qvo6.com u browseru ,pravi pakao ?

qvo6.com u browseru ,pravi pakao ?

offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

Napisano: 08 Jul 2013 11:24

naseo sam prilikom skidanja novog antivirusa,bilo je nesto drugo,instalirao gomilu gluposti ,u mozzili mi izbacuje non stop qvo6.com i pokrece neke glupe aplikacije,avast je bespomocan kao i mallwarebytes ...

evo loga....


https://www.mycity.rs/must-login.png


https://www.mycity.rs/must-login.png



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16446
Run by vinko at 11:15:32 on 2013-07-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.381.1033.18.6046.3289 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Conexant\SA3\CxUtilSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\ProgramData\DatacardService\HWDeviceService64.exe
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\vinko\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Conexant\SA3\SmartAudio3.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\ProgramData\mts mobilni internet\OnlineUpdate\ouc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Elantech\ETDGesture.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
C:\Windows\SysWOW64\schtasks.exe
C:\ProgramData\eSafe\eGdpSvc.exe
C:\Users\vinko\AppData\Roaming\WebCake\WebCakeDesktop.exe
C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
C:\Program Files (x86)\WinZipper\winzipersvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\BitLord\BitLord.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=9620685D43CF70E8&affID=123511&tt=070713_91114&tsp=4937
uDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: WebCake: {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: SelectionLinks: {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [uTorrent] "C:\Users\vinko\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [WebCake Desktop] "C:\Users\vinko\AppData\Roaming\WebCake\WebCakeDesktop.exe"
uRun: [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
uRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
uRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f
uRunOnce: [adawarebp_DATA_FOLDER] cmd.exe /c rmdir "C:\ProgramData\Ad-Aware Browsing Protection" /s /q
uRunOnce: [adawarebp_INSTALL_FOLDER] cmd.exe /c rmdir "C:\Users\vinko\AppData\Local\adawarebp" /s /q
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce: [sevenzipwkms] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{061DF22E-C383-4A65-88C0-2B5310AD8C54} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{061DF22E-C383-4A65-88C0-2B5310AD8C54}\44D402B4F6D6562736 : DHCPNameServer = 178.79.22.6 178.79.0.3
TCP: Interfaces\{47A8B75B-7993-4F3E-8A36-B6073C560767} : NameServer = 195.178.38.3 195.178.38.8
TCP: Interfaces\{884AF92C-3E0E-4464-B8E1-A7352D83A02B} : NameServer = 195.178.38.3 195.178.38.8
TCP: Interfaces\{900C9A5D-A9CE-4B48-9F58-AD94B3D6AB6B} : NameServer = 195.178.38.3 195.178.38.8
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\safesa~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = DPPassFilter scecli
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
x64-mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
x64-mSearchAssistant = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=0
x64-mCustomizeSearch = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=0
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0 /dne /s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [ACPW06EN] "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06EN
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.homesearch-hub.info/?pid=1089&r=2013/06/17&hid=821402009&lg=EN&cc=RS&unqvl=20&l=1&q=
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: keyword.URL -
FF - prefs.js: browser.startup.homepage -
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - ExtSQL: 2013-06-17 09:51; {EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}; C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}
FF - ExtSQL: 2013-07-08 09:32; plugin@getwebcake.com; C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\plugin@getwebcake.com
FF - ExtSQL: 2013-07-08 10:33; ffxtlbr@delta.com; C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\ffxtlbr@delta.com
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.mixidj.tlbrSrchUrl -
FF - user.js: extensions.mixidj.id - 96208bd5000000000000685d43cf70e8
FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
FF - user.js: extensions.mixidj.instlDay - 15873
FF - user.js: extensions.mixidj.vrsn - 1.8.18.8
FF - user.js: extensions.mixidj.vrsni - 1.8.18.8
FF - user.js: extensions.mixidj.vrsnTs - 1.8.18.89:51:55
FF - user.js: extensions.mixidj.prtnrId - mixidj
FF - user.js: extensions.mixidj.prdct - mixidj
FF - user.js: extensions.mixidj.aflt - babsst
FF - user.js: extensions.mixidj.smplGrp - none
FF - user.js: extensions.mixidj.tlbrId - baseyh
FF - user.js: extensions.mixidj.instlRef - sst
FF - user.js: extensions.mixidj.dfltLng - en
FF - user.js: extensions.mixidj.excTlbr - false
FF - user.js: extensions.mixidj.ffxUnstlRst - false
FF - user.js: extensions.mixidj.admin - false
FF - user.js: extensions.mixidj.autoRvrt - false
FF - user.js: extensions.mixidj.rvrt - false
FF - user.js: extensions.mixidj.newTab - false
FF - user.js: extentions.webcake.installId - c4c565a1-0f7d-4c27-a3e5-35510cee505c
FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 96208bd5000000000000685d43cf70e8
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15894
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.510:33:01
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=123511&tt=070713_91114&tsp=4937
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-8-15 31872]
R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-4-19 14456]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-8-15 16152]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-8-15 22128]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-7-8 22664]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-7-8 377992]
R2 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-9-16 39528]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-15 235520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-7-8 33472]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-7-8 80888]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-7-8 45248]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-5-15 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-5-15 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-17 135952]
R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-8-15 109184]
R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-15 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-11 627936]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-8 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-8 701512]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-8-15 1695040]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208]
R2 SrvUpdater;Software Updater;C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [2012-12-21 31744]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-8-15 363800]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2011-8-18 3175728]
R2 WebCake Desktop Updater;WebCake Desktop Updater;C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [2013-7-8 23552]
R2 winzipersvc;WinZiper service;C:\Program Files (x86)\WinZipper\winzipersvc.exe [2013-7-8 424104]
R2 WsysSvc;Wsys Service;C:\ProgramData\eSafe\eGdpSvc.exe [2013-7-8 386112]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-3-29 2669840]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
R3 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-7-8 177672]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2012-2-13 95232]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2012-2-13 747008]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-8-15 176000]
R3 ETD;Dell Touchpad;C:\Windows\System32\drivers\ETD.sys [2012-8-15 201008]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-12-7 86016]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2012-3-21 60928]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-8-15 331264]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-8-15 14745600]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-8-15 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-8-15 787736]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-1-27 25496]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-7-8 25928]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-8-15 313448]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-8-15 646248]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_ACCEL.sys [2012-8-15 67184]
S0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-7-8 65408]
S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-7-8 1025880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-10 166912]
S2 mts mobilni internet. RunOuc;mts mobilni internet. OUC;C:\Program Files (x86)\mts mobilni internet\UpdateDog\ouc.exe [2012-12-7 239968]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
S3 athur;Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2012-11-22 1847296]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-5-15 1304912]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-12-7 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2012-12-7 13952]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\System32\drivers\ewusbwwan.sys [2012-12-7 421376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-3 1432400]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-1-27 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-3-29 273168]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-12-14 25072]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2013-07-08 08:36:59 -------- d-----w- C:\Users\vinko\AppData\Roaming\Malwarebytes
2013-07-08 08:36:53 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-08 08:36:52 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-07-08 08:36:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-08 08:33:12 -------- d-----w- C:\Users\vinko\AppData\Roaming\BabSolution
2013-07-08 08:33:01 -------- d-----w- C:\Program Files (x86)\Delta
2013-07-08 08:33:00 -------- d-----w- C:\Users\vinko\AppData\Roaming\Delta
2013-07-08 08:21:12 -------- d-----w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-07-08 08:10:08 -------- d-----w- C:\Program Files (x86)\Enigma Software Group
2013-07-08 08:00:25 -------- d-----w- C:\ProgramData\MCShield
2013-07-08 08:00:25 -------- d-----w- C:\Program Files (x86)\MCShield
2013-07-08 07:54:08 -------- d-----w- C:\Program Files\Enigma Software Group
2013-07-08 07:53:50 -------- d-----w- C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-08 07:46:49 -------- d-----w- C:\Users\vinko\AppData\Roaming\337
2013-07-08 07:44:15 -------- d-----w- C:\Program Files (x86)\Omiga Plus
2013-07-08 07:44:02 -------- d-----w- C:\Users\vinko\AppData\Roaming\WinZipper
2013-07-08 07:44:02 -------- d-----w- C:\Program Files (x86)\WinZipper
2013-07-08 07:43:23 80888 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-07-08 07:43:23 71064 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-07-08 07:43:23 65408 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-07-08 07:43:23 22664 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2013-07-08 07:43:23 177672 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-07-08 07:43:23 1025880 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-07-08 07:42:56 41664 ----a-w- C:\Windows\avastSS.scr
2013-07-08 07:32:22 -------- d-----w- C:\Users\vinko\AppData\Roaming\WebCake
2013-07-08 07:32:22 -------- d-----w- C:\Program Files (x86)\WebCake
2013-07-08 07:32:10 -------- d-----w- C:\ProgramData\Tarma Installer
2013-07-08 07:32:09 -------- d-----w- C:\ProgramData\eSafe
2013-07-08 07:32:05 -------- d-----w- C:\Users\vinko\AppData\Roaming\Desk 365
2013-07-08 07:32:05 -------- d-----w- C:\Program Files (x86)\Desk 365
2013-07-08 07:31:39 -------- d-----w- C:\Users\vinko\AppData\Roaming\eIntaller
2013-07-08 07:31:38 -------- d-----w- C:\Users\vinko\AppData\Local\SwvUpdater
2013-07-08 07:31:25 -------- d-----w- C:\ProgramData\BrowserDefender
2013-07-08 07:31:08 -------- d-----w- C:\Program Files (x86)\SoftwareUpdater
2013-07-06 06:19:30 -------- d-----w- C:\Users\vinko\AppData\Roaming\ACD Systems
2013-07-06 06:19:30 -------- d-----w- C:\Users\vinko\AppData\Local\ACD Systems
2013-07-06 06:19:09 -------- d-----w- C:\ProgramData\ACD Systems
2013-07-06 06:19:05 -------- d-----w- C:\Program Files\Common Files\ACD Systems
2013-07-06 06:19:05 -------- d-----w- C:\Program Files\ACD Systems
2013-07-06 06:18:29 -------- d-----w- C:\Users\vinko\AppData\Local\Downloaded Installations
2013-07-03 08:53:27 -------- d-----w- C:\Users\vinko\AppData\Roaming\Photo DVD Slideshow
2013-07-03 08:53:12 -------- d-----w- C:\Program Files (x86)\Photo DVD Slideshow Professional
2013-07-03 08:06:13 -------- d-----w- C:\MySlideshow
2013-07-02 07:45:34 -------- d-----w- C:\ProgramData\ArcSoft
2013-07-02 07:45:33 -------- d-----w- C:\Users\vinko\AppData\Local\ArcSoft
2013-07-02 07:45:08 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-07-02 07:45:08 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-07-02 07:45:08 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-07-02 07:45:08 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-07-02 07:45:08 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-07-02 06:38:17 -------- d-----w- C:\ProgramData\Anvsoft
2013-07-02 06:38:09 -------- d-----w- C:\Program Files (x86)\DVD Photo Slideshow Professional
2013-06-20 08:38:33 -------- d-----w- C:\Users\vinko\AppData\Local\4A Games
2013-06-20 08:18:56 -------- d-----w- C:\Program Files (x86)\Metro Last Light
2013-06-19 11:32:31 -------- d-----w- C:\Users\vinko\AppData\Local\ApplicationHistory
2013-06-17 07:51:29 -------- d-----w- C:\Users\vinko\AppData\Roaming\Babylon
2013-06-17 07:51:29 -------- d-----w- C:\ProgramData\Babylon
2013-06-17 07:51:23 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-06-17 07:50:58 -------- d-----w- C:\Program Files (x86)\OApps
2013-06-17 07:31:52 -------- d-----w- C:\Users\vinko\AppData\Roaming\uTorrent
2013-06-17 07:27:29 -------- d-----w- C:\ProgramData\StarApp
2013-06-17 07:27:08 -------- d-----w- C:\Program Files (x86)\WebSearch
2013-06-17 07:26:54 -------- d-----w- C:\Program Files (x86)\Optimizer Pro
2013-06-17 07:26:31 -------- d-----w- C:\Program Files (x86)\SafeSaver
2013-06-17 07:25:51 -------- d-----w- C:\ProgramData\InstallMate
2013-06-14 11:38:52 -------- d-----w- C:\ProgramData\YTD Video Downloader
2013-06-14 11:38:50 -------- d-----w- C:\Program Files (x86)\GreenTree Applications
2013-06-13 06:27:49 -------- d-----w- C:\YuRecnik
2013-06-12 08:28:47 -------- d-----w- C:\Program Files (x86)\8monkey Labs
2013-06-12 08:23:45 9089416 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-06-12 07:17:57 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
2013-06-12 06:56:34 -------- d-----w- C:\Users\vinko\AppData\Roaming\StarTrekPC
2013-06-12 06:40:55 -------- d-----w- C:\Program Files (x86)\Star Trek
2013-06-11 13:23:21 -------- d-----w- C:\Program Files (x86)\Manual
2013-06-11 13:23:21 -------- d-----w- C:\Program Files (x86)\Common Files\Digidesign
2013-06-11 13:23:20 5811712 ----a-w- C:\Program Files (x86)\Nexus.dll
2013-06-11 13:23:20 1332224 ----a-w- C:\Windows\SysWow64\SYNSOEMU.DLL
2013-06-11 13:23:20 -------- d-----w- C:\Program Files (x86)\Uninstall Nexus
.
==================== Find3M ====================
.
2013-06-12 08:23:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 08:23:55 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-04-19 18:22:54 14456 ----a-w- C:\Windows\System32\drivers\gfibto.sys
2013-04-19 14:20:57 27256 ----a-w- C:\Windows\System32\drivers\FixZeroAccess.sys
.
============= FINISH: 11:16:15,98 ===============

Dopuna: 08 Jul 2013 11:38

evo report od cleaner-a preuzetog sa foruma .... ,nema ga vise,neka mi kaze neko strucniji dali je zavrsio posao....

# AdwCleaner v2.304 - Logfile created 07/08/2013 at 11:32:53
# Updated 03/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : vinko - VINKO-PC
# Boot Mode : Normal
# Running from : C:\Users\vinko\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : SrvUpdater

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\eSafe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml
File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\qvo6.xml
File Deleted : C:\Users\vinko\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\vinko\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\bprotector_extensions.sqlite
File Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\bprotector_prefs.js
File Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\searchplugins\Babylon.xml
File Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\searchplugins\delta.xml
File Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\searchplugins\mixidj.xml
File Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\searchplugins\WebSearch.xml
File Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
File Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
File Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
File Disinfected : C:\Users\vinko\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
File Disinfected : C:\Users\vinko\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
File Disinfected : C:\Users\vinko\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
File Disinfected : C:\Users\vinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
File Disinfected : C:\Users\vinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
File Disinfected : C:\Users\vinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
File Disinfected : C:\Users\vinko\Desktop\Internet Explorer (64-bit).lnk
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Delta
Folder Deleted : C:\Program Files (x86)\Desk 365
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\SoftwareUpdater
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\search protection
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\vinko\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn
Folder Deleted : C:\Users\vinko\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\vinko\AppData\Roaming\337
Folder Deleted : C:\Users\vinko\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\vinko\AppData\Roaming\Babylon
Folder Deleted : C:\Users\vinko\AppData\Roaming\Delta
Folder Deleted : C:\Users\vinko\AppData\Roaming\Desk 365
Folder Deleted : C:\Users\vinko\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\ffxtlbr@delta.com
Folder Deleted : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\plugin@getwebcake.com
Folder Deleted : C:\Users\vinko\AppData\Roaming\WebCake

***** [Registry] *****

Data Deleted : HKLM\...\StartMenuInternet\FIREFOX.EXE [(Default)] = C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
Data Deleted : HKLM\...\StartMenuInternet\Google Chrome [(Default)] = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
Data Deleted : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\safesa~1\sprote~1.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\websea~1\sprote~1.dll
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\delta LTD
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\520dcd9bc6eb844
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Desksvc
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\qvo6Software
Key Deleted : HKLM\Software\SoftwareUpdater
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\SOFTWARE\Wow6432Node\520dcd9bc6eb844
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16446

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=9620685D43CF70E8&affID=123511&tt=070713_91114&tsp=4937 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=1373268717 --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\prefs.js

C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\user.js ... Deleted !

Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=9620685D43CF70E8&a[...]
Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.homesearch-hub.info/?pid=1089&r=2013/06/17&[...]
Deleted : user_pref("browser.search.selectedEngine", "Delta Search");
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("extensions.delta.admin", false);
Deleted : user_pref("extensions.delta.aflt", "babsst");
Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Deleted : user_pref("extensions.delta.autoRvrt", "false");
Deleted : user_pref("extensions.delta.bbDpng", "8");
Deleted : user_pref("extensions.delta.cntry", "RS");
Deleted : user_pref("extensions.delta.dfltLng", "en");
Deleted : user_pref("extensions.delta.excTlbr", false);
Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Deleted : user_pref("extensions.delta.hdrMd5", "25F4B51CDF02368E7C1F2C90554E2112");
Deleted : user_pref("extensions.delta.id", "96208bd5000000000000685d43cf70e8");
Deleted : user_pref("extensions.delta.instlDay", "15894");
Deleted : user_pref("extensions.delta.instlRef", "sst");
Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.21.510:33:01");
Deleted : user_pref("extensions.delta.newTab", false);
Deleted : user_pref("extensions.delta.prdct", "delta");
Deleted : user_pref("extensions.delta.prtnrId", "delta");
Deleted : user_pref("extensions.delta.rvrt", "false");
Deleted : user_pref("extensions.delta.sg", "azb");
Deleted : user_pref("extensions.delta.smplGrp", "azb");
Deleted : user_pref("extensions.delta.tlbrId", "base");
Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.510:33:01");
Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Deleted : user_pref("extensions.delta_i.babExt", "");
Deleted : user_pref("extensions.delta_i.babTrack", "affID=123511&tt=070713_91114&tsp=4937");
Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Deleted : user_pref("extensions.enabledAddons", "%7BEB1EE743-FFA7-41AC-A370-49C3CA2AABD5%7D:1.5,plugin%40getwe[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://websearch.homesearch-hub.info[...]
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");

-\\ Google Chrome v27.0.1453.110

File : C:\Users\vinko\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.463] : urls_to_restore_on_startup ={"restore_on_startup": 4, [ "hxxp://www.delta-search.com/?babsrc=HP_s[...]

*************************

AdwCleaner[R1].txt - [21226 octets] - [08/07/2013 11:32:40]
AdwCleaner[S1].txt - [19059 octets] - [08/07/2013 11:32:53]

########## EOF - C:\AdwCleaner[S1].txt - [19120 octets] ##########

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Zasto si pokretao AdwCleaner, sada si mi poremetio gorepostavljen DDS log.
> Ponovo pokreni DDS i postavi mi svez DDS.txt log

offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

evo novih logova...


https://www.mycity.rs/must-login.png



https://www.mycity.rs/must-login.png



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16446
Run by vinko at 11:59:22 on 2013-07-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.381.1033.18.6046.3798 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\WinZipper\winzipersvc.exe
C:\ProgramData\eSafe\eGdpSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Conexant\SA3\SmartAudio3.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
C:\Users\vinko\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Conexant\SA3\CxUtilSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\ProgramData\DatacardService\HWDeviceService64.exe
C:\ProgramData\DatacardService\DCSHelper.exe
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\ProgramData\mts mobilni internet\OnlineUpdate\ouc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Elantech\ETDGesture.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\BitLord\BitLord.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\MCShield\MCShieldRTM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: SelectionLinks: {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} -
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [uTorrent] "C:\Users\vinko\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{061DF22E-C383-4A65-88C0-2B5310AD8C54} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{061DF22E-C383-4A65-88C0-2B5310AD8C54}\44D402B4F6D6562736 : DHCPNameServer = 178.79.22.6 178.79.0.3
TCP: Interfaces\{47A8B75B-7993-4F3E-8A36-B6073C560767} : NameServer = 195.178.38.3 195.178.38.8
TCP: Interfaces\{884AF92C-3E0E-4464-B8E1-A7352D83A02B} : NameServer = 195.178.38.3 195.178.38.8
TCP: Interfaces\{900C9A5D-A9CE-4B48-9F58-AD94B3D6AB6B} : NameServer = 195.178.38.3 195.178.38.8
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = DPPassFilter scecli
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.google.com
x64-mDefault_Page_URL = hxxp://www.google.com
x64-mSearchAssistant = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=0
x64-mCustomizeSearch = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD7500BPKT-75PK4T0_WD-WXF1E32MFZE1MFZE1&ts=0
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0 /dne /s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [ACPW06EN] "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06EN
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - ExtSQL: 2013-06-17 09:51; {EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}; C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}
FF - ExtSQL: 2013-07-08 09:43; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-8-15 31872]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-7-8 65408]
R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-4-19 14456]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-8-15 16152]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-8-15 22128]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-7-8 22664]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-7-8 1025880]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-7-8 377992]
R2 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-9-16 39528]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-15 235520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-7-8 33472]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-7-8 80888]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-7-8 45248]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-5-15 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-5-15 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-17 135952]
R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-8-15 109184]
R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-15 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-11 627936]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-8-15 1695040]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-8-15 363800]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2011-8-18 3175728]
R2 winzipersvc;WinZiper service;C:\Program Files (x86)\WinZipper\winzipersvc.exe [2013-7-8 424104]
R2 WsysSvc;Wsys Service;C:\ProgramData\eSafe\eGdpSvc.exe [2013-7-8 386112]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-3-29 2669840]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2012-2-13 95232]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2012-2-13 747008]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-8-15 176000]
R3 ETD;Dell Touchpad;C:\Windows\System32\drivers\ETD.sys [2012-8-15 201008]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-12-7 86016]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2012-3-21 60928]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-8-15 331264]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-8-15 14745600]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-8-15 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-8-15 787736]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-1-27 25496]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-8-15 313448]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-8-15 646248]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_ACCEL.sys [2012-8-15 67184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-10 166912]
S2 mts mobilni internet. RunOuc;mts mobilni internet. OUC;C:\Program Files (x86)\mts mobilni internet\UpdateDog\ouc.exe [2012-12-7 239968]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
S3 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-7-8 177672]
S3 athur;Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2012-11-22 1847296]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-5-15 1304912]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-12-7 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2012-12-7 13952]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\System32\drivers\ewusbwwan.sys [2012-12-7 421376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-3 1432400]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-1-27 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-3-29 273168]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-12-14 25072]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2013-07-08 09:39:03 -------- d-----w- C:\ProgramData\MCShield
2013-07-08 09:39:03 -------- d-----w- C:\Program Files (x86)\MCShield
2013-07-08 09:33:00 88 ----a-w- C:\Windows\DeleteOnReboot.bat
2013-07-08 08:36:59 -------- d-----w- C:\Users\vinko\AppData\Roaming\Malwarebytes
2013-07-08 08:36:53 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-08 08:21:12 -------- d-----w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-07-08 08:10:08 -------- d-----w- C:\Program Files (x86)\Enigma Software Group
2013-07-08 07:54:08 -------- d-----w- C:\Program Files\Enigma Software Group
2013-07-08 07:53:50 -------- d-----w- C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-08 07:44:02 -------- d-----w- C:\Users\vinko\AppData\Roaming\WinZipper
2013-07-08 07:44:02 -------- d-----w- C:\Program Files (x86)\WinZipper
2013-07-08 07:43:23 80888 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-07-08 07:43:23 71064 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-07-08 07:43:23 65408 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-07-08 07:43:23 22664 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2013-07-08 07:43:23 177672 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-07-08 07:43:23 1025880 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-07-08 07:42:56 41664 ----a-w- C:\Windows\avastSS.scr
2013-07-08 07:32:09 -------- d-----w- C:\ProgramData\eSafe
2013-07-06 06:19:30 -------- d-----w- C:\Users\vinko\AppData\Roaming\ACD Systems
2013-07-06 06:19:30 -------- d-----w- C:\Users\vinko\AppData\Local\ACD Systems
2013-07-06 06:19:09 -------- d-----w- C:\ProgramData\ACD Systems
2013-07-06 06:19:05 -------- d-----w- C:\Program Files\Common Files\ACD Systems
2013-07-06 06:19:05 -------- d-----w- C:\Program Files\ACD Systems
2013-07-06 06:18:29 -------- d-----w- C:\Users\vinko\AppData\Local\Downloaded Installations
2013-07-03 08:53:27 -------- d-----w- C:\Users\vinko\AppData\Roaming\Photo DVD Slideshow
2013-07-03 08:53:12 -------- d-----w- C:\Program Files (x86)\Photo DVD Slideshow Professional
2013-07-03 08:06:13 -------- d-----w- C:\MySlideshow
2013-07-02 07:45:34 -------- d-----w- C:\ProgramData\ArcSoft
2013-07-02 07:45:33 -------- d-----w- C:\Users\vinko\AppData\Local\ArcSoft
2013-07-02 07:45:08 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-07-02 07:45:08 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-07-02 07:45:08 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-07-02 07:45:08 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-07-02 07:45:08 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-07-02 06:38:17 -------- d-----w- C:\ProgramData\Anvsoft
2013-07-02 06:38:09 -------- d-----w- C:\Program Files (x86)\DVD Photo Slideshow Professional
2013-06-20 08:38:33 -------- d-----w- C:\Users\vinko\AppData\Local\4A Games
2013-06-20 08:18:56 -------- d-----w- C:\Program Files (x86)\Metro Last Light
2013-06-19 11:32:31 -------- d-----w- C:\Users\vinko\AppData\Local\ApplicationHistory
2013-06-17 07:51:23 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-06-17 07:31:52 -------- d-----w- C:\Users\vinko\AppData\Roaming\uTorrent
2013-06-17 07:27:29 -------- d-----w- C:\ProgramData\StarApp
2013-06-17 07:26:31 -------- d-----w- C:\Program Files (x86)\SafeSaver
2013-06-14 11:38:52 -------- d-----w- C:\ProgramData\YTD Video Downloader
2013-06-14 11:38:50 -------- d-----w- C:\Program Files (x86)\GreenTree Applications
2013-06-13 06:27:49 -------- d-----w- C:\YuRecnik
2013-06-12 08:28:47 -------- d-----w- C:\Program Files (x86)\8monkey Labs
2013-06-12 08:23:45 9089416 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-06-12 07:17:57 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
2013-06-12 06:56:34 -------- d-----w- C:\Users\vinko\AppData\Roaming\StarTrekPC
2013-06-12 06:40:55 -------- d-----w- C:\Program Files (x86)\Star Trek
2013-06-11 13:23:21 -------- d-----w- C:\Program Files (x86)\Manual
2013-06-11 13:23:21 -------- d-----w- C:\Program Files (x86)\Common Files\Digidesign
2013-06-11 13:23:20 5811712 ----a-w- C:\Program Files (x86)\Nexus.dll
2013-06-11 13:23:20 1332224 ----a-w- C:\Windows\SysWow64\SYNSOEMU.DLL
2013-06-11 13:23:20 -------- d-----w- C:\Program Files (x86)\Uninstall Nexus
.
==================== Find3M ====================
.
2013-06-12 08:23:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 08:23:55 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-04-19 18:22:54 14456 ----a-w- C:\Windows\System32\drivers\gfibto.sys
2013-04-19 14:20:57 27256 ----a-w- C:\Windows\System32\drivers\FixZeroAccess.sys
.
============= FINISH: 11:59:52,93 ===============

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:


emptyclsid;
iedefaults;
resetIEproxy;
C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5};f
ffdefaults;
WsysSvc;s
C:\ProgramData\eSafe;fs
C:\Program Files (x86)\MyPC Backup;fs
C:\ProgramData\StarApp;vs
C:\Windows\System32\drivers\FixZeroAccess.sys;f
ipconfig /flushdns >> %temp%\log.txt;b
emptyalltemp;
autoclean;
filesrcm;
startupall;
firefoxlook;
chromelook;



Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.

offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

Zoek.exe Version 4.0.0.3 Updated 05-July-2013
Tool run by vinko on pon 08.07.2013 at 12:32:49,85.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected

==== Older Logs ======================

C:\zoek-results08.07.2013-1231.log 396 bytes
C:\zoek-results08.07.2013-1232.log 399 bytes

==== Possible Rootkit Infection ======================

C:\Windows\installer\{5348a7e9-edf8-61b7-a25a-20573d2bd329}\U

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\winzipersvc deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\prefs.js:
user_pref("browser.startup.homepage", "www.google.com");
user_pref("browser.search.defaultenginename", "");
user_pref("browser.search.defaultenginename,S", "");
user_pref("browser.search.selectedEngine,S", "");
user_pref("browser.search.order.1", "");
user_pref("browser.search.order.1,S", "");
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default

user.js not found
---- Lines mixidj removed from prefs.js ----

user_pref("extensions.mixidj.admin", false);
user_pref("extensions.mixidj.aflt", "babsst");
user_pref("extensions.mixidj.appId", "{A2773ED4-83BD-488A-A186-73590706C916}");
user_pref("extensions.mixidj.autoRvrt", "false");
user_pref("extensions.mixidj.bbDpng", "17");
user_pref("extensions.mixidj.cntry", "RS");
user_pref("extensions.mixidj.dfltLng", "en");
user_pref("extensions.mixidj.excTlbr", false);
user_pref("extensions.mixidj.ffxUnstlRst", false);
user_pref("extensions.mixidj.hdrMd5", "EDBCCE6C3086416AD3DE8282AC438D7E");
user_pref("extensions.mixidj.id", "96208bd5000000000000685d43cf70e8");
user_pref("extensions.mixidj.instlDay", "15873");
user_pref("extensions.mixidj.instlRef", "sst");
user_pref("extensions.mixidj.lastVrsnTs", "1.8.18.89:51:55");
user_pref("extensions.mixidj.newTab", false);
user_pref("extensions.mixidj.prdct", "mixidj");
user_pref("extensions.mixidj.prtnrId", "mixidj");
user_pref("extensions.mixidj.rvrt", "false");
user_pref("extensions.mixidj.smplGrp", "none");
user_pref("extensions.mixidj.tlbrId", "baseyh");
user_pref("extensions.mixidj.tlbrSrchUrl", "");
user_pref("extensions.mixidj.vrsn", "1.8.18.8");
user_pref("extensions.mixidj.vrsni", "1.8.18.8");
user_pref("extensions.mixidj.vrsnTs", "1.8.18.89:51:55");

---- Lines mixidj modified from prefs.js ----


---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 3);

---- Lines browser.startup.page modified from prefs.js ----


---- FireFox user.js and prefs.js backups ----

prefs_08.07.2013_1235_.backup

==== Batch Command(s) Run By Tool======================


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

==== Deleting Files \ Folders ======================

"C:\windows\SysNative\drivers\FixZeroAccess.sys" deleted
"C:\Users\vinko\AppData\Roaming\All CPU MeterV3_Settings.ini" deleted
"C:\windows\SysNative\Tasks\EPUpdater" deleted
"C:\Users\vinko\Desktop\YTD Video Downloader.lnk" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\chrome.manifest" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\install.rdf" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\install.rdf.old" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content\.DS_Store" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content\firefoxOverlay.xul" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content\installid.js" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content\overlay.js" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content\vfdownload.js" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content\vfdownload.js.old" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\defaults\.DS_Store" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\locale\.DS_Store" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\skin\overlay.css" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\defaults\preferences\.DS_Store" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\defaults\preferences\vfdownload.js" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\locale\en-US\.DS_Store" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\locale\en-US\._vfdownload.properties" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\locale\en-US\vfdownload.properties" deleted
"C:\Program Files (x86)\WinZipper\eshellctx64.dll" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}" deleted
"C:\Windows\installer\{5348a7e9-edf8-61b7-a25a-20573d2bd329}" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\content" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\defaults" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\locale" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\skin" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\defaults\preferences" deleted
"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\{EB1EE743-FFA7-41AC-A370-49C3CA2AABD5}\locale\en-US" deleted
"C:\Windows\installer\{5348a7e9-edf8-61b7-a25a-20573d2bd329}\U" deleted
"C:\ProgramData\eSafe" deleted
"C:\Program Files (x86)\MyPC Backup" deleted
"C:\Program Files (x86)\WinZipper" not deleted
"C:\Program Files (x86)\MyPC Backup" deleted
"C:\Users\vinko\AppData\Roaming\WinZipper" deleted
"C:\ProgramData\eSafe" deleted
"C:\ProgramData\StarApp" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-07-08 09:33:00 FBD1D9D84539A98536228C420858FA31 88 ----a-w- C:\Windows\DeleteOnReboot.bat
2013-07-08 07:42:56 89FCD919CDD3AC855BB717BC080CE838 41664 ----a-w- C:\Windows\avastSS.scr
====== C:\Users\vinko\AppData\Local\Temp ====
2013-07-08 08:34:21 C39FC6F184C127F4FC5A8412BB27CB8A 573440 ----a-w- C:\Users\vinko\AppData\Local\Temp\OptimizerPro.exe
2013-07-08 08:32:38 586C879732A6790862EC0B0BE8FBF6BD 10956254 ----a-w- C:\Users\vinko\AppData\Local\Temp\MBAW_App_Installer.exe
2013-07-08 07:54:10 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\vinko\AppData\Local\Temp\ESGScanner.sys
2013-07-08 07:51:12 B575AB32F77C20EB24D2EB4822B0EFBA 46646352 ----a-w- C:\Users\vinko\AppData\Local\Temp\SHSetup.exe
2013-07-08 07:30:40 AD2BA9E9F4B8A4BC85654E6B735DA0CC 131956321 ----a-w- C:\Users\vinko\AppData\Local\Temp\Avast_App_Installer.exe
2013-07-08 07:20:38 E565BD591BF472D62B580324164B0DAB 43545 ------w- C:\Users\vinko\AppData\Local\Temp\Setup.exe
2013-07-05 05:28:33 F10E9620F1D0EDEC56C0C1E1790CEAB9 31668328 ----a-w- C:\Users\vinko\AppData\Local\Temp\SkypeSetup.exe
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2013-07-08 07:43:23 FA5820B2A57D098EE2DFDBF77A924A4D 22664 ----a-w- C:\Windows\Sysnative\drivers\aswKbd.sys
2013-07-08 07:43:23 CF6A24076F978BF9C1FE61EE8595DB66 80888 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys
2013-07-08 07:43:23 AB1403AF5CC781D5148096216DA3A2A3 377992 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys
2013-07-08 07:43:23 76A2BD420185B468B6DE89AED1EEAE40 65408 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys
2013-07-08 07:43:23 6A2D4BB9DDAA7D74839936403BB31F06 68992 ----a-w- C:\Windows\Sysnative\drivers\aswTdi.sys
2013-07-08 07:43:23 5EB2FC36BD4639097A2F9BB68C825604 1025880 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys
2013-07-08 07:43:23 4CA8E3A70263C3029935551204586701 33472 ----a-w- C:\Windows\Sysnative\drivers\aswFsBlk.sys
2013-07-08 07:43:23 24EB5B96B8D215BAC4FC280D39B73049 71064 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys
2013-07-08 07:43:23 0A83FFF1AEF6113EF8DCBB32D5014AB1 177672 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys
====== C:\Windows\Tasks ======
2013-07-08 07:44:20 32ADA11C3519DA96AB8F98D6B4BCA87F 3408 ----a-w- C:\Windows\Sysnative\Tasks\Omiga Plus RunAsStdUser
2013-07-08 07:43:21 BBAB6EED976117B9BB0DA36443D5AA7C 3924 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update
2013-07-08 07:32:08 5130A509A9C85811729FC21CD12EFEB0 3384 ----a-w- C:\Windows\Sysnative\Tasks\Desk 365 RunAsStdUser
2013-06-11 09:53:45 DCD17F3CA3C49514E05FAB0930E8EB9D 3086 ----a-w- C:\Windows\Sysnative\Tasks\{B9EBE40D-A29C-4F67-88F3-D89282F8302A}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-07-08 07:54:08 -------- d-----w- C:\Program Files\Enigma Software Group
2013-07-06 06:19:05 -------- d-----w- C:\Program Files\Common Files\ACD Systems
2013-07-06 06:19:05 -------- d-----w- C:\Program Files\ACD Systems
======= C:\Program Files (x86) =====
2013-07-08 09:39:03 -------- d-----w- C:\Program Files (x86)\MCShield
2013-07-08 08:10:08 -------- d-----w- C:\Program Files (x86)\Enigma Software Group
2013-07-08 07:44:02 -------- d-----w- C:\Program Files (x86)\WinZipper
2013-07-03 08:53:12 -------- d-----w- C:\Program Files (x86)\Photo DVD Slideshow Professional
2013-07-02 07:45:24 -------- d-----w- C:\Program Files (x86)\ArcSoft
2013-07-02 07:45:23 -------- d-----w- C:\Program Files (x86)\Common Files\ArcSoft
2013-07-02 06:38:09 -------- d-----w- C:\Program Files (x86)\DVD Photo Slideshow Professional
2013-06-20 08:18:56 -------- d-----w- C:\Program Files (x86)\Metro Last Light
2013-06-17 07:26:31 -------- d-----w- C:\Program Files (x86)\SafeSaver
2013-06-14 11:38:50 -------- d-----w- C:\Program Files (x86)\GreenTree Applications
2013-06-12 08:28:47 -------- d-----w- C:\Program Files (x86)\8monkey Labs
2013-06-12 07:17:57 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
2013-06-12 06:40:55 -------- d-----w- C:\Program Files (x86)\Star Trek
2013-06-11 13:23:21 -------- d-----w- C:\Program Files (x86)\Manual
2013-06-11 13:23:21 -------- d-----w- C:\Program Files (x86)\Common Files\Digidesign
2013-06-11 13:23:20 5811712 ----a-w- C:\Program Files (x86)\Nexus.dll
2013-06-11 13:23:20 -------- d-----w- C:\Program Files (x86)\Uninstall Nexus
======= C: =====
2013-07-08 09:32:53 093F97FDADD0C7C330E5B38BAADEDFD0 19134 ----a-w- C:\AdwCleaner[S1].txt
2013-07-08 09:32:40 77E8D75A68A83373CC5807B4260C3F37 21226 ----a-w- C:\AdwCleaner[R1].txt
2013-07-08 07:54:25 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
====== C:\Users\vinko\AppData\Roaming ======
2013-07-06 06:19:30 -------- d-----w- C:\users\vinko\AppData\Roaming\ACD Systems
2013-07-06 06:19:30 -------- d-----w- C:\users\vinko\AppData\Local\ACD Systems
2013-07-06 06:18:29 -------- d-----w- C:\users\vinko\AppData\Local\Downloaded Installations
2013-07-03 08:53:27 -------- d-----w- C:\users\vinko\AppData\Roaming\Photo DVD Slideshow
2013-07-03 08:53:13 -------- d-----w- C:\users\vinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Photo DVD Slideshow Professional
2013-07-02 07:45:33 -------- d-----w- C:\users\vinko\AppData\Local\ArcSoft
2013-07-02 07:45:09 -------- d-----w- C:\users\vinko\AppData\Roaming\ArcSoft
2013-07-02 06:38:10 -------- d-----w- C:\users\vinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Photo Slideshow Professional
2013-06-20 08:38:33 -------- d-----w- C:\users\vinko\AppData\Local\4A Games
2013-06-19 11:32:31 -------- d-----w- C:\users\vinko\AppData\Local\ApplicationHistory
2013-06-17 07:31:52 -------- d-----w- C:\users\vinko\AppData\Roaming\uTorrent
2013-06-13 06:27:50 -------- d-----w- C:\users\vinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YuRecnik
2013-06-12 06:56:34 -------- d-----w- C:\users\vinko\AppData\Roaming\StarTrekPC
====== C:\Users\vinko ======
2013-07-08 09:39:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2013-07-08 09:39:03 -------- d-----w- C:\ProgramData\MCShield
2013-07-08 09:31:33 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 ----a-w- C:\Users\vinko\Downloads\adwcleaner.exe
2013-07-08 07:51:04 EEA0B34B60632083F2A75352BAE365FB 726464 ----a-w- C:\Users\vinko\Downloads\SpyHunter-Installer.exe
2013-07-08 07:44:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
2013-07-08 07:43:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Pro Antivirus
2013-07-06 06:19:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2013-07-06 06:19:09 -------- d-----w- C:\ProgramData\ACD Systems
2013-07-02 07:45:34 -------- d-----w- C:\ProgramData\ArcSoft
2013-07-02 07:45:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Panorama Maker 6
2013-07-02 06:38:17 -------- d-----w- C:\ProgramData\Anvsoft
2013-07-02 06:38:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Photo Slideshow Professional
2013-06-17 07:51:26 075B0DA82E23780FA2DD7F2EA0464FD4 258 --sha-r- C:\Users\vinko\ntuser.pol
2013-06-14 11:38:52 -------- d-----w- C:\ProgramData\YTD Video Downloader
2013-06-12 06:44:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Trek
2013-06-11 13:23:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX

====== C: exe-files ==
2013-07-08 09:39:05 6211B1C6CE499D34C73612DA746215EE 212148 ----a-w- C:\Program Files (x86)\MCShield\MCS-uninstall.exe
2013-07-08 09:39:04 EE14F6C5305455A743A8EC8D58B39B61 2616742 ----a-w- C:\ProgramData\MCShield\MCShield-Setup.exe
2013-07-08 09:31:33 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 ----a-w- C:\Users\vinko\Downloads\adwcleaner.exe
2013-07-08 08:34:21 C39FC6F184C127F4FC5A8412BB27CB8A 573440 ----a-w- C:\Users\vinko\AppData\Local\Temp\OptimizerPro.exe
2013-07-08 08:32:47 8C8B135897470CB8DF7F34BDA3ED3538 1110212 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E2E50N7S\SevenZip-setup-on[1].exe
2013-07-08 08:32:46 E8EFB9EF24C1E0CED84CFA3C2AE9DC2F 782832 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0NP8AAT\DeltaTB[1].exe
2013-07-08 08:32:38 586C879732A6790862EC0B0BE8FBF6BD 10956254 ----a-w- C:\Users\vinko\AppData\Local\Temp\MBAW_App_Installer.exe
2013-07-08 08:27:14 0376FEDC5ADB49075343025E4ACB7923 131039 ----a-w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP\WiseCustomCalla.exe
2013-07-08 08:22:03 C5129AAED888B5A223A2425464F371FA 15397208 ----a-w- C:\Program Files (x86)\BitLord\Downloads\SpyHunter 4.1.11.0 + (zabranjeno) [dazz1][h33t]\SpyHunter.4.1.11\setup\spyhunterS.exe
2013-07-08 08:22:03 4FAEE05B33E3F48B93860D12FC7F56A8 3021720 ----a-w- C:\Program Files (x86)\BitLord\Downloads\SpyHunter 4.1.11.0 + (zabranjeno) [dazz1][h33t]\SpyHunter.4.1.11\(zabranjeno)\SpyHunter4.exe
2013-07-08 08:21:12 EE2BBFA13ABF5DA559FD7753CEC411AF 131991 ----a-w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP\WiseCustomCalla11.exe
2013-07-08 08:18:24 E1A8AEAD6FAF66FB291B6386DDEDD375 259584 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\patch.exe
2013-07-08 08:18:05 E1A8AEAD6FAF66FB291B6386DDEDD375 259584 ----a-w- C:\Program Files (x86)\BitLord\Downloads\SpyHunter 4.12.13.4202 + Patch\Patch\patch.exe
2013-07-08 08:18:05 944689AADEF12AA5778AEC6A8A72EDE4 44046416 ----a-w- C:\Program Files (x86)\BitLord\Downloads\SpyHunter 4.12.13.4202 + Patch\spyhunterS4.exe
2013-07-08 08:09:49 25D473D7805261C752DA738B13E35816 185271 ----a-w- C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCalla31.exe
2013-07-08 08:06:18 C5129AAED888B5A223A2425464F371FA 15397208 ----a-w- C:\Program Files (x86)\BitLord\Downloads\SpyHunter 4.1.11.0 + (zabranjeno)\spyhunterS.exe
2013-07-08 08:06:18 4FAEE05B33E3F48B93860D12FC7F56A8 3021720 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
2013-07-08 07:53:50 22D3D73B2FA74C01D8D1CBA813D574B8 190411 ----a-w- C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCalla37.exe
2013-07-08 07:51:12 B575AB32F77C20EB24D2EB4822B0EFBA 46646352 ----a-w- C:\Users\vinko\AppData\Local\Temp\SHSetup.exe
2013-07-08 07:51:04 EEA0B34B60632083F2A75352BAE365FB 726464 ----a-w- C:\Users\vinko\Downloads\SpyHunter-Installer.exe
2013-07-08 07:44:18 1B107CF237334E9BA5A8D980D5BC1E7E 1281720 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CJ2Q6XY\Wallpaper[1].exe
2013-07-08 07:44:15 D3CD1858930DA0B7D666658020EEF300 1461928 ----a-w- C:\Users\vinko\AppData\Local\Temp\Omigaplus\eInstall\eInstall.exe
2013-07-08 07:44:03 640D75DC77F6D0CFE654F7EA5BFE1421 386112 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78\eGdpSvc[1].exe
2013-07-08 07:42:14 008E57288E2F742F992F2C4EF8B5B758 135436440 ----a-w- C:\Users\vinko\Desktop\Avast Pro Antivirus 2013 v8.0.1482 Final + License [-=GOLDENSHARK=-]\Avast Pro 2013 v8.0.1428.exe
2013-07-08 07:38:26 8484C1CD1EC86F516F1CEDBBF8A16342 2899184 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0NP8AAT\omigaplus[1].exe
2013-07-08 07:38:25 1BEECE52530426B1067A4D98A2204350 3124032 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0NP8AAT\WinZipper[1].exe
2013-07-08 07:33:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CJ2Q6XY\OptimizerPro[2].exe
2013-07-08 07:32:11 FE6B34DA2D16E6C6D10B6C126B137C15 1212288 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78\WebCakesetup[1].exe
2013-07-08 07:31:06 FB9AE1D55B5CDDB16EE12E60418B9292 528784 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78\SoftwareUpdater[1].exe
2013-07-08 07:30:40 AD2BA9E9F4B8A4BC85654E6B735DA0CC 131956321 ----a-w- C:\Users\vinko\AppData\Local\Temp\Avast_App_Installer.exe
2013-07-08 07:21:20 47F16705F32E4F22F3EFAB0B069A0F2C 132023142 ----a-w- C:\data files\Avast PRO Antivirus 2013 v8.0.1482 Incl Key\Avast.PRO.Antivirus.2013.v8.0.1482-Setup.exe
2013-07-08 07:20:38 E565BD591BF472D62B580324164B0DAB 43545 ------w- C:\Users\vinko\AppData\Local\Temp\Setup.exe
2013-07-05 05:28:33 F10E9620F1D0EDEC56C0C1E1790CEAB9 31668328 ----a-w- C:\Users\vinko\AppData\Local\Temp\SkypeSetup.exe
2013-07-03 08:53:23 769BB98BD6D5CDD7A3F280F4CD85EA85 82177 ----a-w- C:\Program Files (x86)\Photo DVD Slideshow Professional\uninst.exe
2013-07-02 07:45:28 DC365A89B95366FE68DC41680C6EF9BA 897024 ----a-w- C:\Program Files (x86)\ArcSoft\Panorama Maker 6\PMK.exe
2013-07-02 07:45:27 8E2F605CA8FD63E95EE19EC134B336A5 323896 ----a-w- C:\Program Files (x86)\ArcSoft\Panorama Maker 6\OPHistory.exe
2013-07-02 07:45:24 672EDE5ED8FD49F8CCB9915AFCCEA962 72192 ----a-w- C:\Program Files (x86)\Common Files\ArcSoft\Media Browser\ArcMediaService.exe
2013-07-02 07:45:23 1AEB989E361AF85F5099DE3DA25457F4 56320 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{E9CBC8FA-BF1F-4956-8B75-0D314682FE5F}\Setup.exe
2013-07-02 07:45:08 B3FD01873BD5FD163AB465779271C58F 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-07-02 06:38:13 EB450B392830A32EC6165F5179EC8BA3 76398 ----a-w- C:\Program Files (x86)\DVD Photo Slideshow Professional\uninst.exe
=== C: other files ==
2013-07-08 09:33:00 FBD1D9D84539A98536228C420858FA31 88 ----a-w- C:\Windows\DeleteOnReboot.bat
2013-07-08 07:54:25 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
2013-07-08 07:54:12 64F7854468F5D54389D9E0500FD47FE8 7529344 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\SH4.com
2013-07-08 07:54:10 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\vinko\AppData\Local\Temp\ESGScanner.sys
2013-07-08 07:43:23 FA5820B2A57D098EE2DFDBF77A924A4D 22664 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2013-07-08 07:43:23 CF6A24076F978BF9C1FE61EE8595DB66 80888 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-07-08 07:43:23 AB1403AF5CC781D5148096216DA3A2A3 377992 ----a-w- C:\Windows\System32\drivers\aswSP.sys
2013-07-08 07:43:23 76A2BD420185B468B6DE89AED1EEAE40 65408 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-07-08 07:43:23 6A2D4BB9DDAA7D74839936403BB31F06 68992 ----a-w- C:\Windows\System32\drivers\aswTdi.sys
2013-07-08 07:43:23 5EB2FC36BD4639097A2F9BB68C825604 1025880 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-07-08 07:43:23 4CA8E3A70263C3029935551204586701 33472 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys
2013-07-08 07:43:23 24EB5B96B8D215BAC4FC280D39B73049 71064 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-07-08 07:43:23 0A83FFF1AEF6113EF8DCBB32D5014AB1 177672 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-07-08 07:34:22 AED66BB669FDDD6536F5FB7875BDAE56 135445706 ----a-w- C:\data files\Avast Pro Antivirus 2013 v8.0.1482 Final + License- [EC].zip
2013-07-08 07:20:38 77FD8D70DB4ADCE798E14B27B7BE1B2D 127 ----a-w- C:\Users\vinko\AppData\Local\Temp\Install.vbs
2013-07-08 07:20:30 1C2E7047DE358A375546B710AAA6F26F 148 ----a-w- C:\Users\vinko\AppData\Local\Temp\Install.bat
2013-07-06 06:20:07 D503914C4ED8654B1A48EAACEF029E15 123623 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78\prosale-EN2[1].zip
2013-07-03 12:45:27 D09B7D350A6610DEE044B6BD5399B030 87 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78\facebook[1].com
2013-07-03 10:37:30 362304E36267E4BB62448BCBFDD2BED4 85 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78\google[2].com
2013-07-03 05:59:12 542FBEE69A0836048DC774A488908A37 87 ----a-w- C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E2E50N7S\instagram[1].com

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2619906236-3488985421-1476725254-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"uTorrent"="C:\Users\vinko\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"RemoteControl9"="C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
"PDVD9LanguageShortcut"="C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
"Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2"
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe"
"PWRISOVM.EXE"="C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"uTorrent"="C:\Users\vinko\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0 /dne /s"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"ACPW06EN"="C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe /pid ACPW06EN"
"ETDCtrl"="C:\Program Files\Elantech\ETDCtrl.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12.06.2013 10:23]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22.11.2012 21:26]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22.11.2012 21:26]

==== Firefox Extensions ======================

ProfilePath: C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default
- avast WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Lavasoft Search Plugin - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

Profilepath: C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash


==== Deleting Files \ Folders ======================

"C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
hpcpjjneoenndcngkpmlffpcobobkggg - C:\Program Files (x86)\OApps\chrome-sl.crx[]
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[28.02.2013 09:33]
lfffjahnfbocnaooecgijfnbpcfekoik - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14.05.2013 13:27]

avast WebRep - vinko - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hpcpjjneoenndcngkpmlffpcobobkggg deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\vinko\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78 will be deleted at reboot
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0NP8AAT will be deleted at reboot
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\vinko\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\vinko\AppData\Local\Mozilla\Firefox\Profiles\f8luua6q.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\vinko\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\vinko\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\vinko\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Program Files (x86)\WinZipper" not found
"C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWLJZU78" not found
"C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0NP8AAT" not found

==== EOF on pon 08.07.2013 at 12:41:02,54 ======================

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Pokreni Zoek.exe jos jednom kao malopre sto si ali preko ove skripte:


resethosts;
C:\Users\vinko\AppData\Local\Temp\OptimizerPro.exe;f
C:\Users\vinko\AppData\Local\Temp\Setup.exe;f
hpcpjjneoenndcngkpmlffpcobobkggg;chr
C:\Program Files (x86)\OApps;fs
lfffjahnfbocnaooecgijfnbpcfekoik;chr
C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx;f
emptytemp;
emptyflash;
chrdefaults;
autoclean;



Postavi sveze kreiran zoek log ovde.



Dodatna Provera:

Arrow Preuzmi aswMBR i sacuvaj ga na Desktop.

Dvoklikom pokreni aswMBR.

Ukoliko dobijes sledecu poruku:
Would you like to download latest Avast! virus definitions?
Klikni na dugme Yes i pricekaj da se proces preuzimanja definicija zavrsi.


Proveri da je pod AV Scan: izabrana opcija QuickScan

Klikni na Scan.

Kada zavrsi skeniranje ( Scan finished successfully ) klikni Save log.
Sacuvaj aswMBR log na Desktop.
Sadrzaj tog loga iskopiraj u temi.

offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

Napisano: 08 Jul 2013 13:14

Zoek.exe Version 4.0.0.3 Updated 05-July-2013
Tool run by vinko on pon 08.07.2013 at 13:06:56,56.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected

==== System Restore Info ======================

8.7.2013 13:07:13 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\Users\vinko\AppData\Local\Temp\OptimizerPro.exe" not found
"C:\Users\vinko\AppData\Local\Temp\Setup.exe" not found
"C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx" not found
"C:\Program Files (x86)\OApps" not found

==== Firefox Extensions ======================

ProfilePath: C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default
- avast WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

Profilepath: C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[28.02.2013 09:33]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14.05.2013 13:27]

avast WebRep - vinko - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\users\vinko\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\users\vinko\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C7J6ATKQ will be deleted at reboot
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PP7KT1LN will be deleted at reboot
C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\vinko\AppData\Local\Mozilla\Firefox\Profiles\f8luua6q.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\vinko\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\vinko\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C7J6ATKQ" not found
"C:\Users\vinko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PP7KT1LN" not found

==== EOF on pon 08.07.2013 at 13:12:33,19 ======================

Dopuna: 08 Jul 2013 13:21



https://www.mycity.rs/must-login.png



aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-08 13:14:16
-----------------------------
13:14:16.698 OS Version: Windows x64 6.1.7601 Service Pack 1
13:14:16.698 Number of processors: 8 586 0x3A09
13:14:16.698 ComputerName: VINKO-PC UserName: vinko
13:14:18.368 Initialize success
13:14:18.461 AVAST engine defs: 13070800
13:14:24.826 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:14:24.826 Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
13:14:24.920 Disk 0 MBR read successfully
13:14:24.920 Disk 0 MBR scan
13:14:24.935 Disk 0 Windows VISTA default MBR code
13:14:24.935 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
13:14:24.935 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12442 MB offset 81920
13:14:24.951 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 375548 MB offset 25563136
13:14:24.951 Disk 0 Partition - 00 0F Extended LBA 327373 MB offset 794685440
13:14:24.982 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 327372 MB offset 794687488
13:14:24.998 Disk 0 scanning C:\Windows\system32\drivers
13:14:31.971 Service scanning
13:14:45.496 Modules scanning
13:14:45.496 Disk 0 trace - called modules:
13:14:45.527 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
13:14:45.527 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005b01790]
13:14:45.527 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> [0xfffffa8006a84cb0]
13:14:45.527 5 stdcfltn.sys[fffff88001d25d12] -> nt!IofCallDriver -> [0xfffffa8005b00340]
13:14:45.543 7 ACPI.sys[fffff88000fae7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007d8d050]
13:14:46.619 AVAST engine scan C:\Windows
13:14:48.507 AVAST engine scan C:\Windows\system32
13:16:31.643 AVAST engine scan C:\Windows\system32\drivers
13:16:37.750 AVAST engine scan C:\Users\vinko
13:18:05.557 Disk 0 MBR has been saved successfully to "C:\Users\vinko\Desktop\MBR.dat"
13:18:05.563 The log file has been saved successfully to "C:\Users\vinko\Desktop\aswMBR.txt"
13:18:29.365 AVAST engine scan C:\ProgramData
13:20:41.976 Scan finished successfully
13:21:06.582 Disk 0 MBR has been saved successfully to "C:\Users\vinko\Desktop\MBR.dat"
13:21:06.587 The log file has been saved successfully to "C:\Users\vinko\Desktop\aswMBR.txt"

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

To je to. Wink

Uklanjamo koriscene alate i njihove fajlove.

Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings


Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.

Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt

offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

# DelFix v10.3 - Logfile created 09/07/2013 at 08:06:44
# Updated 08/06/2013 by Xplode
# Username : vinko - VINKO-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\AdwCleaner[R1].txt
Deleted : C:\AdwCleaner[S1].txt
Deleted : C:\zoek-results.log
Deleted : C:\Users\vinko\Downloads\adwcleaner.exe
Deleted : C:\Users\vinko\Downloads\aswMBR(1).exe
Deleted : C:\Users\vinko\Downloads\aswMBR.exe
Deleted : C:\Users\vinko\Downloads\dds(1).scr
Deleted : C:\Users\vinko\Downloads\dds.scr
Deleted : C:\Users\vinko\Downloads\zoek.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKCU\console_combofixbackup
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #108 [Installed ACDSee Pro 6. | 07/06/2013 06:18:49]
Deleted : RP #109 [avast! Free Antivirus Instalacija | 07/08/2013 07:01:43]
Deleted : RP #110 [avast! Pro Antivirus Instalacija | 07/08/2013 07:42:34]
Deleted : RP #111 [Installed SpyHunter | 07/08/2013 07:53:52]
Deleted : RP #112 [Installed SpyHunter | 07/08/2013 08:09:16]
Deleted : RP #113 [Removed SpyHunter | 07/08/2013 08:21:01]
Deleted : RP #114 [Installed SpyHunter | 07/08/2013 08:22:36]
Deleted : RP #115 [Removed SpyHunter | 07/08/2013 08:27:06]
Deleted : RP #116 [zoek.exe restore point | 07/08/2013 11:07:05]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

Ko je trenutno na forumu
 

Ukupno su 1130 korisnika na forumu :: 56 registrovanih, 11 sakrivenih i 1063 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: amaterSRB, babaroga, Ben Roj, bobomicek, BraneS, cikadeda, dankisha, DejanSt, dekan.m, djboj, djordje92sm, Dogma21, DonRumataEstorski, Dorcolac, dragan_mig31, Draganeli, Džordžino, Excalibur13, goxin, HogarStrashni, ILGromovnik, JOntra, jukeboxer, kikisp, kolle.the.kid, Komentator, Koridor, Kubovac, Leonov, mean_machine, mercedesamg, Mi lao shu, mikrimaus, milenko crazy north, milimoj, mnn2, moldway, nebojsag, Nemanja.M, pedjolino76, raptorsi, rovac, sasa87, solic, Toper, Tvrtko I, UAV operator, Udvar, vathra, Vatreni Zmaj, Viktor Petrenko, virked, Vlad000, vukovi, wizzardone, šumar bk2