:\windows\system32\drivers\smhwdev.sys
2014-01-10 21:16:43 102272 ----a-w- c:\windows\system32\drivers\hw_usbdev.sys
2013-12-24 23:09:41 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2013-12-21 08:56:47 454656 ----a-w- c:\windows\system32\vbscript.dll
2013-12-18 20:10:01 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-18 05:13:56 231584 ------w- c:\windows\system32\MpSigStub.exe
2013-12-15 22:20:00 181016 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-12-15 22:09:44 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-12-15 22:09:42 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
.
============= FINISH: 16:47:23,53 ===============
https://www.mycity.rs/must-login.png

Dopuna: 15 Mar 2014 17:03

EDIT: Postoje 2. problema takodje koja me muce, pa zato je otvorena tema.
Prvi problem je da, kada mi je ukljucen Facebook na jednom tabu, a na drugom Youtube, dolazi do seckanja na youtube, naravno uradio sam sa CCleaner-om ciscenje, ali isti problem je u pitanju, a trebalo bi fino da radi youtube jer za ovu konfiguraciju, mora da radi !
-Drugi problem je dugo ukljucivanje iako su u MSCONFIG iskljucio sve nepotrebne pograme.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav.


Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop:
Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom.
Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija.

dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor;
pričekati koji trenutak dok alat proverava postoji li novija verzija;
klikni na dugme Scan;
po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan;
iskopiraj sadržaj FRST.txt izveštaja u poruku;
po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt);
okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Zorica (administrator) on ZORICA-PC on 15-03-2014 17:36:53
Running from C:\Users\Zorica\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-

recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-

recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-

use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
() C:\Users\Zorica\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe
(New Softwares.net) C:\Windows\system32\WinFLService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL

\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware

\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
() C:\Program Files\SerialTrunc\bin\utilSerialTrunc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live

\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live

\WLIDSvcM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
( New Softwares.net) C:\Windows\System32\WinFLTray.exe
(New Softwares.net) C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
( New Softwares.net) C:\Program Files\NewSoftware's\Folder Lock\FLComServ.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS

\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS

\UNS.exe
() C:\Program Files\SerialTrunc\updateSerialTrunc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared

\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Skillbrains) C:\Users\Zorica\AppData\Local\Skillbrains\lightshot\5.1.0.15\Lightshot.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Fences] - C:\Program Files\Stardock\Fences\Fences.exe [4017368 2012-10-29]

(Stardock Corporation)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [5317136 2014-02-11]

(AVG Technologies CZ, s.r.o.)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe

[280576 2013-08-31] (Microsoft Corporation)
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\Run: [WinFLTray] - C:\Windows

\system32\WinFLTray.exe [321736 2013-08-24] ( New Softwares.net)
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\Run: [FLBackup] - C:\Program

Files\NewSoftware's\Folder Lock\FLComServCtrl.exe [275656 2013-08-24] (New

Softwares.net)
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\Run: [MCShield Monitor] - C:

\Program Files\MCShield\mcshieldrtm.exe [650816 2014-02-02] (MyCity)
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\Run: [WinThemePack Logon] - C:

\Program Files\WinThemePack\Magic The Gathering Logon Screen\tweak.exe [10429625

2013-03-31] (WinThemePack.com)
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\Run: [svchost] - regsvr32 /s "C:

\Temp:0031ED2C.dat"
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: H - H:

\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {008568f6-5dac-

11e3-99a8-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {0d3daa76-7b61-

11e3-8c12-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {42bad087-0900-

11e3-a3a0-d43d7e4ab2df} - F:\autorun.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {65d7dc21-79ce-

11e3-a804-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {76ce668e-7631-

11e3-93b3-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {a28f77e1-8c37-

11e3-9b57-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {b8028c90-7a4d-

11e3-9928-d43d7e4ab2df} - E:\PcOptions.exe
Startup: C:\Users\Zorica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files\Stardock\Fences\Fences.exe (Stardock

Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =

http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =

0xADC2A13B0D9DCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =

sr-rs
URLSearchHook: HKCU - (No Name) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =

http://www.buenosearch.com/?q={searchTerms}

&babsrc=SP_ss&mntrId=CCBED43D7E4AB2DF&affID=128235&tsp=5171
SearchScopes: HKCU - {1361FF91-724F-4925-863D-55DE8F15A8D9} URL =

http://www.mysearchresults.com/search?c=3523&t=01&q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program

Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:

\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users

\Zorica\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:

\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft

Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:

\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:

\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SerialTrunc - {e76b4f24-4a2f-4e65-ad36-e2aa934e547c} - C:\Program Files\SerialTrunc

\SerialTruncbho.dll (SerialTrunc)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files

\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50

FireFox:
========
FF ProfilePath: C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default
FF user.js: detected! => C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles

\pq6l3t1i.default\user.js
FF NewTab: hxxp://www.buenosearch.com/?

babsrc=NT_ss&mntrId=CCBED43D7E4AB2DF&affID=128235&tsp=5171
FF Homepage: hxxp://www.buenosearch.com/?

babsrc=HP_ss&mntrId=CCBED43D7E4AB2DF&affID=128235&tsp=5171
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash

\NPSWF32_12_0_0_77.dll ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 - C:\Program Files\Intel

\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R)

Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin

\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin

\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight

\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:

\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:

\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

(NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision

\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update

\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update

\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe

Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Zorica

\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF Extension: Plus-HD-8.1 - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles

\pq6l3t1i.default\Extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-

9e3f-77394107f67c.com [2014-03-13]
FF Extension: Torntv V6.0 - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles

\pq6l3t1i.default\Extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-

9d98-ae5838c5b707.com [2014-01-28]
FF Extension: uTControlTEST5 - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles

\pq6l3t1i.default\Extensions\{56ecbd8d-d7f7-4e92-8bf1-77cdfb71c50a} [2013-12-27]
FF Extension: Default Tab - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles

\pq6l3t1i.default\Extensions\addon@defaulttab.com.xpi [2013-12-10]
FF Extension: GoPhotoIt - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles

\pq6l3t1i.default\Extensions\gophoto@gophoto.it.xpi [2013-08-08]
FF Extension: SerialTrunc - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles

\pq6l3t1i.default\Extensions\{47351c22-0d6c-4658-a617-795d251145e2}.xpi [2014-02-26]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-

6DE9-405D-BD5E-43525BDAD38A} [2014-02-24]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions

\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-24]

Chrome:
=======
CHR Extension: (Mario Forever DM) - C:\Users\Zorica\AppData\Local\Google\Chrome\User

Data\Default\Extensions\ikgjcmfodgjkcgimppbdnkmdhmepjckc [2014-03-13]
CHR Extension: (DefaultTab) - C:\Users\Zorica\AppData\Local\Google\Chrome\User Data

\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc [2014-03-13]
CHR Extension: (Google новчаник) - C:\Users\Zorica\AppData\Local\Google\Chrome\User

Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (GoPhoto.it) - C:\Users\Zorica\AppData\Local\Google\Chrome\User Data

\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2014-03-13]
CHR HKLM\...\Chrome\Extension: [ikgjcmfodgjkcgimppbdnkmdhmepjckc] - C:\Users\Zorica

\AppData\Local\CRE\ikgjcmfodgjkcgimppbdnkmdhmepjckc.crx [2013-11-03]
CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files

\DefaultTab\DefaultTab.crx [2013-10-07]
CHR HKLM\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Zorica

\AppData\Local\Torch\Plugins\TorchPlugin.crx [2013-10-07]
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files

\Gophoto.it\gophotoit16.crx [2013-08-08]
CHR HKCU\...\Chrome\Extension: [ikgjcmfodgjkcgimppbdnkmdhmepjckc] - C:\Users\Zorica

\AppData\Local\CRE\ikgjcmfodgjkcgimppbdnkmdhmepjckc.crx [2013-11-03]

========================== Services (Whitelisted) =================

R2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1510896 2014-02-06] (AVG

Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3746112 2014-02-17]

(AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [314048 2014-02-06] (AVG

Technologies CZ, s.r.o.)
R2 DefaultTabUpdate; C:\Users\Zorica\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe

[107520 2013-12-10] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client

\HeciServer.exe [583680 2012-12-10] (Intel(R) Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client

\SocketHeciServer.exe [627744 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL

\jhi_service.exe [165336 2013-01-15] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

[418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512

2013-04-04] (Malwarebytes Corporation)
S2 pr2ah4nc; C:\Windows\system32\pr2ah4nc.exe [407152 2007-05-18] (CODEMASTERS)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe

[1741624 2013-12-18] (AVG)
R2 Update SerialTrunc; C:\Program Files\SerialTrunc\updateSerialTrunc.exe [348960 2014-03

-15] ()
R2 Util SerialTrunc; C:\Program Files\SerialTrunc\bin\utilSerialTrunc.exe [348960 2014-03-15]

()

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\smhwadb.sys [25728 2014-01-10] (Google Inc)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [122136 2014-01-19] (AVG

Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG

Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [196376 2014-02-06]

(AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149272 2014-01-31] (AVG

Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2013-12-15] (AVG

Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [181016 2013-12-15] (AVG

Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [249112 2014-01-12] (AVG

Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [106264 2014-02-06] (AVG

Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2013-12-15] (AVG

Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [194328 2014-01-19] (AVG

Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-08-19] (DT

Soft Ltd)
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [41912 2010-07-22] (FSPro Labs)
S3 hw_usbdev; C:\Windows\System32\DRIVERS\hw_usbdev.sys [102272 2014-01-10] (Huawei

Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04]

(Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-13] (Intel Corporation)
R2 NEWDRIVER; C:\Windows\system32\WinVDEdrv6.sys [188176 2013-08-24] ()
R0 pe3ah4nc; C:\Windows\System32\drivers\pe3ah4nc.sys [64880 2007-05-18]

(CODEMASTERS)
R0 ps6ah4nc; C:\Windows\System32\drivers\ps6ah4nc.sys [55160 2007-05-18]

(CODEMASTERS)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI

Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI

Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI

Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI

Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI

Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI

Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI

Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI

Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI

Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI

Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI

Corporation)
S3 smhwser; C:\Windows\System32\DRIVERS\smhwser.sys [108032 2014-01-10] (QUALCOMM

Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys

[12320 2013-12-16] (TuneUp Software)
S3 USBET; C:\Windows\System32\DRIVERS\ETdrv.sys [5116544 2010-11-29] (Etron)
R1 WinFLAdrv; C:\Windows\System32\WinFLAdrv.sys [29184 2013-08-24] ()
S3 MSICDSetup; \??\G:\CDriver.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X]
S3 PBDOWNFORCE_SERVICE; \??\C:\Users\Zorica\AppData\Local\Temp\PHQF97F.tmp [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U3 mbr; \??\C:\Users\Zorica\AppData\Local\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-15 17:36 - 2014-03-15 17:37 - 00019049 _____ () C:\Users\Zorica\Downloads\FRST.txt
2014-03-15 17:36 - 2014-03-15 17:36 - 01145856 _____ (Farbar) C:\Users\Zorica\Downloads

\FRST.exe
2014-03-15 17:36 - 2014-03-15 17:36 - 00000000 ____D () C:\FRST
2014-03-15 17:34 - 2014-03-15 17:34 - 00013980 _____ () C:\Users\Zorica\Downloads

\289830_1724353748_attach.txt
2014-03-15 16:47 - 2014-03-15 16:47 - 00020124 _____ () C:\Users\Zorica\Desktop\dds.txt
2014-03-15 16:45 - 2014-03-15 16:45 - 00688992 ____R (Swearware) C:\Users\Zorica

\Downloads\dds (1).scr
2014-03-15 16:35 - 2006-03-02 15:33 - 00000000 ____D () C:\Users\Zorica\Downloads\Pinout
2014-03-15 16:34 - 2014-03-15 16:34 - 03100868 _____ () C:\Users\Zorica\Downloads

\14015_1017673869_Pinout_3_0_1_51.exe
2014-03-14 14:52 - 2014-03-14 14:52 - 00073420 _____ () C:\Windows\PFRO.log
2014-03-14 07:31 - 2014-03-15 17:33 - 00001391 _____ () C:\Windows\setupact.log
2014-03-14 07:31 - 2014-03-14 07:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-13 22:11 - 2014-03-13 22:11 - 00002171 _____ () C:\Users\Public\Desktop\AVG 1-Click

Maintenance.lnk
2014-03-13 22:11 - 2014-03-13 22:11 - 00002145 _____ () C:\Users\Public\Desktop\AVG PC

TuneUp 2014.lnk
2014-03-13 22:11 - 2013-12-18 09:38 - 00036152 _____ (AVG) C:\Windows

\system32\TURegOpt.exe
2014-03-13 22:11 - 2013-12-18 09:38 - 00025400 _____ (AVG) C:\Windows\system32\authuitu.dll
2014-03-13 22:10 - 2014-03-13 22:10 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\AVG
2014-03-13 22:02 - 2014-03-13 22:34 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-

4706-A62E-774BB7E9D308}
2014-03-13 22:02 - 2014-03-13 22:28 - 00000000 ____D () C:\ProgramData\AVG
2014-03-13 22:00 - 2014-03-13 22:02 - 78353832 _____ (AVG) C:\Users\Zorica\Downloads

\avg_tuh_stf_all_2014_295_24c34.exe
2014-03-13 21:41 - 2014-03-13 21:41 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\AVG2014
2014-03-13 21:36 - 2014-03-13 21:36 - 00000947 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-13 21:36 - 2014-03-13 21:36 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\TuneUp Software
2014-03-13 21:26 - 2014-03-13 21:54 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-13 21:26 - 2014-03-13 21:26 - 00000000 ___HD () C:\$AVG
2014-03-13 21:24 - 2014-03-13 22:07 - 00000000 ____D () C:\Program Files\AVG
2014-03-13 21:15 - 2014-03-15 16:20 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-13 21:15 - 2014-03-14 09:31 - 00000000 ____D () C:\Users\Zorica\AppData\Local

\Avg2014
2014-03-13 21:15 - 2014-03-13 21:15 - 00000000 ____D () C:\Users\Zorica\AppData\Local

\MFAData
2014-03-12 12:44 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows

\system32\mshtml.dll
2014-03-12 12:44 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows

\system32\mshtml.tlb
2014-03-12 12:44 - 2014-03-01 05:10 - 00004096 _____ (Microsoft Corporation) C:\Windows

\system32\ieetwcollectorres.dll
2014-03-12 12:44 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows

\system32\iesetup.dll
2014-03-12 12:44 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows

\system32\ieetwproxystub.dll
2014-03-12 12:44 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows

\system32\iertutil.dll
2014-03-12 12:44 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows

\system32\jsproxy.dll
2014-03-12 12:44 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows

\system32\iernonce.dll
2014-03-12 12:44 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows

\system32\ieui.dll
2014-03-12 12:44 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows

\system32\ieUnatt.exe
2014-03-12 12:44 - 2014-03-01 04:38 - 00108032 _____ (Microsoft Corporation) C:\Windows

\system32\ieetwcollector.exe
2014-03-12 12:44 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows

\system32\jscript9diag.dll
2014-03-12 12:44 - 2014-03-01 04:31 - 00646144 _____ (Microsoft Corporation) C:\Windows

\system32\MsSpellCheckingFacility.exe
2014-03-12 12:44 - 2014-03-01 04:25 - 00208896 _____ (Microsoft Corporation) C:\Windows

\system32\ie4uinit.exe
2014-03-12 12:44 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows

\system32\msrating.dll
2014-03-12 12:44 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows

\system32\jscript9.dll
2014-03-12 12:44 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows

\system32\msfeeds.dll
2014-03-12 12:44 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows

\system32\inetcpl.cpl
2014-03-12 12:44 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows

\system32\ieframe.dll
2014-03-12 12:44 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows

\system32\wininet.dll
2014-03-12 12:44 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows

\system32\urlmon.dll
2014-03-12 12:44 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows

\system32\ieapfltr.dll
2014-03-12 12:44 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows

\system32\qedit.dll
2014-03-12 12:43 - 2014-02-07 02:07 - 02349056 _____ (Microsoft Corporation) C:\Windows

\system32\win32k.sys
2014-03-12 12:43 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows

\system32\WindowsCodecs.dll
2014-03-12 12:43 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows

\system32\wer.dll
2014-03-12 12:43 - 2014-01-28 03:07 - 00185344 _____ (Microsoft Corporation) C:\Windows

\system32\wwansvc.dll
2014-03-10 14:14 - 2014-03-10 14:16 - 00000000 ____D () C:\Users\Zorica\Desktop\ogi slike
2014-03-10 14:07 - 2014-03-10 14:07 - 00000000 ____D () C:\Users\Zorica\Desktop\slike
2014-03-05 14:44 - 2014-03-15 14:49 - 00000932 _____ () C:\Windows\Tasks

\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000UA.job
2014-03-05 14:44 - 2014-03-15 14:49 - 00000910 _____ () C:\Windows\Tasks

\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000Core.job
2014-03-04 14:08 - 2014-03-04 14:08 - 00000000 ___RD () C:\Program Files\Skype
2014-03-04 14:08 - 2014-03-04 14:08 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-28 12:26 - 2014-02-28 12:26 - 00001034 _____ () C:\Users\Public\Desktop\MCShield

Real-Time Monitor.lnk
2014-02-27 21:47 - 2014-02-28 12:24 - 00000000 ____D () C:\Program Files\SerialTrunc
2014-02-27 21:47 - 2014-02-27 21:47 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\YourFileDownloader
2014-02-24 14:18 - 2014-02-24 14:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-20 16:35 - 2014-02-28 21:05 - 00000000 ____D () C:\Users\Zorica\Desktop\sklike
2014-02-17 19:00 - 2014-02-20 16:35 - 00000000 ___RD () C:\Users\Zorica\Desktop\ogi
2014-02-16 19:03 - 2014-03-14 09:50 - 00000000 ____D () C:\Program Files\Plus-HD-8.1
2014-02-16 19:02 - 2014-02-16 19:02 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-02-13 13:13 - 2014-02-13 13:13 - 00000000 ____D () C:\Users\Zorica\AppData\Local

\Codemasters
2014-02-13 01:38 - 2014-02-13 01:38 - 00000000 ____D () C:\Users\Public\Documents

\Codemasters

==================== One Month Modified Files and Folders =======

2014-03-15 17:37 - 2014-03-15 17:36 - 00019049 _____ () C:\Users\Zorica\Downloads\FRST.txt
2014-03-15 17:36 - 2014-03-15 17:36 - 01145856 _____ (Farbar) C:\Users\Zorica\Downloads

\FRST.exe
2014-03-15 17:36 - 2014-03-15 17:36 - 00000000 ____D () C:\FRST
2014-03-15 17:34 - 2014-03-15 17:34 - 00013980 _____ () C:\Users\Zorica\Downloads

\289830_1724353748_attach.txt
2014-03-15 17:34 - 2013-10-21 11:30 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\Skype
2014-03-15 17:33 - 2014-03-14 07:31 - 00001391 _____ () C:\Windows\setupact.log
2014-03-15 17:17 - 2013-08-19 19:53 - 00000886 _____ () C:\Windows\Tasks

\GoogleUpdateTaskMachineUA.job
2014-03-15 17:10 - 2013-09-26 22:13 - 01711473 _____ () C:\Windows\WindowsUpdate.log
2014-03-15 16:47 - 2014-03-15 16:47 - 00020124 _____ () C:\Users\Zorica\Desktop\dds.txt
2014-03-15 16:45 - 2014-03-15 16:45 - 00688992 ____R (Swearware) C:\Users\Zorica

\Downloads\dds (1).scr
2014-03-15 16:38 - 2013-08-19 19:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player

Updater.job
2014-03-15 16:34 - 2014-03-15 16:34 - 03100868 _____ () C:\Users\Zorica\Downloads

\14015_1017673869_Pinout_3_0_1_51.exe
2014-03-15 16:20 - 2014-03-13 21:15 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-15 16:19 - 2013-09-08 21:14 - 00000378 _____ () C:\Windows\Tasks\update-sys.job
2014-03-15 14:49 - 2014-03-05 14:44 - 00000932 _____ () C:\Windows\Tasks

\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000UA.job
2014-03-15 14:49 - 2014-03-05 14:44 - 00000910 _____ () C:\Windows\Tasks

\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000Core.job
2014-03-15 14:30 - 2013-09-08 21:14 - 00000378 _____ () C:\Windows\Tasks\update-S-1-5-21-

2861581720-2204672646-155532148-1000.job
2014-03-15 13:25 - 2013-12-10 17:24 - 00001108 __RSH () C:\Users\Zorica\ntuser.pol
2014-03-15 13:25 - 2013-08-19 19:38 - 00000000 ____D () C:\Users\Zorica
2014-03-15 09:50 - 2009-07-14 05:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-

376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-15 09:50 - 2009-07-14 05:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-

376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-15 09:47 - 2013-09-30 10:00 - 00000000 ____D () C:\ProgramData\MCShield
2014-03-15 09:47 - 2013-08-19 19:53 - 00000882 _____ () C:\Windows\Tasks

\GoogleUpdateTaskMachineCore.job
2014-03-15 09:45 - 2013-08-19 19:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-15 09:45 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-14 14:52 - 2014-03-14 14:52 - 00073420 _____ () C:\Windows\PFRO.log
2014-03-14 10:02 - 2014-01-28 10:35 - 00000000 ____D () C:\Program Files\Torntv V6.0
2014-03-14 09:50 - 2014-02-16 19:03 - 00000000 ____D () C:\Program Files\Plus-HD-8.1
2014-03-14 09:31 - 2014-03-13 21:15 - 00000000 ____D () C:\Users\Zorica\AppData\Local

\Avg2014
2014-03-14 09:30 - 2013-10-26 06:11 - 00000000 ____D () C:\Users\Zorica\Desktop\Games
2014-03-14 07:31 - 2014-03-14 07:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-14 03:47 - 2013-08-19 19:41 - 00000000 ___HD () C:\Program Files\InstallShield

Installation Information
2014-03-14 03:41 - 2013-08-29 17:08 - 00000000 ____D () C:\Users\Zorica\AppData\Local\Unity
2014-03-13 22:34 - 2014-03-13 22:02 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-

4706-A62E-774BB7E9D308}
2014-03-13 22:30 - 2013-11-26 19:41 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\Winamp
2014-03-13 22:30 - 2013-08-19 20:04 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\DAEMON Tools Pro
2014-03-13 22:29 - 2013-08-19 19:56 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\uTorrent
2014-03-13 22:28 - 2014-03-13 22:02 - 00000000 ____D () C:\ProgramData\AVG
2014-03-13 22:18 - 2013-08-20 05:10 - 00000000 ____D () C:\Windows\Panther
2014-03-13 22:11 - 2014-03-13 22:11 - 00002171 _____ () C:\Users\Public\Desktop\AVG 1-Click

Maintenance.lnk
2014-03-13 22:11 - 2014-03-13 22:11 - 00002145 _____ () C:\Users\Public\Desktop\AVG PC

TuneUp 2014.lnk
2014-03-13 22:10 - 2014-03-13 22:10 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\AVG
2014-03-13 22:07 - 2014-03-13 21:24 - 00000000 ____D () C:\Program Files\AVG
2014-03-13 22:02 - 2014-03-13 22:00 - 78353832 _____ (AVG) C:\Users\Zorica\Downloads

\avg_tuh_stf_all_2014_295_24c34.exe
2014-03-13 21:54 - 2014-03-13 21:26 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-13 21:41 - 2014-03-13 21:41 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\AVG2014
2014-03-13 21:36 - 2014-03-13 21:36 - 00000947 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-13 21:36 - 2014-03-13 21:36 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\TuneUp Software
2014-03-13 21:26 - 2014-03-13 21:26 - 00000000 ___HD () C:\$AVG
2014-03-13 21:15 - 2014-03-13 21:15 - 00000000 ____D () C:\Users\Zorica\AppData\Local

\MFAData
2014-03-13 21:14 - 2014-01-13 12:17 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\AVAST Software
2014-03-13 21:14 - 2013-08-19 20:10 - 00000000 ____D () C:\ProgramData\Alwil Software
2014-03-13 21:14 - 2013-08-19 20:10 - 00000000 ____D () C:\Program Files\Alwil Software
2014-03-13 21:14 - 2009-07-14 03:04 - 00002577 _____ () C:\Windows\system32\config.nt
2014-03-12 18:38 - 2013-08-19 19:59 - 00692616 _____ (Adobe Systems Incorporated) C:

\Windows\system32\FlashPlayerApp.exe
2014-03-12 18:38 - 2013-08-19 19:59 - 00071048 _____ (Adobe Systems Incorporated) C:

\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 17:38 - 2009-07-14 05:33 - 00409784 _____ () C:\Windows

\system32\FNTCACHE.DAT
2014-03-12 17:37 - 2014-02-03 14:19 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 14:16 - 2013-09-24 14:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 13:46 - 2013-09-04 13:30 - 00000000 ____D () C:\Users\Zorica\Documents\Images
2014-03-10 14:16 - 2014-03-10 14:14 - 00000000 ____D () C:\Users\Zorica\Desktop\ogi slike
2014-03-10 14:07 - 2014-03-10 14:07 - 00000000 ____D () C:\Users\Zorica\Desktop\slike
2014-03-09 20:18 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-06 22:44 - 2013-09-08 21:14 - 00000443 _____ () C:\Users\Zorica\AppData\Local

\UserProducts.xml
2014-03-06 22:44 - 2013-09-08 21:14 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\Microsoft\Windows\Start Menu\Programs\LightShot
2014-03-05 14:44 - 2013-08-24 19:29 - 00000000 ____D () C:\Users\Zorica\AppData\Local

\Facebook
2014-03-04 20:19 - 2013-08-19 19:54 - 00002131 _____ () C:\Users\Public\Desktop\Google

Chrome.lnk
2014-03-04 14:08 - 2014-03-04 14:08 - 00000000 ___RD () C:\Program Files\Skype
2014-03-04 14:08 - 2014-03-04 14:08 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-04 14:08 - 2013-08-19 23:14 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-04 14:08 - 2013-08-19 23:14 - 00000000 ____D () C:\ProgramData\Skype
2014-03-02 23:49 - 2013-08-19 19:55 - 00000000 ____D () C:\Program Files\Opera
2014-03-01 05:30 - 2014-03-12 12:44 - 17074688 _____ (Microsoft Corporation) C:\Windows

\system32\mshtml.dll
2014-03-01 05:11 - 2014-03-12 12:44 - 02724864 _____ (Microsoft Corporation) C:\Windows

\system32\mshtml.tlb
2014-03-01 05:10 - 2014-03-12 12:44 - 00004096 _____ (Microsoft Corporation) C:\Windows

\system32\ieetwcollectorres.dll
2014-03-01 04:52 - 2014-03-12 12:44 - 00061952 _____ (Microsoft Corporation) C:\Windows

\system32\iesetup.dll
2014-03-01 04:51 - 2014-03-12 12:44 - 00051200 _____ (Microsoft Corporation) C:\Windows

\system32\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-12 12:44 - 02168320 _____ (Microsoft Corporation) C:\Windows

\system32\iertutil.dll
2014-03-01 04:43 - 2014-03-12 12:44 - 00043008 _____ (Microsoft Corporation) C:\Windows

\system32\jsproxy.dll
2014-03-01 04:43 - 2014-03-12 12:44 - 00032768 _____ (Microsoft Corporation) C:\Windows

\system32\iernonce.dll
2014-03-01 04:40 - 2014-03-12 12:44 - 00440832 _____ (Microsoft Corporation) C:\Windows

\system32\ieui.dll
2014-03-01 04:38 - 2014-03-12 12:44 - 00112128 _____ (Microsoft Corporation) C:\Windows

\system32\ieUnatt.exe
2014-03-01 04:38 - 2014-03-12 12:44 - 00108032 _____ (Microsoft Corporation) C:\Windows

\system32\ieetwcollector.exe
2014-03-01 04:37 - 2014-03-12 12:44 - 00553472 _____ (Microsoft Corporation) C:\Windows

\system32\jscript9diag.dll
2014-03-01 04:31 - 2014-03-12 12:44 - 00646144 _____ (Microsoft Corporation) C:\Windows

\system32\MsSpellCheckingFacility.exe
2014-03-01 04:25 - 2014-03-12 12:44 - 00208896 _____ (Microsoft Corporation) C:\Windows

\system32\ie4uinit.exe
2014-03-01 04:16 - 2014-03-12 12:44 - 00164864 _____ (Microsoft Corporation) C:\Windows

\system32\msrating.dll
2014-03-01 04:14 - 2014-03-12 12:44 - 04244480 _____ (Microsoft Corporation) C:\Windows

\system32\jscript9.dll
2014-03-01 04:03 - 2014-03-12 12:44 - 00524288 _____ (Microsoft Corporation) C:\Windows

\system32\msfeeds.dll
2014-03-01 04:00 - 2014-03-12 12:44 - 01964032 _____ (Microsoft Corporation) C:\Windows

\system32\inetcpl.cpl
2014-03-01 03:57 - 2014-03-12 12:44 - 11266048 _____ (Microsoft Corporation) C:\Windows

\system32\ieframe.dll
2014-03-01 03:32 - 2014-03-12 12:44 - 01820160 _____ (Microsoft Corporation) C:\Windows

\system32\wininet.dll
2014-03-01 03:27 - 2014-03-12 12:44 - 01156096 _____ (Microsoft Corporation) C:\Windows

\system32\urlmon.dll
2014-03-01 03:25 - 2014-03-12 12:44 - 00703488 _____ (Microsoft Corporation) C:\Windows

\system32\ieapfltr.dll
2014-02-28 21:05 - 2014-02-20 16:35 - 00000000 ____D () C:\Users\Zorica\Desktop\sklike
2014-02-28 12:26 - 2014-02-28 12:26 - 00001034 _____ () C:\Users\Public\Desktop\MCShield

Real-Time Monitor.lnk
2014-02-28 12:26 - 2013-09-30 10:00 - 00000000 ____D () C:\Program Files\MCShield
2014-02-28 12:24 - 2014-02-27 21:47 - 00000000 ____D () C:\Program Files\SerialTrunc
2014-02-28 12:24 - 2013-09-07 10:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance

Service
2014-02-28 12:23 - 2013-08-19 20:01 - 00000000 ____D () C:\Program Files\Winrar
2014-02-27 21:47 - 2014-02-27 21:47 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming

\YourFileDownloader
2014-02-24 14:18 - 2014-02-24 14:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-20 20:00 - 2013-08-19 19:42 - 00782470 _____ () C:\Windows

\system32\PerfStringBackup.INI
2014-02-20 16:35 - 2014-02-17 19:00 - 00000000 ___RD () C:\Users\Zorica\Desktop\ogi
2014-02-17 17:23 - 2014-01-24 18:51 - 00000000 ____D () C:\Users\Zorica\Desktop\sam u kuci

2,3 - Copy
2014-02-16 19:02 - 2014-02-16 19:02 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-02-16 19:01 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2014-02-13 13:13 - 2014-02-13 13:13 - 00000000 ____D () C:\Users\Zorica\AppData\Local

\Codemasters
2014-02-13 08:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-02-13 07:22 - 2013-08-19 19:52 - 00109672 _____ () C:\Users\Zorica\AppData\Local

\GDIPFONTCACHEV1.DAT
2014-02-13 01:38 - 2014-02-13 01:38 - 00000000 ____D () C:\Users\Public\Documents

\Codemasters
2014-02-13 01:13 - 2014-02-12 20:04 - 00000000 ____D () C:\Program Files\Codemasters

Files to move or delete:
====================
C:\ProgramData\win_mpwd_sys.dat


Some content of TEMP:
====================
C:\Users\Zorica\AppData\Local\Temp\htmlayout.dll
C:\Users\Zorica\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Zorica\AppData\Local\Temp\uninstall21131489.exe
C:\Users\Zorica\AppData\Local\Temp\uninstall21131505.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-11 09:05

==================== End Of Log ============================
https://www.mycity.rs/must-login.png
Izvoli.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Okaci mi prvi log uz poruku, iz nekog razloga je lose kopirano. Znaci FRST.txt.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Deinstaliraj sledece:

Ask Toolbar Updater
DefaultTab
Torntv V6.0
TuneUp






1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:
Start
Play Now Radio (HKCU\...\playnowradio) (Version:  - playnowradio) <==== ATTENTION
Plus-HD-8.1 (HKLM\...\Plus-HD-8.1) (Version: 1.34.1.29 - Plus HD) <==== ATTENTION
Torntv V6.0 (HKLM\...\Torntv V6.0) (Version: 1.34.1.21 - installdaddy) <==== ATTENTION
Task: {A5D739A0-2CA6-429D-87AD-A93CD60196E9} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {ED45E413-192B-45B4-BC71-EEA134EB5906} - System32\Tasks\DTReg => C:\Users\Zorica\AppData\Roaming\defaulttab\defaulttab\DTReg.exe [2014-02-06] (Search Results, LLC) <==== ATTENTION
AlternateDataStreams: C:\Temp:pid1
AlternateDataStreams: C:\Temp:pid2
AlternateDataStreams: C:\Temp:srv
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: Tiny download manager => "C:\Users\Zorica\AppData\Local\DM\TinyDM.exe" /M
2013-03-31] (WinThemePack.com)HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\Run: [svchost] - regsvr32 /s "C:\Temp:0031ED2C.dat"
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: H - H:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {008568f6-5dac-11e3-99a8-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {0d3daa76-7b61-11e3-8c12-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {42bad087-0900-11e3-a3a0-d43d7e4ab2df} - F:\autorun.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {65d7dc21-79ce-11e3-a804-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {76ce668e-7631-11e3-93b3-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {a28f77e1-8c37-11e3-9b57-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {b8028c90-7a4d-11e3-9928-d43d7e4ab2df} - E:\PcOptions.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CCBED43D7E4AB2DF&affID=128235&tsp=5171
SearchScopes: HKCU - {1361FF91-724F-4925-863D-55DE8F15A8D9} URL = http://www.mysearchresults.com/search?c=3523&t=01&q={searchTerms}
BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Zorica\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
FF NewTab: hxxp://www.buenosearch.com/?babsrc=NT_ss&mntrId=CCBED43D7E4AB2DF&affID=128235&tsp=5171
FF Homepage: hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=CCBED43D7E4AB2DF&affID=128235&tsp=5171
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF Extension: Plus-HD-8.1 - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com [2014-03-13]
FF Extension: Torntv V6.0 - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com [2014-01-28]
FF Extension: uTControlTEST5  - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\{56ecbd8d-d7f7-4e92-8bf1-77cdfb71c50a} [2013-12-27]
FF Extension: Default Tab - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\addon@defaulttab.com.xpi [2013-12-10]
FF Extension: SerialTrunc - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\{47351c22-0d6c-4658-a617-795d251145e2}.xpi [2014-02-26]
CHR Extension: (DefaultTab) - C:\Users\Zorica\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc [2014-03-13]
CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx [2013-10-07]
R2 Update SerialTrunc; C:\Program Files\SerialTrunc\updateSerialTrunc.exe [348960 2014-03-15] ()
R2 Util SerialTrunc; C:\Program Files\SerialTrunc\bin\utilSerialTrunc.exe [348960 2014-03-15] ()
R2 DefaultTabUpdate; C:\Users\Zorica\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [107520 2013-12-10] ()
End
2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Sitem restortovan, evo izvestaja.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01
Ran by Zorica at 2014-03-15 18:45:17 Run:1
Running from D:\FRSTI
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
Play Now Radio (HKCU\...\playnowradio) (Version: - playnowradio) <==== ATTENTION
Plus-HD-8.1 (HKLM\...\Plus-HD-8.1) (Version: 1.34.1.29 - Plus HD) <==== ATTENTION
Torntv V6.0 (HKLM\...\Torntv V6.0) (Version: 1.34.1.21 - installdaddy) <==== ATTENTION
Task: {A5D739A0-2CA6-429D-87AD-A93CD60196E9} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {ED45E413-192B-45B4-BC71-EEA134EB5906} - System32\Tasks\DTReg => C:\Users\Zorica\AppData\Roaming\defaulttab\defaulttab\DTReg.exe [2014-02-06] (Search Results, LLC) <==== ATTENTION
AlternateDataStreams: C:\Temp:pid1
AlternateDataStreams: C:\Temp:pid2
AlternateDataStreams: C:\Temp:srv
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: Tiny download manager => "C:\Users\Zorica\AppData\Local\DM\TinyDM.exe" /M
2013-03-31] (WinThemePack.com)HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\Run: [svchost] - regsvr32 /s "C:\Temp:0031ED2C.dat"
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: H - H:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {008568f6-5dac-11e3-99a8-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {0d3daa76-7b61-11e3-8c12-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {42bad087-0900-11e3-a3a0-d43d7e4ab2df} - F:\autorun.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {65d7dc21-79ce-11e3-a804-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {76ce668e-7631-11e3-93b3-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {a28f77e1-8c37-11e3-9b57-d43d7e4ab2df} - E:\PcOptions.exe
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: {b8028c90-7a4d-11e3-9928-d43d7e4ab2df} - E:\PcOptions.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CCBED43D7E4AB2DF&affID=128235&tsp=5171
SearchScopes: HKCU - {1361FF91-724F-4925-863D-55DE8F15A8D9} URL = http://www.mysearchresults.com/search?c=3523&t=01&q={searchTerms}
BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Zorica\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
FF NewTab: hxxp://www.buenosearch.com/?babsrc=NT_ss&mntrId=CCBED43D7E4AB2DF&affID=128235&tsp=5171
FF Homepage: hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=CCBED43D7E4AB2DF&affID=128235&tsp=5171
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF Extension: Plus-HD-8.1 - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com [2014-03-13]
FF Extension: Torntv V6.0 - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com [2014-01-28]
FF Extension: uTControlTEST5 - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\{56ecbd8d-d7f7-4e92-8bf1-77cdfb71c50a} [2013-12-27]
FF Extension: Default Tab - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\addon@defaulttab.com.xpi [2013-12-10]
FF Extension: SerialTrunc - C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\{47351c22-0d6c-4658-a617-795d251145e2}.xpi [2014-02-26]
CHR Extension: (DefaultTab) - C:\Users\Zorica\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc [2014-03-13]
CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx [2013-10-07]
R2 Update SerialTrunc; C:\Program Files\SerialTrunc\updateSerialTrunc.exe [348960 2014-03-15] ()
R2 Util SerialTrunc; C:\Program Files\SerialTrunc\bin\utilSerialTrunc.exe [348960 2014-03-15] ()
R2 DefaultTabUpdate; C:\Users\Zorica\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [107520 2013-12-10] ()
End
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A5D739A0-2CA6-429D-87AD-A93CD60196E9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5D739A0-2CA6-429D-87AD-A93CD60196E9} => Key deleted successfully.
C:\Windows\System32\Tasks\YourFile DownloaderUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFile DownloaderUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED45E413-192B-45B4-BC71-EEA134EB5906} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED45E413-192B-45B4-BC71-EEA134EB5906} => Key deleted successfully.
C:\Windows\System32\Tasks\DTReg => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DTReg => Key deleted successfully.
C:\Temp => ":pid1" ADS removed successfully.
C:\Temp => ":pid2" ADS removed successfully.
C:\Temp => ":srv" ADS removed successfully.
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully.

========= MSCONFIG\startupApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe" =========

The system cannot find the path specified.


========= End of Reg: =========


========= MSCONFIG\startupTiny download manager => "C:\Users\Zorica\AppData\Local\DM\TinyDM.exe" /M =========

The system cannot find the path specified.


========= End of Reg: =========

"C:\Temp:0031ED2C.dat"" => File/Directory not found.
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2861581720-2204672646-155532148-1000 => Key not found.
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{008568f6-5dac-11e3-99a8-d43d7e4ab2df} => Key deleted successfully.
HKCR\CLSID\{008568f6-5dac-11e3-99a8-d43d7e4ab2df} => Key not found.
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d3daa76-7b61-11e3-8c12-d43d7e4ab2df} => Key deleted successfully.
HKCR\CLSID\{0d3daa76-7b61-11e3-8c12-d43d7e4ab2df} => Key not found.
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{42bad087-0900-11e3-a3a0-d43d7e4ab2df} => Key deleted successfully.
HKCR\CLSID\{42bad087-0900-11e3-a3a0-d43d7e4ab2df} => Key not found.
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65d7dc21-79ce-11e3-a804-d43d7e4ab2df} => Key deleted successfully.
HKCR\CLSID\{65d7dc21-79ce-11e3-a804-d43d7e4ab2df} => Key not found.
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76ce668e-7631-11e3-93b3-d43d7e4ab2df} => Key deleted successfully.
HKCR\CLSID\{76ce668e-7631-11e3-93b3-d43d7e4ab2df} => Key not found.
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a28f77e1-8c37-11e3-9b57-d43d7e4ab2df} => Key deleted successfully.
HKCR\CLSID\{a28f77e1-8c37-11e3-9b57-d43d7e4ab2df} => Key not found.
HKU\S-1-5-21-2861581720-2204672646-155532148-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8028c90-7a4d-11e3-9928-d43d7e4ab2df} => Key deleted successfully.
HKCR\CLSID\{b8028c90-7a4d-11e3-9928-d43d7e4ab2df} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1361FF91-724F-4925-863D-55DE8F15A8D9} => Key not found.
HKCR\Wow6432Node\CLSID\{1361FF91-724F-4925-863D-55DE8F15A8D9} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} => Key not found.
HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
Firefox newtab deleted successfully.
Firefox homepage deleted successfully.
C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml => Moved successfully.
C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com => Moved successfully.
C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com => Moved successfully.
C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\{56ecbd8d-d7f7-4e92-8bf1-77cdfb71c50a} => Moved successfully.
C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\addon@defaulttab.com.xpi => not found.
C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\Extensions\{47351c22-0d6c-4658-a617-795d251145e2}.xpi => Moved successfully.
C:\Users\Zorica\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc => Key not found.
"C:\Program Files\DefaultTab\DefaultTab.crx" => File/Directory not found.
Update SerialTrunc => Unable to stop service
Update SerialTrunc => Service deleted successfully.
Util SerialTrunc => Unable to stop service
Util SerialTrunc => Service deleted successfully.
DefaultTabUpdate => Service not found.


The system needed a reboot.

==== End of Fixlog ====

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:


filesrcm;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadrzaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Zorica on sub 15.03.2014 at 19:09:19,04.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: D:\yoek\zoek.scr [Scan all users] [Script inserted]

==== System Restore Info ======================

15.3.2014 19:10:25 Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Zorica\AppData\Local\Temp ====
2014-03-15 17:25:11 FF36DB9B1D2C31B69A2FF9F3302AD9C1 123744 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\npTestNetscapePlugIn.dll
2014-03-15 17:25:11 FE663EB781427A74B7BA0580B5291C01 2197856 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\launcher_lib.dll
2014-03-15 17:25:11 93E39287EA6223F80419CED7509A1C81 774496 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\msvcr100.dll
2014-03-15 17:25:11 7BADAAA902C197CEFAC5D4290D596739 421728 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\msvcp100.dll
2014-03-15 17:25:11 55EF42F2C0C48E932FEC3497254887C1 908640 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\libGLESv2.dll
2014-03-15 17:25:11 460E2177CF4DFF259591B0208304B4C6 108896 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\libEGL.dll
2014-03-15 17:25:11 29557D9E90D5D82F204CCB3EDDAEB588 109408 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\opera.dll
2014-03-15 17:25:11 1D5BF3935BD0726B8ECE8CE90D1C8520 2959712 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\osmesa.dll
2014-03-15 17:25:10 F0D5ECEC8CEB98E6ED5DFFFAF888F4B1 895328 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\ffmpegsumo.dll
2014-03-15 17:25:10 DFCC2AB70366974030BA252A2736B3D6 73568 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\wow_helper.exe
2014-03-15 17:25:10 CC259EAC3815F599F16D6FB564EF519B 3222880 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\d3dcompiler_46.dll
2014-03-15 17:25:10 A732F6C2F0CF19E6824831F541E0A83E 2244448 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\opera_autoupdate.exe
2014-03-15 17:25:10 9A2EE74633C4C43FFF22409AFCDB85C7 10093408 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\icudt.dll
2014-03-15 17:25:10 3FD13BCA61C39F699C5A42ACEF1C603A 1380192 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\opera_crashreporter.exe
2014-03-15 17:25:09 D5206DAB58A8743519D366BE1A353C23 1598304 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\launcher.exe
2014-03-15 17:25:09 3A7AA5C007EE6DB6AE0C1E24C947A6F7 46141792 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\opera.exe
2014-03-15 17:24:11 46FBFD914BF3F2F088207D42C62396D1 34727504 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\Opera_20.0.1387.77_Autoupdate.exe
2014-03-14 06:29:39 0D0AE1B62B9A50C65A3934E5A6CF5CE5 34827424 ----a-w- C:\Users\Zorica\AppData\Local\Temp\SkypeSetup.exe
2014-03-14 02:43:21 F6278B5A16F830885B184D5F72E1B935 947200 ----a-w- C:\Users\Zorica\AppData\Local\Temp\htmlayout.dll
====== Java Cache =====
====== C:\Windows\system32 =====
2014-03-12 11:44:47 B0BE998802DEDEE1FD8F5E5F9F207A30 509440 ----a-w- C:\Windows\System32\qedit.dll
2014-03-12 11:44:45 8B521873651E62EF5868DC7B339959DB 32768 ----a-w- C:\Windows\System32\iernonce.dll
2014-03-12 11:44:45 7EDA015D4E74177A1B187326EDB14670 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-12 11:44:45 3B3EBF6E3C12DFDC6B29CBAC2F5519CC 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-12 11:44:45 1CEE521E90703BB8A01211C77747E727 43008 ----a-w- C:\Windows\System32\jsproxy.dll
2014-03-12 11:44:44 AAFEAB4FC9D70253F8C7E353E879E8A2 1820160 ----a-w- C:\Windows\System32\wininet.dll
2014-03-12 11:44:44 69C9F0607AF94C7162BBD25E222D4E0E 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-12 11:44:44 6744457C09B9B8176CC3ECC2D0EE6580 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-12 11:44:44 4605E0295C8E742B28FD63D255322795 703488 ----a-w- C:\Windows\System32\ieapfltr.dll
2014-03-12 11:44:44 2CF6CF90BF7FE0E616C363343FFA686B 553472 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-12 11:44:43 E84073A2F2D3A9448CA02F48B0360490 440832 ----a-w- C:\Windows\System32\ieui.dll
2014-03-12 11:44:43 C8DBE0B5297FD85D7311E4791103517B 112128 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-12 11:44:43 BD5E6C894130E7BB7ECE9A0925383068 2168320 ----a-w- C:\Windows\System32\iertutil.dll
2014-03-12 11:44:42 FC46FE32B043CA7251B1D707B91BA6A7 4244480 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-12 11:44:42 70462E0A4E293FC80620AB945D8A59BB 17074688 ----a-w- C:\Windows\System32\mshtml.dll
2014-03-12 11:44:41 A045DAE4D242A9A50FF6902774C55BE0 524288 ----a-w- C:\Windows\System32\msfeeds.dll
2014-03-12 11:44:41 5C207FABA707CE496E1E0A304925D1E5 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-12 11:44:41 0FF358906F2333B26267BC0064DC02C4 1156096 ----a-w- C:\Windows\System32\urlmon.dll
2014-03-12 11:44:40 E23497E11866154A97BA9877656113FE 1964032 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-12 11:44:40 B61F47EB8CACBE09C8117E4FF7D9656D 164864 ----a-w- C:\Windows\System32\msrating.dll
2014-03-12 11:44:40 B0CBC5A7D9278DCD5B230E1E50CCA5F6 61952 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-12 11:44:40 35523AF349702302EBC08D0D83661A78 208896 ----a-w- C:\Windows\System32\ie4uinit.exe
2014-03-12 11:44:39 4831AA1A6A112ACCEE240C9D5FA2108B 11266048 ----a-w- C:\Windows\System32\ieframe.dll
2014-03-12 11:43:21 7CC38741B8F68F1E0D5D79DA6123666A 185344 ----a-w- C:\Windows\System32\wwansvc.dll
2014-03-12 11:43:19 204689EC38738BE7C07F79B745733747 2349056 ----a-w- C:\Windows\System32\win32k.sys
2014-03-12 11:43:14 A054EA8FBE16D4D34F06D81A4F0088E2 1230336 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-12 11:43:13 4F8CCD3E7D9F17A7C60FA0AE2466CACF 381440 ----a-w- C:\Windows\System32\wer.dll
====== C:\Windows\system32\drivers =====
====== C:\Windows\Tasks ======
2014-03-05 13:44:35 76630901D31484EEC2FB282B818D2731 3910 ----a-w- C:\Windows\system32\Tasks\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000UA
2014-03-05 13:44:35 64429EA520808F52C4A4F2B5E4A48BF5 932 ----a-w- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000UA.job
2014-03-05 13:44:34 ADAEADDA48A3DC4A19869740EB407B2F 3542 ----a-w- C:\Windows\system32\Tasks\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000Core
2014-03-05 13:44:34 27CFC8BF9FA47D3CB40D6C39736C6306 910 ----a-w- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000Core.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-03-15 17:31:55 -------- d-----w- C:\Program Files\VS Revo Group
2014-03-13 20:24:08 -------- d-----w- C:\Program Files\AVG
2014-03-04 13:08:34 -------- d-----w- C:\Program Files\Common Files\Skype
2014-03-04 13:08:34 -------- d-----r- C:\Program Files\Skype
2014-02-27 20:47:50 -------- d-----w- C:\Program Files\SerialTrunc
2014-02-16 18:03:31 -------- d-----w- C:\Program Files\Plus-HD-8.1
======= C: =====
====== C:\Users\Zorica\AppData\Roaming ======
2014-03-15 17:31:55 -------- d-----w- C:\Users\Zorica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2014-03-14 23:03:54 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\AVG
2014-03-13 21:10:46 -------- d-----w- C:\Users\Zorica\AppData\Roaming\AVG
2014-03-13 20:41:43 -------- d-----w- C:\Users\Zorica\AppData\Roaming\AVG2014
2014-03-13 20:39:46 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\AVG2014
2014-03-13 20:36:31 -------- d-----w- C:\Users\Zorica\AppData\Roaming\TuneUp Software
2014-03-13 20:24:11 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014
2014-03-13 20:15:37 -------- d-----w- C:\Users\Zorica\AppData\Local\Avg2014
2014-02-27 20:47:13 -------- d-----w- C:\Users\Zorica\AppData\Roaming\YourFileDownloader
====== C:\Users\Zorica ======
2014-03-15 17:31:27 4F99CAE27FFD46712E65C21444AACDFC 2623656 ----a-w- C:\Users\Zorica\Downloads\revosetup.exe
2014-03-15 15:34:54 21276A10865DDDD55994DCBFEA93C9A7 3100868 ----a-w- C:\Users\Zorica\Downloads\14015_1017673869_Pinout_3_0_1_51.exe
2014-03-13 21:02:28 -------- d-----w- C:\ProgramData\AVG
2014-03-13 21:02:13 -------- d-sh--w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-13 20:36:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-03-13 20:26:12 -------- d-----w- C:\ProgramData\AVG2014
2014-03-04 13:08:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-02-16 18:02:49 -------- d-----w- C:\ProgramData\DAEMON Tools Lite

====== C: exe-files ==
2014-03-15 17:45:09 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Zorica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U0NYURK1\FRST[1].exe
2014-03-15 17:31:56 761102A9B90EC601E8B3071120063D74 87550 ----a-w- C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
2014-03-15 17:31:27 4F99CAE27FFD46712E65C21444AACDFC 2623656 ----a-w- C:\Users\Zorica\Downloads\revosetup.exe
2014-03-15 17:25:10 DFCC2AB70366974030BA252A2736B3D6 73568 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\wow_helper.exe
2014-03-15 17:25:10 A732F6C2F0CF19E6824831F541E0A83E 2244448 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\opera_autoupdate.exe
2014-03-15 17:25:10 3FD13BCA61C39F699C5A42ACEF1C603A 1380192 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\opera_crashreporter.exe
2014-03-15 17:25:09 D5206DAB58A8743519D366BE1A353C23 1598304 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\launcher.exe
2014-03-15 17:25:09 3A7AA5C007EE6DB6AE0C1E24C947A6F7 46141792 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\opera.exe
2014-03-15 17:24:11 46FBFD914BF3F2F088207D42C62396D1 34727504 ----a-w- C:\Users\Zorica\AppData\Local\Temp\CProgram FilesOpera\installing\Opera_20.0.1387.77_Autoupdate.exe
2014-03-15 15:35:07 BF7CA59B44E4668EA3E5D07C963175D2 1374720 ----a-w- C:\Users\Zorica\Downloads\Pinout\PinoutMaster.exe
2014-03-15 15:35:07 B608FCEE1917E83BF4B83FF5CAA38E13 307200 ----a-w- C:\Users\Zorica\Downloads\Pinout\helpers\PAEXT.EXE
2014-03-15 15:35:07 5582BE19B7E2BACA02DC3B3C639D3985 656896 ----a-w- C:\Users\Zorica\Downloads\Pinout\PinoutUpdater.exe
2014-03-15 15:34:54 21276A10865DDDD55994DCBFEA93C9A7 3100868 ----a-w- C:\Users\Zorica\Downloads\14015_1017673869_Pinout_3_0_1_51.exe
2014-03-15 12:28:11 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Zorica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TH91RUBI\SkypeSetupFull[1].exe
2014-03-14 06:29:39 0D0AE1B62B9A50C65A3934E5A6CF5CE5 34827424 ----a-w- C:\Users\Zorica\AppData\Local\Temp\SkypeSetup.exe
2014-03-14 03:20:40 6B2DC0ED17771CF937B83D40C542EA5D 1043744 ----a-w- C:\Users\Zorica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikgjcmfodgjkcgimppbdnkmdhmepjckc\10.26.9.505_0\nativeMessaging\TBMessagingHost.exe
2014-03-13 20:25:30 6DEFFDDFC20ED1DCB86480240FC76D76 266768 ----a-w- C:\Program Files\AVG\AVG2014\avgndisx.exe
2014-03-12 11:44:45 3B3EBF6E3C12DFDC6B29CBAC2F5519CC 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-12 11:44:44 6744457C09B9B8176CC3ECC2D0EE6580 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-12 11:44:43 C8DBE0B5297FD85D7311E4791103517B 112128 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-12 11:44:40 3A3BEA53F039CE2E997A918E26E30B1D 808152 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-03-12 11:44:40 35523AF349702302EBC08D0D83661A78 208896 ----a-w- C:\Windows\System32\ie4uinit.exe
2014-03-12 11:44:39 2A0FAE869BC99A460FEFD832F261DCC9 469504 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
=== C: other files ==
2014-03-12 11:43:19 204689EC38738BE7C07F79B745733747 2349056 ----a-w- C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2861581720-2204672646-155532148-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"WinFLTray"="C:\Windows\system32\WinFLTray.exe"
"FLBackup"="C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe"
"MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe"
"WinThemePack Logon"="C:\Program Files\WinThemePack\Magic The Gathering Logon Screen\tweak.exe /sequential"
"svchost"="regsvr32 /s C:\Temp:0031ED2C.dat"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Fences"="C:\Program Files\Stardock\Fences\Fences.exe /startup"
"AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WinFLTray"="C:\Windows\system32\WinFLTray.exe"
"FLBackup"="C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe"
"MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe"
"WinThemePack Logon"="C:\Program Files\WinThemePack\Magic The Gathering Logon Screen\tweak.exe /sequential"
"svchost"="regsvr32 /s C:\Temp:0031ED2C.dat"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ApnUpdater"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Ask.com\\Updater\\Updater.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Badoo Desktop]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Badoo Desktop"
"hkey"="HKCU"
"command"="C:\\ProgramData\\Badoo\\Badoo Desktop\\1.6.58.1220\\Badoo.Desktop.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCSSync"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Pro Agent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Pro Agent"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\DAEMON Tools Pro\\DTAgent.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Facebook Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Zorica\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightShot]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LightShot"
"hkey"="HKCU"
"command"="C:\\Users\\Zorica\\AppData\\Local\\Skillbrains\\lightshot\\Lightshot.exe Flags: uninsdeletevalue"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mobilegeni daemon"
"hkey"="HKLM"
"command"="C:\\Program Files\\Mobogenie\\DaemonProcess.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mylbx]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mylbx"
"hkey"="HKLM"
"command"="C:\\Program Files\\My Lockbox\\mylbx.exe /a"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroFilterCheck"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\NeroCheck.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Overwolf]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Overwolf"
"hkey"="HKCU"
"command"="C:\\Program Files\\Overwolf\\Overwolf.exe -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\playnowradio]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="playnowradio"
"hkey"="HKCU"
"command"="C:\\Users\\Zorica\\AppData\\Local\\playnowradio\\playnowradio\\1.3.3.19\\playnowradio.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RTHDVCPL"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Realtek\\Audio\\HDA\\RtkNGUI.exe\" -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Tiny download manager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Tiny download manager"
"hkey"="HKCU"
"command"="\"C:\\Users\\Zorica\\AppData\\Local\\DM\\TinyDM.exe\" /M"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateMyDrivers]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UpdateMyDrivers"
"hkey"="HKCU"
"command"="C:\\Program Files\\SmartTweak\\UpdateMyDrivers\\UpdateMyDrivers.exe /ot /as /ss"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateMyDrivers.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UpdateMyDrivers.exe"
"hkey"="HKCU"
"command"="C:\\Program Files\\SmartTweak\\UpdateMyDrivers\\UpdateMyDrivers.exe /ot /as /ss"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="uTorrent"
"hkey"="HKCU"
"command"="\"C:\\Users\\Zorica\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"DAEMON Tools Pro Agent"="\"C:\\Program Files\\DAEMON Tools Pro\\DTAgent.exe\" -autorun"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"
"WinFLTray"="C:\\Windows\\system32\\WinFLTray.exe"
"Facebook Update"="\"C:\\Users\\Zorica\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"
"Pokki"="C:\\Windows\\system32\\rundll32.exe \"C:\\Users\\Zorica\\AppData\\Local\\Pokki\\Engine\\LaunchDeskband.dll\",RunLaunchDeskband"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"RTHDVCPL"="C:\\Program Files\\Realtek\\Audio\\HDA\\RtkNGUI.exe -s"
"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""
"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""


==== Startup Folders ======================

2014-02-03 18:21:35 1998 ----a-w- C:\Users\Zorica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12.03.2014 18:38]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000Core.job --a------ C:\Users\Zorica\AppData\Local\Facebook\Update\FacebookUpdate.exe [05.03.2014 14:44]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000UA.job --a------ C:\Users\Zorica\AppData\Local\Facebook\Update\FacebookUpdate.exe [05.03.2014 14:44]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19.08.2013 19:53]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19.08.2013 19:53]
C:\Windows\tasks\update-S-1-5-21-2861581720-2204672646-155532148-1000.job --a------ C:\Program Files\Skillbrains\Updater\Updater.exe [27.09.2013 12:37]
C:\Windows\tasks\update-sys.job --a------ C:\Program Files\Skillbrains\Updater\Updater.exe [27.09.2013 12:37]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000Core" [C:\Users\Zorica\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000UA" [C:\Users\Zorica\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\RunAsStdUser Task" [C:\Program Files\Pogo Games\PogoDGC.exe]
"C:\Windows\system32\tasks\update-S-1-5-21-2861581720-2204672646-155532148-1000" [C:\Program Files\Skillbrains\Updater\Updater.exe]
"C:\Windows\system32\tasks\update-sys" [C:\Program Files\Skillbrains\Updater\Updater.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default
- GoPhotoIt - %ProfilePath%\extensions\gophoto@gophoto.it.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default
95812430959AE88CDD0301AB3A71913B - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash
A9C86900D2A61728C8326FE7147617C5 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update
01D93217A9EE48DD37072B671378CC9C - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Zorica\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
69AA47F09AA281C7D3C7716CA7E283B4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
380F9A643A149B9030142E7171EFA91B - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
D7EFF0B98C370E03D7E2593399D9B669 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
75A1232EAC640B782CDD2132B5271AA8 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
28986F0A2342A033345EF9E70D395E4F - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ikgjcmfodgjkcgimppbdnkmdhmepjckc - C:\Users\Zorica\AppData\Local\CRE\ikgjcmfodgjkcgimppbdnkmdhmepjckc.crx[03.11.2013 17:57]
kiplfnciaokpcennlkldkdaeaaomamof - C:\Users\Zorica\AppData\Local\Torch\Plugins\TorchPlugin.crx[]
pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files\Gophoto.it\gophotoit16.crx[08.08.2013 13:07]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
ikgjcmfodgjkcgimppbdnkmdhmepjckc - C:\Users\Zorica\AppData\Local\CRE\ikgjcmfodgjkcgimppbdnkmdhmepjckc.crx[03.11.2013 17:57]

Mario Forever DM - Zorica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikgjcmfodgjkcgimppbdnkmdhmepjckc
Google Wallet - Zorica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GoPhoto.it - Zorica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
DefaultTab - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on sub 15.03.2014 at 19:15:46,10 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ponovo pokreni zoek ;


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;


U beli okvir prozora iskopiraj sledeći tekst:


autoclean;
C:\Users\Zorica\AppData\Roaming\YourFileDownloader;fs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater];r
"command"=-;r
C:\\Program Files\\Ask.com;fs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Badoo Desktop];r
"command"=-r
C:\\ProgramData\\Badoo\\Badoo Desktop;fs
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon];r
"item"=-;r
"command"=-;r
C:\\Program Files\\Mobogenie;fs
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\playnowradio];r
"item"=-;r
"command"=-;r
C:\\Users\\Zorica\\AppData\\Local\\playnowradio;fs
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Tiny download manager];r
"command"=-;r
"item"=;r
C:\\Users\\Zorica\\AppData\\Local\\DM;fs
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc;chr
C:\Users\Zorica\AppData\Local\CRE\ikgjcmfodgjkcgimppbdnkmdhmepjckc.crx;chr
emptyalltemp;
emptyclsid;




Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadrzaj tog loga u poruku.