MyCity » Ambulanta -> Arhiva Ambulante » Komp pun virusa, nepotrebnih programa itd..

Komp pun virusa, nepotrebnih programa itd..

Napisano na dan: 21.6.2014

Strana:
1
2

Komp pun virusa, nepotrebnih programa itd..

Sledeća strana

Pagination

Odgovori

Strana:
1
2

DenySRB Poslao: 21 Jun 2014 16:57 Idi na vrh
offline DenySRB Građanin Pridružio: 08 Maj 2014 Poruke: 98	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Komp je prepunjen sa puno nepotrebnih programa, pun je i virusa. Sporo se pali, dok ocita ikonice na desktopu treba mu 15 min... Hardverski delovi su mu jaki... Otvaranje browsera izuzetno sporo... Potrebno je ocistiti komp od virusa, i tih programa i igrica... [Link mogu videti samo ulogovani korisnici] Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01 Ran by JA (administrator) on JA-PC on 21-06-2014 16:50:05 Running from C:\Users\JA\Desktop Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: [Link mogu videti samo ulogovani korisnici] Download link for 64-Bit Version: [Link mogu videti samo ulogovani korisnici] Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (http://www.express-files.com/) C:\Program Files (x86)\ExpressFiles\EFUpdater.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Yontoo LLC) C:\Users\JA\AppData\Roaming\Yontoo\YontooDesktop.exe (Skillbrains) C:\Users\JA\AppData\Local\Skillbrains\lightshot\5.1.2.5\Lightshot.exe (Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe (BitTorrent Inc.) C:\Users\JA\AppData\Roaming\BitTorrent\BitTorrent.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Symantec Corporation) C:\Users\Public\Downloads\Norton\{NISADM-B201-4abb-B07C-C084B04B4F12}\Setup.exe (Smart PC Solutions) C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe (Bandoo Media Inc.) C:\Users\JA\AppData\Local\iLivid\iLivid.exe (Smart PC Solutions) C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Dropbox, Inc.) C:\Users\JA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1 HKLM\...\Run: [svchost] => regsvr32 /s "C:\Temp:00015733.dat" HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1686528 2012-03-27] (Wondershare) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-06-17] (AVAST Software) HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Facebook Update] => C:\Users\JA\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-08] (Facebook Inc.) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Yontoo Desktop] => C:\Users\JA\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-13] (Yontoo LLC) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [LightShot] => C:\Users\JA\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226592 2014-03-06] () HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Allmyapps] => C:\Users\JA\AppData\Roaming\Allmyapps\Allmyapps.exe [7322488 2014-04-06] (Allmyapps SAS) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Allmyapps Update] => C:\Users\JA\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [320888 2014-04-06] (Allmyapps SAS) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [] => "" /XML="C:\Users\JA\AppData\Local\Temp\34D5.tmp" /ROS /STP=0:2 <===== ATTENTION HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [BitTorrent] => C:\Users\JA\AppData\Roaming\BitTorrent\BitTorrent.exe [1240664 2014-04-29] (BitTorrent Inc.) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [PC Speed Maximizer] => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [135792 2013-10-30] (Smart PC Solutions) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1 HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [svchost] => regsvr32 /s "C:\Temp:00015733.dat" HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Norton Download Manager{NISADM-B201-4abb-B07C-C084B04B4F12}] => C:\Users\Public\Downloads\Norton\{NISADM-B201-4abb-B07C-C084B04B4F12}\Setup.exe [915768 2014-06-10] (Symantec Corporation) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [iLivid] => C:\Users\JA\AppData\Local\iLivid\iLivid.exe [7913472 2014-05-25] (Bandoo Media Inc.) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\MountPoints2: {a79b5e6d-922e-11e3-a198-002421e0804c} - J:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083 HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\MountPoints2: {db0bc543-cab7-11e2-8d0d-002421e0804c} - E:\Windows\AutoRun.exe IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\JA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\JA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\JA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk ShortcutTarget: IMVU.lnk -> C:\Users\JA\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File) Startup: C:\Users\JA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe () ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAB6250E4A022CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-rs HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = [Link mogu videti samo ulogovani korisnici] URLSearchHook: HKLM-x32 - uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTo0.dll (Conduit Ltd.) URLSearchHook: HKCU - uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTo0.dll (Conduit Ltd.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&affID=119292&babsrc=SP_ss_bay2g&mntrId=E805002421E0804C SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0DE497C0-4292-46EF-98E0-A919EF677260} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN22510046841569228&UM=1 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&affID=119292&babsrc=SP_ss_bay2g&mntrId=E805002421E0804C BHO: Speed Test (4354) - {11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} - C:\Program Files (x86)\Speed Test (4354)\ScriptHost64.dll () BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Speed Test (4354) - {11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} - C:\Program Files (x86)\Speed Test (4354)\ScriptHost.dll () BHO-x32: Speed Analysis 2 - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll (SpeedAnalysis.com) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTo0.dll (Conduit Ltd.) BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: smartdownloader Class - {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - C:\Program Files (x86)\PutLockerDownloader\smarterdownloader.dll (TODO: <Company name>) BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com) Toolbar: HKLM-x32 - uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTo0.dll (Conduit Ltd.) Toolbar: HKCU - No Name - {96F454EA-9D38-474F-B504-56193E00C1A5} - No File Tcpip\Parameters: [DhcpNameServer] 178.79.20.6 178.79.0.3 FireFox: ======== FF ProfilePath: C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default FF NewTab: user_pref("browser.newtab.url", ""); FF DefaultSearchEngine: Ask Web Search FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", ""); FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", ""); FF Homepage: [Link mogu videti samo ulogovani korisnici] FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll () FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\JA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\JA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF user.js: detected! => C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\user.js FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF SearchPlugin: C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\searchplugins\babylon.xml FF SearchPlugin: C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\searchplugins\BrowserProtect.xml FF SearchPlugin: C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\searchplugins\delta.xml FF Extension: 7Go - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\7go@7go.com [2014-01-04] FF Extension: Delta Toolbar - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\ffxtlbr@delta.com [2013-03-22] FF Extension: Yontoo - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\plugin@yontoo.com [2013-03-22] FF Extension: Speed Analysis 2 - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\speedanalysis02@SpeedAnalysis.com [2014-01-03] FF Extension: Speed Test 127 - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\speedtest4354@BestOffers [2014-01-04] FF Extension: uTorrentControl_v6 - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} [2013-09-14] FF Extension: 7Go - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\7go@7go.com.xpi [2013-10-07] FF Extension: Yontoo - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\plugin@yontoo.com.xpi [2013-02-20] FF Extension: PutLockerDownloader - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\putlockerdownloader@putlockerdownloader.com.xpi [2012-11-06] FF Extension: Speed Analysis 2 - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\speedanalysis02@SpeedAnalysis.com.xpi [2013-10-07] FF Extension: Speed Test 127 - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\speedtest4354@BestOffers.xpi [2014-01-03] FF Extension: Update My Browser - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\{cc8f597b-0765-404e-a575-82aefbd81daf}.xpi [2013-02-09] FF Extension: Adblock Plus - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-07] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-25] FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= CHR HomePage: [Link mogu videti samo ulogovani korisnici] CHR StartupUrls: "hxxp://www.enhanced-search.com/?affID=119292&babsrc=HP_ss_mib2&mntrId=E805002421E0804C" CHR DefaultSearchKeyword: ask.com CHR DefaultSearchProvider: Ask.com CHR DefaultSearchURL: [Link mogu videti samo ulogovani korisnici]{searchTerms} CHR DefaultNewTabURL: CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\JA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Google Docs) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-17] CHR Extension: (Google Drive) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-17] CHR Extension: (PutLockerDownloader) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfdadfinodckpcehhdhjlgiphgnbfci [2013-03-17] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23] CHR Extension: (YouTube) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-17] CHR Extension: (McAfee Security Scan+) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-03-14] CHR Extension: (uTorrentControl_v6) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp [2013-03-30] CHR Extension: (Google Search) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-17] CHR Extension: (Speed Analysis 2) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf [2013-08-20] CHR Extension: (Delta Toolbar) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-03-23] CHR Extension: (7Go) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjajpkikblccgefaibcafkfbanllpefi [2013-08-20] CHR Extension: (Yontoo) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc [2013-03-23] CHR Extension: (Google Wallet) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Gmail) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-17] CHR HKCU\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\JA\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-03-26] CHR HKLM-x32\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Users\JA\AppData\Local\ilividmoviestoolbar20\GC\toolbar.crx [2014-04-18] CHR HKLM-x32\...\Chrome\Extension: [apfdadfinodckpcehhdhjlgiphgnbfci] - C:\Program Files (x86)\PutLockerDownloader\putlockerdownloader10.crx [2012-11-06] CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\JA\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-03-26] CHR HKLM-x32\...\Chrome\Extension: [dgjkhjdcljddbedokogakmmdjgnbeanf] - C:\Users\JA\AppData\Roaming\SpeedAnalysis2\SpeedAnalysis.crx [2013-06-11] CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\JA\AppData\Roaming\BabSolution\CR\Delta.crx [2013-03-22] CHR HKLM-x32\...\Chrome\Extension: [gjajpkikblccgefaibcafkfbanllpefi] - C:\Users\JA\AppData\Roaming\7go\7go.crx [2013-07-30] CHR HKLM-x32\...\Chrome\Extension: [jljheddigenhleadfofeccneimcmlefp] - C:\Users\JA\AppData\Roaming\speedtest4354\speedtest4354.crx [2013-10-15] CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2013-03-22] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-17] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-06-17] (AVAST Software) S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.) S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.) R2 DatamngrCoordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3573248 2014-06-11] (Bandoo Media Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-17] () S2 TeamViewer9; "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" [X] ==================== Drivers (Whitelisted) ==================== R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-17] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-06-17] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-17] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-06-21] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-17] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-17] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-21] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-21] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-21] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-17] () R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-25] (DT Soft Ltd) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-12] (Symantec Corporation) R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc2.cfg [41848 2014-06-11] (Bandoo Media Inc.) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-21 16:50 - 2014-06-21 16:51 - 00028998 _____ () C:\Users\JA\Desktop\FRST.txt 2014-06-21 16:49 - 2014-06-21 16:50 - 00000000 ____D () C:\FRST 2014-06-21 16:46 - 2014-06-21 16:46 - 02083328 _____ (Farbar) C:\Users\JA\Desktop\FRST64.exe 2014-06-20 14:42 - 2014-06-21 12:46 - 00003112 _____ () C:\Windows\System32\Tasks\RDReminder 2014-06-20 14:41 - 2014-06-20 14:41 - 00000000 ____D () C:\Users\JA\AppData\Roaming\AVAST Software 2014-06-18 03:54 - 2014-06-18 03:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-17 22:40 - 2014-06-21 12:46 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-06-17 22:40 - 2014-06-17 22:40 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1403347554015 2014-06-17 22:40 - 2014-06-17 22:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-17 22:40 - 2014-06-17 22:40 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-17 22:39 - 2014-06-21 12:46 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndisflt.sys 2014-06-17 22:39 - 2014-06-17 22:39 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndisflt.sys.1403347554015 2014-06-17 22:31 - 2014-01-22 15:52 - 00270824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys 2014-06-17 22:31 - 2014-01-22 15:52 - 00131232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFW.sys 2014-06-17 22:29 - 2014-06-17 22:41 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk 2014-06-14 00:54 - 2014-06-14 00:54 - 00000000 ____D () C:\Users\JA\AppData\Local\2K Games 2014-06-14 00:47 - 2014-06-14 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games 2014-06-11 22:52 - 2014-06-11 22:52 - 00000999 _____ () C:\Users\JA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk 2014-06-11 22:49 - 2014-06-21 16:43 - 00000000 ____D () C:\ProgramData\Datamngr 2014-06-11 22:49 - 2014-06-11 22:49 - 00000000 ____D () C:\Users\JA\AppData\Local\ilividmoviestoolbar20 2014-06-11 22:49 - 2014-06-11 22:49 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar 2014-06-11 22:47 - 2014-06-11 22:51 - 00000000 ____D () C:\Users\JA\AppData\Local\iLivid 2014-06-11 22:47 - 2014-06-11 22:48 - 01312360 _____ (VideoPerformer) C:\Users\JA\Downloads\VideoPerformerSetup.exe 2014-06-11 22:45 - 2014-06-11 22:46 - 01681384 _____ (Bandoo Media Inc) C:\Users\JA\Downloads\iLividSetup-r706-n-bc.exe 2014-06-10 17:36 - 2014-06-21 12:25 - 00001114 _____ () C:\Users\JA\Desktop\Norton Download Manager.lnk 2014-06-07 22:09 - 2014-06-07 22:09 - 00000000 ____D () C:\Users\JA\AppData\Local\PAYDAY 2 (Demo) 2014-06-07 21:24 - 2014-06-07 21:24 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-06-07 21:24 - 2014-06-07 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-06-07 21:23 - 2014-06-07 21:23 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-06-07 20:34 - 2014-06-21 12:43 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-06-07 20:34 - 2014-06-07 20:34 - 01141680 _____ () C:\Users\JA\Downloads\SteamSetup.exe 2014-06-07 20:34 - 2014-06-07 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-06-07 20:19 - 2014-06-07 20:19 - 06554576 _____ (Microsoft Corporation) C:\Users\JA\Downloads\vcredist_x86.exe 2014-06-07 20:19 - 2014-06-07 20:19 - 01453976 _____ (Microsoft Corporation) C:\Users\JA\Downloads\vcredist_arm.exe 2014-06-07 20:16 - 2014-06-07 20:20 - 00000000 ____D () C:\ProgramData\Package Cache 2014-06-07 20:14 - 2014-06-07 20:14 - 07186992 _____ (Microsoft Corporation) C:\Users\JA\Downloads\vcredist_x64.exe 2014-06-07 20:12 - 2014-06-07 20:13 - 00053024 _____ () C:\Users\JA\Downloads\dffsetup-msvcr110.exe 2014-06-07 20:09 - 2014-06-07 20:09 - 00040323 _____ () C:\Users\JA\Downloads\PAYDAY.2.(zabranjeno).ONLY.FLT.rar 2014-06-07 19:57 - 2014-06-07 19:57 - 00000830 _____ () C:\Users\Public\Desktop\Pay Day 2 beta.lnk 2014-06-07 19:57 - 2014-06-07 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pay Day 2 beta 2014-05-31 17:50 - 2014-05-31 17:50 - 00000000 ____D () C:\Users\JA\AppData\Local\Activision 2014-05-24 21:34 - 2014-05-24 21:34 - 00000000 ____D () C:\Users\JA\AppData\Local\Skype 2014-05-24 21:33 - 2014-05-24 21:33 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-05-24 21:33 - 2014-05-24 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ==================== One Month Modified Files and Folders ======= 2014-06-21 16:51 - 2014-06-21 16:50 - 00028998 _____ () C:\Users\JA\Desktop\FRST.txt 2014-06-21 16:50 - 2014-06-21 16:49 - 00000000 ____D () C:\FRST 2014-06-21 16:50 - 2013-07-12 22:29 - 00000000 ____D () C:\Users\JA\AppData\Roaming\BitTorrent 2014-06-21 16:46 - 2014-06-21 16:46 - 02083328 _____ (Farbar) C:\Users\JA\Desktop\FRST64.exe 2014-06-21 16:46 - 2009-07-14 06:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-21 16:46 - 2009-07-14 06:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-21 16:45 - 2013-06-15 22:15 - 00000000 ____D () C:\Users\JA\Desktop\Virtual Dub 2014-06-21 16:43 - 2014-06-11 22:49 - 00000000 ____D () C:\ProgramData\Datamngr 2014-06-21 16:31 - 2013-01-08 23:26 - 00000916 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2228611659-2385433343-1400175593-1000UA.job 2014-06-21 16:29 - 2013-03-17 12:58 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-21 16:19 - 2012-12-25 17:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-21 16:10 - 2013-06-17 09:05 - 00000382 _____ () C:\Windows\Tasks\update-sys.job 2014-06-21 15:27 - 2013-03-22 23:20 - 00000000 ____D () C:\Users\JA\AppData\Roaming\Yontoo 2014-06-21 15:01 - 2013-08-20 01:02 - 00000270 _____ () C:\Windows\Tasks\PC Performer_DEFAULT.job 2014-06-21 14:57 - 2012-12-26 01:28 - 01748516 _____ () C:\Windows\WindowsUpdate.log 2014-06-21 13:50 - 2013-06-17 09:05 - 00000382 _____ () C:\Windows\Tasks\update-S-1-5-21-2228611659-2385433343-1400175593-1000.job 2014-06-21 12:46 - 2014-06-20 14:42 - 00003112 _____ () C:\Windows\System32\Tasks\RDReminder 2014-06-21 12:46 - 2014-06-17 22:40 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-06-21 12:46 - 2014-06-17 22:39 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndisflt.sys 2014-06-21 12:46 - 2013-10-02 19:08 - 00003118 _____ () C:\Windows\System32\Tasks\PC Performer 2014-06-21 12:46 - 2012-12-25 17:27 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-06-21 12:46 - 2012-12-25 17:27 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-06-21 12:43 - 2014-06-07 20:34 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-06-21 12:43 - 2013-11-23 19:50 - 00000000 ____D () C:\ProgramData\Norton 2014-06-21 12:35 - 2012-12-25 16:55 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-06-21 12:27 - 2014-05-17 14:15 - 00000000 ____D () C:\Users\JA\AppData\Roaming\DropboxMaster 2014-06-21 12:27 - 2013-09-27 23:48 - 00000000 ___RD () C:\Users\JA\Dropbox 2014-06-21 12:27 - 2013-09-27 23:41 - 00000000 ____D () C:\Users\JA\AppData\Roaming\Dropbox 2014-06-21 12:26 - 2013-08-01 14:12 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-06-21 12:25 - 2014-06-10 17:36 - 00001114 _____ () C:\Users\JA\Desktop\Norton Download Manager.lnk 2014-06-21 12:25 - 2014-03-08 08:44 - 00001310 _____ () C:\Users\JA\Desktop\Norton Installation Files.lnk 2014-06-21 12:23 - 2013-03-17 12:58 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-21 12:23 - 2012-12-25 16:55 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-21 12:23 - 2010-11-21 05:47 - 00685492 _____ () C:\Windows\PFRO.log 2014-06-21 12:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-21 12:23 - 2009-07-14 06:51 - 00127482 _____ () C:\Windows\setupact.log 2014-06-20 22:31 - 2013-01-08 23:26 - 00000894 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2228611659-2385433343-1400175593-1000Core.job 2014-06-20 20:11 - 2012-12-25 17:22 - 00000000 ____D () C:\Users\JA\AppData\Roaming\Skype 2014-06-20 14:41 - 2014-06-20 14:41 - 00000000 ____D () C:\Users\JA\AppData\Roaming\AVAST Software 2014-06-20 14:36 - 2013-11-23 19:50 - 00000400 ____H () C:\Windows\Tasks\Norton Security Scan for JA.job 2014-06-20 14:36 - 2012-12-25 17:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-20 10:57 - 2013-10-15 22:17 - 00000392 _____ () C:\Windows\Tasks\AllmyappsUpdateTask.job 2014-06-18 03:54 - 2014-06-18 03:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-18 01:02 - 2013-08-20 01:02 - 00000278 _____ () C:\Windows\Tasks\PC Performer_UPDATES.job 2014-06-17 22:41 - 2014-06-17 22:29 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk 2014-06-17 22:40 - 2014-06-17 22:40 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1403347554015 2014-06-17 22:40 - 2014-06-17 22:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-17 22:40 - 2014-06-17 22:40 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-17 22:40 - 2013-03-24 23:09 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-06-17 22:40 - 2013-03-24 23:08 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-06-17 22:40 - 2012-12-25 17:27 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1403347554015 2014-06-17 22:40 - 2012-12-25 17:27 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1403347554015 2014-06-17 22:40 - 2012-12-25 17:27 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-06-17 22:40 - 2012-12-25 17:27 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-06-17 22:40 - 2012-12-25 17:27 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-06-17 22:39 - 2014-06-17 22:39 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndisflt.sys.1403347554015 2014-06-17 22:39 - 2013-03-24 23:09 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-06-17 22:34 - 2012-12-25 17:26 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-17 22:31 - 2012-12-25 17:27 - 00000000 _____ () C:\Windows\SysWOW64\config.nt 2014-06-15 02:24 - 2013-03-17 12:58 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-15 02:24 - 2013-03-17 12:58 - 00003634 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-14 22:01 - 2014-02-17 13:30 - 00000286 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job 2014-06-14 00:54 - 2014-06-14 00:54 - 00000000 ____D () C:\Users\JA\AppData\Local\2K Games 2014-06-14 00:52 - 2012-12-25 17:07 - 00565493 _____ () C:\Windows\DirectX.log 2014-06-14 00:47 - 2014-06-14 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games 2014-06-12 19:30 - 2013-03-17 13:02 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-11 22:52 - 2014-06-11 22:52 - 00000999 _____ () C:\Users\JA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk 2014-06-11 22:51 - 2014-06-11 22:47 - 00000000 ____D () C:\Users\JA\AppData\Local\iLivid 2014-06-11 22:49 - 2014-06-11 22:49 - 00000000 ____D () C:\Users\JA\AppData\Local\ilividmoviestoolbar20 2014-06-11 22:49 - 2014-06-11 22:49 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar 2014-06-11 22:48 - 2014-06-11 22:47 - 01312360 _____ (VideoPerformer) C:\Users\JA\Downloads\VideoPerformerSetup.exe 2014-06-11 22:46 - 2014-06-11 22:45 - 01681384 _____ (Bandoo Media Inc) C:\Users\JA\Downloads\iLividSetup-r706-n-bc.exe 2014-06-11 22:03 - 2014-02-17 13:30 - 00000270 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job 2014-06-11 08:21 - 2013-03-22 23:20 - 00000000 ____D () C:\Program Files (x86)\Yontoo 2014-06-09 08:09 - 2012-12-25 17:08 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-07 22:09 - 2014-06-07 22:09 - 00000000 ____D () C:\Users\JA\AppData\Local\PAYDAY 2 (Demo) 2014-06-07 21:24 - 2014-06-07 21:24 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-06-07 21:24 - 2014-06-07 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-06-07 21:24 - 2014-02-28 22:20 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-06-07 21:23 - 2014-06-07 21:23 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-06-07 20:34 - 2014-06-07 20:34 - 01141680 _____ () C:\Users\JA\Downloads\SteamSetup.exe 2014-06-07 20:34 - 2014-06-07 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-06-07 20:20 - 2014-06-07 20:16 - 00000000 ____D () C:\ProgramData\Package Cache 2014-06-07 20:19 - 2014-06-07 20:19 - 06554576 _____ (Microsoft Corporation) C:\Users\JA\Downloads\vcredist_x86.exe 2014-06-07 20:19 - 2014-06-07 20:19 - 01453976 _____ (Microsoft Corporation) C:\Users\JA\Downloads\vcredist_arm.exe 2014-06-07 20:14 - 2014-06-07 20:14 - 07186992 _____ (Microsoft Corporation) C:\Users\JA\Downloads\vcredist_x64.exe 2014-06-07 20:13 - 2014-06-07 20:12 - 00053024 _____ () C:\Users\JA\Downloads\dffsetup-msvcr110.exe 2014-06-07 20:09 - 2014-06-07 20:09 - 00040323 _____ () C:\Users\JA\Downloads\PAYDAY.2.(zabranjeno).ONLY.FLT.rar 2014-06-07 19:57 - 2014-06-07 19:57 - 00000830 _____ () C:\Users\Public\Desktop\Pay Day 2 beta.lnk 2014-06-07 19:57 - 2014-06-07 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pay Day 2 beta 2014-06-03 15:36 - 2013-06-17 09:05 - 00003278 _____ () C:\Windows\System32\Tasks\update-sys 2014-06-02 20:23 - 2014-02-15 01:05 - 00000000 ____D () C:\Users\JA\AppData\Roaming\uTorrent 2014-06-02 17:14 - 2013-06-17 09:05 - 00003250 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-2228611659-2385433343-1400175593-1000 2014-06-02 17:13 - 2013-06-17 09:05 - 00000430 _____ () C:\Users\JA\AppData\Local\UserProducts.xml 2014-06-02 17:13 - 2013-06-17 09:05 - 00000000 ____D () C:\Users\JA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot 2014-05-31 17:51 - 2013-07-21 23:41 - 00000000 ____D () C:\Users\JA\Documents\My Games 2014-05-31 17:50 - 2014-05-31 17:50 - 00000000 ____D () C:\Users\JA\AppData\Local\Activision 2014-05-31 17:47 - 2014-03-04 20:46 - 00000000 ____D () C:\temp 2014-05-31 16:57 - 2013-08-20 19:18 - 00000000 ____D () C:\Users\JA\AppData\Local\My Games 2014-05-31 15:01 - 2014-02-15 14:19 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-05-31 15:01 - 2013-07-21 23:32 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-05-30 23:44 - 2013-09-27 23:44 - 00000000 ____D () C:\Users\JA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-30 23:37 - 2012-12-25 16:37 - 00000000 ____D () C:\Users\JA 2014-05-24 21:34 - 2014-05-24 21:34 - 00000000 ____D () C:\Users\JA\AppData\Local\Skype 2014-05-24 21:33 - 2014-05-24 21:33 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-05-24 21:33 - 2014-05-24 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-24 21:33 - 2012-12-25 17:22 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-24 21:33 - 2012-12-25 17:22 - 00000000 ____D () C:\ProgramData\Skype Some content of TEMP: ==================== C:\Users\JA\AppData\Local\Temp\AskInstallChecker.exe C:\Users\JA\AppData\Local\Temp\AutoRun.exe C:\Users\JA\AppData\Local\Temp\AutoRunGUI.dll C:\Users\JA\AppData\Local\Temp\CoJBiBLauncher.exe C:\Users\JA\AppData\Local\Temp\conduitinstaller.exe C:\Users\JA\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8zobcy.dll C:\Users\JA\AppData\Local\Temp\DSETUP.dll C:\Users\JA\AppData\Local\Temp\dsetup32.dll C:\Users\JA\AppData\Local\Temp\DXSETUP.exe C:\Users\JA\AppData\Local\Temp\HighAurum_bs.exe C:\Users\JA\AppData\Local\Temp\htmlayout.dll C:\Users\JA\AppData\Local\Temp\install_helper.exe C:\Users\JA\AppData\Local\Temp\SearchHelper.exe C:\Users\JA\AppData\Local\Temp\setup_fsu_cid.exe C:\Users\JA\AppData\Local\Temp\SIntf16.dll C:\Users\JA\AppData\Local\Temp\SIntf32.dll C:\Users\JA\AppData\Local\Temp\SIntfNT.dll C:\Users\JA\AppData\Local\Temp\SkypeSetup.exe C:\Users\JA\AppData\Local\Temp\Softango Downloader213706.exe C:\Users\JA\AppData\Local\Temp\steam404.exe C:\Users\JA\AppData\Local\Temp\swt-win32-3349.dll C:\Users\JA\AppData\Local\Temp\toolbar71275000.exe C:\Users\JA\AppData\Local\Temp\toolbar71276062.exe C:\Users\JA\AppData\Local\Temp\ubi77EB.tmp.exe C:\Users\JA\AppData\Local\Temp\uninstall262640.exe C:\Users\JA\AppData\Local\Temp\uninstall270437.exe C:\Users\JA\AppData\Local\Temp\uninstall270468.exe C:\Users\JA\AppData\Local\Temp\update159437.exe C:\Users\JA\AppData\Local\Temp\update165359.exe C:\Users\JA\AppData\Local\Temp\uttDCBF.tmp.exe C:\Users\JA\AppData\Local\Temp\war3_install.exe C:\Users\JA\AppData\Local\Temp\YontooSetup-S.exe C:\Users\JA\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_1112.exe C:\Users\JA\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_2795.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-18 14:24 ==================== End Of Log ============================ [Link mogu videti samo ulogovani korisnici]

Profil

TwinHeadedEagle Poslao: 21 Jun 2014 17:26 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt Zatim ponovo pokreni FRST, obelezi Addition.txt, klikni Scan i dostavi mi ponovo oba izvestaja.

Profil

DenySRB Poslao: 21 Jun 2014 20:26 Idi na vrh
offline DenySRB Građanin Pridružio: 08 Maj 2014 Poruke: 98	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: [Link mogu videti samo ulogovani korisnici] Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01 Ran by JA (administrator) on JA-PC on 21-06-2014 20:21:19 Running from C:\Users\JA\Desktop Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: [Link mogu videti samo ulogovani korisnici] Download link for 64-Bit Version: [Link mogu videti samo ulogovani korisnici] Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (BitTorrent Inc.) C:\Users\JA\AppData\Roaming\BitTorrent\BitTorrent.exe (Dll-FIles.Com) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Dropbox, Inc.) C:\Users\JA\AppData\Roaming\Dropbox\bin\Dropbox.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1 HKLM\...\Run: [svchost] => regsvr32 /s "C:\Temp:00015733.dat" HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1686528 2012-03-27] (Wondershare) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-21] (AVAST Software) HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Facebook Update] => C:\Users\JA\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-08] (Facebook Inc.) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [LightShot] => C:\Users\JA\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Allmyapps] => C:\Users\JA\AppData\Roaming\Allmyapps\Allmyapps.exe [7322488 2014-04-06] (Allmyapps SAS) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Allmyapps Update] => C:\Users\JA\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [320888 2014-04-06] (Allmyapps SAS) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [] => "" /XML="C:\Users\JA\AppData\Local\Temp\34D5.tmp" /ROS /STP=0:2 <===== ATTENTION HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [BitTorrent] => C:\Users\JA\AppData\Roaming\BitTorrent\BitTorrent.exe [1240664 2014-04-29] (BitTorrent Inc.) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1 HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [svchost] => regsvr32 /s "C:\Temp:00015733.dat" HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\MountPoints2: {a79b5e6d-922e-11e3-a198-002421e0804c} - J:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083 HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\MountPoints2: {db0bc543-cab7-11e2-8d0d-002421e0804c} - E:\Windows\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\JA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\JA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\JA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk ShortcutTarget: IMVU.lnk -> C:\Users\JA\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File) Startup: C:\Users\JA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe () ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAB6250E4A022CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-rs StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {0DE497C0-4292-46EF-98E0-A919EF677260} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN22510046841569228&UM=1 BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Tcpip\Parameters: [DhcpNameServer] 178.79.20.6 178.79.0.3 FireFox: ======== FF ProfilePath: C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default FF NewTab: user_pref("browser.newtab.url", ""); FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", ""); FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", ""); FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll () FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\JA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\JA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF Extension: Speed Test 127 - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\speedtest4354@BestOffers [2014-01-04] FF Extension: 7Go - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\7go@7go.com.xpi [2013-10-07] FF Extension: PutLockerDownloader - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\putlockerdownloader@putlockerdownloader.com.xpi [2012-11-06] FF Extension: Speed Test 127 - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\speedtest4354@BestOffers.xpi [2014-01-03] FF Extension: Update My Browser - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\{cc8f597b-0765-404e-a575-82aefbd81daf}.xpi [2013-02-09] FF Extension: Adblock Plus - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-07] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-25] FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= CHR HomePage: [Link mogu videti samo ulogovani korisnici] CHR StartupUrls: "hxxp://www.enhanced-search.com/?affID=119292&babsrc=HP_ss_mib2&mntrId=E805002421E0804C" CHR DefaultSearchKeyword: enhanced-search.com CHR DefaultSearchProvider: Search the web CHR DefaultSearchURL: [Link mogu videti samo ulogovani korisnici]{searchTerms}&affID=119292&babsrc=SP_ss_mib2&mntrId=E805002421E0804C CHR DefaultNewTabURL: CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\JA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Google Docs) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-17] CHR Extension: (Google Drive) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-17] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23] CHR Extension: (YouTube) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-17] CHR Extension: (Google Search) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-17] CHR Extension: (Google Wallet) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Gmail) - C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-17] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-17] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-06-17] (AVAST Software) S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-17] () S2 TeamViewer9; "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" [X] ==================== Drivers (Whitelisted) ==================== R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-17] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-06-17] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-17] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-06-21] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-17] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-17] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-21] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-21] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-21] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-17] () R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-25] (DT Soft Ltd) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-12] (Symantec Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-21 20:12 - 2014-06-21 20:12 - 00044103 _____ () C:\Users\JA\Desktop\AdwCleaner[S0].txt 2014-06-21 19:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-06-21 19:58 - 2014-06-21 20:02 - 00000000 ____D () C:\AdwCleaner 2014-06-21 19:57 - 2014-06-21 19:57 - 01333465 _____ () C:\Users\JA\Downloads\adwcleaner_3.212.exe 2014-06-21 16:53 - 2014-06-21 16:54 - 00032182 _____ () C:\Users\JA\Desktop\Addition.txt 2014-06-21 16:50 - 2014-06-21 20:21 - 00019564 _____ () C:\Users\JA\Desktop\FRST.txt 2014-06-21 16:49 - 2014-06-21 20:21 - 00000000 ____D () C:\FRST 2014-06-21 16:46 - 2014-06-21 16:46 - 02083328 _____ (Farbar) C:\Users\JA\Desktop\FRST64.exe 2014-06-20 14:42 - 2014-06-21 20:20 - 00003112 _____ () C:\Windows\System32\Tasks\RDReminder 2014-06-20 14:41 - 2014-06-20 14:41 - 00000000 ____D () C:\Users\JA\AppData\Roaming\AVAST Software 2014-06-18 03:54 - 2014-06-18 03:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-17 22:40 - 2014-06-21 12:46 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-06-17 22:40 - 2014-06-17 22:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-17 22:40 - 2014-06-17 22:40 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-17 22:39 - 2014-06-21 12:46 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndisflt.sys 2014-06-17 22:39 - 2014-06-17 22:39 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndisflt.sys.1403347554015 2014-06-17 22:31 - 2014-01-22 15:52 - 00270824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys 2014-06-17 22:31 - 2014-01-22 15:52 - 00131232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFW.sys 2014-06-17 22:29 - 2014-06-17 22:41 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk 2014-06-14 00:54 - 2014-06-14 00:54 - 00000000 ____D () C:\Users\JA\AppData\Local\2K Games 2014-06-14 00:47 - 2014-06-14 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games 2014-06-11 22:49 - 2014-06-11 22:49 - 00000000 ____D () C:\Users\JA\AppData\Local\ilividmoviestoolbar20 2014-06-11 22:49 - 2014-06-11 22:49 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar 2014-06-11 22:47 - 2014-06-11 22:48 - 01312360 _____ (VideoPerformer) C:\Users\JA\Downloads\VideoPerformerSetup.exe 2014-06-11 22:45 - 2014-06-11 22:46 - 01681384 _____ (Bandoo Media Inc) C:\Users\JA\Downloads\iLividSetup-r706-n-bc.exe 2014-06-07 22:09 - 2014-06-07 22:09 - 00000000 ____D () C:\Users\JA\AppData\Local\PAYDAY 2 (Demo) 2014-06-07 21:24 - 2014-06-07 21:24 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-06-07 21:24 - 2014-06-07 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-06-07 21:23 - 2014-06-07 21:23 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-06-07 20:34 - 2014-06-21 12:43 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-06-07 20:34 - 2014-06-07 20:34 - 01141680 _____ () C:\Users\JA\Downloads\SteamSetup.exe 2014-06-07 20:34 - 2014-06-07 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-06-07 20:19 - 2014-06-07 20:19 - 06554576 _____ (Microsoft Corporation) C:\Users\JA\Downloads\vcredist_x86.exe 2014-06-07 20:19 - 2014-06-07 20:19 - 01453976 _____ (Microsoft Corporation) C:\Users\JA\Downloads\vcredist_arm.exe 2014-06-07 20:16 - 2014-06-07 20:20 - 00000000 ____D () C:\ProgramData\Package Cache 2014-06-07 20:14 - 2014-06-07 20:14 - 07186992 _____ (Microsoft Corporation) C:\Users\JA\Downloads\vcredist_x64.exe 2014-06-07 20:12 - 2014-06-07 20:13 - 00053024 _____ () C:\Users\JA\Downloads\dffsetup-msvcr110.exe 2014-06-07 20:09 - 2014-06-07 20:09 - 00040323 _____ () C:\Users\JA\Downloads\PAYDAY.2.(zabranjeno).ONLY.FLT.rar 2014-06-07 19:57 - 2014-06-07 19:57 - 00000830 _____ () C:\Users\Public\Desktop\Pay Day 2 beta.lnk 2014-06-07 19:57 - 2014-06-07 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pay Day 2 beta 2014-05-31 17:50 - 2014-05-31 17:50 - 00000000 ____D () C:\Users\JA\AppData\Local\Activision 2014-05-24 21:34 - 2014-05-24 21:34 - 00000000 ____D () C:\Users\JA\AppData\Local\Skype 2014-05-24 21:33 - 2014-05-24 21:33 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-05-24 21:33 - 2014-05-24 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ==================== One Month Modified Files and Folders ======= 2014-06-21 20:21 - 2014-06-21 16:50 - 00019564 _____ () C:\Users\JA\Desktop\FRST.txt 2014-06-21 20:21 - 2014-06-21 16:49 - 00000000 ____D () C:\FRST 2014-06-21 20:21 - 2012-12-26 01:28 - 01751539 _____ () C:\Windows\WindowsUpdate.log 2014-06-21 20:20 - 2014-06-20 14:42 - 00003112 _____ () C:\Windows\System32\Tasks\RDReminder 2014-06-21 20:20 - 2013-11-23 19:50 - 00000000 ____D () C:\ProgramData\Norton 2014-06-21 20:20 - 2012-12-25 17:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-21 20:19 - 2013-07-12 22:29 - 00000000 ____D () C:\Users\JA\AppData\Roaming\BitTorrent 2014-06-21 20:12 - 2014-06-21 20:12 - 00044103 _____ () C:\Users\JA\Desktop\AdwCleaner[S0].txt 2014-06-21 20:10 - 2013-09-27 23:41 - 00000000 ____D () C:\Users\JA\AppData\Roaming\Dropbox 2014-06-21 20:09 - 2014-05-17 14:15 - 00000000 ____D () C:\Users\JA\AppData\Roaming\DropboxMaster 2014-06-21 20:09 - 2013-09-27 23:48 - 00000000 ___RD () C:\Users\JA\Dropbox 2014-06-21 20:09 - 2013-08-01 14:12 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-06-21 20:07 - 2014-03-08 08:44 - 00001310 _____ () C:\Users\JA\Desktop\Norton Installation Files.lnk 2014-06-21 20:06 - 2013-03-17 12:58 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-21 20:06 - 2012-12-25 16:55 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-21 20:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-21 20:06 - 2009-07-14 06:51 - 00127538 _____ () C:\Windows\setupact.log 2014-06-21 20:05 - 2010-11-21 05:47 - 00710438 _____ () C:\Windows\PFRO.log 2014-06-21 20:03 - 2009-07-14 06:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-21 20:03 - 2009-07-14 06:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-21 20:02 - 2014-06-21 19:58 - 00000000 ____D () C:\AdwCleaner 2014-06-21 19:57 - 2014-06-21 19:57 - 01333465 _____ () C:\Users\JA\Downloads\adwcleaner_3.212.exe 2014-06-21 19:31 - 2013-01-08 23:26 - 00000916 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2228611659-2385433343-1400175593-1000UA.job 2014-06-21 19:29 - 2013-03-17 12:58 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-21 17:50 - 2013-06-17 09:05 - 00000382 _____ () C:\Windows\Tasks\update-S-1-5-21-2228611659-2385433343-1400175593-1000.job 2014-06-21 17:17 - 2014-02-15 14:19 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-06-21 17:17 - 2013-07-21 23:32 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-06-21 16:54 - 2014-06-21 16:53 - 00032182 _____ () C:\Users\JA\Desktop\Addition.txt 2014-06-21 16:46 - 2014-06-21 16:46 - 02083328 _____ (Farbar) C:\Users\JA\Desktop\FRST64.exe 2014-06-21 16:45 - 2013-06-15 22:15 - 00000000 ____D () C:\Users\JA\Desktop\Virtual Dub 2014-06-21 12:46 - 2014-06-17 22:40 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-06-21 12:46 - 2014-06-17 22:39 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndisflt.sys 2014-06-21 12:46 - 2012-12-25 17:27 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-06-21 12:46 - 2012-12-25 17:27 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-06-21 12:43 - 2014-06-07 20:34 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-06-21 12:35 - 2012-12-25 16:55 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-06-20 22:31 - 2013-01-08 23:26 - 00000894 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2228611659-2385433343-1400175593-1000Core.job 2014-06-20 20:11 - 2012-12-25 17:22 - 00000000 ____D () C:\Users\JA\AppData\Roaming\Skype 2014-06-20 14:41 - 2014-06-20 14:41 - 00000000 ____D () C:\Users\JA\AppData\Roaming\AVAST Software 2014-06-20 14:36 - 2013-11-23 19:50 - 00000400 ____H () C:\Windows\Tasks\Norton Security Scan for JA.job 2014-06-20 14:36 - 2012-12-25 17:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-20 10:57 - 2013-10-15 22:17 - 00000392 _____ () C:\Windows\Tasks\AllmyappsUpdateTask.job 2014-06-18 03:54 - 2014-06-18 03:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-17 22:41 - 2014-06-17 22:29 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk 2014-06-17 22:40 - 2014-06-17 22:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-17 22:40 - 2014-06-17 22:40 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-17 22:40 - 2013-03-24 23:09 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-06-17 22:40 - 2013-03-24 23:08 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-06-17 22:40 - 2012-12-25 17:27 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1403347554015 2014-06-17 22:40 - 2012-12-25 17:27 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1403347554015 2014-06-17 22:40 - 2012-12-25 17:27 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-06-17 22:40 - 2012-12-25 17:27 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-06-17 22:40 - 2012-12-25 17:27 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-06-17 22:39 - 2014-06-17 22:39 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndisflt.sys.1403347554015 2014-06-17 22:39 - 2013-03-24 23:09 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-06-17 22:34 - 2012-12-25 17:26 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-17 22:31 - 2012-12-25 17:27 - 00000000 _____ () C:\Windows\SysWOW64\config.nt 2014-06-15 02:24 - 2013-03-17 12:58 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-15 02:24 - 2013-03-17 12:58 - 00003634 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-14 22:01 - 2014-02-17 13:30 - 00000286 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job 2014-06-14 00:54 - 2014-06-14 00:54 - 00000000 ____D () C:\Users\JA\AppData\Local\2K Games 2014-06-14 00:52 - 2012-12-25 17:07 - 00565493 _____ () C:\Windows\DirectX.log 2014-06-14 00:47 - 2014-06-14 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games 2014-06-12 19:30 - 2013-03-17 13:02 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-11 22:49 - 2014-06-11 22:49 - 00000000 ____D () C:\Users\JA\AppData\Local\ilividmoviestoolbar20 2014-06-11 22:49 - 2014-06-11 22:49 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar 2014-06-11 22:48 - 2014-06-11 22:47 - 01312360 _____ (VideoPerformer) C:\Users\JA\Downloads\VideoPerformerSetup.exe 2014-06-11 22:46 - 2014-06-11 22:45 - 01681384 _____ (Bandoo Media Inc) C:\Users\JA\Downloads\iLividSetup-r706-n-bc.exe 2014-06-11 22:03 - 2014-02-17 13:30 - 00000270 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job 2014-06-09 08:09 - 2012-12-25 17:08 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-07 22:09 - 2014-06-07 22:09 - 00000000 ____D () C:\Users\JA\AppData\Local\PAYDAY 2 (Demo) 2014-06-07 21:24 - 2014-06-07 21:24 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-06-07 21:24 - 2014-06-07 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-06-07 21:24 - 2014-02-28 22:20 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-06-07 21:23 - 2014-06-07 21:23 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-06-07 20:34 - 2014-06-07 20:34 - 01141680 _____ () C:\Users\JA\Downloads\SteamSetup.exe 2014-06-07 20:34 - 2014-06-07 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-06-07 20:20 - 2014-06-07 20:16 - 00000000 ____D () C:\ProgramData\Package Cache 2014-06-07 20:19 - 2014-06-07 20:19 - 06554576 _____ (Microsoft Corporation) C:\Users\JA\Downloads\vcredist_x86.exe 2014-06-07 20:19 - 2014-06-07 20:19 - 01453976 _____ (Microsoft Corporation) C:\Users\JA\Downloads\vcredist_arm.exe 2014-06-07 20:14 - 2014-06-07 20:14 - 07186992 _____ (Microsoft Corporation) C:\Users\JA\Downloads\vcredist_x64.exe 2014-06-07 20:13 - 2014-06-07 20:12 - 00053024 _____ () C:\Users\JA\Downloads\dffsetup-msvcr110.exe 2014-06-07 20:09 - 2014-06-07 20:09 - 00040323 _____ () C:\Users\JA\Downloads\PAYDAY.2.(zabranjeno).ONLY.FLT.rar 2014-06-07 19:57 - 2014-06-07 19:57 - 00000830 _____ () C:\Users\Public\Desktop\Pay Day 2 beta.lnk 2014-06-07 19:57 - 2014-06-07 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pay Day 2 beta 2014-06-02 20:23 - 2014-02-15 01:05 - 00000000 ____D () C:\Users\JA\AppData\Roaming\uTorrent 2014-06-02 17:14 - 2013-06-17 09:05 - 00003250 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-2228611659-2385433343-1400175593-1000 2014-06-02 17:13 - 2013-06-17 09:05 - 00000430 _____ () C:\Users\JA\AppData\Local\UserProducts.xml 2014-06-02 17:13 - 2013-06-17 09:05 - 00000000 ____D () C:\Users\JA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot 2014-05-31 17:51 - 2013-07-21 23:41 - 00000000 ____D () C:\Users\JA\Documents\My Games 2014-05-31 17:50 - 2014-05-31 17:50 - 00000000 ____D () C:\Users\JA\AppData\Local\Activision 2014-05-31 17:47 - 2014-03-04 20:46 - 00000000 ____D () C:\temp 2014-05-31 16:57 - 2013-08-20 19:18 - 00000000 ____D () C:\Users\JA\AppData\Local\My Games 2014-05-31 15:01 - 2013-07-21 23:32 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-05-30 23:44 - 2013-09-27 23:44 - 00000000 ____D () C:\Users\JA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-30 23:37 - 2012-12-25 16:37 - 00000000 ____D () C:\Users\JA 2014-05-24 21:34 - 2014-05-24 21:34 - 00000000 ____D () C:\Users\JA\AppData\Local\Skype 2014-05-24 21:33 - 2014-05-24 21:33 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-05-24 21:33 - 2014-05-24 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-24 21:33 - 2012-12-25 17:22 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-24 21:33 - 2012-12-25 17:22 - 00000000 ____D () C:\ProgramData\Skype Some content of TEMP: ==================== C:\Users\JA\AppData\Local\Temp\AskInstallChecker.exe C:\Users\JA\AppData\Local\Temp\AutoRun.exe C:\Users\JA\AppData\Local\Temp\AutoRunGUI.dll C:\Users\JA\AppData\Local\Temp\CoJBiBLauncher.exe C:\Users\JA\AppData\Local\Temp\conduitinstaller.exe C:\Users\JA\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprwbpn7.dll C:\Users\JA\AppData\Local\Temp\DSETUP.dll C:\Users\JA\AppData\Local\Temp\dsetup32.dll C:\Users\JA\AppData\Local\Temp\DXSETUP.exe C:\Users\JA\AppData\Local\Temp\HighAurum_bs.exe C:\Users\JA\AppData\Local\Temp\htmlayout.dll C:\Users\JA\AppData\Local\Temp\install_helper.exe C:\Users\JA\AppData\Local\Temp\Quarantine.exe C:\Users\JA\AppData\Local\Temp\SearchHelper.exe C:\Users\JA\AppData\Local\Temp\setup_fsu_cid.exe C:\Users\JA\AppData\Local\Temp\SIntf16.dll C:\Users\JA\AppData\Local\Temp\SIntf32.dll C:\Users\JA\AppData\Local\Temp\SIntfNT.dll C:\Users\JA\AppData\Local\Temp\SkypeSetup.exe C:\Users\JA\AppData\Local\Temp\Softango Downloader213706.exe C:\Users\JA\AppData\Local\Temp\steam404.exe C:\Users\JA\AppData\Local\Temp\swt-win32-3349.dll C:\Users\JA\AppData\Local\Temp\toolbar71275000.exe C:\Users\JA\AppData\Local\Temp\toolbar71276062.exe C:\Users\JA\AppData\Local\Temp\ubi77EB.tmp.exe C:\Users\JA\AppData\Local\Temp\uninstall262640.exe C:\Users\JA\AppData\Local\Temp\uninstall270437.exe C:\Users\JA\AppData\Local\Temp\uninstall270468.exe C:\Users\JA\AppData\Local\Temp\update159437.exe C:\Users\JA\AppData\Local\Temp\update165359.exe C:\Users\JA\AppData\Local\Temp\uttDCBF.tmp.exe C:\Users\JA\AppData\Local\Temp\war3_install.exe C:\Users\JA\AppData\Local\Temp\YontooSetup-S.exe C:\Users\JA\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_1112.exe C:\Users\JA\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_30223.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-18 14:24 ==================== End Of Log ============================ [Link mogu videti samo ulogovani korisnici]

Profil

TwinHeadedEagle Poslao: 21 Jun 2014 20:34 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Prvo obrisi sledece: - Jet - Jet Browser version 0.2.0.7 - Java 7 Update 9 - Movies Toolbar for Chrome - Speed Test 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: HKLM\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1 HKLM\...\Run: [svchost] => regsvr32 /s "C:\Temp:00015733.dat" C:\Temp:00015733.dat HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Allmyapps] => C:\Users\JA\AppData\Roaming\Allmyapps\Allmyapps.exe [7322488 2014-04-06] (Allmyapps SAS) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Allmyapps Update] => C:\Users\JA\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [320888 2014-04-06] (Allmyapps SAS) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [] => "" /XML="C:\Users\JA\AppData\Local\Temp\34D5.tmp" /ROS /STP=0:2 <===== ATTENTION C:\Users\JA\AppData\Local\Temp\34D5.tmp C:\Users\JA\AppData\Roaming\Allmyapps HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1 HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [svchost] => regsvr32 /s "C:\Temp:00015733.dat" HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\MountPoints2: {a79b5e6d-922e-11e3-a198-002421e0804c} - J:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083 HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\MountPoints2: {db0bc543-cab7-11e2-8d0d-002421e0804c} - E:\Windows\AutoRun.exe ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {0DE497C0-4292-46EF-98E0-A919EF677260} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN22510046841569228&UM=1 FF NewTab: user_pref("browser.newtab.url", ""); FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", ""); FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", ""); FF Extension: 7Go - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\7go@7go.com.xpi [2013-10-07] FF Extension: PutLockerDownloader - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\putlockerdownloader@putlockerdownloader.com.xpi [2012-11-06] FF Extension: Speed Test 127 - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\speedtest4354@BestOffers.xpi [2014-01-03] FF Extension: Update My Browser - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\{cc8f597b-0765-404e-a575-82aefbd81daf}.xpi [2013-02-09] 2014-06-11 22:49 - 2014-06-11 22:49 - 00000000 ____D () C:\Users\JA\AppData\Local\ilividmoviestoolbar20 2014-06-11 22:49 - 2014-06-11 22:49 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar 2014-06-11 22:47 - 2014-06-11 22:48 - 01312360 _____ (VideoPerformer) C:\Users\JA\Downloads\VideoPerformerSetup.exe 2014-06-11 22:45 - 2014-06-11 22:46 - 01681384 _____ (Bandoo Media Inc) C:\Users\JA\Downloads\iLividSetup-r706-n-bc.exe C:\Users\JA\AppData\Local\Temp\AskInstallChecker.exe C:\Users\JA\AppData\Local\Temp\AutoRun.exe C:\Users\JA\AppData\Local\Temp\AutoRunGUI.dll C:\Users\JA\AppData\Local\Temp\CoJBiBLauncher.exe C:\Users\JA\AppData\Local\Temp\conduitinstaller.exe C:\Users\JA\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprwbpn7.dll C:\Users\JA\AppData\Local\Temp\DSETUP.dll C:\Users\JA\AppData\Local\Temp\dsetup32.dll C:\Users\JA\AppData\Local\Temp\DXSETUP.exe C:\Users\JA\AppData\Local\Temp\HighAurum_bs.exe C:\Users\JA\AppData\Local\Temp\htmlayout.dll C:\Users\JA\AppData\Local\Temp\install_helper.exe C:\Users\JA\AppData\Local\Temp\Quarantine.exe C:\Users\JA\AppData\Local\Temp\SearchHelper.exe C:\Users\JA\AppData\Local\Temp\setup_fsu_cid.exe C:\Users\JA\AppData\Local\Temp\SIntf16.dll C:\Users\JA\AppData\Local\Temp\SIntf32.dll C:\Users\JA\AppData\Local\Temp\SIntfNT.dll C:\Users\JA\AppData\Local\Temp\SkypeSetup.exe C:\Users\JA\AppData\Local\Temp\Softango Downloader213706.exe C:\Users\JA\AppData\Local\Temp\steam404.exe C:\Users\JA\AppData\Local\Temp\swt-win32-3349.dll C:\Users\JA\AppData\Local\Temp\toolbar71275000.exe C:\Users\JA\AppData\Local\Temp\toolbar71276062.exe C:\Users\JA\AppData\Local\Temp\ubi77EB.tmp.exe C:\Users\JA\AppData\Local\Temp\uninstall262640.exe C:\Users\JA\AppData\Local\Temp\uninstall270437.exe C:\Users\JA\AppData\Local\Temp\uninstall270468.exe C:\Users\JA\AppData\Local\Temp\update159437.exe C:\Users\JA\AppData\Local\Temp\update165359.exe C:\Users\JA\AppData\Local\Temp\uttDCBF.tmp.exe C:\Users\JA\AppData\Local\Temp\war3_install.exe C:\Users\JA\AppData\Local\Temp\YontooSetup-S.exe C:\Users\JA\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_1112.exe C:\Users\JA\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_30223.exe Task: {0B1ABE28-0911-4EF1-9D86-30499E9C1142} - \PC Performer_DEFAULT No Task File <==== ATTENTION Task: {47C378CC-1D01-4873-84BD-4D6516ABB73B} - \PC Performer_UPDATES No Task File <==== ATTENTION Task: {49A3AA5A-D3A5-43B9-972B-DB3CDEC0374F} - \GoforFilesUpdate No Task File <==== ATTENTION Task: {6164571A-73DA-4908-AF48-1CAF2D6110B2} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION Task: {6C25A195-C3C4-4970-8C14-B2A367E4BDBE} - \EPUpdater No Task File <==== ATTENTION Task: {7A26200C-8DB7-48CF-8BEA-C9C1F7051684} - \update-sys No Task File <==== ATTENTION Task: {904E3A17-6148-4D70-BB74-6038BE689B7E} - \Express FilesUpdate No Task File <==== ATTENTION Task: {DE78F4AF-D927-40BC-80F1-9986DD88DD30} - \PC Performer No Task File <==== ATTENTION Task: {E9AD525C-30C6-43BF-9894-5C8624C83BDA} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION AlternateDataStreams: C:\temp:018347BC.dat AlternateDataStreams: C:\temp:rnd.dat AlternateDataStreams: C:\temp:srv AlternateDataStreams: C:\ProgramData\TEMP:AD022376 cmd: ipconfig /flushdns Reboot: 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

DenySRB Poslao: 21 Jun 2014 20:51 Idi na vrh
offline DenySRB Građanin Pridružio: 08 Maj 2014 Poruke: 98	1Ovo se svidja korisniku: scout01 Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-06-2014 01 Ran by JA at 2014-06-21 20:40:10 Run:1 Running from C:\Users\JA\Desktop Boot Mode: Normal ============================================== Content of fixlist: *************** HKLM\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1 HKLM\...\Run: [svchost] => regsvr32 /s "C:\Temp:00015733.dat" C:\Temp:00015733.dat HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Allmyapps] => C:\Users\JA\AppData\Roaming\Allmyapps\Allmyapps.exe [7322488 2014-04-06] (Allmyapps SAS) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [Allmyapps Update] => C:\Users\JA\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [320888 2014-04-06] (Allmyapps SAS) HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [] => "" /XML="C:\Users\JA\AppData\Local\Temp\34D5.tmp" /ROS /STP=0:2 <===== ATTENTION C:\Users\JA\AppData\Local\Temp\34D5.tmp C:\Users\JA\AppData\Roaming\Allmyapps HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1 HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\Run: [svchost] => regsvr32 /s "C:\Temp:00015733.dat" HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\MountPoints2: {a79b5e6d-922e-11e3-a198-002421e0804c} - J:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083 HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\...\MountPoints2: {db0bc543-cab7-11e2-8d0d-002421e0804c} - E:\Windows\AutoRun.exe ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {0DE497C0-4292-46EF-98E0-A919EF677260} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN22510046841569228&UM=1 FF NewTab: user_pref("browser.newtab.url", ""); FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", ""); FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", ""); FF Extension: 7Go - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\7go@7go.com.xpi [2013-10-07] FF Extension: PutLockerDownloader - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\putlockerdownloader@putlockerdownloader.com.xpi [2012-11-06] FF Extension: Speed Test 127 - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\speedtest4354@BestOffers.xpi [2014-01-03] FF Extension: Update My Browser - C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\{cc8f597b-0765-404e-a575-82aefbd81daf}.xpi [2013-02-09] 2014-06-11 22:49 - 2014-06-11 22:49 - 00000000 ____D () C:\Users\JA\AppData\Local\ilividmoviestoolbar20 2014-06-11 22:49 - 2014-06-11 22:49 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar 2014-06-11 22:47 - 2014-06-11 22:48 - 01312360 _____ (VideoPerformer) C:\Users\JA\Downloads\VideoPerformerSetup.exe 2014-06-11 22:45 - 2014-06-11 22:46 - 01681384 _____ (Bandoo Media Inc) C:\Users\JA\Downloads\iLividSetup-r706-n-bc.exe C:\Users\JA\AppData\Local\Temp\AskInstallChecker.exe C:\Users\JA\AppData\Local\Temp\AutoRun.exe C:\Users\JA\AppData\Local\Temp\AutoRunGUI.dll C:\Users\JA\AppData\Local\Temp\CoJBiBLauncher.exe C:\Users\JA\AppData\Local\Temp\conduitinstaller.exe C:\Users\JA\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprwbpn7.dll C:\Users\JA\AppData\Local\Temp\DSETUP.dll C:\Users\JA\AppData\Local\Temp\dsetup32.dll C:\Users\JA\AppData\Local\Temp\DXSETUP.exe C:\Users\JA\AppData\Local\Temp\HighAurum_bs.exe C:\Users\JA\AppData\Local\Temp\htmlayout.dll C:\Users\JA\AppData\Local\Temp\install_helper.exe C:\Users\JA\AppData\Local\Temp\Quarantine.exe C:\Users\JA\AppData\Local\Temp\SearchHelper.exe C:\Users\JA\AppData\Local\Temp\setup_fsu_cid.exe C:\Users\JA\AppData\Local\Temp\SIntf16.dll C:\Users\JA\AppData\Local\Temp\SIntf32.dll C:\Users\JA\AppData\Local\Temp\SIntfNT.dll C:\Users\JA\AppData\Local\Temp\SkypeSetup.exe C:\Users\JA\AppData\Local\Temp\Softango Downloader213706.exe C:\Users\JA\AppData\Local\Temp\steam404.exe C:\Users\JA\AppData\Local\Temp\swt-win32-3349.dll C:\Users\JA\AppData\Local\Temp\toolbar71275000.exe C:\Users\JA\AppData\Local\Temp\toolbar71276062.exe C:\Users\JA\AppData\Local\Temp\ubi77EB.tmp.exe C:\Users\JA\AppData\Local\Temp\uninstall262640.exe C:\Users\JA\AppData\Local\Temp\uninstall270437.exe C:\Users\JA\AppData\Local\Temp\uninstall270468.exe C:\Users\JA\AppData\Local\Temp\update159437.exe C:\Users\JA\AppData\Local\Temp\update165359.exe C:\Users\JA\AppData\Local\Temp\uttDCBF.tmp.exe C:\Users\JA\AppData\Local\Temp\war3_install.exe C:\Users\JA\AppData\Local\Temp\YontooSetup-S.exe C:\Users\JA\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_1112.exe C:\Users\JA\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_30223.exe Task: {0B1ABE28-0911-4EF1-9D86-30499E9C1142} - \PC Performer_DEFAULT No Task File <==== ATTENTION Task: {47C378CC-1D01-4873-84BD-4D6516ABB73B} - \PC Performer_UPDATES No Task File <==== ATTENTION Task: {49A3AA5A-D3A5-43B9-972B-DB3CDEC0374F} - \GoforFilesUpdate No Task File <==== ATTENTION Task: {6164571A-73DA-4908-AF48-1CAF2D6110B2} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION Task: {6C25A195-C3C4-4970-8C14-B2A367E4BDBE} - \EPUpdater No Task File <==== ATTENTION Task: {7A26200C-8DB7-48CF-8BEA-C9C1F7051684} - \update-sys No Task File <==== ATTENTION Task: {904E3A17-6148-4D70-BB74-6038BE689B7E} - \Express FilesUpdate No Task File <==== ATTENTION Task: {DE78F4AF-D927-40BC-80F1-9986DD88DD30} - \PC Performer No Task File <==== ATTENTION Task: {E9AD525C-30C6-43BF-9894-5C8624C83BDA} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION AlternateDataStreams: C:\temp:018347BC.dat AlternateDataStreams: C:\temp:rnd.dat AlternateDataStreams: C:\temp:srv AlternateDataStreams: C:\ProgramData\TEMP:AD022376 cmd: ipconfig /flushdns Reboot: *************** HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA => value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\svchost => value deleted successfully. "C:\Temp:00015733.dat" => File/Directory not found. HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Allmyapps => value deleted successfully. HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Allmyapps Update => value deleted successfully. HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. "C:\Users\JA\AppData\Local\Temp\34D5.tmp" => File/Directory not found. C:\Users\JA\AppData\Roaming\Allmyapps => Moved successfully. HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA => value deleted successfully. HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\Software\Microsoft\Windows\CurrentVersion\Run\\svchost => value deleted successfully. 'HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a79b5e6d-922e-11e3-a198-002421e0804c} - J:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000}'=> Key not found. 'HKCR\CLSID\{a79b5e6d-922e-11e3-a198-002421e0804c} - J:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000}'=> Key not found. 'HKU\S-1-5-21-2228611659-2385433343-1400175593-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db0bc543-cab7-11e2-8d0d-002421e0804c}' => Key deleted successfully. 'HKCR\CLSID\{db0bc543-cab7-11e2-8d0d-002421e0804c}'=> Key not found. 'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1' => Key deleted successfully. 'HKLM\Software\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found. 'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2' => Key deleted successfully. 'HKLM\Software\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found. 'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3' => Key deleted successfully. 'HKLM\Software\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found. 'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4' => Key deleted successfully. 'HKLM\Software\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found. 'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1' => Key deleted successfully. 'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found. 'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2' => Key deleted successfully. 'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found. 'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3' => Key deleted successfully. 'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found. 'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4' => Key deleted successfully. 'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. 'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0DE497C0-4292-46EF-98E0-A919EF677260}' => Key deleted successfully. 'HKCR\CLSID\{0DE497C0-4292-46EF-98E0-A919EF677260}'=> Key not found. Firefox newtab deleted successfully. Firefox SelectedSearchEngine deleted successfully. C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\7go@7go.com.xpi => Moved successfully. C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\putlockerdownloader@putlockerdownloader.com.xpi => Moved successfully. C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\speedtest4354@BestOffers.xpi => Moved successfully. C:\Users\JA\AppData\Roaming\Mozilla\Firefox\Profiles\aofh7snf.default\Extensions\{cc8f597b-0765-404e-a575-82aefbd81daf}.xpi => Moved successfully. C:\Users\JA\AppData\Local\ilividmoviestoolbar20 => Moved successfully. C:\Program Files (x86)\Movies Toolbar => Moved successfully. C:\Users\JA\Downloads\VideoPerformerSetup.exe => Moved successfully. C:\Users\JA\Downloads\iLividSetup-r706-n-bc.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\AskInstallChecker.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\AutoRun.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\AutoRunGUI.dll => Moved successfully. C:\Users\JA\AppData\Local\Temp\CoJBiBLauncher.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\conduitinstaller.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprwbpn7.dll => Moved successfully. C:\Users\JA\AppData\Local\Temp\DSETUP.dll => Moved successfully. C:\Users\JA\AppData\Local\Temp\dsetup32.dll => Moved successfully. C:\Users\JA\AppData\Local\Temp\DXSETUP.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\HighAurum_bs.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\htmlayout.dll => Moved successfully. C:\Users\JA\AppData\Local\Temp\install_helper.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\Quarantine.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\SearchHelper.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\setup_fsu_cid.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\SIntf16.dll => Moved successfully. C:\Users\JA\AppData\Local\Temp\SIntf32.dll => Moved successfully. C:\Users\JA\AppData\Local\Temp\SIntfNT.dll => Moved successfully. C:\Users\JA\AppData\Local\Temp\SkypeSetup.exe => Moved successfully. "C:\Users\JA\AppData\Local\Temp\Softango Downloader213706.exe" => File/Directory not found. C:\Users\JA\AppData\Local\Temp\steam404.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\swt-win32-3349.dll => Moved successfully. C:\Users\JA\AppData\Local\Temp\toolbar71275000.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\toolbar71276062.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\ubi77EB.tmp.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\uninstall262640.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\uninstall270437.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\uninstall270468.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\update159437.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\update165359.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\uttDCBF.tmp.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\war3_install.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\YontooSetup-S.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_1112.exe => Moved successfully. C:\Users\JA\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_30223.exe => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B1ABE28-0911-4EF1-9D86-30499E9C1142}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B1ABE28-0911-4EF1-9D86-30499E9C1142}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_DEFAULT' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47C378CC-1D01-4873-84BD-4D6516ABB73B}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47C378CC-1D01-4873-84BD-4D6516ABB73B}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_UPDATES' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{49A3AA5A-D3A5-43B9-972B-DB3CDEC0374F}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49A3AA5A-D3A5-43B9-972B-DB3CDEC0374F}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoforFilesUpdate' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6164571A-73DA-4908-AF48-1CAF2D6110B2}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6164571A-73DA-4908-AF48-1CAF2D6110B2}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C25A195-C3C4-4970-8C14-B2A367E4BDBE}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C25A195-C3C4-4970-8C14-B2A367E4BDBE}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A26200C-8DB7-48CF-8BEA-C9C1F7051684}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A26200C-8DB7-48CF-8BEA-C9C1F7051684}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-sys' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{904E3A17-6148-4D70-BB74-6038BE689B7E}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{904E3A17-6148-4D70-BB74-6038BE689B7E}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Express FilesUpdate' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE78F4AF-D927-40BC-80F1-9986DD88DD30}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE78F4AF-D927-40BC-80F1-9986DD88DD30}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{E9AD525C-30C6-43BF-9894-5C8624C83BDA}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9AD525C-30C6-43BF-9894-5C8624C83BDA}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2' => Key deleted successfully. C:\temp => ":018347BC.dat" ADS removed successfully. C:\temp => ":rnd.dat" ADS removed successfully. C:\temp => ":srv" ADS removed successfully. C:\ProgramData\TEMP => ":AD022376" ADS removed successfully. ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= The system needed a reboot. ==== End of Fixlog ====

Profil

TwinHeadedEagle Poslao: 21 Jun 2014 21:33 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	1Ovo se svidja korisniku: zlaya011 Registruj se da bi pohvalio/la poruku! Odlicno, reci mi kakvo je sada stanje?

Profil

DenySRB Poslao: 21 Jun 2014 21:36 Idi na vrh
offline DenySRB Građanin Pridružio: 08 Maj 2014 Poruke: 98	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Bolje je nego sto je bilo, nema vise da koci. Rekao bih da radi normalno sada. Hvala puno. Zanima me jos nesto. Nasao sam stari hard disk i ubacio u ovaj komp, na tom hardu ima foldera program files, windows itd, smem li to da obrisem?

Profil

TwinHeadedEagle Poslao: 21 Jun 2014 22:38 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu, imamo jos jedan korak. Sto se tice hard diska, slobodno ga formatiraj ako nemas nista bitno na njemu... Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

DenySRB Poslao: 22 Jun 2014 00:20 Idi na vrh
offline DenySRB Građanin Pridružio: 08 Maj 2014 Poruke: 98	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Sad kada se restartovao, jako dugo se palio, ikonice je ocitavao 10 min a browser je jedva otvorio, cim je otvorio browser sve tece glatko odjednom... Malwarebytes Anti-Rootkit BETA 1.07.0.1012 [Link mogu videti samo ulogovani korisnici] Database version: v2014.06.21.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 JA :: JA-PC [administrator] 21.6.2014 23:16:58 mbar-log-2014-06-21 (23-16-58).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 304316 Time elapsed: 30 minute(s), 46 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 7 C:\$Recycle.Bin\S-1-5-21-2228611659-2385433343-1400175593-1000\trzC24.tmp (Adware.InstallBrain) -> Delete on reboot. [259a57234a313afc887314f745bcf010] C:\temp\coffeebreak.dat (Trojan.Facebook) -> Delete on reboot. [ad12afcb7605ee48ffba480d40c4e11f] C:\Users\JA\AppData\Local\Temp\Softango Downloader213706.exe (Adware.InstallBrain) -> Delete on reboot. [596604761c5f181eaa518a817988b64a] C:\Users\JA\AppData\Local\Temp\trz6B29.tmp (Spyware.Zbot.ED) -> Delete on reboot. [c7f87505017a56e0d22d274d56ab9f61] C:\Users\JA\AppData\Local\Temp\URoHIk2m.exe.part (Adware.InstallBrain) -> Delete on reboot. [9827106acdae15213ac1ce3d2ed315eb] C:\Users\JA\Downloads\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Delete on reboot. [67584337d0abf93d1b51f8de010010f0] C:\Users\JA\Downloads\File_Downloader.exe (Trojan.Agent) -> Delete on reboot. [7e41a2d837444ee862335b03738ec63a] Physical Sectors Detected: 0 (No malicious items detected) (end) [Link mogu videti samo ulogovani korisnici]

Profil

TwinHeadedEagle Poslao: 22 Jun 2014 11:31 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ako nema vise problema, to bi bilo to, racunar je cist Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop Dvoklikom pokreni program. Štikliraj sledeće opcije: Remove disinfection tools Purge System Restore Reset system settings Klikni na dugme "Run" i pričekaj da program završi rad. Alat ce ukloniti sve koriscene alate u ovoj temi... Kada alat završi, otvoriće izvestaj u notepadu. Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt Nije potrebno dostavljati izvestaj. Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj. Link do teme je: [Link mogu videti samo ulogovani korisnici] Takode, isprati i temu "Kako izbeci i ukloniti toolbar-ove" , procitaj i isprati korake u njoj. Link do teme je: [Link mogu videti samo ulogovani korisnici] TwinHeadedEagle (AMF Tim)

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Komp pun virusa, nepotrebnih programa itd..

Ko je trenutno na forumu

Ukupno su 1023 korisnika na forumu :: 61 registrovanih, 4 sakrivenih i 958 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: -[CoA]-, -Max-, 9k38, B61, BB, bigfoot, bufanje, darkojbn, DrSidious, famoso, Georgius, Gogi do, goran.vvv, Hardenberg, hyla, ikan, ilija.24, Jiu Kellah, KAIS, Kajzer Soze, Kolimator, Kukuvaja, Leonov, LjutaGuja, LostInSpaceandTime, marera, Medojed, micke83, milenko crazy north, Milos ZA, mm1811, mnn2, Natuzzi, niksa517, ObelixSRB, oddsock, oldtimer, Orc, Pekman, Phalanx, pisac12, PlayerOne, proka89, promajauglavi, raykan, Sančo, Soncogor, Srpska zauvjek, stagezin, suton, tajvankanasta, Tas011, Token, tubular, Vlado82, VNVK, Wrangler, Zdilar, zeka013, Zoran1959, |_MeD_|

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by