MyCity » Ambulanta -> Arhiva Ambulante » Pomoć pri sređivanju laptop-a

Pomoć pri sređivanju laptop-a

Napisano na dan: 21.2.2015

Pomoć pri sređivanju laptop-a

Sledeća strana

Pagination

Odgovori

vasa.93 Poslao: 21 Feb 2015 00:06 Idi na vrh
offline vasa.93 Moderator foruma Milan Pridružio: 17 Dec 2007 Poruke: 14824 Gde živiš: Niš	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Društvo, donela mi je sestra laptop na malo preuređivanja. Ovo je strašno čega sve ima ovde... Elem, klasika, reklame pljušte na sve strane, home page koji se ne može ukloniti, toolbar-ovi itd. Antivirusa nema. Ubaciću kasnije Avast kada završimo ovo ovde. Bilo je tu i više RegCleaner-a, TuneUp Utilities i slične gluposti. Sve u svemu, pomagajte ako Boga znate. FRST log: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01 Ran by Acer (administrator) on ACER-PC on 20-02-2015 23:52:47 Running from C:\Users\Acer\Desktop Loaded Profiles: Acer (Available profiles: Acer) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe (Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe () C:\Program Files\SupTab\HpUI.exe () C:\Program Files\SupTab\Loader32.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Program Files\HDtubeV1.6V23.10\51e8f886-20f2-4ea8-ab93-290865445edd.exe (HDTubeV23.10) C:\Program Files\HDtubeV1.6V23.10\3d6b9e00-200e-4d6d-ad00-f2f88495bb07.exe () C:\ProgramData\44fa52db-e405-4860-9675-591a035762d0\maintainer.exe (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe () C:\Program Files\Rad Rater\updateRadRater.exe () C:\Program Files\Rad Rater\bin\tmp22CC.tmp (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (HDTubeV23.10) C:\Program Files\HDtubeV1.6V23.10\HDtubeV1.6V23.10-bg.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe () C:\Program Files\Rad Rater\bin\RadRater.expext.exe () C:\Program Files\Rad Rater\bin\RadRater.PurBrowse.exe () C:\Program Files\Rad Rater\bin\RadRater.BOASHelper.exe () C:\Program Files\Rad Rater\bin\RadRater.BrowserAdapter.exe () C:\Program Files\Rad Rater\bin\RadRater.BOASPRT.exe () C:\Program Files\Rad Rater\bin\RadRater.BOAS.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe () C:\Program Files\Rad Rater\bin\RadRater.BOASPRT.exe () C:\Program Files\Rad Rater\bin\RadRater.BOAS.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2193200 2012-03-07] (ELAN Microelectronics Corp.) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-04-30] (Microsoft Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=141.....K3672K3672 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts.....672&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=141.....K3672K3672 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts.....672&q={searchTerms} HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=.....672&q={searchTerms} HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=141.....K3672K3672 HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=141.....K3672K3672 HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=.....672&q={searchTerms} SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts.....672&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts.....672&q={searchTerms} SearchScopes: HKU\S-1-5-21-1766882359-2938042193-1318993286-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKU\S-1-5-21-1766882359-2938042193-1318993286-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=.....672&q={searchTerms} BHO: HDtubeV1.6V23.10 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files\HDtubeV1.6V23.10\HDtubeV1.6V23.10-bho.dll (HDTubeV23.10) BHO: Rad Rater 1.0.0.7 -> {316cdecf-3a39-4fac-b224-29059a0fe5a7} -> C:\Program Files\Rad Rater\RadRaterBHO.dll (Rad Rater) BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKU\S-1-5-21-1766882359-2938042193-1318993286-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50 FireFox: ======== FF ProfilePath: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default FF NewTab: chrome://quick_start/content/index.html FF DefaultSearchEngine: V9 FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431400&CUI=UN28848748972415811&UM=1&SearchSource=3&q={searchTerms} FF SearchEngineOrder.1: V9 FF SelectedSearchEngine: V9 FF Homepage: hxxp://www.delta-homes.com/?type=hp&ts=1419478465&from=wpm12233&uid=WDCXWD5000LPVT-22G33T0_WD-WX51C42K3672K3672 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF SearchPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\searchplugins\conduit-search.xml FF SearchPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\searchplugins\conduit.xml FF SearchPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\searchplugins\V9.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml FF Extension: HDtubeV1.6V23.10 - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com [2014-10-23] FF Extension: abvnotifiernetinfobg - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\abvnotifier@netinfo.bg [2014-10-27] FF Extension: Security Protection - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\detgdp@gmail.com [2014-12-25] FF Extension: Fast Start - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\faststartff@gmail.com [2014-10-23] FF Extension: MB2 - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\{013a635f-e3aa-4371-b682-ece95ca974b0} [2014-11-22] FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi [2013-10-23] FF Extension: Rad Rater 1.0.1 - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\{c04971d6-6545-4dc6-95bf-c64628b21a3c}.xpi [2014-11-28] FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2014-04-29] FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\extensions\faststartff@gmail.com FF HKLM\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\extensions\detgdp@gmail.com Chrome: ======= CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1419478465&from=wpm12233&uid=WDCXWD5000LPVT-22G33T0_WD-WX51C42K3672K3672 CHR StartupUrls: Default -> "https://www.google.rs/?gws_rd=ssl", "https://www.google.com/", "hxxp://www.delta-homes.com/?type=hp&ts=1419478465&from=wpm12233&uid=WDCXWD5000LPVT-22G33T0_WD-WX51C42K3672K3672" CHR DefaultSearchKeyword: Default -> delta-homes CHR DefaultSuggestURL: Default -> CHR Profile: C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-28] CHR Extension: (Google Docs) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-28] CHR Extension: (Google Drive) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-28] CHR Extension: (YouTube) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-28] CHR Extension: (Google Search) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-28] CHR Extension: (Google Sheets) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-28] CHR Extension: (Rad Rater) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\johcggolpkjohobcnommihggcnjfmkbm [2014-10-28] CHR Extension: (HDtubeV1.6V23.10) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb [2014-10-28] CHR Extension: (Google Wallet) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-28] CHR Extension: (Security Protection) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2014-12-25] CHR Extension: (Gmail) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-28] CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-25] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [276248 2012-02-19] (Intel Corporation) S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-23] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-23] (globalUpdate) [File not signed] R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-10-23] (Cherished Technololgy LIMITED) R2 MaintainerSvc3.37.8493095; C:\ProgramData\44fa52db-e405-4860-9675-591a035762d0\maintainer.exe [123632 2015-02-13] () S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [724992 2006-10-09] (Nero AG) [File not signed] R2 Update Rad Rater; C:\Program Files\Rad Rater\updateRadRater.exe [391920 2015-02-13] () R2 Util Rad Rater; C:\Program Files\Rad Rater\bin\utilRadRater.exe [392944 2015-02-20] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [472064 2014-12-24] (Fuyu LIMITED) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [60968 2011-11-04] (Broadcom Corporation) R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [17960 2011-11-04] (Broadcom Corporation) R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [43560 2011-09-02] (Broadcom Corporation) R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [51240 2012-02-09] (Broadcom Corporation) R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [207152 2012-03-07] (ELAN Microelectronics Corp.) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation) R1 {0611db87-b802-446c-82a4-36c028073cf2}Gw; C:\Windows\System32\drivers\{0611db87-b802-446c-82a4-36c028073cf2}Gw.sys [43152 2014-12-06] (StdLib) R1 {13ce5bca-e225-4612-825a-04ae7e1fd372}Gw; C:\Windows\System32\drivers\{13ce5bca-e225-4612-825a-04ae7e1fd372}Gw.sys [43152 2014-11-04] (StdLib) R1 {22f5efb2-cf2a-4b33-ba26-a786dcd5306a}Gw; C:\Windows\System32\drivers\{22f5efb2-cf2a-4b33-ba26-a786dcd5306a}Gw.sys [43152 2014-10-28] (StdLib) R1 {3f068af7-4402-4c2d-86c8-012e5b369fd2}Gw; C:\Windows\System32\drivers\{3f068af7-4402-4c2d-86c8-012e5b369fd2}Gw.sys [43152 2014-11-30] (StdLib) R1 {3fb64001-af43-4182-bfc8-11e1fee2385f}Gw; C:\Windows\System32\drivers\{3fb64001-af43-4182-bfc8-11e1fee2385f}Gw.sys [43152 2014-12-09] (StdLib) R1 {578b4215-f29d-44b8-9b3f-ddf8690c8780}Gw; C:\Windows\System32\drivers\{578b4215-f29d-44b8-9b3f-ddf8690c8780}Gw.sys [43152 2014-11-22] (StdLib) R1 {593f3d97-fd2a-49c8-8b7a-7193417ea943}Gw; C:\Windows\System32\drivers\{593f3d97-fd2a-49c8-8b7a-7193417ea943}Gw.sys [43152 2014-11-06] (StdLib) R1 {5a5c6be1-6c0e-4678-ac1b-c5c536cf202b}Gw; C:\Windows\System32\drivers\{5a5c6be1-6c0e-4678-ac1b-c5c536cf202b}Gw.sys [43152 2014-12-13] (StdLib) R1 {62b23f4d-1a77-4dc0-a311-9d8c70e16633}Gw; C:\Windows\System32\drivers\{62b23f4d-1a77-4dc0-a311-9d8c70e16633}Gw.sys [43152 2014-11-16] (StdLib) R1 {62c63501-9106-4925-bed0-c5a002ccbe86}Gw; C:\Windows\System32\drivers\{62c63501-9106-4925-bed0-c5a002ccbe86}Gw.sys [43152 2014-12-18] (StdLib) R1 {6a0c272b-67e5-4617-9812-522d12a42d7a}Gw; C:\Windows\System32\drivers\{6a0c272b-67e5-4617-9812-522d12a42d7a}Gw.sys [43152 2014-11-13] (StdLib) R1 {6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gw; C:\Windows\System32\drivers\{6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gw.sys [43152 2014-12-03] (StdLib) R1 {8487bb52-d98a-4eb5-8021-7bbe5e7c77fa}Gw; C:\Windows\System32\drivers\{8487bb52-d98a-4eb5-8021-7bbe5e7c77fa}Gw.sys [43152 2014-12-22] (StdLib) R1 {87f4d932-be1a-480c-8b97-5033a67ee4c1}Gw; C:\Windows\System32\drivers\{87f4d932-be1a-480c-8b97-5033a67ee4c1}Gw.sys [43152 2014-10-26] (StdLib) R1 {8d35dc51-e34f-45f9-a5e9-12adcf68b9cf}Gw; C:\Windows\System32\drivers\{8d35dc51-e34f-45f9-a5e9-12adcf68b9cf}Gw.sys [43152 2014-12-15] (StdLib) R1 {8fb0ee44-98bd-48ec-86e2-0ac074f71e94}Gw; C:\Windows\System32\drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}Gw.sys [43152 2015-01-02] (StdLib) R1 {8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w; C:\Windows\System32\drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w.sys [43152 2015-02-10] (StdLib) R1 {9204efc4-f9ec-44e9-b066-c15603fbbf67}Gw; C:\Windows\System32\drivers\{9204efc4-f9ec-44e9-b066-c15603fbbf67}Gw.sys [43152 2014-11-29] (StdLib) R1 {978113af-a056-42ab-90c7-cedc7e260032}Gw; C:\Windows\System32\drivers\{978113af-a056-42ab-90c7-cedc7e260032}Gw.sys [43152 2014-11-28] (StdLib) R1 {a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}Gw; C:\Windows\System32\drivers\{a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}Gw.sys [43152 2014-11-10] (StdLib) R1 {adad4b97-f09c-4f47-8b1f-110ffefff654}Gw; C:\Windows\System32\drivers\{adad4b97-f09c-4f47-8b1f-110ffefff654}Gw.sys [43152 2014-12-30] (StdLib) R1 {afe6f281-b7d2-4094-95fe-2c136afd91f7}Gw; C:\Windows\System32\drivers\{afe6f281-b7d2-4094-95fe-2c136afd91f7}Gw.sys [43152 2014-12-27] (StdLib) R1 {bb4259be-1910-4ae0-ab31-9666aeec23b3}Gw; C:\Windows\System32\drivers\{bb4259be-1910-4ae0-ab31-9666aeec23b3}Gw.sys [43152 2014-11-19] (StdLib) R1 {c04971d6-6545-4dc6-95bf-c64628b21a3c}Gw; C:\Windows\System32\drivers\{c04971d6-6545-4dc6-95bf-c64628b21a3c}Gw.sys [43152 2014-11-26] (StdLib) R1 {c27c4c9f-d8e0-4437-b7df-77bb323af19c}Gw; C:\Windows\System32\drivers\{c27c4c9f-d8e0-4437-b7df-77bb323af19c}Gw.sys [43152 2014-11-01] (StdLib) R1 {ce0cf332-28d5-4271-a744-1eb0f7704cf4}Gw; C:\Windows\System32\drivers\{ce0cf332-28d5-4271-a744-1eb0f7704cf4}Gw.sys [43152 2014-11-25] (StdLib) R1 {d29c8a99-d5b4-482a-9eb3-19e193818bd7}Gw; C:\Windows\System32\drivers\{d29c8a99-d5b4-482a-9eb3-19e193818bd7}Gw.sys [43152 2014-10-23] (StdLib) R1 {fdbe12d5-de24-4ed7-9b9a-2c57ab531af3}Gw; C:\Windows\System32\drivers\{fdbe12d5-de24-4ed7-9b9a-2c57ab531af3}Gw.sys [43152 2014-12-24] (StdLib) S1 iSafeKrnlMon; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [X] S3 SmbDrv; system32\DRIVERS\Smb_driver.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-20 23:52 - 2015-02-20 23:55 - 00020713 _____ () C:\Users\Acer\Desktop\FRST.txt 2015-02-20 23:51 - 2015-02-20 23:53 - 00000000 ____D () C:\FRST 2015-02-20 23:48 - 2015-02-20 23:49 - 01126400 _____ (Farbar) C:\Users\Acer\Downloads\FRST (1).exe 2015-02-20 23:45 - 2015-02-20 23:45 - 01126400 _____ (Farbar) C:\Users\Acer\Desktop\FRST.exe 2015-02-20 23:09 - 2015-02-20 23:09 - 00000000 __SHD () C:\Users\Acer\AppData\Local\EmieBrowserModeList 2015-02-20 23:09 - 2015-02-20 23:09 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\SmileysWeLove 2015-02-20 23:08 - 2015-02-20 23:16 - 00001150 _____ () C:\Users\Acer\Desktop\Live PC Help.lnk 2015-02-11 16:53 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-11 16:53 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-11 16:53 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-11 16:53 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-11 16:53 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-11 16:53 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-11 16:53 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-11 16:53 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-11 16:53 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-11 16:53 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-11 16:53 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-11 16:53 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-11 16:53 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-11 16:52 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-02-11 16:52 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 16:51 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-11 16:51 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-02-11 16:51 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2015-02-11 16:50 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-02-11 16:50 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-02-11 16:50 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-11 16:50 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-02-11 16:50 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-02-11 16:50 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-02-11 16:50 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-02-11 16:49 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-11 16:49 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-11 16:49 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-11 16:49 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-02-11 16:49 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-11 16:49 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-11 16:49 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-02-11 16:49 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-11 16:49 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-11 16:49 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-11 16:49 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-11 16:49 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-11 16:49 - 2015-01-12 02:55 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-02-11 16:49 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-11 16:49 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-02-11 16:49 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-11 16:49 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-11 16:49 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-11 16:49 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-11 16:49 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-11 16:49 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-11 16:49 - 2015-01-12 02:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-11 16:49 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-11 16:49 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-11 16:49 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-11 16:49 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-02-11 16:49 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-11 16:49 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-11 16:49 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-11 16:49 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-11 16:48 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-11 16:48 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-02-11 16:47 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 16:47 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-11 16:13 - 2015-02-10 21:30 - 00043152 _____ (StdLib) C:\Windows\system32\Drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w.sys 2015-02-11 16:09 - 2015-02-11 16:09 - 00000000 _____ () C:\Users\Acer\AppData\Local\{1CBA6AEB-C573-42C0-BF87-C948A154D770} 2015-01-28 14:19 - 2015-01-28 14:19 - 01296064 _____ () C:\Users\Acer\Downloads\Player Setup.exe 2015-01-28 14:19 - 2015-01-28 14:19 - 00585608 _____ () C:\Users\Acer\Downloads\Непотврђено 975410.crdownload 2015-01-28 14:19 - 2015-01-28 14:19 - 00585608 _____ () C:\Users\Acer\Downloads\Непотврђено 485347.crdownload 2015-01-28 14:19 - 2015-01-28 14:19 - 00585600 _____ () C:\Users\Acer\Downloads\Непотврђено 74329.crdownload ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-20 23:54 - 2012-10-19 15:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-20 23:53 - 2012-10-19 20:14 - 01366392 _____ () C:\Windows\WindowsUpdate.log 2015-02-20 23:48 - 2009-07-14 05:34 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-20 23:48 - 2009-07-14 05:34 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-20 23:47 - 2009-07-14 03:04 - 00000505 _____ () C:\Windows\win.ini 2015-02-20 23:46 - 2014-10-23 18:11 - 00000000 ____D () C:\Program Files\Rad Rater 2015-02-20 23:40 - 2014-10-28 17:57 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-20 23:40 - 2014-10-23 18:13 - 00002422 _____ () C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5_user.job 2015-02-20 23:40 - 2014-10-23 18:13 - 00002422 _____ () C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5.job 2015-02-20 23:40 - 2014-10-23 18:13 - 00002086 _____ () C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-2.job 2015-02-20 23:40 - 2014-10-23 18:13 - 00001400 _____ () C:\Windows\Tasks\3d6b9e00-200e-4d6d-ad00-f2f88495bb07.job 2015-02-20 23:40 - 2014-10-23 18:12 - 00004816 _____ () C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-11.job 2015-02-20 23:40 - 2014-10-23 18:12 - 00004134 _____ () C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-4.job 2015-02-20 23:40 - 2014-10-23 18:12 - 00004134 _____ () C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-3.job 2015-02-20 23:40 - 2014-10-23 18:12 - 00003096 _____ () C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-1.job 2015-02-20 23:40 - 2014-10-23 18:12 - 00000926 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2015-02-20 23:40 - 2014-10-23 18:12 - 00000614 _____ () C:\Windows\Tasks\51e8f886-20f2-4ea8-ab93-290865445edd.job 2015-02-20 23:39 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-20 23:39 - 2009-07-14 05:39 - 00116241 _____ () C:\Windows\setupact.log 2015-02-20 23:33 - 2014-10-28 17:57 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-20 23:30 - 2014-10-28 17:58 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-02-20 23:30 - 2013-10-23 16:53 - 00000000 ____D () C:\Program Files\SqueakyChocolate 2015-02-20 23:30 - 2012-10-19 15:45 - 00098684 _____ () C:\Windows\PFRO.log 2015-02-20 23:28 - 2014-12-25 04:35 - 00000000 ____D () C:\Program Files\WinZipper 2015-02-20 23:19 - 2012-10-19 20:16 - 00001417 _____ () C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-02-20 23:19 - 2012-10-19 15:13 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-02-20 23:19 - 2012-10-19 15:13 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-02-20 23:16 - 2014-10-23 18:13 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\systweak 2015-02-20 23:10 - 2013-06-16 15:50 - 00000000 ____D () C:\Program Files\MyPC Backup 2015-02-20 23:09 - 2013-10-23 16:53 - 00000000 ____D () C:\Users\Acer\Documents\Add-in Express 2015-02-20 22:19 - 2014-10-23 18:12 - 00000930 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2015-02-13 22:56 - 2014-10-28 08:16 - 00000000 ____D () C:\ProgramData\44fa52db-e405-4860-9675-591a035762d0 2015-02-13 16:22 - 2009-07-14 05:33 - 00273816 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-13 16:04 - 2013-07-16 06:02 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-13 15:58 - 2012-11-11 11:24 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-13 15:56 - 2013-06-06 21:09 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-05 16:14 - 2012-10-19 15:14 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-02-05 16:14 - 2012-10-19 15:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2014-10-23 18:12 - 2014-10-23 18:12 - 1515440 _____ (HDTubeV23.10) C:\Users\Acer\AppData\Roaming\BEHLJWX.exe 2014-10-23 18:12 - 2014-10-23 18:12 - 2009520 _____ (HDTubeV23.10) C:\Users\Acer\AppData\Roaming\ESWP.exe 2015-02-11 16:09 - 2015-02-11 16:09 - 0000000 _____ () C:\Users\Acer\AppData\Local\{1CBA6AEB-C573-42C0-BF87-C948A154D770} Some content of TEMP: ==================== C:\Users\Acer\AppData\Local\Temp\nsfD14B.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-20 22:59 ==================== End Of Log ============================ Addition.txt: https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 21 Feb 2015 00:54 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! AdwareCity je ovaj sistem. Kako završiš korak, postavi odmah izvještaje ako se traže pa pređi na naredni korak. Korak 1 Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe: HDtubeV1.6V23.10 PC Speed Maximizer v3.1 Rad Rater Vittalia Installer Korak 2 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. Start CloseProcesses: GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=141.....K3672K3672 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts.....672&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=141.....K3672K3672 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts.....672&q={searchTerms} HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=.....672&q={searchTerms} HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=141.....K3672K3672 HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=141.....K3672K3672 HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=.....672&q={searchTerms} SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts.....672&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts.....672&q={searchTerms} SearchScopes: HKU\S-1-5-21-1766882359-2938042193-1318993286-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKU\S-1-5-21-1766882359-2938042193-1318993286-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=.....672&q={searchTerms} BHO: HDtubeV1.6V23.10 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files\HDtubeV1.6V23.10\HDtubeV1.6V23.10-bho.dll (HDTubeV23.10) BHO: Rad Rater 1.0.0.7 -> {316cdecf-3a39-4fac-b224-29059a0fe5a7} -> C:\Program Files\Rad Rater\RadRaterBHO.dll (Rad Rater) BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited) FF DefaultSearchEngine: V9 FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431400&CUI=UN28848748972415811&UM=1&SearchSource=3&q={searchTerms} FF SearchEngineOrder.1: V9 FF SelectedSearchEngine: V9 FF Homepage: hxxp://www.delta-homes.com/?type=hp&ts=1419478465&from=wpm12233&uid=WDCXWD5000LPVT-22G33T0_WD-WX51C42K3672K3672 FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF SearchPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\searchplugins\conduit-search.xml FF SearchPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\searchplugins\conduit.xml FF SearchPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\searchplugins\V9.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml FF Extension: HDtubeV1.6V23.10 - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com [2014-10-23] FF Extension: Security Protection - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\detgdp@gmail.com [2014-12-25] FF Extension: Fast Start - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\faststartff@gmail.com [2014-10-23] FF Extension: MB2 - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\{013a635f-e3aa-4371-b682-ece95ca974b0} [2014-11-22] FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi [2013-10-23] FF Extension: Rad Rater 1.0.1 - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\{c04971d6-6545-4dc6-95bf-c64628b21a3c}.xpi [2014-11-28] FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2014-04-29] FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\extensions\faststartff@gmail.com FF HKLM\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\extensions\detgdp@gmail.com CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1419478465&from=wpm12233&uid=WDCXWD5000LPVT-22G33T0_WD-WX51C42K3672K3672 CHR Extension: (Rad Rater) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\johcggolpkjohobcnommihggcnjfmkbm [2014-10-28] CHR Extension: (HDtubeV1.6V23.10) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb [2014-10-28] CHR Extension: (Security Protection) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2014-12-25] CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-25] S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-23] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-23] (globalUpdate) [File not signed] R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-10-23] (Cherished Technololgy LIMITED) R2 MaintainerSvc3.37.8493095; C:\ProgramData\44fa52db-e405-4860-9675-591a035762d0\maintainer.exe [123632 2015-02-13] () R2 Update Rad Rater; C:\Program Files\Rad Rater\updateRadRater.exe [391920 2015-02-13] () R2 Util Rad Rater; C:\Program Files\Rad Rater\bin\utilRadRater.exe [392944 2015-02-20] () R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [472064 2014-12-24] (Fuyu LIMITED) [File not signed] R1 {0611db87-b802-446c-82a4-36c028073cf2}Gw; C:\Windows\System32\drivers\{0611db87-b802-446c-82a4-36c028073cf2}Gw.sys [43152 2014-12-06] (StdLib) R1 {13ce5bca-e225-4612-825a-04ae7e1fd372}Gw; C:\Windows\System32\drivers\{13ce5bca-e225-4612-825a-04ae7e1fd372}Gw.sys [43152 2014-11-04] (StdLib) R1 {22f5efb2-cf2a-4b33-ba26-a786dcd5306a}Gw; C:\Windows\System32\drivers\{22f5efb2-cf2a-4b33-ba26-a786dcd5306a}Gw.sys [43152 2014-10-28] (StdLib) R1 {3f068af7-4402-4c2d-86c8-012e5b369fd2}Gw; C:\Windows\System32\drivers\{3f068af7-4402-4c2d-86c8-012e5b369fd2}Gw.sys [43152 2014-11-30] (StdLib) R1 {3fb64001-af43-4182-bfc8-11e1fee2385f}Gw; C:\Windows\System32\drivers\{3fb64001-af43-4182-bfc8-11e1fee2385f}Gw.sys [43152 2014-12-09] (StdLib) R1 {578b4215-f29d-44b8-9b3f-ddf8690c8780}Gw; C:\Windows\System32\drivers\{578b4215-f29d-44b8-9b3f-ddf8690c8780}Gw.sys [43152 2014-11-22] (StdLib) R1 {593f3d97-fd2a-49c8-8b7a-7193417ea943}Gw; C:\Windows\System32\drivers\{593f3d97-fd2a-49c8-8b7a-7193417ea943}Gw.sys [43152 2014-11-06] (StdLib) R1 {5a5c6be1-6c0e-4678-ac1b-c5c536cf202b}Gw; C:\Windows\System32\drivers\{5a5c6be1-6c0e-4678-ac1b-c5c536cf202b}Gw.sys [43152 2014-12-13] (StdLib) R1 {62b23f4d-1a77-4dc0-a311-9d8c70e16633}Gw; C:\Windows\System32\drivers\{62b23f4d-1a77-4dc0-a311-9d8c70e16633}Gw.sys [43152 2014-11-16] (StdLib) R1 {62c63501-9106-4925-bed0-c5a002ccbe86}Gw; C:\Windows\System32\drivers\{62c63501-9106-4925-bed0-c5a002ccbe86}Gw.sys [43152 2014-12-18] (StdLib) R1 {6a0c272b-67e5-4617-9812-522d12a42d7a}Gw; C:\Windows\System32\drivers\{6a0c272b-67e5-4617-9812-522d12a42d7a}Gw.sys [43152 2014-11-13] (StdLib) R1 {6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gw; C:\Windows\System32\drivers\{6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gw.sys [43152 2014-12-03] (StdLib) R1 {8487bb52-d98a-4eb5-8021-7bbe5e7c77fa}Gw; C:\Windows\System32\drivers\{8487bb52-d98a-4eb5-8021-7bbe5e7c77fa}Gw.sys [43152 2014-12-22] (StdLib) R1 {87f4d932-be1a-480c-8b97-5033a67ee4c1}Gw; C:\Windows\System32\drivers\{87f4d932-be1a-480c-8b97-5033a67ee4c1}Gw.sys [43152 2014-10-26] (StdLib) R1 {8d35dc51-e34f-45f9-a5e9-12adcf68b9cf}Gw; C:\Windows\System32\drivers\{8d35dc51-e34f-45f9-a5e9-12adcf68b9cf}Gw.sys [43152 2014-12-15] (StdLib) R1 {8fb0ee44-98bd-48ec-86e2-0ac074f71e94}Gw; C:\Windows\System32\drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}Gw.sys [43152 2015-01-02] (StdLib) R1 {8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w; C:\Windows\System32\drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w.sys [43152 2015-02-10] (StdLib) R1 {9204efc4-f9ec-44e9-b066-c15603fbbf67}Gw; C:\Windows\System32\drivers\{9204efc4-f9ec-44e9-b066-c15603fbbf67}Gw.sys [43152 2014-11-29] (StdLib) R1 {978113af-a056-42ab-90c7-cedc7e260032}Gw; C:\Windows\System32\drivers\{978113af-a056-42ab-90c7-cedc7e260032}Gw.sys [43152 2014-11-28] (StdLib) R1 {a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}Gw; C:\Windows\System32\drivers\{a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}Gw.sys [43152 2014-11-10] (StdLib) R1 {adad4b97-f09c-4f47-8b1f-110ffefff654}Gw; C:\Windows\System32\drivers\{adad4b97-f09c-4f47-8b1f-110ffefff654}Gw.sys [43152 2014-12-30] (StdLib) R1 {afe6f281-b7d2-4094-95fe-2c136afd91f7}Gw; C:\Windows\System32\drivers\{afe6f281-b7d2-4094-95fe-2c136afd91f7}Gw.sys [43152 2014-12-27] (StdLib) R1 {bb4259be-1910-4ae0-ab31-9666aeec23b3}Gw; C:\Windows\System32\drivers\{bb4259be-1910-4ae0-ab31-9666aeec23b3}Gw.sys [43152 2014-11-19] (StdLib) R1 {c04971d6-6545-4dc6-95bf-c64628b21a3c}Gw; C:\Windows\System32\drivers\{c04971d6-6545-4dc6-95bf-c64628b21a3c}Gw.sys [43152 2014-11-26] (StdLib) R1 {c27c4c9f-d8e0-4437-b7df-77bb323af19c}Gw; C:\Windows\System32\drivers\{c27c4c9f-d8e0-4437-b7df-77bb323af19c}Gw.sys [43152 2014-11-01] (StdLib) R1 {ce0cf332-28d5-4271-a744-1eb0f7704cf4}Gw; C:\Windows\System32\drivers\{ce0cf332-28d5-4271-a744-1eb0f7704cf4}Gw.sys [43152 2014-11-25] (StdLib) R1 {d29c8a99-d5b4-482a-9eb3-19e193818bd7}Gw; C:\Windows\System32\drivers\{d29c8a99-d5b4-482a-9eb3-19e193818bd7}Gw.sys [43152 2014-10-23] (StdLib) R1 {fdbe12d5-de24-4ed7-9b9a-2c57ab531af3}Gw; C:\Windows\System32\drivers\{fdbe12d5-de24-4ed7-9b9a-2c57ab531af3}Gw.sys [43152 2014-12-24] (StdLib) S1 iSafeKrnlMon; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [X] Task: {203BE8D4-E1D8-44A9-9A88-A2B63BC5FBF6} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5_user => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-5.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {22C190FC-B4CB-4564-BE90-24A1281C78D9} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-2 => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-2.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {264DAECF-EFA6-470A-A3CA-3E0634CEDD35} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-3 => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-3.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {729B1A40-28E0-40BD-A7C8-537B7D72954F} - System32\Tasks\51e8f886-20f2-4ea8-ab93-290865445edd => C:\Program Files\HDtubeV1.6V23.10\51e8f886-20f2-4ea8-ab93-290865445edd.exe [2014-10-23] () <==== ATTENTION Task: {76BBEC78-4473-49D7-8A57-FB7270661F20} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-4 => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-4.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {7FFBD45F-B131-4068-9484-06DE453AA525} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-10-23] (globalUpdate) <==== ATTENTION Task: {835D15D5-CADC-40D9-A148-E9521B5C01FF} - System32\Tasks\3d6b9e00-200e-4d6d-ad00-f2f88495bb07 => C:\Program Files\HDtubeV1.6V23.10\3d6b9e00-200e-4d6d-ad00-f2f88495bb07.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {928CED6C-DFFF-4C62-8F8E-8933D7C06596} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {D1562D22-51F4-460A-B488-FDF251EFC84E} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-10-23] (globalUpdate) <==== ATTENTION Task: {E1853CA4-8454-4C9A-A20F-7BB6312D5FA2} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-11 => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-11.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {E8A450FC-7073-4E11-A049-E3009F408906} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5 => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-5.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {EAA99346-234F-4783-BA7C-7E51AE575E79} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-1 => C:\Program Files\HDtubeV1.6V23.10\HDtubeV1.6V23.10-codedownloader.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-1.job => C:\Program Files\HDtubeV1.6V23.10\HDtubeV1.6V23.10-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-11.job => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-11.exe <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-2.job => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-2.exe <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-3.job => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-3.exe <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-4.job => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-4.exe <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5.job => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-5.exe <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5_user.job => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-5.exe <==== ATTENTION Task: C:\Windows\Tasks\3d6b9e00-200e-4d6d-ad00-f2f88495bb07.job => C:\Program Files\HDtubeV1.6V23.10\3d6b9e00-200e-4d6d-ad00-f2f88495bb07.exe <==== ATTENTION Task: C:\Windows\Tasks\51e8f886-20f2-4ea8-ab93-290865445edd.job => C:\Program Files\HDtubeV1.6V23.10\51e8f886-20f2-4ea8-ab93-290865445edd.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION AlternateDataStreams: C:\Users\Acer\Downloads\No Subject (1).eml:OECustomProperty AlternateDataStreams: C:\Users\Acer\Downloads\No Subject.eml:OECustomProperty cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Speed Maximizer" /f C:\Program Files\SupTab C:\Program Files\HDtubeV1.6V23.10 C:\ProgramData\44fa52db-e405-4860-9675-591a035762d0 C:\Program Files\Rad Rater C:\Program Files\globalUpdate C:\ProgramData\IePluginServices C:\ProgramData\WindowsMangerProtect C:\Program Files\Elex-tech C:\Windows\System32\drivers\{0611db87-b802-446c-82a4-36c028073cf2}Gw.sys C:\Windows\System32\drivers\{13ce5bca-e225-4612-825a-04ae7e1fd372}Gw.sys C:\Windows\System32\drivers\{22f5efb2-cf2a-4b33-ba26-a786dcd5306a}Gw.sys C:\Windows\System32\drivers\{3f068af7-4402-4c2d-86c8-012e5b369fd2}Gw.sys C:\Windows\System32\drivers\{3fb64001-af43-4182-bfc8-11e1fee2385f}Gw.sys C:\Windows\System32\drivers\{578b4215-f29d-44b8-9b3f-ddf8690c8780}Gw.sys C:\Windows\System32\drivers\{593f3d97-fd2a-49c8-8b7a-7193417ea943}Gw.sys C:\Windows\System32\drivers\{5a5c6be1-6c0e-4678-ac1b-c5c536cf202b}Gw.sys C:\Windows\System32\drivers\{62b23f4d-1a77-4dc0-a311-9d8c70e16633}Gw.sys C:\Windows\System32\drivers\{62c63501-9106-4925-bed0-c5a002ccbe86}Gw.sys C:\Windows\System32\drivers\{6a0c272b-67e5-4617-9812-522d12a42d7a}Gw.sys C:\Windows\System32\drivers\{6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gw.sys C:\Windows\System32\drivers\{8487bb52-d98a-4eb5-8021-7bbe5e7c77fa}Gw.sys C:\Windows\System32\drivers\{87f4d932-be1a-480c-8b97-5033a67ee4c1}Gw.sys C:\Windows\System32\drivers\{8d35dc51-e34f-45f9-a5e9-12adcf68b9cf}Gw.sys C:\Windows\System32\drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}Gw.sys C:\Windows\System32\drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w.sys C:\Windows\System32\drivers\{9204efc4-f9ec-44e9-b066-c15603fbbf67}Gw.sys C:\Windows\System32\drivers\{978113af-a056-42ab-90c7-cedc7e260032}Gw.sys C:\Windows\System32\drivers\{a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}Gw.sys C:\Windows\System32\drivers\{adad4b97-f09c-4f47-8b1f-110ffefff654}Gw.sys C:\Windows\System32\drivers\{afe6f281-b7d2-4094-95fe-2c136afd91f7}Gw.sys C:\Windows\System32\drivers\{bb4259be-1910-4ae0-ab31-9666aeec23b3}Gw.sys C:\Windows\System32\drivers\{c04971d6-6545-4dc6-95bf-c64628b21a3c}Gw.sys C:\Windows\System32\drivers\{c27c4c9f-d8e0-4437-b7df-77bb323af19c}Gw.sys C:\Windows\System32\drivers\{ce0cf332-28d5-4271-a744-1eb0f7704cf4}Gw.sys C:\Windows\System32\drivers\{d29c8a99-d5b4-482a-9eb3-19e193818bd7}Gw.sys C:\Windows\System32\drivers\{fdbe12d5-de24-4ed7-9b9a-2c57ab531af3}Gw.sys C:\Users\Acer\AppData\Roaming\SmileysWeLove C:\Windows\system32\Drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w.sys C:\Program Files\SqueakyChocolate C:\Program Files\WinZipper C:\Program Files\MyPC Backup C:\Program Files\SqueakyChocolate C:\Users\Acer\AppData\Roaming\BEHLJWX.exe C:\Users\Acer\AppData\Roaming\ESWP.exe C:\Users\Acer\AppData\Local\{1CBA6AEB-C573-42C0-BF87-C948A154D770} C:\Program Files\PC Speed Maximizer EmptyTemp: End U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Korak 3 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. u EULA prozoru klikni na I agree. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Clean i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl" Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt Korak 4 Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: `process; startupall; drivers-services-list; skipfix-iedefaults; firefoxlook; chromelook; filesrcm;` Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku.

Profil

vasa.93 Poslao: 21 Feb 2015 10:14 Idi na vrh
offline vasa.93 Moderator foruma Milan Pridružio: 17 Dec 2007 Poruke: 14824 Gde živiš: Niš	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 21 Feb 2015 9:12 Fixlog.txt: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 18-02-2015 01 Ran by Acer at 2015-02-21 09:01:51 Run:1 Running from C:\Users\Acer\Desktop Loaded Profiles: Acer (Available profiles: Acer) Boot Mode: Normal ============================================== Content of fixlist: *************** Start CloseProcesses: GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=141.....K3672K3672 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts.....672&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=141.....K3672K3672 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts.....672&q={searchTerms} HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=.....672&q={searchTerms} HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=141.....K3672K3672 HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=141.....K3672K3672 HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=.....672&q={searchTerms} SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts.....672&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts.....672&q={searchTerms} SearchScopes: HKU\S-1-5-21-1766882359-2938042193-1318993286-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKU\S-1-5-21-1766882359-2938042193-1318993286-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=.....672&q={searchTerms} BHO: HDtubeV1.6V23.10 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files\HDtubeV1.6V23.10\HDtubeV1.6V23.10-bho.dll (HDTubeV23.10) BHO: Rad Rater 1.0.0.7 -> {316cdecf-3a39-4fac-b224-29059a0fe5a7} -> C:\Program Files\Rad Rater\RadRaterBHO.dll (Rad Rater) BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited) FF DefaultSearchEngine: V9 FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431400&CUI=UN28848748972415811&UM=1&SearchSource=3&q={searchTerms} FF SearchEngineOrder.1: V9 FF SelectedSearchEngine: V9 FF Homepage: hxxp://www.delta-homes.com/?type=hp&ts=1419478465&from=wpm12233&uid=WDCXWD5000LPVT-22G33T0_WD-WX51C42K3672K3672 FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF SearchPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\searchplugins\conduit-search.xml FF SearchPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\searchplugins\conduit.xml FF SearchPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\searchplugins\V9.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml FF Extension: HDtubeV1.6V23.10 - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com [2014-10-23] FF Extension: Security Protection - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\detgdp@gmail.com [2014-12-25] FF Extension: Fast Start - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\faststartff@gmail.com [2014-10-23] FF Extension: MB2 - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\{013a635f-e3aa-4371-b682-ece95ca974b0} [2014-11-22] FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi [2013-10-23] FF Extension: Rad Rater 1.0.1 - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\{c04971d6-6545-4dc6-95bf-c64628b21a3c}.xpi [2014-11-28] FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2014-04-29] FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\extensions\faststartff@gmail.com FF HKLM\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\extensions\detgdp@gmail.com CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1419478465&from=wpm12233&uid=WDCXWD5000LPVT-22G33T0_WD-WX51C42K3672K3672 CHR Extension: (Rad Rater) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\johcggolpkjohobcnommihggcnjfmkbm [2014-10-28] CHR Extension: (HDtubeV1.6V23.10) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb [2014-10-28] CHR Extension: (Security Protection) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2014-12-25] CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-25] S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-23] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-23] (globalUpdate) [File not signed] R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-10-23] (Cherished Technololgy LIMITED) R2 MaintainerSvc3.37.8493095; C:\ProgramData\44fa52db-e405-4860-9675-591a035762d0\maintainer.exe [123632 2015-02-13] () R2 Update Rad Rater; C:\Program Files\Rad Rater\updateRadRater.exe [391920 2015-02-13] () R2 Util Rad Rater; C:\Program Files\Rad Rater\bin\utilRadRater.exe [392944 2015-02-20] () R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [472064 2014-12-24] (Fuyu LIMITED) [File not signed] R1 {0611db87-b802-446c-82a4-36c028073cf2}Gw; C:\Windows\System32\drivers\{0611db87-b802-446c-82a4-36c028073cf2}Gw.sys [43152 2014-12-06] (StdLib) R1 {13ce5bca-e225-4612-825a-04ae7e1fd372}Gw; C:\Windows\System32\drivers\{13ce5bca-e225-4612-825a-04ae7e1fd372}Gw.sys [43152 2014-11-04] (StdLib) R1 {22f5efb2-cf2a-4b33-ba26-a786dcd5306a}Gw; C:\Windows\System32\drivers\{22f5efb2-cf2a-4b33-ba26-a786dcd5306a}Gw.sys [43152 2014-10-28] (StdLib) R1 {3f068af7-4402-4c2d-86c8-012e5b369fd2}Gw; C:\Windows\System32\drivers\{3f068af7-4402-4c2d-86c8-012e5b369fd2}Gw.sys [43152 2014-11-30] (StdLib) R1 {3fb64001-af43-4182-bfc8-11e1fee2385f}Gw; C:\Windows\System32\drivers\{3fb64001-af43-4182-bfc8-11e1fee2385f}Gw.sys [43152 2014-12-09] (StdLib) R1 {578b4215-f29d-44b8-9b3f-ddf8690c8780}Gw; C:\Windows\System32\drivers\{578b4215-f29d-44b8-9b3f-ddf8690c8780}Gw.sys [43152 2014-11-22] (StdLib) R1 {593f3d97-fd2a-49c8-8b7a-7193417ea943}Gw; C:\Windows\System32\drivers\{593f3d97-fd2a-49c8-8b7a-7193417ea943}Gw.sys [43152 2014-11-06] (StdLib) R1 {5a5c6be1-6c0e-4678-ac1b-c5c536cf202b}Gw; C:\Windows\System32\drivers\{5a5c6be1-6c0e-4678-ac1b-c5c536cf202b}Gw.sys [43152 2014-12-13] (StdLib) R1 {62b23f4d-1a77-4dc0-a311-9d8c70e16633}Gw; C:\Windows\System32\drivers\{62b23f4d-1a77-4dc0-a311-9d8c70e16633}Gw.sys [43152 2014-11-16] (StdLib) R1 {62c63501-9106-4925-bed0-c5a002ccbe86}Gw; C:\Windows\System32\drivers\{62c63501-9106-4925-bed0-c5a002ccbe86}Gw.sys [43152 2014-12-18] (StdLib) R1 {6a0c272b-67e5-4617-9812-522d12a42d7a}Gw; C:\Windows\System32\drivers\{6a0c272b-67e5-4617-9812-522d12a42d7a}Gw.sys [43152 2014-11-13] (StdLib) R1 {6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gw; C:\Windows\System32\drivers\{6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gw.sys [43152 2014-12-03] (StdLib) R1 {8487bb52-d98a-4eb5-8021-7bbe5e7c77fa}Gw; C:\Windows\System32\drivers\{8487bb52-d98a-4eb5-8021-7bbe5e7c77fa}Gw.sys [43152 2014-12-22] (StdLib) R1 {87f4d932-be1a-480c-8b97-5033a67ee4c1}Gw; C:\Windows\System32\drivers\{87f4d932-be1a-480c-8b97-5033a67ee4c1}Gw.sys [43152 2014-10-26] (StdLib) R1 {8d35dc51-e34f-45f9-a5e9-12adcf68b9cf}Gw; C:\Windows\System32\drivers\{8d35dc51-e34f-45f9-a5e9-12adcf68b9cf}Gw.sys [43152 2014-12-15] (StdLib) R1 {8fb0ee44-98bd-48ec-86e2-0ac074f71e94}Gw; C:\Windows\System32\drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}Gw.sys [43152 2015-01-02] (StdLib) R1 {8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w; C:\Windows\System32\drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w.sys [43152 2015-02-10] (StdLib) R1 {9204efc4-f9ec-44e9-b066-c15603fbbf67}Gw; C:\Windows\System32\drivers\{9204efc4-f9ec-44e9-b066-c15603fbbf67}Gw.sys [43152 2014-11-29] (StdLib) R1 {978113af-a056-42ab-90c7-cedc7e260032}Gw; C:\Windows\System32\drivers\{978113af-a056-42ab-90c7-cedc7e260032}Gw.sys [43152 2014-11-28] (StdLib) R1 {a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}Gw; C:\Windows\System32\drivers\{a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}Gw.sys [43152 2014-11-10] (StdLib) R1 {adad4b97-f09c-4f47-8b1f-110ffefff654}Gw; C:\Windows\System32\drivers\{adad4b97-f09c-4f47-8b1f-110ffefff654}Gw.sys [43152 2014-12-30] (StdLib) R1 {afe6f281-b7d2-4094-95fe-2c136afd91f7}Gw; C:\Windows\System32\drivers\{afe6f281-b7d2-4094-95fe-2c136afd91f7}Gw.sys [43152 2014-12-27] (StdLib) R1 {bb4259be-1910-4ae0-ab31-9666aeec23b3}Gw; C:\Windows\System32\drivers\{bb4259be-1910-4ae0-ab31-9666aeec23b3}Gw.sys [43152 2014-11-19] (StdLib) R1 {c04971d6-6545-4dc6-95bf-c64628b21a3c}Gw; C:\Windows\System32\drivers\{c04971d6-6545-4dc6-95bf-c64628b21a3c}Gw.sys [43152 2014-11-26] (StdLib) R1 {c27c4c9f-d8e0-4437-b7df-77bb323af19c}Gw; C:\Windows\System32\drivers\{c27c4c9f-d8e0-4437-b7df-77bb323af19c}Gw.sys [43152 2014-11-01] (StdLib) R1 {ce0cf332-28d5-4271-a744-1eb0f7704cf4}Gw; C:\Windows\System32\drivers\{ce0cf332-28d5-4271-a744-1eb0f7704cf4}Gw.sys [43152 2014-11-25] (StdLib) R1 {d29c8a99-d5b4-482a-9eb3-19e193818bd7}Gw; C:\Windows\System32\drivers\{d29c8a99-d5b4-482a-9eb3-19e193818bd7}Gw.sys [43152 2014-10-23] (StdLib) R1 {fdbe12d5-de24-4ed7-9b9a-2c57ab531af3}Gw; C:\Windows\System32\drivers\{fdbe12d5-de24-4ed7-9b9a-2c57ab531af3}Gw.sys [43152 2014-12-24] (StdLib) S1 iSafeKrnlMon; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [X] Task: {203BE8D4-E1D8-44A9-9A88-A2B63BC5FBF6} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5_user => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-5.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {22C190FC-B4CB-4564-BE90-24A1281C78D9} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-2 => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-2.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {264DAECF-EFA6-470A-A3CA-3E0634CEDD35} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-3 => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-3.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {729B1A40-28E0-40BD-A7C8-537B7D72954F} - System32\Tasks\51e8f886-20f2-4ea8-ab93-290865445edd => C:\Program Files\HDtubeV1.6V23.10\51e8f886-20f2-4ea8-ab93-290865445edd.exe [2014-10-23] () <==== ATTENTION Task: {76BBEC78-4473-49D7-8A57-FB7270661F20} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-4 => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-4.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {7FFBD45F-B131-4068-9484-06DE453AA525} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-10-23] (globalUpdate) <==== ATTENTION Task: {835D15D5-CADC-40D9-A148-E9521B5C01FF} - System32\Tasks\3d6b9e00-200e-4d6d-ad00-f2f88495bb07 => C:\Program Files\HDtubeV1.6V23.10\3d6b9e00-200e-4d6d-ad00-f2f88495bb07.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {928CED6C-DFFF-4C62-8F8E-8933D7C06596} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {D1562D22-51F4-460A-B488-FDF251EFC84E} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-10-23] (globalUpdate) <==== ATTENTION Task: {E1853CA4-8454-4C9A-A20F-7BB6312D5FA2} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-11 => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-11.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {E8A450FC-7073-4E11-A049-E3009F408906} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5 => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-5.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: {EAA99346-234F-4783-BA7C-7E51AE575E79} - System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-1 => C:\Program Files\HDtubeV1.6V23.10\HDtubeV1.6V23.10-codedownloader.exe [2014-10-23] (HDTubeV23.10) <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-1.job => C:\Program Files\HDtubeV1.6V23.10\HDtubeV1.6V23.10-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-11.job => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-11.exe <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-2.job => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-2.exe <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-3.job => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-3.exe <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-4.job => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-4.exe <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5.job => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-5.exe <==== ATTENTION Task: C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5_user.job => C:\Program Files\HDtubeV1.6V23.10\035b5bf6-8efb-431b-9051-c449a45ce8b7-5.exe <==== ATTENTION Task: C:\Windows\Tasks\3d6b9e00-200e-4d6d-ad00-f2f88495bb07.job => C:\Program Files\HDtubeV1.6V23.10\3d6b9e00-200e-4d6d-ad00-f2f88495bb07.exe <==== ATTENTION Task: C:\Windows\Tasks\51e8f886-20f2-4ea8-ab93-290865445edd.job => C:\Program Files\HDtubeV1.6V23.10\51e8f886-20f2-4ea8-ab93-290865445edd.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION AlternateDataStreams: C:\Users\Acer\Downloads\No Subject (1).eml:OECustomProperty AlternateDataStreams: C:\Users\Acer\Downloads\No Subject.eml:OECustomProperty cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Speed Maximizer" /f C:\Program Files\SupTab C:\Program Files\HDtubeV1.6V23.10 C:\ProgramData\44fa52db-e405-4860-9675-591a035762d0 C:\Program Files\Rad Rater C:\Program Files\globalUpdate C:\ProgramData\IePluginServices C:\ProgramData\WindowsMangerProtect C:\Program Files\Elex-tech C:\Windows\System32\drivers\{0611db87-b802-446c-82a4-36c028073cf2}Gw.sys C:\Windows\System32\drivers\{13ce5bca-e225-4612-825a-04ae7e1fd372}Gw.sys C:\Windows\System32\drivers\{22f5efb2-cf2a-4b33-ba26-a786dcd5306a}Gw.sys C:\Windows\System32\drivers\{3f068af7-4402-4c2d-86c8-012e5b369fd2}Gw.sys C:\Windows\System32\drivers\{3fb64001-af43-4182-bfc8-11e1fee2385f}Gw.sys C:\Windows\System32\drivers\{578b4215-f29d-44b8-9b3f-ddf8690c8780}Gw.sys C:\Windows\System32\drivers\{593f3d97-fd2a-49c8-8b7a-7193417ea943}Gw.sys C:\Windows\System32\drivers\{5a5c6be1-6c0e-4678-ac1b-c5c536cf202b}Gw.sys C:\Windows\System32\drivers\{62b23f4d-1a77-4dc0-a311-9d8c70e16633}Gw.sys C:\Windows\System32\drivers\{62c63501-9106-4925-bed0-c5a002ccbe86}Gw.sys C:\Windows\System32\drivers\{6a0c272b-67e5-4617-9812-522d12a42d7a}Gw.sys C:\Windows\System32\drivers\{6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gw.sys C:\Windows\System32\drivers\{8487bb52-d98a-4eb5-8021-7bbe5e7c77fa}Gw.sys C:\Windows\System32\drivers\{87f4d932-be1a-480c-8b97-5033a67ee4c1}Gw.sys C:\Windows\System32\drivers\{8d35dc51-e34f-45f9-a5e9-12adcf68b9cf}Gw.sys C:\Windows\System32\drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}Gw.sys C:\Windows\System32\drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w.sys C:\Windows\System32\drivers\{9204efc4-f9ec-44e9-b066-c15603fbbf67}Gw.sys C:\Windows\System32\drivers\{978113af-a056-42ab-90c7-cedc7e260032}Gw.sys C:\Windows\System32\drivers\{a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}Gw.sys C:\Windows\System32\drivers\{adad4b97-f09c-4f47-8b1f-110ffefff654}Gw.sys C:\Windows\System32\drivers\{afe6f281-b7d2-4094-95fe-2c136afd91f7}Gw.sys C:\Windows\System32\drivers\{bb4259be-1910-4ae0-ab31-9666aeec23b3}Gw.sys C:\Windows\System32\drivers\{c04971d6-6545-4dc6-95bf-c64628b21a3c}Gw.sys C:\Windows\System32\drivers\{c27c4c9f-d8e0-4437-b7df-77bb323af19c}Gw.sys C:\Windows\System32\drivers\{ce0cf332-28d5-4271-a744-1eb0f7704cf4}Gw.sys C:\Windows\System32\drivers\{d29c8a99-d5b4-482a-9eb3-19e193818bd7}Gw.sys C:\Windows\System32\drivers\{fdbe12d5-de24-4ed7-9b9a-2c57ab531af3}Gw.sys C:\Users\Acer\AppData\Roaming\SmileysWeLove C:\Windows\system32\Drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w.sys C:\Program Files\SqueakyChocolate C:\Program Files\WinZipper C:\Program Files\MyPC Backup C:\Program Files\SqueakyChocolate C:\Users\Acer\AppData\Roaming\BEHLJWX.exe C:\Users\Acer\AppData\Roaming\ESWP.exe C:\Users\Acer\AppData\Local\{1CBA6AEB-C573-42C0-BF87-C948A154D770} C:\Program Files\PC Speed Maximizer EmptyTemp: End ************* Processes closed successfully. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully. HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. "HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => Key deleted successfully. HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found. "HKU\S-1-5-21-1766882359-2938042193-1318993286-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully. HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611321185} => Key not found. HKCR\CLSID\{11111111-1111-1111-1111-110611321185} => Key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{316cdecf-3a39-4fac-b224-29059a0fe5a7} => Key not found. HKCR\CLSID\{316cdecf-3a39-4fac-b224-29059a0fe5a7} => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}" => Key deleted successfully. "HKCR\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}" => Key deleted successfully. Firefox DefaultSearchEngine deleted successfully. Firefox DefaultSearchUrl deleted successfully. Firefox SearchEngineOrder.1 deleted successfully. Firefox SelectedSearchEngine deleted successfully. Firefox homepage deleted successfully. "HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10" => Key deleted successfully. C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll => Moved successfully. "HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4" => Key deleted successfully. C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll not found. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\searchplugins\conduit-search.xml => Moved successfully. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\searchplugins\conduit.xml => Moved successfully. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\searchplugins\V9.xml => Moved successfully. C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml => Moved successfully. C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml => Moved successfully. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com => Moved successfully. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\detgdp@gmail.com => Moved successfully. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\faststartff@gmail.com => Moved successfully. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\{013a635f-e3aa-4371-b682-ece95ca974b0} => Moved successfully. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi => Moved successfully. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\{c04971d6-6545-4dc6-95bf-c64628b21a3c}.xpi => Moved successfully. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi => Moved successfully. HKLM\Software\Mozilla\Firefox\Extensions\\faststartff@gmail.com => value deleted successfully. HKLM\Software\Mozilla\Firefox\Extensions\\detgdp@gmail.com => value deleted successfully. Chrome HomePage deleted successfully. C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\johcggolpkjohobcnommihggcnjfmkbm => Moved successfully. C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb directory not found. C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh => Moved successfully. "HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh" => Key deleted successfully. C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx => Moved successfully. globalUpdate => Service deleted successfully. globalUpdatem => Service deleted successfully. IePluginServices => Service deleted successfully. MaintainerSvc3.37.8493095 => Service deleted successfully. Update Rad Rater => Service not found. Util Rad Rater => Service not found. WindowsMangerProtect => Service deleted successfully. {0611db87-b802-446c-82a4-36c028073cf2}Gw => Service stopped successfully. {0611db87-b802-446c-82a4-36c028073cf2}Gw => Service deleted successfully. {13ce5bca-e225-4612-825a-04ae7e1fd372}Gw => Service stopped successfully. {13ce5bca-e225-4612-825a-04ae7e1fd372}Gw => Service deleted successfully. {22f5efb2-cf2a-4b33-ba26-a786dcd5306a}Gw => Service stopped successfully. {22f5efb2-cf2a-4b33-ba26-a786dcd5306a}Gw => Service deleted successfully. {3f068af7-4402-4c2d-86c8-012e5b369fd2}Gw => Service stopped successfully. {3f068af7-4402-4c2d-86c8-012e5b369fd2}Gw => Service deleted successfully. {3fb64001-af43-4182-bfc8-11e1fee2385f}Gw => Service stopped successfully. {3fb64001-af43-4182-bfc8-11e1fee2385f}Gw => Service deleted successfully. {578b4215-f29d-44b8-9b3f-ddf8690c8780}Gw => Service stopped successfully. {578b4215-f29d-44b8-9b3f-ddf8690c8780}Gw => Service deleted successfully. {593f3d97-fd2a-49c8-8b7a-7193417ea943}Gw => Service stopped successfully. {593f3d97-fd2a-49c8-8b7a-7193417ea943}Gw => Service deleted successfully. {5a5c6be1-6c0e-4678-ac1b-c5c536cf202b}Gw => Service stopped successfully. {5a5c6be1-6c0e-4678-ac1b-c5c536cf202b}Gw => Service deleted successfully. {62b23f4d-1a77-4dc0-a311-9d8c70e16633}Gw => Service stopped successfully. {62b23f4d-1a77-4dc0-a311-9d8c70e16633}Gw => Service deleted successfully. {62c63501-9106-4925-bed0-c5a002ccbe86}Gw => Service stopped successfully. {62c63501-9106-4925-bed0-c5a002ccbe86}Gw => Service deleted successfully. {6a0c272b-67e5-4617-9812-522d12a42d7a}Gw => Service stopped successfully. {6a0c272b-67e5-4617-9812-522d12a42d7a}Gw => Service deleted successfully. {6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gw => Service stopped successfully. {6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gw => Service deleted successfully. {8487bb52-d98a-4eb5-8021-7bbe5e7c77fa}Gw => Service stopped successfully. {8487bb52-d98a-4eb5-8021-7bbe5e7c77fa}Gw => Service deleted successfully. {87f4d932-be1a-480c-8b97-5033a67ee4c1}Gw => Service stopped successfully. {87f4d932-be1a-480c-8b97-5033a67ee4c1}Gw => Service deleted successfully. {8d35dc51-e34f-45f9-a5e9-12adcf68b9cf}Gw => Service stopped successfully. {8d35dc51-e34f-45f9-a5e9-12adcf68b9cf}Gw => Service deleted successfully. {8fb0ee44-98bd-48ec-86e2-0ac074f71e94}Gw => Service stopped successfully. {8fb0ee44-98bd-48ec-86e2-0ac074f71e94}Gw => Service deleted successfully. {8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w => Service stopped successfully. {8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w => Service deleted successfully. {9204efc4-f9ec-44e9-b066-c15603fbbf67}Gw => Service stopped successfully. {9204efc4-f9ec-44e9-b066-c15603fbbf67}Gw => Service deleted successfully. {978113af-a056-42ab-90c7-cedc7e260032}Gw => Service stopped successfully. {978113af-a056-42ab-90c7-cedc7e260032}Gw => Service deleted successfully. {a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}Gw => Service stopped successfully. {a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}Gw => Service deleted successfully. {adad4b97-f09c-4f47-8b1f-110ffefff654}Gw => Service stopped successfully. {adad4b97-f09c-4f47-8b1f-110ffefff654}Gw => Service deleted successfully. {afe6f281-b7d2-4094-95fe-2c136afd91f7}Gw => Service stopped successfully. {afe6f281-b7d2-4094-95fe-2c136afd91f7}Gw => Service deleted successfully. {bb4259be-1910-4ae0-ab31-9666aeec23b3}Gw => Service stopped successfully. {bb4259be-1910-4ae0-ab31-9666aeec23b3}Gw => Service deleted successfully. {c04971d6-6545-4dc6-95bf-c64628b21a3c}Gw => Service stopped successfully. {c04971d6-6545-4dc6-95bf-c64628b21a3c}Gw => Service deleted successfully. {c27c4c9f-d8e0-4437-b7df-77bb323af19c}Gw => Service stopped successfully. {c27c4c9f-d8e0-4437-b7df-77bb323af19c}Gw => Service deleted successfully. {ce0cf332-28d5-4271-a744-1eb0f7704cf4}Gw => Service stopped successfully. {ce0cf332-28d5-4271-a744-1eb0f7704cf4}Gw => Service deleted successfully. {d29c8a99-d5b4-482a-9eb3-19e193818bd7}Gw => Service stopped successfully. {d29c8a99-d5b4-482a-9eb3-19e193818bd7}Gw => Service deleted successfully. {fdbe12d5-de24-4ed7-9b9a-2c57ab531af3}Gw => Service stopped successfully. {fdbe12d5-de24-4ed7-9b9a-2c57ab531af3}Gw => Service deleted successfully. iSafeKrnlMon => Service deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{203BE8D4-E1D8-44A9-9A88-A2B63BC5FBF6} => Key not found. C:\Windows\System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5_user not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\035b5bf6-8efb-431b-9051-c449a45ce8b7-5_user => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22C190FC-B4CB-4564-BE90-24A1281C78D9} => Key not found. C:\Windows\System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-2 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\035b5bf6-8efb-431b-9051-c449a45ce8b7-2 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{264DAECF-EFA6-470A-A3CA-3E0634CEDD35} => Key not found. C:\Windows\System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-3 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\035b5bf6-8efb-431b-9051-c449a45ce8b7-3 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{729B1A40-28E0-40BD-A7C8-537B7D72954F} => Key not found. C:\Windows\System32\Tasks\51e8f886-20f2-4ea8-ab93-290865445edd not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\51e8f886-20f2-4ea8-ab93-290865445edd => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76BBEC78-4473-49D7-8A57-FB7270661F20} => Key not found. C:\Windows\System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-4 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\035b5bf6-8efb-431b-9051-c449a45ce8b7-4 => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7FFBD45F-B131-4068-9484-06DE453AA525}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FFBD45F-B131-4068-9484-06DE453AA525}" => Key deleted successfully. C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{835D15D5-CADC-40D9-A148-E9521B5C01FF} => Key not found. C:\Windows\System32\Tasks\3d6b9e00-200e-4d6d-ad00-f2f88495bb07 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3d6b9e00-200e-4d6d-ad00-f2f88495bb07 => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{928CED6C-DFFF-4C62-8F8E-8933D7C06596}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{928CED6C-DFFF-4C62-8F8E-8933D7C06596}" => Key deleted successfully. C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1562D22-51F4-460A-B488-FDF251EFC84E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1562D22-51F4-460A-B488-FDF251EFC84E}" => Key deleted successfully. C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1853CA4-8454-4C9A-A20F-7BB6312D5FA2} => Key not found. C:\Windows\System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-11 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\035b5bf6-8efb-431b-9051-c449a45ce8b7-11 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8A450FC-7073-4E11-A049-E3009F408906} => Key not found. C:\Windows\System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\035b5bf6-8efb-431b-9051-c449a45ce8b7-5 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAA99346-234F-4783-BA7C-7E51AE575E79} => Key not found. C:\Windows\System32\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-1 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\035b5bf6-8efb-431b-9051-c449a45ce8b7-1 => Key not found. C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-1.job not found. C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-11.job not found. C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-2.job not found. C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-3.job not found. C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-4.job not found. C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5.job not found. C:\Windows\Tasks\035b5bf6-8efb-431b-9051-c449a45ce8b7-5_user.job not found. C:\Windows\Tasks\3d6b9e00-200e-4d6d-ad00-f2f88495bb07.job not found. C:\Windows\Tasks\51e8f886-20f2-4ea8-ab93-290865445edd.job not found. C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => Moved successfully. C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => Moved successfully. C:\Users\Acer\Downloads\No Subject (1).eml => ":OECustomProperty" ADS removed successfully. C:\Users\Acer\Downloads\No Subject.eml => ":OECustomProperty" ADS removed successfully. ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Speed Maximizer" /f ========= The operation completed successfully. ========= End of CMD: ========= C:\Program Files\SupTab => Moved successfully. "C:\Program Files\HDtubeV1.6V23.10" => File/Directory not found. C:\ProgramData\44fa52db-e405-4860-9675-591a035762d0 => Moved successfully. C:\Program Files\Rad Rater => Moved successfully. C:\Program Files\globalUpdate => Moved successfully. C:\ProgramData\IePluginServices => Moved successfully. C:\ProgramData\WindowsMangerProtect => Moved successfully. "C:\Program Files\Elex-tech" => File/Directory not found. C:\Windows\System32\drivers\{0611db87-b802-446c-82a4-36c028073cf2}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{13ce5bca-e225-4612-825a-04ae7e1fd372}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{22f5efb2-cf2a-4b33-ba26-a786dcd5306a}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{3f068af7-4402-4c2d-86c8-012e5b369fd2}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{3fb64001-af43-4182-bfc8-11e1fee2385f}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{578b4215-f29d-44b8-9b3f-ddf8690c8780}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{593f3d97-fd2a-49c8-8b7a-7193417ea943}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{5a5c6be1-6c0e-4678-ac1b-c5c536cf202b}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{62b23f4d-1a77-4dc0-a311-9d8c70e16633}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{62c63501-9106-4925-bed0-c5a002ccbe86}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{6a0c272b-67e5-4617-9812-522d12a42d7a}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{8487bb52-d98a-4eb5-8021-7bbe5e7c77fa}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{87f4d932-be1a-480c-8b97-5033a67ee4c1}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{8d35dc51-e34f-45f9-a5e9-12adcf68b9cf}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w.sys => Moved successfully. C:\Windows\System32\drivers\{9204efc4-f9ec-44e9-b066-c15603fbbf67}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{978113af-a056-42ab-90c7-cedc7e260032}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{adad4b97-f09c-4f47-8b1f-110ffefff654}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{afe6f281-b7d2-4094-95fe-2c136afd91f7}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{bb4259be-1910-4ae0-ab31-9666aeec23b3}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{c04971d6-6545-4dc6-95bf-c64628b21a3c}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{c27c4c9f-d8e0-4437-b7df-77bb323af19c}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{ce0cf332-28d5-4271-a744-1eb0f7704cf4}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{d29c8a99-d5b4-482a-9eb3-19e193818bd7}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{fdbe12d5-de24-4ed7-9b9a-2c57ab531af3}Gw.sys => Moved successfully. C:\Users\Acer\AppData\Roaming\SmileysWeLove => Moved successfully. "C:\Windows\system32\Drivers\{8fb0ee44-98bd-48ec-86e2-0ac074f71e94}w.sys" => File/Directory not found. C:\Program Files\SqueakyChocolate => Moved successfully. C:\Program Files\WinZipper => Moved successfully. C:\Program Files\MyPC Backup => Moved successfully. "C:\Program Files\SqueakyChocolate" => File/Directory not found. C:\Users\Acer\AppData\Roaming\BEHLJWX.exe => Moved successfully. C:\Users\Acer\AppData\Roaming\ESWP.exe => Moved successfully. C:\Users\Acer\AppData\Local\{1CBA6AEB-C573-42C0-BF87-C948A154D770} => Moved successfully. C:\Program Files\PC Speed Maximizer => Moved successfully. EmptyTemp: => Removed 1.5 GB temporary data. The system needed a reboot. ==== End of Fixlog 09:05:20 ==== Dopuna: 21 Feb 2015 9:15 AdwCleaner[S0]: # AdwCleaner v4.111 - Logfile created 21/02/2015 at 09:12:57 # Updated 18/02/2015 by Xplode # Database : 2015-02-18.3 [Server] # Operating system : Windows 7 Ultimate Service Pack 1 (x86) # Username : Acer - ACER-PC # Running from : C:\Users\Acer\Desktop\AdwCleaner.exe # Option : Cleaning * [ Services ] * * [ Files / Folders ] * Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer Folder Deleted : C:\Windows\system32\SearchProtect Folder Deleted : C:\Users\Acer\AppData\Local\globalUpdate Folder Deleted : C:\Users\Acer\AppData\Roaming\Advanced System Protector Folder Deleted : C:\Users\Acer\AppData\Roaming\OpenCandy Folder Deleted : C:\Users\Acer\AppData\Roaming\PC Speed Maximizer Folder Deleted : C:\Users\Acer\AppData\Roaming\Systweak Folder Deleted : C:\Users\Acer\Documents\DriverFinder File Deleted : C:\END File Deleted : C:\Windows\system32\roboot.exe File Deleted : C:\Users\Acer\Desktop\Live PC Help.lnk File Deleted : C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\invalidprefs.js File Deleted : C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default\user.js * [ Scheduled tasks ] * * [ Shortcuts ] * * [ Registry ] * Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Key Deleted : HKCU\Software\Mozilla\Extends Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\GlobalUpdate Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\pc speed maximizer Key Deleted : HKCU\Software\Popajar Key Deleted : HKCU\Software\SmileysWeLove Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\SupHpUISoft Key Deleted : HKCU\Software\SweetIM Key Deleted : HKCU\Software\systweak Key Deleted : HKCU\Software\V9 Key Deleted : HKCU\Software\WEDLMNGR Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKLM\SOFTWARE\delta-homesSoftware Key Deleted : HKLM\SOFTWARE\GlobalUpdate Key Deleted : HKLM\SOFTWARE\hdcode Key Deleted : HKLM\SOFTWARE\SupDp Key Deleted : HKLM\SOFTWARE\SupTab Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect Key Deleted : HKLM\SOFTWARE\supWPM Key Deleted : HKLM\SOFTWARE\SweetIM Key Deleted : HKLM\SOFTWARE\systweak Key Deleted : HKLM\SOFTWARE\V9 Key Deleted : HKLM\SOFTWARE\Vittalia Key Deleted : HKLM\SOFTWARE\webssearchesSoftware Key Deleted : HKLM\SOFTWARE\winzipersvc Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\istart.webssearches.com Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweetim.com Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\webssearches.com * [ Web browsers ] * -\\ Internet Explorer v11.0.9600.17631 -\\ Mozilla Firefox v32.0.3 (x86 en-US) [gus9gqb9.default\prefs.js] - Line Deleted : user_pref("CT2431400.smartbar.homepage", "true"); [gus9gqb9.default\prefs.js] - Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", ""); [gus9gqb9.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultthis.engineName", "MB2 Customized Web Search"); [gus9gqb9.default\prefs.js] - Line Deleted : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazo[...] [gus9gqb9.default\prefs.js] - Line Deleted : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.__ICM_LITE__fifty_test_rules.value", "%7B%22DE%22%3A%7B%22ALL%22%3A%5B%22anastasiadate.com%22%2C%22option[...] [gus9gqb9.default\prefs.js] - Line Deleted : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%[...] [gus9gqb9.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14940f7bfdc6ef54aacc230384df16da"); [gus9gqb9.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false); [gus9gqb9.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); -\\ Google Chrome v40.0.2214.111 [C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms} [C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms} [C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1419478465&from=wpm12233&uid=WDCXWD5000LPVT-22G33T0_WD-WX51C42K3672K3672&q={searchTerms} [C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1419478465&from=wpm12233&uid=WDCXWD5000LPVT-22G33T0_WD-WX51C42K3672K3672&q={searchTerms} *********************** AdwCleaner[R0].txt - [10684 bytes] - [21/02/2015 09:10:23] AdwCleaner[S0].txt - [10939 bytes] - [21/02/2015 09:12:57] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10999 bytes] ########## Dopuna: 21 Feb 2015 9:28 Zoek.exe v5.0.0.0 Updated 21-February-2015 Tool run by Acer on Sat 02/21/2015 at 9:18:27.42. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Acer\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 2/21/2015 9:19:31 AM Zoek.exe System Restore Point Created Succesfully. ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\system32\Dwm.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wuauclt.exe C:\Users\Acer\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\vssvc.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k swprv ==== Services(whitelist) ====================== Powered by E Dev R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files\common files\adobe\arm\1.0\armsvc.exe R2 - [cvhsvc] - Client Virtualization Handler - c:\program files\common files\microsoft shared\virtualization handler\cvhsvc.exe R2 - [sftlist] - Application Virtualization Client - c:\program files\microsoft application virtualization client\sftlist.exe R2 - [TeamViewer7] - TeamViewer 7 - c:\program files\teamviewer\version7\teamviewer_service.exe R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [sftvsa] - Application Virtualization Service Agent - c:\program files\microsoft application virtualization client\sftvsa.exe R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe S2 - [gupdate] - Google Update Service (gupdate) - c:\program files\google\update\googleupdate.exe S2 - [SkypeUpdate] - Skype Updater - c:\program files\skype\updater\updater.exe S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\system32\macromed\flash\flashplayerupdateservice.exe S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe S3 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\system32\intelcphecisvc.exe S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe S3 - [gupdatem] - Google Update Service (gupdatem) - c:\program files\google\update\googleupdate.exe S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files\mozilla maintenance service\maintenanceservice.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [odserv] - Microsoft Office Diagnostics Service - c:\program files\common files\microsoft shared\office12\odserv.exe S3 - [ose] - Office Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe S4 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework\v4.0.30319\aspnet_state.exe ==== Drivers(whitelist) ====================== Powered by E Dev R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys R3 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys R0 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x] R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\Windows\system32\Drivers\Compbatt.sys R0 - [Disk] - Disk Driver - C:\Windows\system32\Drivers\Disk.sys R0 - [fvevol] - Bitlocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys R0 - [storflt] - Disk Virtual Machine Bus Acceleration Filter Driver - C:\Windows\system32\Drivers\storflt.sys [x] R0 - [Tcpip] - TCP/IP Protocol Driver - C:\Windows\system32\Drivers\Tcpip.sys R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys R0 - [vmbus] - Virtual Machine Bus - C:\Windows\system32\Drivers\vmbus.sys R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys R1 - [tdx] - NetIO Legacy TDI Support Driver - C:\Windows\system32\Drivers\tdx.sys R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Acer\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2015-02-20 22:56:52 4FD3763F3917201856B0CBCE310003EA 4300800 ----a-w- C:\Windows\System32\jscript9.dll 2015-02-20 22:56:52 01BD2653F2185218837CF4A175617F8A 620032 ----a-w- C:\Windows\System32\jscript9diag.dll 2015-02-11 15:53:41 15E13FB1C22A47A128965287194D1906 2380288 ----a-w- C:\Windows\System32\win32k.sys 2015-02-11 15:53:34 F2A743912D404A8866362836CFE7A648 686080 ----a-w- C:\Windows\System32\adtschema.dll 2015-02-11 15:53:34 F29BC66CE4A5507A49FB20744A056E61 22016 ----a-w- C:\Windows\System32\secur32.dll 2015-02-11 15:53:34 CEFE50761B7681715C66AE3488363985 100352 ----a-w- C:\Windows\System32\sspicli.dll 2015-02-11 15:53:34 BF08DE8E4FA1F143D41B3241F7FCE5F6 22528 ----a-w- C:\Windows\System32\lsass.exe 2015-02-11 15:53:34 ACF312F6CCFC9249F739BF439DD4B80C 15872 ----a-w- C:\Windows\System32\sspisrv.dll 2015-02-11 15:53:34 4E6934926B4C923CC0FF61C6D77814EF 50176 ----a-w- C:\Windows\System32\auditpol.exe 2015-02-11 15:53:34 4775E1A0E15BF148098C35A19135F881 1061376 ----a-w- C:\Windows\System32\lsasrv.dll 2015-02-11 15:53:34 43791D2F736C4E9BE9FE0B33A1E92A5D 60416 ----a-w- C:\Windows\System32\msobjs.dll 2015-02-11 15:53:34 36F152AE2F64B12771A44EA77124332B 146432 ----a-w- C:\Windows\System32\msaudite.dll 2015-02-11 15:52:36 6D227897A458DA8A9518DACDC88F1947 3917760 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-02-11 15:52:36 62C93E47A424A8EC79F3CF1719A2DCC6 3972544 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2015-02-11 15:51:09 F5142E9A99F44F9CC19A8AF31761F7F9 3221504 ----a-w- C:\Windows\System32\mstscax.dll 2015-02-11 15:51:09 B3AC14EA18DD0EE517703A86963AED18 131584 ----a-w- C:\Windows\System32\aaclient.dll 2015-02-11 15:51:00 A208DAC2932649CFF82A6A684D8BB1F6 571904 ----a-w- C:\Windows\System32\oleaut32.dll 2015-02-11 15:50:32 F3F6BE20A03215209B61CA85B4A83E1F 65536 ----a-w- C:\Windows\System32\TSpkg.dll 2015-02-11 15:50:32 B63A6FF4339C9B701A93D3973C7FB6D2 550912 ----a-w- C:\Windows\System32\kerberos.dll 2015-02-11 15:50:32 7D94A9161E8432B8521E60E064B1D737 259584 ----a-w- C:\Windows\System32\msv1_0.dll 2015-02-11 15:50:32 7C893DBA0A58855A99DA68B751FD223B 248832 ----a-w- C:\Windows\System32\schannel.dll 2015-02-11 15:50:32 3BB446DE24501FEA5FDB9A9DB23A22AE 221184 ----a-w- C:\Windows\System32\ncrypt.dll 2015-02-11 15:50:31 C256EFD3655EC782F8094E96094E8F9E 17408 ----a-w- C:\Windows\System32\credssp.dll 2015-02-11 15:50:31 A12D64A94EC57079C2D96A741CB4FF53 172032 ----a-w- C:\Windows\System32\wdigest.dll 2015-02-11 15:49:40 94B1F7CE1AAA5542923E0AD63C4D0050 60416 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2015-02-11 15:49:40 71189E2787179666BDCD1374AE92BF62 102912 ----a-w- C:\Windows\System32\ieetwcollector.exe 2015-02-11 15:49:39 E1A4D24281526DDFEA418F729CDA9DC6 30720 ----a-w- C:\Windows\System32\iernonce.dll 2015-02-11 15:49:39 C4F2424A0671907FD3AC44EBE43C3C66 667648 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2015-02-11 15:49:39 B0F7BD3492C2D60A70F15AEADCE1E2A6 47616 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2015-02-11 15:49:39 73AFBF165241EB4502CD15107AA12CBA 684544 ----a-w- C:\Windows\System32\ie4uinit.exe 2015-02-11 15:49:38 EF05E63ACC834470A07A2E73D519B5FA 418304 ----a-w- C:\Windows\System32\dxtmsft.dll 2015-02-11 15:49:38 8E8137569741D3693F88DDF94CC38C20 1307136 ----a-w- C:\Windows\System32\urlmon.dll 2015-02-11 15:49:38 74EA6C792F57E453261DA210C1BCEB53 342712 ----a-w- C:\Windows\System32\iedkcs32.dll 2015-02-11 15:49:38 55A84600EAAF8F1D3F0E6206E2EF6D48 47104 ----a-w- C:\Windows\System32\jsproxy.dll 2015-02-11 15:49:38 28B2D3CB1B4306D476200D80AF7D87AD 115712 ----a-w- C:\Windows\System32\ieUnatt.exe 2015-02-11 15:49:37 FD6AF61AF029B9BC2CF4EFF57CDD5821 710144 ----a-w- C:\Windows\System32\ieapfltr.dll 2015-02-11 15:49:37 8FBC9680719ACDA9351B67D906C682F4 688640 ----a-w- C:\Windows\System32\msfeeds.dll 2015-02-11 15:49:37 47B26D89EF9973E2DD586D0C827F61A9 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2015-02-11 15:49:36 AD3F5926EC2C1F21FB45D1CDED6E2A47 2052608 ----a-w- C:\Windows\System32\inetcpl.cpl 2015-02-11 15:49:36 6F10743069DFFC56DEE079204960844E 168960 ----a-w- C:\Windows\System32\msrating.dll 2015-02-11 15:49:36 5FB7E9786F70F4072663746072C9E6CE 62464 ----a-w- C:\Windows\System32\iesetup.dll 2015-02-11 15:49:35 F285D499EC42969D963CA49EADA63218 1888256 ----a-w- C:\Windows\System32\wininet.dll 2015-02-11 15:49:35 44791AA90DF93DD79E63ED3A38657964 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2015-02-11 15:49:33 994E7459260D315573DD72783D1B78A7 478208 ----a-w- C:\Windows\System32\ieui.dll 2015-02-11 15:49:33 6FA05244FD2E40A3DC08337146B3C425 285696 ----a-w- C:\Windows\System32\dxtrans.dll 2015-02-11 15:49:32 78A1A938D51D4F83A772123B93EE1612 12829184 ----a-w- C:\Windows\System32\ieframe.dll 2015-02-11 15:49:31 D87759889FE7BCAE4461439139E62BAA 76288 ----a-w- C:\Windows\System32\mshtmled.dll 2015-02-11 15:49:31 180168942E4A133C55E7BBF17DA3C142 1155072 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2015-02-11 15:49:30 3B9EF1B8E154D202D32A7765E2F33554 64000 ----a-w- C:\Windows\System32\MshtmlDac.dll 2015-02-11 15:49:29 9A91F9B5035F54C2D0BA92CF9B16EE34 2277888 ----a-w- C:\Windows\System32\iertutil.dll 2015-02-11 15:49:28 61C74D794C14E9FC94D93F5F0F72A3F9 19740160 ----a-w- C:\Windows\System32\mshtml.dll 2015-02-11 15:49:26 9DEE691C8FDBC2DE6957F1AE873C78FC 503296 ----a-w- C:\Windows\System32\vbscript.dll 2015-02-11 15:48:18 E365C7B3EBB96451D3C9DF6B6B6900C2 179200 ----a-w- C:\Windows\System32\wintrust.dll 2015-02-11 15:48:18 0C96A745A76C7DD75C5503E86D968E49 1174528 ----a-w- C:\Windows\System32\crypt32.dll 2015-02-11 15:47:59 B3BC38B886CA53C92D52EF724A9F0D45 308224 ----a-w- C:\Windows\System32\scesrv.dll 2015-02-11 15:47:56 793F6658ED65839FDB2957A4884CB63C 1230336 ----a-w- C:\Windows\System32\WindowsCodecs.dll ====== C:\Windows\system32\drivers ===== 2015-02-11 15:53:34 F516F1167EFBBC5ABC90687C94497869 369968 ----a-w- C:\Windows\System32\drivers\cng.sys 2015-02-11 15:53:34 EF88BAC2B489D9C46F4E41ACF0219CD0 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2015-02-11 15:53:34 49D70660EE8266988C1F99A0297A1430 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Users\Acer\AppData\Roaming ====== 2015-02-20 22:41:13 -------- d-sh--w- C:\Users\Acer\AppData\Locallow\EmieBrowserModeList 2015-02-20 22:09:48 -------- d-sh--w- C:\Users\Acer\AppData\Local\EmieBrowserModeList ====== C:\Users\Acer ====== 2015-02-21 08:09:45 4DB5909D450AE68CC11DC865B9B84F71 2126848 ----a-w- C:\Users\Acer\Desktop\AdwCleaner.exe 2015-02-21 08:09:13 4DB5909D450AE68CC11DC865B9B84F71 2126848 ----a-w- C:\Users\Acer\Downloads\AdwCleaner.exe 2015-02-20 22:48:32 234286460F4EC0F5D442B5BC43203540 1126400 ----a-w- C:\Users\Acer\Downloads\FRST (1).exe 2015-02-20 22:45:08 234286460F4EC0F5D442B5BC43203540 1126400 ----a-w- C:\Users\Acer\Desktop\FRST.exe ====== C: exe-files == 2015-02-21 08:09:45 4DB5909D450AE68CC11DC865B9B84F71 2126848 ----a-w- C:\Users\Acer\Desktop\AdwCleaner.exe 2015-02-21 08:09:13 4DB5909D450AE68CC11DC865B9B84F71 2126848 ----a-w- C:\Users\Acer\Downloads\AdwCleaner.exe 2015-02-20 22:48:32 234286460F4EC0F5D442B5BC43203540 1126400 ----a-w- C:\Users\Acer\Downloads\FRST (1).exe 2015-02-20 22:45:08 234286460F4EC0F5D442B5BC43203540 1126400 ----a-w- C:\Users\Acer\Desktop\FRST.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1766882359-2938042193-1318993286-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HotKeysCmds" "hkey"="HKLM" "command"="C:\\Windows\\system32\\hkcmd.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IgfxTray" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxtray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroFilterCheck" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Persistence" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxpers.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RTHDVCPL" "hkey"="HKLM" "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WinampAgent" "hkey"="HKLM" "command"="\"C:\\Program Files\\Winamp\\winampa.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [02/05/2015 04:14 PM] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [10/28/2014 05:57 PM] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default - abvnotifiernetinfobg - %ProfilePath%\extensions\abvnotifier@netinfo.bg AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\gus9gqb9.default 0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 8F24103AB984847AA2939F58F19CCC98 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U21 ADC539F67D3198679F480974EE203678 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.210.11 C7794A997CEC29173A4401F3AE16C51F - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin ==== Chromium Look ====================== Google Chrome Version: 40.0.2214.111 (Possible outdated, latest Stable version: 40.0.2214.115) Google Slides - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Wallet - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on Sat 02/21/2015 at 9:23:23.54 ====================== Dopuna: 21 Feb 2015 10:14 Inače, već sada je situacija mnoogo bolja.

Profil

Sass Drake Poslao: 21 Feb 2015 17:08 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odlično. Idemo dalje: Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

vasa.93 Poslao: 21 Feb 2015 17:38 Idi na vrh
offline vasa.93 Moderator foruma Milan Pridružio: 17 Dec 2007 Poruke: 14824 Gde živiš: Niš	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mbar log: Malwarebytes Anti-Rootkit BETA 1.09.1.1004 www.malwarebytes.org Database version: main: v2015.02.21.05 rootkit: v2015.02.20.01 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 11.0.9600.17633 Acer :: ACER-PC [administrator] 2/21/2015 5:22:21 PM mbar-log-2015-02-21 (17-22-21).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 300240 Time elapsed: 14 minute(s), 26 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) system-log.txt: https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 21 Feb 2015 17:44 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: vasa.93 Registruj se da bi pohvalio/la poruku! To bi bilo to. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

vasa.93 Poslao: 21 Feb 2015 18:21 Idi na vrh
offline vasa.93 Moderator foruma Milan Pridružio: 17 Dec 2007 Poruke: 14824 Gde živiš: Niš	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To je to. Druže, hvala ti puno. Razlika u radu laptopa je ogromna!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pomoć pri sređivanju laptop-a

Ko je trenutno na forumu

Ukupno su 838 korisnika na forumu :: 4 registrovanih, 1 sakriven i 833 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Fog of War, Hans Gajger, Koridor, zziko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by