Problem laptop dugo dize sistem ..

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

U zadnje vreme dugio dize sistem neki put kadac kliknem na My Computer citavu vecnost ucitava particije na D particiji imam WAW file od oko 600 mb uopste ne mogu da ga izbrisem .. Kada kliknem na delete on pocne neku kalkulaciji i to traje u nedogled .. Hvala na pomoci unapred pozdrav !
https://www.mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Teodora (administrator) on TEA-PC on 10-01-2015 01:06:43
Running from C:\Users\Teodora\Desktop
Loaded Profiles: Teodora & postgres (Available profiles: Teodora & UpdatusUser & postgres)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Arainia Solutions) C:\Program Files (x86)\Gizmo\gservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
() C:\ExpressGateUtil\VAWinService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Sonix Technology Co., Ltd.) C:\Windows\vsnp2uvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\ExpressGateUtil\VAWinAgent.exe
(Dropbox, Inc.) C:\Users\Teodora\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
() C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [4035152 2012-07-09] (ESET)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [909824 2010-01-21] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1931024 2010-07-19] (Intel(R) Corporation)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2780776 2011-07-19] (CANON INC.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-11] (Alcor Micro Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [VAWinAgent] => C:\ExpressGateUtil\VAWinAgent.exe [21504 2010-08-12] ()
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-11-24] (CyberLink Corp.)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [FLxHCIm] => C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [40448 2011-02-24] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-329715560-4119546054-269688802-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-329715560-4119546054-269688802-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-329715560-4119546054-269688802-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-329715560-4119546054-269688802-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-329715560-4119546054-269688802-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-329715560-4119546054-269688802-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-329715560-4119546054-269688802-1000\...\Run: [GizmoDriveDelegate] => C:\Program Files (x86)\Gizmo\gizmo.exe [223640 2012-11-01] (Arainia Solutions)
HKU\S-1-5-21-329715560-4119546054-269688802-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-329715560-4119546054-269688802-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-329715560-4119546054-269688802-1000\...\MountPoints2: {ffe345d1-5410-11e1-91c0-806e6f6e6963} - D:\InstAll.exe
HKU\S-1-5-21-329715560-4119546054-269688802-1004\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-329715560-4119546054-269688802-1004\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-329715560-4119546054-269688802-1004\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-329715560-4119546054-269688802-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-329715560-4119546054-269688802-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-329715560-4119546054-269688802-1004\...\MountPoints2: {54797e88-538d-11e1-b2ae-806e6f6e6963} - E:\InstAll.exe
HKU\S-1-5-21-329715560-4119546054-269688802-1004\...\MountPoints2: {ffe345d1-5410-11e1-91c0-806e6f6e6963} - D:\InstAll.exe
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-04-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2013 Fast Start.lnk
ShortcutTarget: SolidWorks 2013 Fast Start.lnk -> C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk
ShortcutTarget: SolidWorks Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\Teodora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Teodora\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicyUsers\S-1-5-21-329715560-4119546054-269688802-1001\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-329715560-4119546054-269688802-1000 -> {37009B19-84D1-49BE-BEFC-74529482D52D} URL = http://search.yahoo.com/search?fr=chr-greentree_ie.....erp&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKU\S-1-5-21-329715560-4119546054-269688802-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKU\S-1-5-21-329715560-4119546054-269688802-1004 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Handler-x32: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\Windows\wc98pp.dll ()
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6B1B1FE7-ECB9-43FF-94C5-9DF695709DA2}: [NameServer] 0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Teodora\AppData\Roaming\Mozilla\Firefox\Profiles\j017cgj5.default
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchoholic.info/?pid=2145&r=2015/01/05&hid=12369304577482551173&lg=EN&cc=RS&unqvl=72&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKU\S-1-5-21-329715560-4119546054-269688802-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Teodora\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: youtubeadblocker - C:\Users\Teodora\AppData\Roaming\Mozilla\Firefox\Profiles\j017cgj5.default\Extensions\b7@lFjhFOG.com [2015-01-05]
FF Extension: unisalees - C:\Users\Teodora\AppData\Roaming\Mozilla\Firefox\Profiles\j017cgj5.default\Extensions\N8@1.com [2015-01-05]
FF Extension: ImTranslator - C:\Users\Teodora\AppData\Roaming\Mozilla\Firefox\Profiles\j017cgj5.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2012-03-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-09]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-02-10]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [974944 2011-09-22] (ESET)
R2 Gizmo Central; C:\Program Files (x86)\Gizmo\gservice.exe [34728 2012-11-01] (Arainia Solutions)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-07-19] ()
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2012-03-18] ()
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2012-04-21] (SolidWorks) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [77312 2010-08-20] () [File not signed]
R2 postgresql-x64-9.0; C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2011-08-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2011-08-04] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2011-08-04] (ESET)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [77040 2012-11-08] (Fresco Logic)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-01-23] () [File not signed]
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2012-11-01] (Arainia Solutions LLC)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800832 2010-09-07] (Sonix Technology Co., Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 01:06 - 2015-01-10 01:07 - 00024945 _____ () C:\Users\Teodora\Desktop\FRST.txt
2015-01-10 01:06 - 2015-01-10 01:06 - 00000000 ____D () C:\FRST
2015-01-10 01:04 - 2015-01-10 01:04 - 02124288 _____ (Farbar) C:\Users\Teodora\Desktop\FRST64.exe
2015-01-10 00:27 - 2015-01-10 00:27 - 00000056 _____ () C:\Windows\setupact.log
2015-01-10 00:27 - 2015-01-10 00:27 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-10 00:19 - 2015-01-10 00:19 - 00000766 _____ () C:\Windows\PFRO.log
2015-01-10 00:04 - 2015-01-10 00:06 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-10 00:04 - 2015-01-10 00:04 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-01-10 00:04 - 2015-01-10 00:04 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-10 00:04 - 2015-01-10 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-09 23:56 - 2015-01-09 23:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-09 18:22 - 2015-01-09 18:22 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-01-09 18:22 - 2015-01-09 18:22 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-01-09 18:17 - 2015-01-09 18:17 - 00003502 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-TEA-PC-Teodora
2015-01-09 18:14 - 2015-01-09 18:14 - 00001081 _____ () C:\Users\Teodora\Desktop\Adobe Photoshop CS6 (64 Bit).lnk
2015-01-09 18:12 - 2015-01-09 18:14 - 00000000 ____D () C:\Program Files\Adobe
2015-01-09 18:10 - 2015-01-09 18:21 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-09 16:28 - 2015-01-09 16:28 - 00000000 ___RD () C:\Users\Teodora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-01-08 23:53 - 2015-01-10 00:59 - 00004958 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for TEA-PC-Teodora TEA-PC
2015-01-08 23:18 - 2015-01-08 23:18 - 00000562 _____ () C:\Users\Public\Desktop\Fraps.lnk
2015-01-08 23:18 - 2015-01-08 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-01-08 23:18 - 2015-01-08 23:18 - 00000000 ____D () C:\Fraps
2015-01-06 14:46 - 2015-01-06 14:47 - 00000000 ____D () C:\Users\Teodora\Desktop\Natasa
2015-01-05 14:05 - 2015-01-10 00:58 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-01-05 14:05 - 2015-01-06 11:05 - 00000000 ____D () C:\Windows\AutoKMS
2015-01-05 14:03 - 2015-01-05 14:03 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2015-01-05 14:00 - 2015-01-05 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-05 14:00 - 2015-01-05 14:00 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-01-05 13:59 - 2015-01-05 13:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-01-05 13:58 - 2015-01-05 13:59 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-01-05 13:58 - 2015-01-05 13:58 - 00000000 ____D () C:\Windows\PCHEALTH
2015-01-05 13:56 - 2015-01-05 13:56 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2015-01-05 13:56 - 2015-01-05 13:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-01-05 13:55 - 2015-01-05 13:58 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-05 13:55 - 2015-01-05 13:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-05 13:54 - 2015-01-05 13:54 - 00000000 __RHD () C:\MSOCache
2015-01-05 11:39 - 2015-01-05 11:40 - 00000000 ____D () C:\Program Files (x86)\DeltaFix
2015-01-05 11:37 - 2015-01-07 13:20 - 00000000 ____D () C:\Program Files (x86)\UnisAlleS
2015-01-05 11:36 - 2015-01-07 13:20 - 00000000 ____D () C:\Program Files (x86)\unisalees
2015-01-05 11:36 - 2015-01-05 11:36 - 00000000 ____D () C:\ProgramData\12491211713184563620
2015-01-05 01:34 - 2015-01-05 01:34 - 00000853 _____ () C:\Users\Public\Desktop\FIFA 14.lnk
2015-01-05 01:34 - 2015-01-05 01:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
2014-12-26 11:03 - 2014-12-26 11:03 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 00:51 - 2014-12-23 00:51 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-22 14:44 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-22 14:44 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-22 14:44 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-22 14:44 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-22 14:44 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-22 14:44 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-22 14:44 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-22 14:44 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-22 14:44 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-22 14:44 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-22 13:56 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-22 13:56 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-22 13:56 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-22 13:56 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-22 13:56 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-22 13:56 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-22 13:56 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-22 13:56 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-22 13:56 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-22 13:56 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-22 13:56 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-22 13:56 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-22 13:56 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-22 13:56 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-22 13:56 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-22 13:56 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-22 13:56 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-22 13:56 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-22 13:56 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-22 13:56 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-22 13:56 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-22 13:56 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-22 13:56 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-22 13:56 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-22 13:56 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-22 13:56 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-22 13:56 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-22 13:56 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-22 13:56 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-22 13:56 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-22 13:56 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-22 13:56 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-22 13:56 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-22 13:56 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-22 13:56 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-22 13:56 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-22 13:56 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-22 13:56 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-22 13:56 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-22 13:56 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-22 13:56 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-22 13:56 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-22 13:56 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-22 13:56 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-22 13:56 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-22 13:56 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-22 13:56 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-22 13:56 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-22 13:56 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-22 13:56 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-22 13:56 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-22 13:56 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-22 13:56 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-22 13:56 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-22 13:56 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-22 13:55 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-22 13:46 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-22 13:46 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-22 13:46 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-22 13:46 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-22 13:46 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-22 13:46 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-22 13:46 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-22 13:46 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-22 13:44 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-22 13:44 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-22 13:44 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-22 13:44 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-22 13:44 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-22 13:44 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-22 13:44 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-18 12:09 - 2014-12-18 12:09 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-12-18 12:09 - 2014-12-18 12:09 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-12-18 12:09 - 2014-12-18 12:09 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-12-18 12:09 - 2014-12-18 12:09 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-12-18 12:09 - 2014-12-18 12:09 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-12-18 12:09 - 2014-12-18 12:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-12-18 12:09 - 2014-12-18 12:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_NuidFltr_01011.Wdf
2014-12-18 12:09 - 2014-12-18 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-12-18 12:09 - 2014-12-18 12:09 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-12-18 12:06 - 2014-12-18 12:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 01:03 - 2009-07-14 05:45 - 00031072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-10 01:03 - 2009-07-14 05:45 - 00031072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-10 01:01 - 2014-04-20 08:07 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-10 00:58 - 2013-10-26 15:20 - 00000000 ____D () C:\Users\Teodora\AppData\Roaming\Dropbox
2015-01-10 00:58 - 2012-03-01 02:26 - 00000000 ____D () C:\ProgramData\MCShield
2015-01-10 00:58 - 2012-02-10 03:52 - 00000000 ___HD () C:\ASUS.DAT
2015-01-10 00:40 - 2012-02-10 19:02 - 01696284 _____ () C:\Windows\WindowsUpdate.log
2015-01-10 00:36 - 2012-08-06 14:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-10 00:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-10 00:22 - 2009-07-14 05:45 - 09797856 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-10 00:15 - 2013-05-31 00:11 - 00000000 ____D () C:\Users\Teodora\AppData\Local\CrashDumps
2015-01-10 00:15 - 2012-02-14 02:18 - 00000000 ____D () C:\Users\Teodora\AppData\Roaming\AIMP3
2015-01-10 00:15 - 2012-02-10 23:27 - 00000000 ____D () C:\Users\Teodora\AppData\Roaming\uTorrent
2015-01-10 00:15 - 2012-02-10 19:21 - 00000000 ____D () C:\Users\Teodora\AppData\Roaming\Skype
2015-01-10 00:15 - 2012-02-10 18:53 - 00000000 ____D () C:\Windows\Panther
2015-01-09 23:59 - 2012-07-21 13:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-09 21:38 - 2014-07-23 20:10 - 00000000 ____D () C:\Users\Teodora\Documents\FIFA 14
2015-01-09 18:23 - 2014-12-01 14:12 - 00000000 ____D () C:\Users\Teodora\AppData\Local\Adobe
2015-01-09 18:21 - 2012-03-01 01:25 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-09 18:17 - 2012-03-01 01:40 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-01-09 18:16 - 2012-07-27 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2015-01-09 18:16 - 2012-02-10 04:36 - 00165048 _____ () C:\Users\Teodora\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-09 18:14 - 2012-07-27 13:40 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-09 16:51 - 2014-06-09 23:19 - 00000000 ____D () C:\The KMPlayer
2015-01-09 00:37 - 2014-07-06 19:35 - 00000228 _____ () C:\Users\Teodora\BullseyeCoverageError.txt
2015-01-08 23:23 - 2012-02-10 03:07 - 00000000 ____D () C:\Users\Teodora
2015-01-08 23:16 - 2009-07-14 06:13 - 00797850 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-05 14:02 - 2012-02-10 06:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-05 14:00 - 2010-11-21 08:16 - 00000000 ____D () C:\Windows\ShellNew
2015-01-05 14:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-05 13:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-05 13:57 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2015-01-05 00:49 - 2014-07-22 23:14 - 00000000 ____D () C:\ProgramData\Origin
2015-01-05 00:41 - 2012-11-01 00:08 - 00000000 ____D () C:\Users\Teodora\Documents\Gizmo
2015-01-01 19:32 - 2012-08-06 14:14 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-01 19:32 - 2012-06-17 11:37 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-01 19:32 - 2012-02-20 00:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-28 05:47 - 2013-12-07 18:26 - 00000000 ____D () C:\Games
2014-12-28 05:16 - 2014-07-14 23:46 - 00000000 ____D () C:\Users\Teodora\AppData\Local\Sports Interactive
2014-12-27 22:20 - 2014-09-21 20:58 - 00000000 ____D () C:\Users\Teodora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-27 22:20 - 2014-07-14 17:43 - 00000000 ____D () C:\Users\Teodora\AppData\Local\Microsoft Games
2014-12-23 14:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-23 00:51 - 2014-04-26 12:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-23 00:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-23 00:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-22 14:56 - 2013-07-17 00:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-22 14:53 - 2012-02-10 18:23 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-22 13:34 - 2012-02-10 04:22 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-12-17 17:27 - 2013-05-22 00:21 - 00000000 ____D () C:\Users\Teodora\Documents\Bluetooth Folder
2014-12-16 22:33 - 2012-03-17 23:45 - 00000000 ____D () C:\Users\postgres
2014-12-12 11:58 - 2013-10-26 15:21 - 00000000 ____D () C:\Users\Teodora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Some content of TEMP:
====================
C:\Users\Teodora\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\Teodora\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxsmwfx.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-04 13:56

==================== End Of Log ============================

https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Korak 1

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

HKU\S-1-5-21-329715560-4119546054-269688802-1004\...\MountPoints2: {54797e88-538d-11e1-b2ae-806e6f6e6963} - E:\InstAll.exe
HKU\S-1-5-21-329715560-4119546054-269688802-1004\...\MountPoints2: {ffe345d1-5410-11e1-91c0-806e6f6e6963} - D:\InstAll.exe
GroupPolicyUsers\S-1-5-21-329715560-4119546054-269688802-1001\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchoholic.info/?pid=2145&r=2015/01/05&hid=12369304577482551173&lg=EN&cc=RS&unqvl=72&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Extension: youtubeadblocker - C:\Users\Teodora\AppData\Roaming\Mozilla\Firefox\Profiles\j017cgj5.default\Extensions\b7@lFjhFOG.com [2015-01-05]
FF Extension: unisalees - C:\Users\Teodora\AppData\Roaming\Mozilla\Firefox\Profiles\j017cgj5.default\Extensions\N8@1.com [2015-01-05]
Task: {212CB97F-A603-4123-B41A-4339B36443E6} - System32\Tasks\{FA5E937F-3BF7-49CC-B253-82626471DAD6} => pcalua.exe -a "C:\Users\Teodora\Desktop\Pinnacle VideoSpin help\VideoSpin 2_0 Setup.exe" -d "C:\Users\Teodora\Desktop\Pinnacle VideoSpin help"
Task: {2A2A6743-E27D-42BC-8C3D-57289A2791D0} - System32\Tasks\{CF16B72E-46B9-458D-8735-33A12A81F485} => pcalua.exe -a G:\sw2013\_SolidSQUAD_\SW2010-2013.Activator.SSQ.exe -d G:\sw2013\_SolidSQUAD_
Task: {2CD1F028-5908-4C26-A2C0-F39C9E463C65} - System32\Tasks\{B1BFF8E9-7DE6-4B90-A26B-1AF64FDDF5DF} => pcalua.exe -a D:\Download\ProDAD.Heroglyph.v4.0.187.Multilingual.x64.Incl.Keygen-MESMERiZE\heroglyph-40-full64bit.exe -d D:\Download\ProDAD.Heroglyph.v4.0.187.Multilingual.x64.Incl.Keygen-MESMERiZE
C:\Program Files (x86)\UnisAlleS
C:\Program Files (x86)\unisalees
EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).





Korak 2

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by Teodora at 2015-01-10 14:22:21 Run:1
Running from C:\Users\Teodora\Desktop
Loaded Profiles: Teodora & postgres (Available profiles: Teodora & UpdatusUser & postgres)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-329715560-4119546054-269688802-1004\...\MountPoints2: {54797e88-538d-11e1-b2ae-806e6f6e6963} - E:\InstAll.exe
HKU\S-1-5-21-329715560-4119546054-269688802-1004\...\MountPoints2: {ffe345d1-5410-11e1-91c0-806e6f6e6963} - D:\InstAll.exe
GroupPolicyUsers\S-1-5-21-329715560-4119546054-269688802-1001\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchoholic.info/?pid=2145&r=2015/01/05&hid=12369304577482551173&lg=EN&cc=RS&unqvl=72&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Extension: youtubeadblocker - C:\Users\Teodora\AppData\Roaming\Mozilla\Firefox\Profiles\j017cgj5.default\Extensions\b7@lFjhFOG.com [2015-01-05]
FF Extension: unisalees - C:\Users\Teodora\AppData\Roaming\Mozilla\Firefox\Profiles\j017cgj5.default\Extensions\N8@1.com [2015-01-05]
Task: {212CB97F-A603-4123-B41A-4339B36443E6} - System32\Tasks\{FA5E937F-3BF7-49CC-B253-82626471DAD6} => pcalua.exe -a "C:\Users\Teodora\Desktop\Pinnacle VideoSpin help\VideoSpin 2_0 Setup.exe" -d "C:\Users\Teodora\Desktop\Pinnacle VideoSpin help"
Task: {2A2A6743-E27D-42BC-8C3D-57289A2791D0} - System32\Tasks\{CF16B72E-46B9-458D-8735-33A12A81F485} => pcalua.exe -a G:\sw2013\_SolidSQUAD_\SW2010-2013.Activator.SSQ.exe -d G:\sw2013\_SolidSQUAD_
Task: {2CD1F028-5908-4C26-A2C0-F39C9E463C65} - System32\Tasks\{B1BFF8E9-7DE6-4B90-A26B-1AF64FDDF5DF} => pcalua.exe -a D:\Download\ProDAD.Heroglyph.v4.0.187.Multilingual.x64.Incl.Keygen-MESMERiZE\heroglyph-40-full64bit.exe -d D:\Download\ProDAD.Heroglyph.v4.0.187.Multilingual.x64.Incl.Keygen-MESMERiZE
C:\Program Files (x86)\UnisAlleS
C:\Program Files (x86)\unisalees
EmptyTemp:
*****************

"HKU\S-1-5-21-329715560-4119546054-269688802-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54797e88-538d-11e1-b2ae-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{54797e88-538d-11e1-b2ae-806e6f6e6963} => Key not found.
"HKU\S-1-5-21-329715560-4119546054-269688802-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ffe345d1-5410-11e1-91c0-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{ffe345d1-5410-11e1-91c0-806e6f6e6963} => Key not found.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-329715560-4119546054-269688802-1001\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
Firefox DefaultSearchEngine,S deleted successfully.
Firefox DefaultSearchUrl deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox SearchEngineOrder.1,S deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox SelectedSearchEngine,S deleted successfully.
C:\Users\Teodora\AppData\Roaming\Mozilla\Firefox\Profiles\j017cgj5.default\Extensions\b7@lFjhFOG.com => Moved successfully.
C:\Users\Teodora\AppData\Roaming\Mozilla\Firefox\Profiles\j017cgj5.default\Extensions\N8@1.com => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{212CB97F-A603-4123-B41A-4339B36443E6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{212CB97F-A603-4123-B41A-4339B36443E6}" => Key deleted successfully.
C:\Windows\System32\Tasks\{FA5E937F-3BF7-49CC-B253-82626471DAD6} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FA5E937F-3BF7-49CC-B253-82626471DAD6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A2A6743-E27D-42BC-8C3D-57289A2791D0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A2A6743-E27D-42BC-8C3D-57289A2791D0}" => Key deleted successfully.
C:\Windows\System32\Tasks\{CF16B72E-46B9-458D-8735-33A12A81F485} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CF16B72E-46B9-458D-8735-33A12A81F485}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CD1F028-5908-4C26-A2C0-F39C9E463C65}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD1F028-5908-4C26-A2C0-F39C9E463C65}" => Key deleted successfully.
C:\Windows\System32\Tasks\{B1BFF8E9-7DE6-4B90-A26B-1AF64FDDF5DF} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B1BFF8E9-7DE6-4B90-A26B-1AF64FDDF5DF}" => Key deleted successfully.
C:\Program Files (x86)\UnisAlleS => Moved successfully.
C:\Program Files (x86)\unisalees => Moved successfully.
EmptyTemp: => Removed 317.5 MB temporary data.


The system needed a reboot.

==== End of Fixlog 14:22:41 ====
https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Odlično. Idemo dalje:


Korak 1

Imaš instaliranu developer verziju Google Chrome-a.
Idi u Control Idi u Start -> Control Panel -> Programs and Features i deinstaliraj Google Chrome. Obavezno označni opciju Also delete your browsing data.
Bookmarkse možeš da izvezeš i da ih kasnije opet ubaciš.

Kada ga deinstaliraš, skini ga sa Google sajta, https://www.google.com/chrome/browser/ i instaliraj opet.



Korak 2

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

process;
startupall;
drivers-services-list;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadržaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Izvini ali ne mogu da hadjem Google hrome nema ga .. ?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preskoči onda taj korak i odradi ovo pod korakom br. 2.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zoek.exe v5.0.0.0 Updated 09-January-2015
Tool run by Teodora on Sat 01/10/2015 at 18:49:47.87.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Teodora\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

1/10/2015 6:50:31 PM Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files (x86)\Gizmo\gservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
C:\ExpressGateUtil\VAWinService.exe
C:\Windows\AsScrPro.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\MCShield\MCShieldRTM.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Users\Teodora\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Teodora\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Services(whitelist) ======================
Powered by E Dev

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [AFBAgent] - AFBAgent - c:\windows\system32\fbagent.exe
R2 - [ASLDRService] - ASLDR Service - c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe
R2 - [Atheros Bt&Wlan Coex Agent] - Atheros Bt&Wlan Coex Agent - c:\program files (x86)\bluetooth suite\ath_coexagent.exe
R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\bluetooth suite\adminservice.exe
R2 - [ATKGFNEXSrv] - ATKGFNEX Service - c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe
R2 - [BcmBtRSupport] - Bluetooth Driver Management Service - c:\windows\system32\btwrsupportservice.exe
R2 - [btwdins] - Bluetooth Service - c:\program files\widcomm\bluetooth software\btwdins.exe
R2 - [c2cautoupdatesvc] - Skype Click to Call Updater - c:\program files (x86)\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe
R2 - [c2cpnrsvc] - Skype Click to Call PNR Service - c:\program files (x86)\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe
R2 - [ekrn] - ESET Service - c:\program files\eset\eset smart security\x86\ekrn.exe
R2 - [EvtEng] - Intel(R) PROSet/Wireless Event Log - c:\program files\intel\wifi\bin\evteng.exe
R2 - [Gizmo Central] - Gizmo Central - c:\program files (x86)\gizmo\gservice.exe
R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
R2 - [MBAMScheduler] - MBAMScheduler - c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe
R2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe
R2 - [NVSvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
R2 - [postgresql-x64-9.0] - postgresql-x64-9.0 - PostgreSQL Server 9.0 - c:/program files/postgresql/9.0/bin/pg_ctl.exe
R2 - [RegSrvc] - Intel(R) PROSet/Wireless Registry Service - c:\program files\common files\intel\wirelesscommon\regsrvc.exe
R2 - [ScsiAccess] - ScsiAccess - c:\program files (x86)\photodex\proshow producer\scsiaccess.exe
R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
R2 - [VideAceWindowsService] - VideAceWindowsService - c:\expressgateutil\vawinservice.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [MyWiFiDHCPDNS] - Wireless PAN DHCP Server - c:\program files\intel\wifi\bin\pandhcpdns.exe
R3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
S2 - [nvUpdatusService] - NVIDIA Update Service Daemon - c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [CoordinatorServiceHost] - SW Distributed TS Coordinator Service - c:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe
S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe
S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FLEXnet Licensing Service 64] - FLEXnet Licensing Service 64 - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe
S3 - [FLEXnet Licensing Service] - FLEXnet Licensing Service - c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [IDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\1150\intel 32\idrivert.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [SolidWorks Licensing Service] - SolidWorks Licensing Service - c:\program files (x86)\common files\solidworks shared\service\solidworkslicensing.exe
S3 - [SwitchBoard] - Adobe SwitchBoard - c:\program files (x86)\common files\adobe\switchboard\switchboard.exe
S3 - [TurboBoost] - Intel(R) Turbo Boost Technology Monitor 2.0 - c:\program files\intel\turboboost\turboboost.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [WatAdminSvc] - Windows Activation Technologies Service - c:\windows\system32\wat\watadminsvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe

==== Drivers(whitelist) ======================
Powered by E Dev

R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
R3 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys
R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys
R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys
R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys
R0 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys
R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]
R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\Windows\system32\Drivers\Compbatt.sys
R0 - [Disk] - Disk Driver - C:\Windows\system32\Drivers\Disk.sys
R0 - [epfwwfp] - epfwwfp - C:\Windows\system32\Drivers\epfwwfp.sys
R0 - [fvevol] - Bitlocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys
R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
R0 - [iaStor] - Intel AHCI Controller - C:\Windows\system32\Drivers\iaStor.sys
R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys
R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys
R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys
R0 - [nvpciflt] - nvpciflt - C:\Windows\system32\Drivers\nvpciflt.sys
R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
R0 - [PxHlpa64] - PxHlpa64 - C:\Windows\system32\Drivers\PxHlpa64.sys
R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys
R0 - [storflt] - Disk Virtual Machine Bus Acceleration Filter Driver - C:\Windows\system32\Drivers\storflt.sys [x]
R0 - [Tcpip] - TCP/IP Protocol Driver - C:\Windows\system32\Drivers\Tcpip.sys
R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys
R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys
R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
R1 - [tdx] - NetIO Legacy TDI Support Driver - C:\Windows\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Teodora\AppData\Local\Temp ====
2015-01-10 13:33:50 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\Teodora\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgu_6ic.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2014-12-22 12:44:01 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys
2014-12-18 11:09:41 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_point64_01011.Wdf
2014-12-18 11:09:30 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_NuidFltr_01011.Wdf
2014-12-18 11:06:15 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_dc3d_01011.Wdf
====== C:\Windows\Tasks ======
2015-01-09 17:17:53 70D627B656A06E41FFB430A0FAAB5105 3502 ----a-w- C:\Windows\Sysnative\Tasks\AdobeAAMUpdater-1.0-TEA-PC-Teodora
2015-01-08 22:53:21 97CD8326E1DA46EB48DB530D9B2F657D 4958 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for TEA-PC-Teodora TEA-PC
2015-01-05 13:05:04 1DB51B4621CEB3CB2ABC194AE5179BB0 3758 ----a-w- C:\Windows\Sysnative\Tasks\AutoKMS
2014-12-26 10:03:52 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task
2014-12-18 11:09:48 EF633CA3CFB8E9541EBBF69EABF8AD14 3118 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-12-18 11:09:47 934E9F97FCAD47EADD5D1B81772A23E1 3092 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-12-18 11:09:47 8840039E23042FBA51666E6EAFD37854 3090 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft_Hardware_Launch_itype_exe
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-01-09 17:12:12 -------- d-----w- C:\Program Files\Adobe
2015-01-05 13:00:13 -------- d-----w- C:\Program Files\Common Files\DESIGNER
2015-01-05 12:59:45 -------- d-----w- C:\Program Files\Microsoft.NET
2015-01-05 12:58:27 -------- d-----w- C:\Program Files\Microsoft SQL Server
2015-01-05 12:56:35 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2015-01-05 12:55:47 -------- d-----w- C:\Program Files\Microsoft Office
2014-12-18 11:09:01 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center
======= C:\PROGRA~2 =====
2015-01-09 17:10:53 -------- d-----w- C:\PROGRA~2\Adobe
2015-01-05 12:59:46 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server
2015-01-05 12:56:35 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services
2015-01-05 12:55:50 -------- d-----w- C:\PROGRA~2\Microsoft Office
======= C: =====
====== C:\Users\Teodora\AppData\Roaming ======
2015-01-10 13:33:02 -------- d-----r- C:\Users\Teodora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
====== C:\Users\Teodora ======
2015-01-10 13:21:44 61CA40317EBF1254770BF8B495B3F8DA 2191360 ----a-w- C:\Users\Teodora\Desktop\AdwCleaner.exe
2015-01-10 00:04:35 1D52BA6FE6E435CE9E9C801D2B175936 2124288 ----a-w- C:\Users\Teodora\Desktop\FRST64.exe
2015-01-08 22:18:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-01-05 13:03:27 -------- d-----w- C:\ProgramData\Microsoft Toolkit
2015-01-05 13:00:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-05 12:59:14 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2015-01-05 00:34:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
2014-12-18 11:09:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center

====== C: exe-files ==
2015-01-10 13:21:44 61CA40317EBF1254770BF8B495B3F8DA 2191360 ----a-w- C:\Users\Teodora\Desktop\AdwCleaner.exe
2015-01-10 00:04:35 1D52BA6FE6E435CE9E9C801D2B175936 2124288 ----a-w- C:\Users\Teodora\Desktop\FRST64.exe
2015-01-09 17:07:48 05C67ADE5DA4325000EAC64C0C6D13D3 2114208 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe
2015-01-09 17:07:43 D77EC62E4DF8F10F3AFF8778E59A22FA 118944 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\D6\TokenGenerator64.exe
2015-01-09 17:07:43 171AA42480E814F2A9ED1BA1376E01D9 120168 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\D6\Setup.exe
2015-01-09 17:07:42 DC73C771540178BDEE5902C77845B1E8 83120 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DECore\DE5\resources\libraries\TokenResolverx64.exe
2015-01-09 17:07:42 483DBDE3F0B010CCE393A67E9F82207C 344752 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DECore\DE5\resources\libraries\CustomHook_Helperx64.exe
2015-01-09 17:07:41 56BD523EB2EDC7CB3C9CCA03ECCD2ACE 1616048 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DECore\DE5\resources\libraries\Adobe_Helperx32.exe
2015-01-09 17:07:41 3EA805E93697E701DD070ED38B0D341C 2200240 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DECore\DE5\resources\libraries\Adobe_Helperx64.exe
2015-01-09 17:07:40 AB6A487365ECD948BABB81B9A2DC0D03 80744 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DECore\DE6\resources\libraries\TokenResolverx64.exe
2015-01-09 17:07:40 7C5164C840034C701335BE801BD6E542 342888 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DECore\DE6\resources\libraries\CustomHook_Helperx64.exe
2015-01-09 17:07:38 7BD5EAA78B078C0A0CE7A21837C19722 2198376 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DECore\DE6\resources\libraries\Adobe_Helperx64.exe
2015-01-09 17:07:38 70177978952C16E480CF032F0B173494 1614184 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DECore\DE6\resources\libraries\Adobe_Helperx32.exe
2015-01-09 17:07:37 63264452CDB6918785E62FD5A7C6265A 29032 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DECore\PlatformUtil.exe
2015-01-09 17:07:37 513D751316CFCFFEBA9FBF6AEC13B765 516456 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DECore\Setup.exe
2015-01-09 17:07:33 5F2FBA96B7792A5AD906B9A2DB166C4C 118944 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\TokenGenerator64.exe
2015-01-09 17:07:32 AA08BFEAA2E2D6D14E4AB9A9F754CE6C 383848 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\Setup.exe
2015-01-09 17:07:18 AD3544F8B86A4868777C97125D5418E0 267936 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\AAM Registration Notifier.exe
2015-01-09 17:07:18 767E3B2F99DBBAA206EB79D75E300128 358240 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\adobe_licutil.exe
2015-01-09 17:07:04 E99D34222BADC2619F45AFCD127EEAA7 1692808 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2015-01-09 17:07:04 DC790FE61FA113A86B95613345EEC212 261280 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\AAM Registration Notifier.exe
2015-01-09 17:07:00 1315C5C5C54CE2AA37A155F97027DB59 446392 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
2015-01-09 17:06:59 968248485EA610DCFB1B9DC1D3862F2A 2226616 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\Adobe Application Manager (Updater).exe
2015-01-09 17:06:58 EA5B870671079786F335AC7C10846C4F 295584 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
2015-01-09 17:06:58 4237D5077BFAA7E674415BE4C74A3597 402872 ------w- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAMLauncher.exe
2015-01-08 22:18:25 2E107AEEB6D0E523C345B4194EADB48F 40445 ----a-w- C:\Fraps\uninstall.exe
2015-01-05 13:05:03 83AC88E59AED154D19915169ADF0FAAD 3727360 ----a-w- C:\Windows\AutoKMS\AutoKMS.exe
2015-01-05 12:47:17 B9C125314A025127FE562C116D614AA3 178824 ----a-w- C:\MSOCache\All Users\{90150000-0011-0000-1000-0000000FF1CE}-C\ose.exe
2015-01-05 12:45:59 2C430C0A60E3B669D37B25B09F4BE8EF 214664 ----a-w- C:\MSOCache\All Users\{90150000-0011-0000-1000-0000000FF1CE}-C\setup.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-329715560-4119546054-269688802-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"
"KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"KiesPDLR.exe"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run"
"GizmoDriveDelegate"="C:\Program Files (x86)\Gizmo\gizmo.exe /RemountStartupImages"

[HKEY_USERS\S-1-5-21-329715560-4119546054-269688802-1004\Software\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-329715560-4119546054-269688802-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"VAWinAgent"="C:\ExpressGateUtil\VAWinAgent.exe"
"UpdatePSTShortCut"="C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Cyberlink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter"
"SonicMasterTray"="C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe"
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"FLxHCIm"="C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"
"KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"KiesPDLR.exe"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run"
"GizmoDriveDelegate"="C:\Program Files (x86)\Gizmo\gizmo.exe /RemountStartupImages"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice"
"snp2uvc"="C:\Windows\vsnp2uvc.exe"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 "
"IntelWireless"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel Wireless Tray"
"IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
"ETDWare"="%ProgramFiles%\Elantech\ETDCtrl.exe"
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"AtherosBtStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"AthBtTray"="C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]
"command"="C:\\Windows\\AsScrPro.exe"
"hkey"="HKLM"
"item"="ASUS Screen Saver Protector"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
"hkey"="HKLM"
"item"="RtHDVCpl"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"


==== Startup Folders ======================

2013-10-26 14:22:12 1139 ----a-w- C:\Users\Teodora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2012-04-25 01:53:22 834 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
2013-05-21 21:15:11 2617 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
2012-10-31 23:32:34 2753 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2013 Fast Start.lnk
2012-04-25 01:53:22 1330 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [01/01/2015 07:32 PM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-TEA-PC-Teodora" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe]
"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe]
"C:\Windows\SysNative\tasks\ASUS Patch 10430001" [C:\Windows\AsPatch10430001.exe]
"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe]
"C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe]
"C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\KMS Activation for Office" [C:\Windows\KMSAct.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{6E7218E1-25E5-422F-BBE5-1BEA10A8E92C}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B}" [C:\Program Files (x86)\Gizmo\gizmo.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Teodora\AppData\Roaming\Mozilla\Firefox\Profiles\j017cgj5.default
- Undetermined - {9AA46F4F-4DC7-4c06-97AF-5035170634FE}
- ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Teodora\AppData\Roaming\Mozilla\Firefox\Profiles\j017cgj5.default
424899266BA430CCE5DDB6C1B4BE1B99 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash
6C6A2C5957AD53255B2F2EDCCD42FC76 - C:\Users\Teodora\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash
CE252B04FB9F4F773A7DB5338BFEEA5B - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL - CANON iMAGE GATEWAY Album Plugin Utility


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{37009B19-84D1-49BE-BEFC-74529482D52D} Yahoo//search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811_yserp&p={searchTerms}"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Sat 01/10/2015 at 18:53:17.91 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ovo mi izgleda čisto. Kakvo je sada stanje?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

pa desavalo se da nece da udje u my computer...da ucitava i nista dok ne odem na log off ili restart...sada mi deluje ok,proveraovao sam ga i sa antivirusom i malverom i nije nista nasao

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Obavićemo još ARK provjeru.

Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;


• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.




>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.




Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.