MyCity » Ambulanta -> Arhiva Ambulante » Positive finds ads.

Positive finds ads.

Napisano na dan: 10.2.2015
1

Positive finds ads.
Sledeća strana Pagination

Idi na vrh

Poslao: 10 Feb 2015 13:08
Idi na vrh
offline
  • Pridružio: 11 Feb 2012
  • Poruke: 25

Poštovani,

posle jako dugo vremena vam se ponovo javljam. naime, pre par dana je drugar instalirao na ovaj računar nešto, a zajedno sa tim i positive finds ads. Izuzetno iritirajuće. Pokušao sam sken sa Avastom, MalwareBytsom, HitmanPro-om i Adwcleaner. Na karaju sam pustio i Eset online AV. međutim, problem i dalje postoji.

Ako možete da izdvojite vremena za moj problem bio bih vam duboko zahvalan!

Unapred hvala

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by Vitez (administrator) on VITEZ-10 on 10-02-2015 13:00:33
Running from C:\Users\Vitez\Desktop
Loaded Profiles: Vitez (Available profiles: Vitez & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(BitTorrent Inc.) C:\Users\Vitez\AppData\Roaming\uTorrent\uTorrent.exe
(Gretech Corporation) C:\Program Files (x86)\GRETECH\GomAudio\Goma.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACPW06EN] => C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [1234120 2012-12-17] (ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-16] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1348176 2012-09-20] (ABBYY)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478600 2013-05-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
HKLM-x32\...\Run: [Gaming 3] => "C:\Gaming Mouse\Gaming 3.exe" /hide
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [GarenaPlus] => C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [9899312 2014-02-26] ()
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911032 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [uTorrent] => C:\Users\Vitez\AppData\Roaming\uTorrent\uTorrent.exe [1377872 2015-01-22] (BitTorrent Inc.)
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\Run: [GomAudio] => C:\Program Files (x86)\GRETECH\GomAudio\Goma.exe [4918872 2014-05-19] (Gretech Corporation)
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {1280938c-f4cd-11e3-aee0-902b34737702} - G:\npeuinst.exe
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {8a9229b6-2f09-11e3-bbd2-902b34737702} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {8f15efa5-a0f8-11e2-b0b1-902b34737702} - D:\Setup.exe
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {e2bd7ccd-03ed-11e3-8206-902b34737702} - D:\setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-904190866-3107325068-606562831-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-904190866-3107325068-606562831-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-904190866-3107325068-606562831-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin HKU\S-1-5-21-904190866-3107325068-606562831-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-04-09]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-04-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-08]

Chrome:
=======
CHR HomePage: Default -> [Link mogu videti samo ulogovani korisnici]
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSuggestURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\gcswf32.dll No File
CHR Plugin: (Norton Confidential) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-08]
CHR Extension: (Google Search) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-08]
CHR Extension: (AdBlock) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-28]
CHR Extension: (Avast Online Security) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-08]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-04-26]
CHR Extension: (Google Wallet) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Gmail) - C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-08]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-05-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [821840 2012-07-19] (ABBYY)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [361888 2012-07-25] (HP)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-09-18] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-07] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 tor; "C:\Program Files (x86)\Tor\tor.exe" --nt-service "-ControlPort" "9051" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-02] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-08-14] (Disc Soft Ltd)
S3 L6UX2; C:\Windows\System32\Drivers\L6UX264.sys [894592 2010-08-04] (Line 6)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 zghsser; C:\Windows\System32\DRIVERS\zghsser.sys [131976 2012-10-31] (ZTE Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2045-04-17 02:25 - 2045-04-17 02:25 - 00000000 ____D () C:\Users\Vitez\Documents\Steinberg
2045-04-17 02:25 - 2014-04-17 05:18 - 00000000 ____D () C:\Users\Vitez\Documents\Cubase LE AI Elements Projects
2045-04-17 02:24 - 2045-04-17 02:24 - 00000000 ____D () C:\Users\Vitez\Documents\VST3 Presets
2045-04-17 02:20 - 2045-04-17 02:20 - 00000000 ____D () C:\Program Files\Common Files\Steinberg
2045-04-17 02:19 - 2045-04-17 02:19 - 00000000 ____D () C:\ProgramData\Steinberg
2045-04-17 02:18 - 2045-04-17 02:25 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\Steinberg
2045-04-17 02:18 - 2045-04-17 02:18 - 00002892 _____ () C:\Windows\SysWOW64\audcon.sys
2045-04-17 02:18 - 2045-04-17 02:18 - 00000049 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2045-04-17 02:18 - 2045-04-17 02:18 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 7 64bit
2045-04-17 02:18 - 2045-04-17 02:18 - 00000000 ____D () C:\ProgramData\Syncrosoft
2045-04-17 02:18 - 2045-04-17 02:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2045-04-17 02:18 - 2045-04-17 02:18 - 00000000 ____D () C:\Program Files\Steinberg
2045-04-17 02:18 - 2045-04-17 02:18 - 00000000 ____D () C:\Program Files\Common Files\Propellerhead Software
2045-04-17 02:18 - 2045-04-17 02:18 - 00000000 ____D () C:\Program Files (x86)\Syncrosoft
2045-04-17 02:18 - 2011-12-14 20:21 - 00086016 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe
2045-04-17 02:17 - 2045-04-17 02:18 - 00000000 ____D () C:\ProgramData\eLicenser
2045-04-17 02:17 - 2045-04-17 02:18 - 00000000 ____D () C:\Program Files (x86)\eLicenser
2045-04-17 02:17 - 2045-04-17 02:17 - 00000000 ____D () C:\Program Files\eLicenser
2045-04-17 02:17 - 2012-12-07 16:48 - 01714176 _____ (Steinberg Media Technologies GmbH) C:\Windows\system32\SYNSOACC.dll
2045-04-17 02:17 - 2012-12-07 16:48 - 01277952 _____ (Steinberg Media Technologies GmbH) C:\Windows\SysWOW64\SYNSOACC.dll
2045-04-17 02:14 - 2045-04-17 02:14 - 00000000 ____D () C:\Users\Vitez\Documents\Line 6
2045-04-17 02:14 - 2045-04-17 02:14 - 00000000 ____D () C:\ProgramData\Line 6
2045-04-17 02:12 - 2045-04-17 02:12 - 00000000 ____D () C:\Users\Public\Documents\Line 6
2015-02-10 13:00 - 2015-02-10 13:00 - 00023616 _____ () C:\Users\Vitez\Desktop\FRST.txt
2015-02-10 13:00 - 2015-02-10 13:00 - 00000000 ____D () C:\FRST
2015-02-10 12:59 - 2015-02-10 13:00 - 02132992 _____ (Farbar) C:\Users\Vitez\Desktop\FRST64.exe
2015-02-09 16:52 - 2015-02-09 16:52 - 00000062 _____ () C:\Users\Vitez\Desktop\listen (2).pls
2015-02-09 16:31 - 2015-02-10 12:42 - 00003496 _____ () C:\Windows\System32\Tasks\gg_uac_daemon_Vitez
2015-02-09 16:27 - 2015-02-09 16:27 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-02-09 16:17 - 2015-02-09 16:27 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-02-09 16:16 - 2015-02-09 16:17 - 11225840 _____ (SurfRight B.V.) C:\Users\Vitez\Desktop\HitmanPro_x64.exe
2015-02-09 16:07 - 2015-02-10 09:24 - 00000000 ____D () C:\AdwCleaner
2015-02-09 16:07 - 2015-02-09 16:07 - 02112512 _____ () C:\Users\Vitez\Desktop\adwcleaner_4.110.exe
2015-02-09 14:21 - 2015-02-09 14:21 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-09 10:54 - 2015-02-09 10:54 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-09 10:53 - 2015-02-09 10:54 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Vitez\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-07 15:27 - 2015-02-07 15:27 - 00001222 _____ () C:\Users\Public\Desktop\WinX DVD Ripper.lnk
2015-02-07 15:27 - 2015-02-07 15:27 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\Digiarty
2015-02-07 15:27 - 2015-02-07 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2015-02-07 15:27 - 2015-02-07 15:27 - 00000000 ____D () C:\Program Files (x86)\Digiarty
2015-02-07 15:26 - 2015-02-07 15:26 - 10753176 _____ (Digiarty Software, Inc. ) C:\Users\Vitez\Desktop\winx-dvd-ripper.exe
2015-02-07 15:21 - 2015-02-07 15:21 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\TuneUp Software
2015-02-07 15:21 - 2015-02-07 15:21 - 00000000 ____D () C:\Users\Vitez\AppData\Local\TuneUp Software
2015-02-07 15:19 - 2015-02-07 15:22 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-07 15:19 - 2015-02-07 15:19 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-07 15:18 - 2015-02-07 15:24 - 00000000 ____D () C:\Users\Vitez\Documents\DVDVideoSoft
2015-02-07 15:17 - 2015-02-10 09:59 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\DVDVideoSoft
2015-01-31 16:39 - 2015-02-10 07:21 - 00000000 ____D () C:\Users\Vitez\Desktop\jk
2015-01-31 16:33 - 2015-01-31 16:33 - 00485019 _____ () C:\Users\Vitez\Desktop\kolokvijum (1).rar
2015-01-27 17:15 - 2015-01-27 17:15 - 00060460 _____ () C:\Users\Vitez\Desktop\Ustav i prava gradjana.odt
2015-01-27 07:13 - 2015-01-27 07:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-27 07:13 - 2015-01-27 07:13 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-23 18:51 - 2015-01-23 18:53 - 00000000 ____D () C:\Users\Vitez\Desktop\FOTOSUTING VANA BI
2015-01-23 18:51 - 2015-01-23 12:01 - 12489529 _____ () C:\Users\Vitez\Desktop\_ALX8453.NEF
2015-01-23 18:51 - 2015-01-23 12:01 - 12347203 _____ () C:\Users\Vitez\Desktop\_ALX8452.NEF
2015-01-23 18:51 - 2015-01-23 12:01 - 11857771 _____ () C:\Users\Vitez\Desktop\_ALX8450.NEF
2015-01-23 18:51 - 2015-01-23 12:01 - 11823652 _____ () C:\Users\Vitez\Desktop\_ALX8451.NEF
2015-01-19 16:25 - 2015-01-19 16:25 - 00000062 _____ () C:\Users\Vitez\Desktop\listen (1).pls
2015-01-19 16:24 - 2015-01-19 16:24 - 00000062 _____ () C:\Users\Vitez\Desktop\listen.pls
2015-01-18 06:02 - 2015-01-18 06:02 - 01119304 _____ () C:\Users\Vitez\Desktop\drugi semestar (1).rar
2015-01-18 05:15 - 2015-01-18 05:15 - 00421769 _____ () C:\Users\Vitez\Desktop\prvi semestar (1).rar
2015-01-16 21:55 - 2015-01-16 21:56 - 00000000 ____D () C:\Users\Vitez\Desktop\Isidora i Krsto
2015-01-16 16:04 - 2015-01-16 16:04 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\TeamViewer
2015-01-16 15:47 - 2015-01-16 15:48 - 07720120 _____ (TeamViewer GmbH) C:\Users\Vitez\Desktop\TeamViewer_Setup_sr-ioj.exe
2015-01-14 12:17 - 2015-01-15 09:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-14 08:57 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 08:57 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 08:57 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 08:57 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 08:57 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 08:57 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 08:57 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 08:57 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 08:57 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 08:57 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 08:57 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 08:57 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 08:57 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 12:59 - 2013-04-09 10:24 - 00000000 ____D () C:\Users\Vitez\AppData\Roaming\uTorrent
2015-02-10 12:48 - 2009-07-14 05:45 - 00020992 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-10 12:48 - 2009-07-14 05:45 - 00020992 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-10 12:47 - 2013-04-08 17:48 - 01454683 _____ () C:\Windows\WindowsUpdate.log
2015-02-10 12:43 - 2013-05-24 16:21 - 00000000 ____D () C:\Users\Vitez\AppData\Local\LogMeIn Hamachi
2015-02-10 12:42 - 2015-01-08 09:18 - 00001336 _____ () C:\Windows\Tasks\LHGQB.job
2015-02-10 12:42 - 2013-04-08 17:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-10 12:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-10 12:42 - 2009-07-14 05:51 - 00133152 _____ () C:\Windows\setupact.log
2015-02-10 12:39 - 2013-04-09 13:03 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 11
2015-02-10 12:29 - 2015-01-08 09:18 - 00000000 ____D () C:\Program Files (x86)\05e6f622-637c-4a47-8788-03e63173214b
2015-02-10 12:02 - 2013-04-08 17:54 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-10 10:02 - 2013-04-08 18:26 - 01050730 _____ () C:\Windows\PFRO.log
2015-02-10 09:55 - 2013-12-30 22:23 - 00000000 ____D () C:\Program Files\TabletPlugins
2015-02-10 09:39 - 2015-01-09 10:12 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-10 09:26 - 2013-04-08 18:20 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-09 16:27 - 2014-03-01 17:35 - 00000000 ____D () C:\Users\Vitez\Downloads\PCPerformer-BitTorrent-c
2015-02-09 16:09 - 2013-04-08 17:54 - 00001286 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-09 16:09 - 2013-04-08 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-09 16:09 - 2013-04-08 17:46 - 00000949 _____ () C:\Users\Vitez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-09 13:57 - 2014-04-17 08:52 - 00000000 ____D () C:\Windows\Minidump
2015-02-09 13:14 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2015-02-09 13:02 - 2013-04-20 11:28 - 04652544 ___SH () C:\Users\Vitez\Desktop\Thumbs.db
2015-02-09 10:54 - 2015-01-09 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-09 10:54 - 2015-01-09 10:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-07 17:04 - 2013-04-09 10:07 - 00000000 ____D () C:\Users\Vitez\AppData\Local\CrashDumps
2015-02-04 18:57 - 2013-04-08 17:54 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 18:57 - 2013-04-08 17:54 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-29 10:05 - 2013-11-04 09:19 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-29 10:03 - 2014-11-04 09:33 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-29 10:03 - 2014-11-04 09:33 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-29 10:03 - 2014-11-04 09:33 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-29 10:03 - 2014-11-04 09:33 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-29 10:03 - 2013-05-03 23:19 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-28 19:58 - 2013-04-08 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-01-28 01:41 - 2014-12-04 01:13 - 00000000 ____D () C:\Users\Vitez\Desktop\jelena
2015-01-26 16:58 - 2015-01-10 01:14 - 00000000 ____D () C:\Users\Vitez\Desktop\komp
2015-01-23 18:45 - 2009-07-14 06:13 - 00849546 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-23 18:38 - 2014-12-04 01:30 - 00000000 ____D () C:\Users\Vitez\Desktop\stefan
2015-01-23 18:37 - 2014-12-28 22:21 - 00000000 ____D () C:\Users\Vitez\Desktop\raviojla hdr
2015-01-23 18:36 - 2015-01-02 02:49 - 00000000 ____D () C:\Users\Vitez\Desktop\parovi za fb
2015-01-23 18:36 - 2014-12-28 22:10 - 00000000 ____D () C:\Users\Vitez\Desktop\hajat fejs majka ng 14
2015-01-23 18:36 - 2014-12-23 12:54 - 00000000 ____D () C:\Users\Vitez\Desktop\slvn
2015-01-16 07:45 - 2013-04-08 18:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 08:07 - 2013-04-09 11:42 - 00841668 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-14 23:20 - 2013-07-31 02:03 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 23:20 - 2013-04-08 19:41 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 11:32 - 2013-08-14 01:38 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys

==================== Files in the root of some directories =======

2014-03-11 16:06 - 2014-03-11 16:06 - 0000132 _____ () C:\Users\Vitez\AppData\Roaming\Adobe BMP Format CS6 Prefs
2013-04-11 09:50 - 2013-04-11 09:50 - 0000132 _____ () C:\Users\Vitez\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Vitez\AppData\Roaming\LHGQB
2013-05-04 05:08 - 2014-04-05 02:47 - 0045270 _____ () C:\Users\Vitez\AppData\Roaming\room_v3.dat
2013-09-26 13:13 - 2014-11-13 10:33 - 0001456 _____ () C:\Users\Vitez\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-06-02 12:58 - 2013-06-03 14:24 - 0007599 _____ () C:\Users\Vitez\AppData\Local\Resmon.ResmonCfg
2013-05-16 20:42 - 2012-08-31 08:49 - 0024772 _____ () C:\ProgramData\P1210DEF.css
2013-05-16 20:42 - 2014-10-21 15:47 - 0015730 _____ () C:\ProgramData\P1210OS.HTM
2013-05-16 20:42 - 2012-08-31 08:49 - 0002944 _____ () C:\ProgramData\P1210SIG.GIF
2014-11-10 12:05 - 2014-11-10 12:06 - 0000464 _____ () C:\ProgramData\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini

Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\ShellHook.dll
C:\Users\Vitez\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Vitez\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Vitez\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Vitez\AppData\Local\Temp\Quarantine.exe
C:\Users\Vitez\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Vitez\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Vitez\AppData\Local\Temp\ShellHook.dll
C:\Users\Vitez\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 00:15

==================== End Of Log ============================
[Link mogu videti samo ulogovani korisnici]



Poslao: 10 Feb 2015 21:40
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {1280938c-f4cd-11e3-aee0-902b34737702} - G:\npeuinst.exe
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {8a9229b6-2f09-11e3-bbd2-902b34737702} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {8f15efa5-a0f8-11e2-b0b1-902b34737702} - D:\Setup.exe
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {e2bd7ccd-03ed-11e3-8206-902b34737702} - D:\setup.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Vitez\Downloads\PCPerformer-BitTorrent-c
Task: {6EE17205-4C5E-4D46-ABAD-C0E0BDBD33AA} - System32\Tasks\{77EABCF1-8B00-4261-ABD2-0729759C72F2} => pcalua.exe -a E:\Downloads\Skyrim\install.exe -d E:\Downloads\Skyrim
Task: {9BD108D5-4268-461A-BBBF-34DEA58161EA} - System32\Tasks\LHGQB => C:\Users\Vitez\AppData\Roaming\LHGQB.exe <==== ATTENTION
Task: {EDBA6DA9-B6C5-4CDD-8CC1-917E77CEBFDF} - System32\Tasks\{C8000239-5CB3-4005-AEA9-C8C2D0151360} => pcalua.exe -a "C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\Install\uninst.exe" -d "C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\Install"
Task: C:\Windows\Tasks\LHGQB.job => C:\Users\Vitez\AppData\Roaming\LHGQB.exe <==== ATTENTION
C:\Users\Vitez\AppData\Roaming\LHGQB.exe
EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).




Arrow Korak 2

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

process;
startupall;
drivers-services-list;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.



Poslao: 11 Feb 2015 09:32
Idi na vrh
offline
  • Pridružio: 11 Feb 2012
  • Poruke: 25

Korak 1:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015
Ran by Vitez at 2015-02-11 09:14:14 Run:1
Running from C:\Users\Vitez\Desktop
Loaded Profiles: Vitez (Available profiles: Vitez & Guest)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {1280938c-f4cd-11e3-aee0-902b34737702} - G:\npeuinst.exe
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {8a9229b6-2f09-11e3-bbd2-902b34737702} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {8f15efa5-a0f8-11e2-b0b1-902b34737702} - D:\Setup.exe
HKU\S-1-5-21-904190866-3107325068-606562831-1000\...\MountPoints2: {e2bd7ccd-03ed-11e3-8206-902b34737702} - D:\setup.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Vitez\Downloads\PCPerformer-BitTorrent-c
Task: {6EE17205-4C5E-4D46-ABAD-C0E0BDBD33AA} - System32\Tasks\{77EABCF1-8B00-4261-ABD2-0729759C72F2} => pcalua.exe -a E:\Downloads\Skyrim\install.exe -d E:\Downloads\Skyrim
Task: {9BD108D5-4268-461A-BBBF-34DEA58161EA} - System32\Tasks\LHGQB => C:\Users\Vitez\AppData\Roaming\LHGQB.exe <==== ATTENTION
Task: {EDBA6DA9-B6C5-4CDD-8CC1-917E77CEBFDF} - System32\Tasks\{C8000239-5CB3-4005-AEA9-C8C2D0151360} => pcalua.exe -a "C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\Install\uninst.exe" -d "C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\Install"
Task: C:\Windows\Tasks\LHGQB.job => C:\Users\Vitez\AppData\Roaming\LHGQB.exe <==== ATTENTION
C:\Users\Vitez\AppData\Roaming\LHGQB.exe
EmptyTemp:
*****************

"HKU\S-1-5-21-904190866-3107325068-606562831-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1280938c-f4cd-11e3-aee0-902b34737702}" => Key deleted successfully.
HKCR\CLSID\{1280938c-f4cd-11e3-aee0-902b34737702} => Key not found.
"HKU\S-1-5-21-904190866-3107325068-606562831-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a9229b6-2f09-11e3-bbd2-902b34737702}" => Key deleted successfully.
HKCR\CLSID\{8a9229b6-2f09-11e3-bbd2-902b34737702} => Key not found.
"HKU\S-1-5-21-904190866-3107325068-606562831-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f15efa5-a0f8-11e2-b0b1-902b34737702}" => Key deleted successfully.
HKCR\CLSID\{8f15efa5-a0f8-11e2-b0b1-902b34737702} => Key not found.
"HKU\S-1-5-21-904190866-3107325068-606562831-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2bd7ccd-03ed-11e3-8206-902b34737702}" => Key deleted successfully.
HKCR\CLSID\{e2bd7ccd-03ed-11e3-8206-902b34737702} => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
C:\Users\Vitez\Downloads\PCPerformer-BitTorrent-c => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EE17205-4C5E-4D46-ABAD-C0E0BDBD33AA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EE17205-4C5E-4D46-ABAD-C0E0BDBD33AA}" => Key deleted successfully.
C:\Windows\System32\Tasks\{77EABCF1-8B00-4261-ABD2-0729759C72F2} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{77EABCF1-8B00-4261-ABD2-0729759C72F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9BD108D5-4268-461A-BBBF-34DEA58161EA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BD108D5-4268-461A-BBBF-34DEA58161EA}" => Key deleted successfully.
C:\Windows\System32\Tasks\LHGQB => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LHGQB" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EDBA6DA9-B6C5-4CDD-8CC1-917E77CEBFDF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDBA6DA9-B6C5-4CDD-8CC1-917E77CEBFDF}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C8000239-5CB3-4005-AEA9-C8C2D0151360} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C8000239-5CB3-4005-AEA9-C8C2D0151360}" => Key deleted successfully.
C:\Windows\Tasks\LHGQB.job => Moved successfully.
"C:\Users\Vitez\AppData\Roaming\LHGQB.exe" => File/Directory not found.
EmptyTemp: => Removed 1.9 GB temporary data.


The system needed a reboot.

==== End of Fixlog 09:14:32 ====

Korak 2


Zoek.exe v5.0.0.0 Updated 10-February-2015
Tool run by Vitez on 11-Feb-15 at 9:21:04.82.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vitez\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

11-Feb-15 9:23:18 AM Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Vitez\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Services(whitelist) ======================
Powered by E Dev

R2 - [ABBYY.Licensing.FineReader.Corporate.11.0] - ABBYY FineReader 11 CE Licensing Service - c:\program files (x86)\common files\abbyy\finereader\11.00\licensing\ce\networklicenseserver.exe
R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe
R2 - [HPM1210RcvFaxSrvc] - HP LaserJet Professional M1210 MFP Series Receive Fax Service - c:\program files\hp\hp laserjet m1210 mfp series\receivefaxutility.exe
R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe
R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
R2 - [LMIGuardianSvc] - LMIGuardianSvc - c:\program files (x86)\logmein hamachi\lmiguardiansvc.exe
R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
R2 - [MSSQL$SQLEXPRESS] - SQL Server (SQLEXPRESS) - c:\program files (x86)\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe
R2 - [NAUpdate] - Nero Update - c:\program files (x86)\nero\update\nasvc.exe
R2 - [NIHardwareService] - NIHardwareService - c:\program files\common files\native instruments\hardware\nihardwareservice.exe
R2 - [PSI_SVC_2] - Protexis Licensing V2 - c:\program files (x86)\common files\protexis\license service\psiservice_2.exe
R2 - [SQLBrowser] - SQL Server Browser - c:\program files (x86)\microsoft sql server\90\shared\sqlbrowser.exe
R2 - [SQLWriter] - SQL Server VSS Writer - c:\program files\microsoft sql server\90\shared\sqlwriter.exe
R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Google Update Service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [KMService] - KMService - c:\windows\system32\srvany.exe [x]
S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S2 - [tor] - Tor Win32 Service - c:\program files (x86)\tor\tor.exe [x]
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
S3 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
S3 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe
S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files (x86)\windows live\family safety\fsssvc.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [gusvc] - Google Software Updater - c:\program files (x86)\google\common\google updater\googleupdaterservice.exe
S3 - [IDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files\microsoft office\office14\groove.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [SwitchBoard] - SwitchBoard - c:\program files (x86)\common files\adobe\switchboard\switchboard.exe
S3 - [TunngleService] - TunngleService - c:\program files (x86)\tunngle\tnglctrl.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S4 - [MSSQLServerADHelper] - SQL Server Active Directory Helper - c:\program files (x86)\microsoft sql server\90\shared\sqladhlp90.exe
S4 - [msvsmon90] - Visual Studio 2008 Remote Debugger - c:\program files\microsoft visual studio 9.0\common7\ide\remote debugger\x64\msvsmon.exe

==== Drivers(whitelist) ======================
Powered by E Dev

R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
R3 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys
R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys
R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys
R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys
R0 - [aswRvrt] - avast! Revert - C:\Windows\system32\Drivers\aswRvrt.sys
R0 - [aswVmm] - avast! VM Monitor - C:\Windows\system32\Drivers\aswVmm.sys
R0 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys
R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]
R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
R0 - [Disk] - Disk Driver - C:\Windows\system32\Drivers\Disk.sys
R0 - [fvevol] - Bitlocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys
R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys
R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys
R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys
R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
R0 - [PxHlpa64] - PxHlpa64 - C:\Windows\system32\Drivers\PxHlpa64.sys
R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys
R0 - [storflt] - Disk Virtual Machine Bus Acceleration Filter Driver - C:\Windows\system32\Drivers\storflt.sys [x]
R0 - [Tcpip] - TCP/IP Protocol Driver - C:\Windows\system32\Drivers\Tcpip.sys
R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys
R0 - [vmbus] - Virtual Machine Bus - C:\Windows\system32\Drivers\vmbus.sys
R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys
R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
R1 - [tdx] - NetIO Legacy TDI Support Driver - C:\Windows\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Vitez\AppData\Local\Temp ====
2015-02-11 08:17:02 A9284FD8CF1C5DED66C4CD3307145ABD 70656 ----a-w- C:\Users\Vitez\AppData\Local\Temp\ShellHook.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2045-04-17 01:18:16 E5B43213F7CAF6C65504A3EDB1977EEA 2892 ----a-w- C:\Windows\SysWOW64\audcon.sys
2045-04-17 01:18:02 B29680F5EEA7C35873F26427534EDD29 86016 ----a-w- C:\Windows\SysWOW64\SYNSOPOS.exe
2045-04-17 01:18:02 84407C7CA172179A35F079BBD4AF9644 49 ----a-w- C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2045-04-17 01:17:45 E63B75E84CD8C0ED2C405BFB70C0089F 1277952 ----a-w- C:\Windows\SysWOW64\SYNSOACC.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2045-04-17 01:17:45 71A999C0F31E5D157B499119C1AB8126 1714176 ----a-w- C:\Windows\Sysnative\SYNSOACC.dll
2015-02-09 15:27:32 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\Sysnative\bootdelete.exe
====== C:\Windows\Sysnative\drivers =====
2015-01-14 07:57:55 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
====== C:\Windows\Tasks ======
2015-02-09 15:31:32 BD1E3C7B5A86F3005A794C34A138568F 3496 ----a-w- C:\Windows\Sysnative\Tasks\gg_uac_daemon_Vitez
====== C:\Windows\Temp ======
======= C:\Program Files =====
2045-04-17 01:20:15 -------- d-----w- C:\Program Files\Common Files\Steinberg
2045-04-17 01:18:30 -------- d-----w- C:\Program Files\Common Files\Propellerhead Software
2045-04-17 01:18:26 -------- d-----w- C:\Program Files\Steinberg
2045-04-17 01:17:44 -------- d-----w- C:\Program Files\eLicenser
======= C:\PROGRA~2 =====
2045-04-17 01:19:57 -------- d-----w- C:\PROGRA~2\COMMON~1\Steinberg
2045-04-17 01:18:02 -------- d-----w- C:\PROGRA~2\Syncrosoft
2045-04-17 01:17:43 -------- d-----w- C:\PROGRA~2\eLicenser
2015-02-09 13:21:58 -------- d-----w- C:\PROGRA~2\ESET
2015-02-07 14:27:06 -------- d-----w- C:\PROGRA~2\Digiarty
2015-01-29 09:04:11 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2015-01-14 11:17:24 -------- d-----w- C:\PROGRA~2\Mozilla Thunderbird
======= C: =====
====== C:\Users\Vitez\AppData\Roaming ======
2045-04-17 01:18:26 -------- d-----w- C:\Users\Vitez\AppData\Roaming\Steinberg
2045-04-17 01:18:26 -------- d-----w- C:\Users\Vitez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 7 64bit
2015-02-07 14:27:06 -------- d-----w- C:\Users\Vitez\AppData\Roaming\Digiarty
2015-02-07 14:21:03 -------- d-----w- C:\Users\Vitez\AppData\Roaming\TuneUp Software
2015-02-07 14:21:03 -------- d-----w- C:\Users\Vitez\AppData\Local\TuneUp Software
2015-02-07 14:17:18 -------- d-----w- C:\Users\Vitez\AppData\Roaming\DVDVideoSoft
2015-01-16 15:04:58 -------- d-----w- C:\Users\Vitez\AppData\Roaming\TeamViewer
====== C:\Users\Vitez ======
2045-04-17 01:19:57 -------- d-----w- C:\ProgramData\Steinberg
2045-04-17 01:18:16 -------- d-----w- C:\ProgramData\Syncrosoft
2045-04-17 01:18:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2045-04-17 01:17:44 -------- d-----w- C:\ProgramData\eLicenser
2045-04-17 01:14:25 -------- d-----w- C:\ProgramData\Line 6
2045-04-17 01:12:28 -------- d-----w- C:\Users\Public\Documents\Line 6
2015-02-10 11:59:59 C2BB64D56E643AD07C968590F9FA124D 2132992 ----a-w- C:\Users\Vitez\Desktop\FRST64.exe
2015-02-09 15:17:39 -------- d-----w- C:\ProgramData\HitmanPro
2015-02-09 15:16:34 DC56182AF1F306F6F2A641EAA0055015 11225840 ----a-w- C:\Users\Vitez\Desktop\HitmanPro_x64.exe
2015-02-09 15:07:13 B5998562E394D9DB672D012D4E670790 2112512 ----a-w- C:\Users\Vitez\Desktop\adwcleaner_4.110.exe
2015-02-09 09:53:43 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Vitez\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-07 14:27:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2015-02-07 14:26:23 1903694D9F423AE96884C2C4929D6F24 10753176 ----a-w- C:\Users\Vitez\Desktop\winx-dvd-ripper.exe
2015-02-07 14:19:11 -------- d-sh--w- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-07 14:19:10 -------- d--h--w- C:\ProgramData\Common Files
2015-02-07 14:19:10 -------- d-----w- C:\ProgramData\TuneUp Software

====== C: exe-files ==
2045-04-17 01:18:05 6B2B12EF7C2C501C7D107065EE04AE22 6480298 ----a-w- C:\Program Files (x86)\eLicenser\Uninstaller\Uninstall eLicenser Control.exe
2045-04-17 01:18:02 B29680F5EEA7C35873F26427534EDD29 86016 ----a-w- C:\Windows\SysWOW64\SYNSOPOS.exe
2045-04-17 01:18:02 B29680F5EEA7C35873F26427534EDD29 86016 ----a-w- C:\Program Files (x86)\Syncrosoft\POS\SYNSOPOS.exe
2045-04-17 01:18:02 B29680F5EEA7C35873F26427534EDD29 86016 ----a-w- C:\Program Files (x86)\Syncrosoft\LCC\LCC.exe
2045-04-17 01:17:43 D046DCA2111D0AAC3015F2463076C616 2805760 ----a-w- C:\Program Files (x86)\eLicenser\POS\SYNSOPOS.exe
2045-04-17 01:17:43 67E0920C0592DF8BD261F763C46620EE 2768896 ----a-w- C:\Program Files (x86)\eLicenser\eLCC\eLCC.exe
2015-02-10 11:59:59 C2BB64D56E643AD07C968590F9FA124D 2132992 ----a-w- C:\Users\Vitez\Desktop\FRST64.exe
2015-02-09 15:27:32 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2015-02-09 15:16:34 DC56182AF1F306F6F2A641EAA0055015 11225840 ----a-w- C:\Users\Vitez\Desktop\HitmanPro_x64.exe
2015-02-09 15:07:13 B5998562E394D9DB672D012D4E670790 2112512 ----a-w- C:\Users\Vitez\Desktop\adwcleaner_4.110.exe
2015-02-09 13:22:08 E273331224005C5A8A504164373DE1DC 535304 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
2015-02-09 13:22:08 9E47522861242EE002D7F385C35D1322 2887824 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2015-02-09 13:22:08 5B3DE7968D23B476AFB256D8014B25B9 333424 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2015-02-09 13:22:08 47B06E473B78A792DF07D226E0537D63 119184 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2015-02-09 13:22:08 3C3F35C91F230493B088B334E39D1F7A 358144 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2015-02-09 09:53:43 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Vitez\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-07 14:27:06 E1760DCDEA1E9139B967F5A228AD02BF 1207584 ----a-w- C:\Program Files (x86)\Digiarty\WinX_DVD_Ripper\unins000.exe
2015-02-07 14:27:06 2E35619E9728FC2312838808A79AD7A8 14640416 ----a-w- C:\Program Files (x86)\Digiarty\WinX_DVD_Ripper\WinX_DVD_Ripper.exe
2015-02-07 14:26:23 1903694D9F423AE96884C2C4929D6F24 10753176 ----a-w- C:\Users\Vitez\Desktop\winx-dvd-ripper.exe
2015-02-06 08:03:59 1F9A2717F6C6D3440B1F4A59FF96C708 1043024 ----a-w- C:\Program Files (x86)\Google\Update\Install\{19E92A0E-E534-427C-8FEA-952ECDEA7DA5}\40.0.2214.111_40.0.2214.94_chrome_updater.exe
2015-02-06 08:03:59 1F9A2717F6C6D3440B1F4A59FF96C708 1043024 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.111\40.0.2214.111_40.0.2214.94_chrome_updater.exe
2015-02-04 17:57:50 FD98434B6A06FE31A35E4BFBC827B290 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe
2015-02-04 17:57:50 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateSetup.exe
2015-02-04 17:57:50 5F0A3AA68785C49454F56C9F2DDA0237 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateWebPlugin.exe
2015-02-04 17:57:50 4C02536F4CA35911FB3EA5715F300C57 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateBroker.exe
2015-02-04 17:57:46 F3B6470DA7CE34E559D3BA7365CC909C 115528 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateComRegisterShell64.exe
2015-02-04 17:57:45 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdate.exe
2015-02-04 17:57:45 83BB030C71C9727DCFB2737005772C4E 232264 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
2015-02-04 17:57:45 323CFFFDAF253AC65CD194A101BE6231 287048 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
2015-02-04 17:57:42 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\Install\{15B33E7B-B333-4B8D-8DCC-6F6FB0474784}\GoogleUpdateSetup.exe
2015-02-04 17:57:42 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.26.9\GoogleUpdateSetup.exe
=== C: other files ==
2045-04-17 01:18:16 E5B43213F7CAF6C65504A3EDB1977EEA 2892 ----a-w- C:\Windows\SysWOW64\audcon.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"GarenaPlus"="C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe -autolaunch"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"uTorrent"="C:\Users\Vitez\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"
"GomAudio"="C:\Program Files (x86)\GRETECH\GomAudio\Goma.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"Bonus.SSR.FR11"="C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe /autorun"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
"BambooCore"="C:\Program Files (x86)\Bamboo Dock\BambooCore.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"Gaming 3"="C:\Gaming Mouse\Gaming 3.exe /hide"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GarenaPlus"="C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe -autolaunch"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"uTorrent"="C:\Users\Vitez\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"
"GomAudio"="C:\Program Files (x86)\GRETECH\GomAudio\Goma.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ACPW06EN"="C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe /pid ACPW06EN"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-Oct-14 07:44 AM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate 2" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\gg_uac_daemon_SES" [C:\Program Files (x86)\Garena Plus\ggdllhost.exe]
"C:\Windows\SysNative\tasks\gg_uac_daemon_Vitez" [C:\Program Files (x86)\Garena Plus\ggdllhost.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\{14603B95-A5F0-4719-9B17-B8E590A7CF1F}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [27-Jan-15 07:12 AM]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 40.0.2214.111 (Possible outdated, latest Stable version: 40.0.2214.94)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[11-May-13 11:37 AM]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[02-Dec-14 11:24 AM]

Google Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Adobe Acrobat - Create PDF - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj
Avast Online Security - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Voice Search Hotword (Beta) - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Windows Media Player Extension for HTML5 - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak
Google Wallet - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on 11-Feb-15 at 9:28:34.26 ======================

Poslao: 11 Feb 2015 16:16
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ovo mi izgleda čisto. Da li ti se i dalje pojavljuju reklame?

Poslao: 11 Feb 2015 17:02
Idi na vrh
offline
  • Pridružio: 11 Feb 2012
  • Poruke: 25

Napisano: 11 Feb 2015 16:59

da.


Mora ima više od 10 char

Dopuna: 11 Feb 2015 17:02

međutim, nisam restartovao posle zoeka

Poslao: 11 Feb 2015 19:22
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Slaven Kovacevic ::Napisano: 11 Feb 2015 16:59

da.


Mora ima više od 10 char

Dopuna: 11 Feb 2015 17:02

međutim, nisam restartovao posle zoeka



Možeš li mi napraviti screenshot toga?

Poslao: 12 Feb 2015 09:20
Idi na vrh
offline
  • Pridružio: 11 Feb 2012
  • Poruke: 25

Eve slike. I dalje je nepromenjeno.




Poslao: 12 Feb 2015 15:39
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

hokdglbhghcebcopdbanieangmcamaak;chr
emptyalltemp;
emptyclsid;
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.



Question

Kakvo je sada stanje?

Poslao: 12 Feb 2015 16:55
Idi na vrh
offline
  • Pridružio: 11 Feb 2012
  • Poruke: 25

I dalje isto. Vidi sliku na kraju.

Zoek Log


Zoek.exe v5.0.0.0 Updated 10-February-2015
Tool run by Vitez on 12-Feb-15 at 16:24:15.10.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vitez\Desktop\zoek (1).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12-Feb-15 4:25:16 PM Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\05e6f622-637c-4a47-8788-03e63173214b deleted successfully
C:\PROGRA~2\LucasArts deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\World of Warcraft deleted successfully
C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\Nokia deleted successfully
C:\Users\Vitez\AppData\Roaming\Nokia deleted successfully
C:\Users\Vitez\AppData\Roaming\Nokia Suite deleted successfully
C:\Users\Guest\AppData\Local\VirtualStore deleted successfully
C:\Users\SES\AppData\Local\VirtualStore deleted successfully
C:\Users\Vitez\AppData\Local\GHISLER deleted successfully
C:\Users\Vitez\AppData\Local\PACE Anti-Piracy deleted successfully
C:\Users\Vitez\AppData\Local\Ubisoft Game Launcher deleted successfully
C:\Users\Vitez\AppData\Local\Unity deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{179FBE3D-52B3-496C-B8E-E2433F39DCC5} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DFB1624-5A97-4973-8BED-9138D3922B} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2252597A-BAC1-463D-AFE-D3CC749898E4} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377805bc-677b-4d33-ad1e-4e4bf88c0c0a} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F766453-47C0-4720-B71C-9602EE38F8} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6136E97C-581F-4E9D-BB7D-79E315FDE70} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A447A67-F717-442B-9EF6-50DA6D37015} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B815852-3C18-4B4A-8FB0-83EF84AC2E7} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{826B40CD-C778-4230-8847-D6716DE62157} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8855F4E4-EF98-4CE3-A297-2CC36CFF586F} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C7AAE75-2889-4D77-A67B-99E84B3E5CDD} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D4CC527-5CBA-4D38-B6C6-ED4A8335BEBA} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{962C0FA0-4A38-4A75-AD61-1239123364E} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9672B532-75F-4452-9CB4-89BA113EBA} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A792885A-2D4B-4C8E-A87-FC81F6386766} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B60333E-19B5-4086-9A64-7E8ECADC9C23} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9E595FA-79A8-4CE2-8777-E526BB97961E} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB697430-A50E-4AEA-A1AD-7FF96993232F} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC620C5D-8EA4-482E-9FB6-763A9827D30} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD573F27-52DA-4B0A-8C63-42D6848A8DD0} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bdbfd37d-00fc-4279-922e-b899552dd646} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFAE3704-686C-4F84-9124-88266339197A} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3ADCBFA-87F9-4E63-86FE-4940176DCB40} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBA508CB-F543-461E-82C4-4E3A182C4AF0} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5C180C9-D376-4138-B41-2978DBF71C4} deleted successfully
HKEY_USERS\S-1-5-21-904190866-3107325068-606562831-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F69120A8-5A5A-4E31-8BB2-B84E2D31834E} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377805bc-677b-4d33-ad1e-4e4bf88c0c0a} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bdbfd37d-00fc-4279-922e-b899552dd646} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Vitez\.android deleted
C:\~1392.tmp deleted
C:\~298F.tmp deleted
C:\~54FE.tmp deleted
C:\~5BB.tmp deleted
C:\~68D8.tmp deleted
C:\~6DD7.tmp deleted
C:\~9020.tmp deleted
C:\~CE27.tmp deleted
C:\~E159.tmp deleted
C:\~FC4C.tmp deleted
C:\Users\Vitez\AppData\Local\avgchrome deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
"C:\Users\Vitez\AppData\Roaming\LHGQB" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [27-Jan-15 07:12 AM]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\SES\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 40.0.2214.111 (Up to date, latest Stable version: 40.0.2214.111)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[11-May-13 11:37 AM]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[02-Dec-14 11:24 AM]

Google Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Adobe Acrobat - Create PDF - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj
Avast Online Security - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Voice Search Hotword (Beta) - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Windows Media Player Extension for HTML5 - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak
Google Wallet - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vitez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F5ELALZ4 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Vitez\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=22 folders=6 963743 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\SES\AppData\Local\Temp emptied successfully
C:\Users\Vitez\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Vitez\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Vitez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F5ELALZ4" not found

==== EOF on 12-Feb-15 at 16:48:44.89 ======================

Poslao: 12 Feb 2015 17:11
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Da li je neko od vas instalirao Garenu Plus?

MyCity » Ambulanta -> Arhiva Ambulante » Positive finds ads.

Ko je trenutno na forumu
 

Ukupno su 1116 korisnika na forumu :: 86 registrovanih, 14 sakrivenih i 1016 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Alexa77, antonije64, Astore Vajola, Avalon015, benne, Betty25, Bobrock1, bojan581, bojcistv, bokki, Bombarder, Centauro, Cian, coaaco, CraniumWhite, CrazyNorth, Dare, darkkran, debeli, dejanilic, Denaya, Dovla 1980, Electron, FileFinder, GeoM, Georgius, Glauber, gomago, goxin, ivan_8282, janbo, jarovitt, Kalem, Khalid ibn al-Walid, klepesina, krkalon, Kubovac, Kvazar, ljubsz, Lošmi, macoromiso, majstro, mango, Marko00, Mcdado, mercedesamg, Metanoja, Michellefromrezistance, Miki281, mikrimaus, milenko crazy north, Milometer, milos.cbr, Milos1389, Motocar, nelezele, nevjerna beba, Niko Bitan, OtacMakarije, Paklenica, Parker, peradetlić, PlayerOne, PrincipL, Prometeus, raso76, rebro1974, samojednoimeznam, Sančo, Semprini, sixpac, Stojan Mrsavi, stokssone, styg, tmanda323, Tribal, troki1971, UAV operator, Vlado82, voja64, Vojkan Petrovic, Volkhov-M, vrlenija, yiyi, ZetaMan, zziko