MyCity » Ambulanta -> Arhiva Ambulante » Problem sa iskacucim prozorima 2

Problem sa iskacucim prozorima 2

Napisano na dan: 4.1.2015

Strana:
1
2

Problem sa iskacucim prozorima 2

Sledeća strana

Pagination

Odgovori

Strana:
1
2

MiG-29M2 Poslao: 04 Jan 2015 11:27 Idi na vrh
offline MiG-29M2 Građanin Istoričar Pridružio: 02 Sep 2012 Poruke: 86 Gde živiš: Moskva, Rusija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pozdrav ljudi, Jedan moj drug ima problem sa iskacucim prozorima koji je mnogo gori nego sto je moj bio. Pored ovog njemu se kad god klikne na nesto na nekoj stranici otvaraju se nove stranice i tako u nedogled..antivirus koji korsiti jeste Microsoft Essentials Security ali on bas ne pomaze..konekcija koju koristi jeste wireless koji ima po celoj kuci tako da nisam bas u stanju da ocenim koja mu je brzina. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-01-2015 03 Ran by Kozlina (administrator) on KOZLINA-PC on 04-01-2015 11:12:12 Running from C:\Users\Kozlina\Desktop Loaded Profile: Kozlina (Available profiles: Kozlina) Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe (Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (BitTorrent Inc.) C:\Users\Kozlina\AppData\Roaming\uTorrent\uTorrent.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe () C:\Program Files\SupTab\HpUI.exe () C:\Program Files\SupTab\Loader32.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Qwerty) C:\Program Files\TornPlusTV_version1.11\9331db4e-d667-47cd-ac8f-5695ffe63912-6.exe (Microsoft Corporation) C:\Windows\System32\mspaint.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (HDPlus-3.1TotalV02.01) C:\Program Files\TotalPlusHD-3.1V02.01\bf3367c1-8cc8-4536-b41b-858fc70feb7e-6.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\PING.EXE ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6323928 2013-06-27] (Realtek Semiconductor) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKU\S-1-5-21-1525115900-622450574-1316485768-1000\...\Run: [uTorrent] => C:\Users\Kozlina\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2015-01-02] (BitTorrent Inc.) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-11-21] (Microsoft Corporation) Startup: C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\act1.bat () HKLM\...\AppCertDlls: [x64] -> c:\program files\movies app\datamngr\x64\apcrtldr.dll <===== ATTENTION HKLM\...\AppCertDlls: [x86] -> c:\program files\movies app\datamngr\apcrtldr.dll <===== ATTENTION GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = isearch.omiga-plus.com/?type=hp&ts=1420.....14MHZDGGSX HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = isearch.omiga-plus.com/web/?type=ds&ts=.....GSX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = isearch.omiga-plus.com/?type=hp&ts=1420.....14MHZDGGSX HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = isearch.omiga-plus.com/web/?type=ds&ts=.....GSX&q={searchTerms} HKU\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Main,Start Page = isearch.omiga-plus.com/?type=hp&ts=1420.....14MHZDGGSX HKU\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp HKU\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = isearch.omiga-plus.com/?type=hp&ts=1420.....14MHZDGGSX StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe isearch.omiga-plus.com/?type=sc&ts=1420.....14MHZDGGSX SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = isearch.omiga-plus.com/web/?type=ds&ts=.....GSX&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = isearch.omiga-plus.com/web/?type=ds&ts=.....GSX&q={searchTerms} SearchScopes: HKU\S-1-5-21-1525115900-622450574-1316485768-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = isearch.omiga-plus.com/web/?type=ds&ts=.....GSX&q={searchTerms} SearchScopes: HKU\S-1-5-21-1525115900-622450574-1316485768-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = isearch.omiga-plus.com/web/?type=ds&ts=.....GSX&q={searchTerms} BHO: TotalPlusHD-3.1V02.01 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files\TotalPlusHD-3.1V02.01\TotalPlusHD-3.1V02.01-bho.dll (HDPlus-3.1TotalV02.01) BHO: TornPlusTV_version1.11 -> {11111111-1111-1111-1111-110611881155} -> C:\Program Files\TornPlusTV_version1.11\TornPlusTV_version1.11-bho.dll (Qwerty) BHO: Speed Test -> {319A461D-5202-4578-9EDC-CA35B9C0B561} -> C:\Program Files\Speed Test\ScriptHost.dll (BestOffers) BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: PortalMore -> {b4fdb093-34f6-4a49-8133-61b3072261ac} -> C:\Program Files\PortalMore\PortalMorebho.dll (PortalMore) BHO: Movies Search App (Dist. by Bandoo Media, Inc.) -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Movies Search App (Dist. by Bandoo Media, Inc.) - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 212.200.191.166 212.200.190.166 FireFox: ======== FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKU\S-1-5-21-1525115900-622450574-1316485768-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kozlina\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF HKU\S-1-5-21-1525115900-622450574-1316485768-1000\...\Firefox\Extensions: [speedtest211@BestOffers] - C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers FF Extension: Speed Test - C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers [2014-11-07] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Movies App) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaigjndjblmpeckabiffcpogflfgl [2014-08-07] CHR Extension: (Google Docs) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-29] CHR Extension: (Google Drive) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-29] CHR Extension: (YouTube) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-29] CHR Extension: (Google Search) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-29] CHR Extension: (TotalPlusHD-3.1V02.01) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb [2015-01-02] CHR Extension: (Google Wallet) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-29] CHR Extension: (Gmail) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-29] CHR HKLM\...\Chrome\Extension: [aaaaaigjndjblmpeckabiffcpogflfgl] - C:\Users\Kozlina\AppData\Local\ilividbandoomoviestoolbar\GC\toolbar.crx [2014-07-03] CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe isearch.omiga-plus.com/?type=sc&ts=1420.....14MHZDGGSX ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277024 2012-10-11] (Intel Corporation) S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-02] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-02] (globalUpdate) [File not signed] R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2015-01-02] (Cherished Technololgy LIMITED) S4 MaintainerSvc2.60.0411857; C:\ProgramData\4c0f6683-2f83-421e-8410-9d669d28d41d\maintainer.exe [123632 2014-11-09] () R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation) S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-19] (Nero AG) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation) S4 Update PortalMore; C:\Program Files\PortalMore\updatePortalMore.exe [526064 2014-11-09] () S4 Util PortalMore; C:\Program Files\PortalMore\bin\utilPortalMore.exe [526064 2014-11-09] () R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [473088 2015-01-02] (Fuyu LIMITED) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2012-10-18] (Atheros Communications, Inc.) R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [40936 2013-01-19] () R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-20] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation) S3 usbcamcl; C:\Windows\System32\DRIVERS\usbcamcl.sys [28416 2011-08-18] (usb camera) R1 {169497b9-55ad-4428-8f84-60e3161c1843}Gw; C:\Windows\System32\drivers\{169497b9-55ad-4428-8f84-60e3161c1843}Gw.sys [43152 2014-11-07] (StdLib) S3 MSICDSetup; \??\D:\CDriver.sys [X] S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-04 11:12 - 2015-01-04 11:13 - 00014239 _____ () C:\Users\Kozlina\Desktop\FRST.txt 2015-01-04 11:11 - 2015-01-04 11:12 - 00000000 ____D () C:\FRST 2015-01-04 11:10 - 2015-01-04 11:10 - 01115136 _____ (Farbar) C:\Users\Kozlina\Desktop\FRST.exe 2015-01-03 12:55 - 2015-01-03 12:55 - 01720572 _____ () C:\Users\Kozlina\Downloads\MPlayerX.dmg 2015-01-02 23:03 - 2015-01-02 23:03 - 00840936 _____ () C:\Users\Kozlina\Downloads\installer_adobe_flash_player_English.exe 2015-01-02 10:57 - 2015-01-04 10:57 - 00005510 _____ () C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-6.job 2015-01-02 10:57 - 2015-01-04 10:57 - 00005174 _____ () C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-7.job 2015-01-02 10:57 - 2015-01-04 10:57 - 00003122 _____ () C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-1.job 2015-01-02 10:57 - 2015-01-04 10:57 - 00002438 _____ () C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5_user.job 2015-01-02 10:57 - 2015-01-04 10:57 - 00002438 _____ () C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5.job 2015-01-02 10:57 - 2015-01-04 10:57 - 00002102 _____ () C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-2.job 2015-01-02 10:57 - 2015-01-04 10:57 - 00001346 _____ () C:\Windows\Tasks\ZKKYDE.job 2015-01-02 10:57 - 2015-01-02 10:57 - 01843688 _____ (HDPlus-3.1TotalV02.01) C:\Users\Kozlina\AppData\Roaming\ZKKYDE.exe 2015-01-02 10:57 - 2015-01-02 10:57 - 00175592 _____ () C:\Program Files\Common Files\0983c878-a203-4197-9495-b3d5ab33089b.dll 2015-01-02 10:57 - 2015-01-02 10:57 - 00000000 ____D () C:\Program Files\33ebf18a-1566-4fc0-a4b1-be8d632ada1c 2015-01-02 10:56 - 2015-01-04 11:01 - 00004150 _____ () C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-3.job 2015-01-02 10:56 - 2015-01-02 10:57 - 00000000 ____D () C:\Program Files\TotalPlusHD-3.1V02.01 2015-01-02 10:56 - 2015-01-02 10:56 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2015-01-02 10:56 - 2015-01-02 10:56 - 00000000 ____D () C:\ProgramData\IePluginServices 2015-01-02 10:56 - 2015-01-02 10:56 - 00000000 ____D () C:\Program Files\SupTab 2015-01-02 10:55 - 2015-01-04 10:55 - 00003126 _____ () C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-1.job 2015-01-02 10:55 - 2015-01-04 10:55 - 00002440 _____ () C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5_user.job 2015-01-02 10:55 - 2015-01-04 10:55 - 00002440 _____ () C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5.job 2015-01-02 10:55 - 2015-01-04 10:55 - 00002104 _____ () C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-2.job 2015-01-02 10:54 - 2015-01-04 11:02 - 00000990 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2015-01-02 10:54 - 2015-01-04 11:01 - 00000986 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2015-01-02 10:54 - 2015-01-04 10:54 - 00005512 _____ () C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-6.job 2015-01-02 10:54 - 2015-01-04 10:54 - 00005176 _____ () C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-7.job 2015-01-02 10:54 - 2015-01-04 10:54 - 00001342 _____ () C:\Windows\Tasks\XAGF.job 2015-01-02 10:54 - 2015-01-02 10:55 - 00000000 ____D () C:\Program Files\TornPlusTV_version1.11 2015-01-02 10:54 - 2015-01-02 10:55 - 00000000 ____D () C:\Program Files\558bcab5-a400-4fb8-8ee6-3c37022beeeb 2015-01-02 10:54 - 2015-01-02 10:54 - 01843688 _____ (Qwerty) C:\Users\Kozlina\AppData\Roaming\XAGF.exe 2015-01-02 10:54 - 2015-01-02 10:54 - 00000000 ____D () C:\Users\Kozlina\AppData\Local\globalUpdate 2015-01-02 10:54 - 2015-01-02 10:54 - 00000000 ____D () C:\Program Files\globalUpdate 2014-12-30 12:13 - 2014-12-30 12:13 - 00087633 _____ () C:\Users\Kozlina\Downloads\akcioniplan (2).zip 2014-12-30 11:53 - 2014-12-30 11:53 - 00087633 _____ () C:\Users\Kozlina\Downloads\akcioniplan (1).zip 2014-12-30 11:51 - 2014-12-30 11:51 - 00087633 _____ () C:\Users\Kozlina\Downloads\akcioniplan.zip 2014-12-30 11:50 - 2014-12-30 11:50 - 00000000 ____D () C:\Users\Kozlina\Desktop\mama i lenka 2014-12-22 12:42 - 2014-12-22 12:49 - 00000000 ____D () C:\Users\Kozlina\Desktop\New folder 2014-12-10 17:00 - 2014-12-10 17:00 - 00000000 ____D () C:\Windows\system32\appraiser 2014-12-10 14:18 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-12-10 14:18 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-12-10 14:18 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-12-10 14:18 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-12-10 14:18 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-12-10 07:55 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2014-12-10 07:55 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2014-12-10 07:55 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-12-10 07:55 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-12-10 07:55 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-12-10 07:55 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-12-10 07:55 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-12-10 07:55 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2014-12-10 07:55 - 2014-11-24 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-12-10 07:55 - 2014-11-24 21:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-10 07:55 - 2014-11-24 21:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-10 07:55 - 2014-11-24 21:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-10 07:55 - 2014-11-24 21:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-10 07:55 - 2014-11-24 21:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-10 07:55 - 2014-11-24 21:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-10 07:55 - 2014-11-24 21:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-12-10 07:55 - 2014-11-24 21:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-10 07:55 - 2014-11-24 21:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-12-10 07:55 - 2014-11-24 21:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-10 07:55 - 2014-11-24 21:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-10 07:55 - 2014-11-24 21:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-10 07:55 - 2014-11-24 21:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-10 07:55 - 2014-11-24 21:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-12-10 07:55 - 2014-11-24 21:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-10 07:55 - 2014-11-24 21:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-10 07:55 - 2014-11-24 21:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-10 07:55 - 2014-11-24 21:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-10 07:55 - 2014-11-24 21:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-10 07:55 - 2014-11-24 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-12-10 07:55 - 2014-11-24 21:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-12-10 07:55 - 2014-11-11 03:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-10 07:55 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2014-12-10 07:55 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-10 07:54 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2014-12-10 07:54 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-12-10 07:54 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-10 07:54 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2014-12-10 07:54 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2014-12-10 07:54 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-04 11:12 - 2014-04-15 17:37 - 00000088 ____R () C:\Windows\system32\config\rev_MasterServers.vdf 2015-01-04 11:12 - 2014-04-15 17:37 - 00000088 ____R () C:\Windows\system32\config\MasterServers.vdf 2015-01-04 11:11 - 2014-04-15 17:39 - 00000000 ____D () C:\Users\Kozlina\AppData\Roaming\uTorrent 2015-01-04 11:11 - 2009-07-14 05:34 - 00014576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-04 11:11 - 2009-07-14 05:34 - 00014576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-04 11:02 - 2014-03-29 17:25 - 01177632 _____ () C:\Windows\WindowsUpdate.log 2015-01-04 10:53 - 2014-10-30 11:02 - 00000000 ____D () C:\Users\Kozlina\Desktop\1 2015-01-04 10:32 - 2014-03-29 18:17 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-04 10:32 - 2014-03-29 18:17 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-04 09:09 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-04 09:09 - 2009-07-14 05:39 - 00068952 _____ () C:\Windows\setupact.log 2015-01-02 16:27 - 2014-03-29 18:33 - 00047674 _____ () C:\Windows\PFRO.log 2015-01-02 10:55 - 2014-03-29 18:18 - 00002343 _____ () C:\Users\Kozlina\Desktop\Google Chrome.lnk 2015-01-02 10:55 - 2014-03-29 17:26 - 00001627 _____ () C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-01-02 10:55 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\DVD Maker 2014-12-30 16:01 - 2014-03-29 17:31 - 00730320 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-13 03:53 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-12-10 17:00 - 2014-07-10 00:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-12-10 17:00 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat 2014-12-10 14:19 - 2014-05-24 00:57 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-12-10 14:17 - 2014-03-30 07:53 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-10 14:13 - 2014-03-30 07:53 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-12-07 22:44 - 2014-03-29 18:21 - 00000000 ____D () C:\Users\Kozlina\AppData\Roaming\Skype Some content of TEMP: ==================== C:\Users\Kozlina\AppData\Local\Temp\CloudBackup8264.exe C:\Users\Kozlina\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Kozlina\AppData\Local\Temp\Runner2.exe C:\Users\Kozlina\AppData\Local\Temp\Runner4.exe C:\Users\Kozlina\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Kozlina\AppData\Local\Temp\SkypeSetup.exe C:\Users\Kozlina\AppData\Local\Temp\ttv.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-04 10:25 ==================== End Of Log ============================ mycity.rs/must-login.png

Profil

magna86 Poslao: 04 Jan 2015 12:57 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav MiG-29M2, Tvoj drug ima veoma inficiran racunar. Molim vas da ostanete sa mnom do kraja. Imajte na umu da ce za ovaj vid dezinfekcije trebati vise rundi za potpuno uklanjanje ali ce rezultati biti ocigledni. Prvo sto je potrebno uraditi jeste iz Start > Control Panel > Programs and Features pokusati deinstalirati sledece: - PortalMore - Speed Test App - TornPlusTV_version1.11 - TotalPlusHD-3.1V02.01 Ukoliko bilo sta odbija deinstalaciju, prosto preskoci i predji na sledeci program. U svakom slucaju, odradi sledece: Preuzmi smeenk-ov zoek () sa ovog ili ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver, Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: Uninstall-List; C:\Windows\system32\appraiser;vs ResetIEProxy; IEDefaults; ipconfig /flushdns >> %temp%\log.txt;b bitsadmin /reset /allusers >> %temp%\log.txt;b EmptyCLSID; {11111111-1111-1111-1111-110611321185};c {11111111-1111-1111-1111-110611881155};c {319A461D-5202-4578-9EDC-CA35B9C0B561};c {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C};c {b4fdb093-34f6-4a49-8133-61b3072261ac};c {c0caa5fe-7c9c-4dca-a265-63cf55379d1a};c {c0caa5fe-7c9c-4dca-a265-63cf55379d1a};c EmptyFoldersCheck; c:\program files\movies app;fs C:\Program Files\TotalPlusHD-3.1V02.01;fs C:\Program Files\TornPlusTV_version1.11;fs C:\Program Files\Speed Test;fs C:\Program Files\SupTab;fs C:\Program Files\PortalMore;fs C:\PROGRA~1\MOVIES~1;fs C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers;f C:\Users\Kozlina\AppData\Local\ilividbandoomoviestoolbar;fs C:\Program Files\globalUpdate;fs C:\ProgramData\4c0f6683-2f83-421e-8410-9d669d28d41d;fs C:\Program Files\PortalMore;fs C:\ProgramData\WindowsMangerProtect;fs C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-6.job;f C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-7.job;f C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-1.job;f C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5_user.job;f C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5.job;f C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-2.job;f C:\Windows\Tasks\ZKKYDE.job;f C:\Users\Kozlina\AppData\Roaming\ZKKYDE.exe;f C:\Program Files\Common Files\0983c878-a203-4197-9495-b3d5ab33089b.dll;f C:\Program Files\33ebf18a-1566-4fc0-a4b1-be8d632ada1c;f C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-3.job;f C:\Program Files\TotalPlusHD-3.1V02.01;f C:\ProgramData\WindowsMangerProtect;f C:\ProgramData\IePluginServices;f C:\Program Files\SupTab;f C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-1.job;f C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5_user.job;f C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5.job;f C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-2.job;f C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job;f C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job;f C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-6.job;f C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-7.job;f C:\Windows\Tasks\XAGF.job;f C:\Program Files\TornPlusTV_version1.11;f C:\Program Files\558bcab5-a400-4fb8-8ee6-3c37022beeeb;f C:\Users\Kozlina\AppData\Roaming\XAGF.exe;f C:\Users\Kozlina\AppData\Local\globalUpdate;f C:\Program Files\globalUpdate;f C:\Program Files\MyPC Backup;f C:\Program Files\TornPlusTV_version1.11;f C:\Users\Kozlina\AppData\Roaming\XAGF.exe;f C:\windows\System32\Tasks\LaunchSignup;f C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineUA;f C:\windows\System32\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5_user;f C:\windows\System32\Tasks\XAGF;f C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5_user;f C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-2;f C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-1;f C:\windows\System32\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5;f C:\windows\System32\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-6;f C:\windows\System32\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-7;f C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-3;f C:\windows\System32\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-2;f C:\windows\System32\Tasks\ZKKYDE;f C:\windows\System32\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-1;f C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5;f C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineCore;f C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-6;f C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-7;f C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-1.job;f C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-2.job;f C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5.job;f C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5_user.job;f C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-6.job;f C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-7.job;f C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-1.job;f C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-2.job;f C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-3.job;f C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5.job;f C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5_user.job;f C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-6.job;f C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-7.job;f C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job;f C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job;f C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job;f C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job;f C:\Windows\Tasks\XAGF.job;f C:\Users\Kozlina\AppData\Roaming\XAGF.exe;f C:\Windows\Tasks\ZKKYDE.job;f C:\Users\Kozlina\AppData\Roaming\ZKKYDE.exe;f C:^Users^Kozlina^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk;f C:\Windows\pss\MyPC Backup.lnk.Startup;f FilesRCM; StartupAll; [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PortalMore];r [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speed Test)];r [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TornPlusTV_version1.11];r [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TotalPlusHD-3.1V02.01];r [-HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2];r FFDefaults; speedtest211@BestOffers;ff CHRDefaults; aaaaaigjndjblmpeckabiffcpogflfgl;chr ljefoakgfhcoeobgicjgejglnpfpemgb;chr aaaaaigjndjblmpeckabiffcpogflfgl;chr FirefoxLook; ChromeLook; globalUpdate;s globalUpdatem;s MaintainerSvc2.60.0411857;s Update PortalMore;s Util PortalMore;s WindowsMangerProtect;s ResetHosts; EmptyAllTemp; Reboot; Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

MiG-29M2 Poslao: 04 Jan 2015 14:09 Idi na vrh
offline MiG-29M2 Građanin Istoričar Pridružio: 02 Sep 2012 Poruke: 86 Gde živiš: Moskva, Rusija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe v5.0.0.0 Updated 31-12-2014 Tool run by Kozlina on Sun 01/04/2015 at 13:59:23.54. Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Kozlina\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 1/4/2015 2:00:35 PM Zoek.exe System Restore Point Created Succesfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\Program Files\Common Files\Symantec Shared C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} C:\Users\Kozlina\AppData\Roaming\rmi C:\Users\Kozlina\AppData\Local\CRE C:\Users\Kozlina\AppData\Local\VirtualStore ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{319A461D-5202-4578-9EDC-CA35B9C0B561} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully HKEY_CLASSES_ROOT\CLSID\{319A461D-5202-4578-9EDC-CA35B9C0B561} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{319A461D-5202-4578-9EDC-CA35B9C0B561} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully HKEY_CLASSES_ROOT\CLSID\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdatem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MaintainerSvc2.60.0411857 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MaintainerSvc2.60.0411857 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update PortalMore deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update PortalMore deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util PortalMore deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util PortalMore deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PortalMore] [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speed Test)] [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TornPlusTV_version1.11] [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TotalPlusHD-3.1V02.01] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2] ==== Batch Command(s) Run By Tool====================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. 0 out of 0 jobs canceled. ==== Deleting Files \ Folders ====================== c:\program files\movies app not found C:\Program Files\TotalPlusHD-3.1V02.01 not found C:\Program Files\TornPlusTV_version1.11 not found C:\PROGRA~1\MOVIES~1 not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-6.job" not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-7.job" not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-1.job" not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5_user.job" not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5.job" not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-2.job" not found "C:\Program Files\Common Files\0983c878-a203-4197-9495-b3d5ab33089b.dll" not found "C:\Program Files\33ebf18a-1566-4fc0-a4b1-be8d632ada1c" not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-3.job" not found "C:\Program Files\TotalPlusHD-3.1V02.01" not found "C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-1.job" not found "C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5_user.job" not found "C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5.job" not found "C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-2.job" not found "C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-6.job" not found "C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-7.job" not found "C:\Program Files\TornPlusTV_version1.11" not found "C:\Program Files\558bcab5-a400-4fb8-8ee6-3c37022beeeb" not found "C:\Program Files\MyPC Backup" not found "C:\Program Files\TornPlusTV_version1.11" not found "C:\windows\System32\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5_user" not found "C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5_user" not found "C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-2" not found "C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-1" not found "C:\windows\System32\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5" not found "C:\windows\System32\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-6" not found "C:\windows\System32\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-7" not found "C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-3" not found "C:\windows\System32\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-2" not found "C:\windows\System32\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-1" not found "C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5" not found "C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-6" not found "C:\windows\System32\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-7" not found "C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-1.job" not found "C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-2.job" not found "C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5.job" not found "C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-5_user.job" not found "C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-6.job" not found "C:\Windows\Tasks\9331db4e-d667-47cd-ac8f-5695ffe63912-7.job" not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-1.job" not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-2.job" not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-3.job" not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5.job" not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-5_user.job" not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-6.job" not found "C:\Windows\Tasks\bf3367c1-8cc8-4536-b41b-858fc70feb7e-7.job" not found "C:^Users^Kozlina^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk" not found C:\Program Files\Speed Test deleted C:\Program Files\PortalMore deleted C:\Users\Kozlina\AppData\Local\ilividbandoomoviestoolbar deleted C:\Program Files\globalUpdate deleted C:\ProgramData\4c0f6683-2f83-421e-8410-9d669d28d41d deleted C:\ProgramData\WindowsMangerProtect deleted "C:\Windows\Tasks\ZKKYDE.job" deleted "C:\Users\Kozlina\AppData\Roaming\ZKKYDE.exe" deleted "C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job" deleted "C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job" deleted "C:\Windows\Tasks\XAGF.job" deleted "C:\Users\Kozlina\AppData\Roaming\XAGF.exe" deleted "C:\Users\Kozlina\AppData\Roaming\XAGF.exe" deleted "C:\windows\System32\Tasks\LaunchSignup" deleted "C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineUA" deleted "C:\windows\System32\Tasks\XAGF" deleted "C:\windows\System32\Tasks\ZKKYDE" deleted "C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineCore" deleted "C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job" deleted "C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job" deleted "C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job" deleted "C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job" deleted "C:\Windows\Tasks\XAGF.job" deleted "C:\Users\Kozlina\AppData\Roaming\XAGF.exe" deleted "C:\Windows\Tasks\ZKKYDE.job" deleted "C:\Users\Kozlina\AppData\Roaming\ZKKYDE.exe" deleted "C:\Windows\pss\MyPC Backup.lnk.Startup" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome.manifest" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\icon.png" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\install.rdf" deleted "C:\ProgramData\IePluginServices\PluginService.exe" deleted "C:\Program Files\SupTab\HpUI.exe" deleted "C:\Program Files\SupTab\Loader32.exe" deleted "C:\Program Files\SupTab\msvcp110.dll" deleted "C:\Program Files\SupTab\msvcr110.dll" not deleted "C:\Program Files\SupTab\WindowsSupportDll32.dll" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\background.html" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\button.js" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\button.xml" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\config.js" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\content.js" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\framework.js" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\framework.png" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\framework.xul" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon128.ico" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon128.png" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon16.ico" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon16.png" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon18.ico" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon18.png" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon24.ico" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon24.png" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon32.ico" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon32.png" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon48.ico" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon48.png" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon64.ico" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\icon64.png" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\jquery-1.9.1.min.js" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\options.xul" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\rjs.js" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\settings.json" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content\subscriptloader.js" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\skin\framework.css" deleted "C:\ProgramData\IePluginServices\update\conf" deleted "C:\Program Files\SupTab\HpUI.exe" deleted "C:\Program Files\SupTab\Loader32.exe" deleted "C:\Program Files\SupTab\msvcp110.dll" deleted "C:\Program Files\SupTab\msvcr110.dll" not deleted "C:\Program Files\SupTab\WindowsSupportDll32.dll" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers" deleted "C:\ProgramData\IePluginServices" not deleted "C:\Program Files\SupTab" not deleted "C:\Users\Kozlina\AppData\Local\globalUpdate" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\content" deleted "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers\chrome\skin" deleted "C:\ProgramData\IePluginServices\update" deleted "C:\Users\Kozlina\AppData\Local\globalUpdate\CrashReports" deleted "C:\Program Files\SupTab" not deleted ==== Files Found In C:\Windows\system32\appraiser ====================== 2014-11-12 23:22:04 1764 ----a-w- DB75B25DBD19426BDDFA2F304BB6186C C:\Windows\system32\APPRAI~1\hwexclude.txt --- C:\Windows\system32\appraiser\hwexclude.txt 2014-11-12 23:22:04 855814 ----a-w- 004821B661A49BAB2E8E51A9FF0482BB C:\Windows\system32\APPRAI~1\hwcompat.txt --- C:\Windows\system32\appraiser\hwcompat.txt 2014-12-02 23:27:31 5595118 ----a-w- B02B4B8924F019BDE57484A55DC5CA57 C:\Windows\system32\APPRAI~1\appraiser.sdb --- C:\Windows\system32\appraiser\appraiser.sdb ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Kozlina\AppData\Local\Temp ==== 2015-01-02 09:56:52 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.147780\psmachine.dll 2015-01-02 09:56:52 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.147780\GoogleUpdateHelper.msi 2015-01-02 09:56:52 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.147780\GoogleUpdateBroker.exe 2015-01-02 09:56:52 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.147780\GoogleUpdate.exe 2015-01-02 09:56:52 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.147780\psuser.dll 2015-01-02 09:56:52 87FCCB7D02C5421AE88A025E87E02705 761856 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.147780\goopdate.dll 2015-01-02 09:56:52 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.147780\GoogleUpdateOnDemand.exe 2015-01-02 09:56:52 0F78D26BE5A860913AF04E09CC6DB51F 220672 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.147780\npGoogleUpdate4.dll 2015-01-02 09:56:52 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.147780\GoogleCrashHandler.exe 2015-01-02 09:54:39 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.356880\psuser.dll 2015-01-02 09:54:38 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.356880\psmachine.dll 2015-01-02 09:54:38 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.356880\GoogleUpdateHelper.msi 2015-01-02 09:54:38 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.356880\GoogleUpdateBroker.exe 2015-01-02 09:54:38 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.356880\GoogleUpdate.exe 2015-01-02 09:54:38 87FCCB7D02C5421AE88A025E87E02705 761856 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.356880\goopdate.dll 2015-01-02 09:54:38 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.356880\GoogleUpdateOnDemand.exe 2015-01-02 09:54:38 0F78D26BE5A860913AF04E09CC6DB51F 220672 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.356880\npGoogleUpdate4.dll 2015-01-02 09:54:37 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.356880\GoogleCrashHandler.exe 2014-12-30 15:13:28 C957F51C4931A3602240DEB518A0EB30 436288 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\ttv.exe 2014-12-28 23:13:18 633BDFE0FBF8FD12853E5386E188465A 473088 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\~dl7CC\~dljyb\tmp\wpm_v20.0.0.1337.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== 2014-12-10 06:55:39 7FE680A3DFA421C4A8E4879AE4C5AAB0 74752 ----a-w- C:\Windows\System32\drivers\tdx.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-01-02 09:56:11 -------- d-----w- C:\Program Files\SupTab ======= C: ===== ====== C:\Users\Kozlina\AppData\Roaming ====== ====== C:\Users\Kozlina ====== 2015-01-04 10:10:07 E3BC5CE455575084592062509806F57E 1115136 ----a-w- C:\Users\Kozlina\Desktop\FRST.exe 2015-01-02 22:03:27 5785F925CB69BBC21E7CE697DD912984 840936 ----a-w- C:\Users\Kozlina\Downloads\installer_adobe_flash_player_English.exe 2015-01-02 09:56:18 -------- d-----w- C:\ProgramData\IePluginServices ====== C: exe-files == 2015-01-04 10:10:07 E3BC5CE455575084592062509806F57E 1115136 ----a-w- C:\Users\Kozlina\Desktop\FRST.exe 2015-01-02 22:03:27 5785F925CB69BBC21E7CE697DD912984 840936 ----a-w- C:\Users\Kozlina\Downloads\installer_adobe_flash_player_English.exe 2015-01-02 21:45:22 F33016AC525F84FAD10BF1BD12C1D18D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IQ1WB3D.exe 2015-01-02 21:45:22 CE16896524FFC967DC22A1CCEACAB7F0 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IB37GBF.exe 2015-01-02 21:45:22 B3A21DE82633292DAD9A05BFB8430857 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IL8ESUA.exe 2015-01-02 21:45:22 9988CBC15CADA725CC0A228AC89C1EE6 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$I4GTI00.exe 2015-01-02 21:45:22 71C07792FEDE83AAB27A2379C79CA015 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IRHQJFD.exe 2015-01-02 21:45:22 2875BAF57D019173D0EA298EF31EEE72 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IVYQHNO.exe 2015-01-02 21:45:22 1C1590CF6F16E2910C927969B5C22756 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IFCZXUL.exe 2015-01-02 21:45:22 1856AFD5BFF9F2CBBE0430DAD16508F4 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IZKVJEZ.exe 2015-01-02 21:32:29 5785F925CB69BBC21E7CE697DD912984 840936 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$R4GTI00.exe 2015-01-02 21:20:47 135694CAC973089523442C4A9F3DBC3B 595488 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$RZKVJEZ.exe 2015-01-02 21:18:05 135694CAC973089523442C4A9F3DBC3B 595488 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$RFCZXUL.exe 2015-01-02 20:30:46 135694CAC973089523442C4A9F3DBC3B 595488 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$RB37GBF.exe 2015-01-02 15:54:07 E3E7A43795B2E14A6F6049DC6118C76C 595032 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$RRHQJFD.exe 2015-01-02 15:43:55 0F8F29EC0D0775270D8004F43DC1BFAB 595032 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$RVYQHNO.exe 2015-01-02 15:43:05 8E6A6A5C594816DB694D8E88453ACA69 595032 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$RL8ESUA.exe 2015-01-02 15:31:44 0602B02EA967AE00E01A3F912B28F1D4 595496 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$RQ1WB3D.exe 2015-01-02 10:59:41 B1028051EAD3939DE2779F142300D143 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$I0WCMF2.exe 2015-01-02 10:59:41 85A047B9A692243B11D9A7621C76D25D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IUGE5BH.exe 2015-01-02 10:59:41 8059FC78F4EDDE554B0E087CBEE65056 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IDLLL6B.exe 2015-01-02 10:59:41 7AFC9B29C69285993852F35262985146 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IV2ZWYV.exe 2015-01-02 10:59:41 6284FC6F27D683B87BB1411E0A68389D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IXIRXNW.exe 2015-01-02 10:59:41 5A2E7F5FE8D2AD3A872F541DA94065B6 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IZVW0LX.exe 2015-01-02 10:59:41 2A0836334807E680E63799C600D279DF 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$I77V0ER.exe 2015-01-02 10:59:41 1F8A42E51F341C17D8EC344D402D4EC2 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$I2621KZ.exe 2015-01-02 10:59:41 1E95BCF34CD2E99EB9D7F9F51BCEE9E3 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IC4X3O4.exe 2015-01-02 10:59:22 0A87895F086C3E7FDF695053C546BA27 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$INOECCF.exe 2015-01-02 10:59:19 772F333C554956227D300C87AE85C950 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$IBNM60F.exe 2015-01-02 10:59:04 8EFAEFDE019D6211F9815F34B9B1C438 595024 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$RBNM60F.exe 2015-01-02 09:56:52 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.147780\GoogleUpdateBroker.exe 2015-01-02 09:56:52 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.147780\GoogleUpdate.exe 2015-01-02 09:56:52 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.147780\GoogleUpdateOnDemand.exe 2015-01-02 09:56:52 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.147780\GoogleCrashHandler.exe 2015-01-02 09:56:36 A56178B0AD3E3BA0F2C73AF9B1D0E040 6717 ----a-w- C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKAN3TZ5\yet_another_cleaner_cnt[1].exe 2015-01-02 09:54:38 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.356880\GoogleUpdateBroker.exe 2015-01-02 09:54:38 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.356880\GoogleUpdate.exe 2015-01-02 09:54:38 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.356880\GoogleUpdateOnDemand.exe 2015-01-02 09:54:37 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\comh.356880\GoogleCrashHandler.exe 2015-01-02 09:53:55 E042BB52530CDA8DF456FCC54B995D95 288408 ----a-w- C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3RVOMKQ\TornTV4Pack[1].exe 2015-01-02 09:53:27 C10E5EF1B85DE5B79AC2815C9A677D1F 1385808 ----a-w- C:\Users\Kozlina\AppData\Roaming\uTorrent\updates\3.4.2_35702.exe 2015-01-02 09:52:31 40650B9A450F095E5C32251D98DEA072 485176 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$R77V0ER.exe 2015-01-02 09:52:26 40650B9A450F095E5C32251D98DEA072 485176 ----a-w- C:\$Recycle.Bin\S-1-5-21-1525115900-622450574-1316485768-1000\$RZVW0LX.exe 2014-12-30 15:13:28 C957F51C4931A3602240DEB518A0EB30 436288 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\ttv.exe 2014-12-28 23:13:18 633BDFE0FBF8FD12853E5386E188465A 473088 ----a-w- C:\Users\Kozlina\AppData\Local\Temp\~dl7CC\~dljyb\tmp\wpm_v20.0.0.1337.exe === C: other files == 2015-01-02 09:55:56 1A91D4392CF86D86AAFDE0C817DE8364 3061211 ----a-w- C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3RVOMKQ\2[1].zip 2015-01-02 09:55:42 332AD9E025377F817827D035E646714A 2138186 ----a-w- C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66YJXPWJ\1[1].zip 2014-12-30 11:13:27 6AE1FB60BEAA3AC38DF4352CD2BF35DE 87633 ----a-w- C:\Users\Kozlina\Downloads\akcioniplan (2).zip 2014-12-30 10:53:02 73ECF1FA3C4B8E1246EBCA04BA35BE12 87633 ----a-w- C:\Users\Kozlina\Downloads\akcioniplan (1).zip 2014-12-30 10:51:39 B72A8656532AB35058824D8502E3DA9E 87633 ----a-w- C:\Users\Kozlina\Downloads\akcioniplan.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\Kozlina\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe -s" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\Kozlina\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GrooveMonitor" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Kozlina\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Kozlina^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk] "path"="C:\\Users\\Kozlina\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\MyPC Backup.lnk" "backup"="C:\\Windows\\pss\\MyPC Backup.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\MYPCBA~1\\MYPCBA~1.EXE " "item"="MyPC Backup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MaintainerSvc2.60.0411857] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NAUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Update PortalMore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Util PortalMore] ==== Startup Folders ====================== 2014-04-15 12:52:06 62 ----a-w- C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\act1.bat ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\{2DB875B8-2051-4355-9CD6-B95681392119}" ["c:\program files\google\chrome\application\chrome.exe"] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "speedtest211@BestOffers"="C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers" [] ==== Chromium Look ====================== Google Chrome Version: 34.0.1847.116 (Possible outdated, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaaigjndjblmpeckabiffcpogflfgl - C:\Users\Kozlina\AppData\Local\ilividbandoomoviestoolbar\GC\toolbar.crx[] YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fllpncaknoconjpflpohhnmhlllnbkie ThunderQQDownload FlashGet Files Downloader Pro - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\keoppklbljbnecjcpehjlmdcdibpdclf saovve net - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nahcnlklpnclmfjocbdhdddccglcmamj SearcHe-NNewTab - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okkmhbgeleeodphdbpabacfheebnjadd ThunderQQDownload FlashGet Files Downloader Pro - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\keoppklbljbnecjcpehjlmdcdibpdclf YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fllpncaknoconjpflpohhnmhlllnbkie ThunderQQDownload FlashGet Files Downloader Pro - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\keoppklbljbnecjcpehjlmdcdibpdclf saovve net - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nahcnlklpnclmfjocbdhdddccglcmamj SearcHe-NNewTab - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okkmhbgeleeodphdbpabacfheebnjadd YoutubeAdblocker - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fllpncaknoconjpflpohhnmhlllnbkie ThunderQQDownload FlashGet Files Downloader Pro - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\keoppklbljbnecjcpehjlmdcdibpdclf saovve net - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nahcnlklpnclmfjocbdhdddccglcmamj SearcHe-NNewTab - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okkmhbgeleeodphdbpabacfheebnjadd YoutubeAdblocker - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fllpncaknoconjpflpohhnmhlllnbkie ThunderQQDownload FlashGet Files Downloader Pro - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\keoppklbljbnecjcpehjlmdcdibpdclf saovve net - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nahcnlklpnclmfjocbdhdddccglcmamj SearcHe-NNewTab - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okkmhbgeleeodphdbpabacfheebnjadd YoutubeAdblocker - Kozlina\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fllpncaknoconjpflpohhnmhlllnbkie ThunderQQDownload FlashGet Files Downloader Pro - Kozlina\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\keoppklbljbnecjcpehjlmdcdibpdclf saovve net - Kozlina\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nahcnlklpnclmfjocbdhdddccglcmamj SearcHe-NNewTab - Kozlina\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okkmhbgeleeodphdbpabacfheebnjadd Movies App - Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaigjndjblmpeckabiffcpogflfgl Google Docs - Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia YoutubeAdblocker - Kozlina\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fllpncaknoconjpflpohhnmhlllnbkie ThunderQQDownload FlashGet Files Downloader Pro - Kozlina\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\keoppklbljbnecjcpehjlmdcdibpdclf saovve net - Kozlina\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nahcnlklpnclmfjocbdhdddccglcmamj SearcHe-NNewTab - Kozlina\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okkmhbgeleeodphdbpabacfheebnjadd ==== Chromium Startpages ====================== C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://google.rs/", "startup_urls": [ "http://www.google.rs/" ], ==== Chromium Fix ====================== C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.utorrent.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.utorrent.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lyricstranslate.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lyricstranslate.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.tekstovipjesamalyrics.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.tekstovipjesamalyrics.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.searchsun.info_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.searchsun.info_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.ak.facebook.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.ak.facebook.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.astronomija.co.rs_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.astronomija.co.rs_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.fjcdn.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.fjcdn.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_t.goadservices.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_t.goadservices.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.omiga-plus.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.omiga-plus.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.speedanalysis.net_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.speedanalysis.net_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adblock-plus.en.softonic.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adblock-plus.en.softonic.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage-journal deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaigjndjblmpeckabiffcpogflfgl deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://isearch.omiga-plus.com/?type=hp&ts=1420192551&from=ild&uid=TOSHIBAXDT01ACA050_14MHZDGGSXX14MHZDGGSX" "Default_Page_URL"="http://isearch.omiga-plus.com/?type=hp&ts=1420192551&from=ild&uid=TOSHIBAXDT01ACA050_14MHZDGGSXX14MHZDGGSX" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://isearch.omiga-plus.com/web/?type=ds&ts=1420192551&from=ild&uid=TOSHIBAXDT01ACA050_14MHZDGGSXX14MHZDGGSX&q={searchTerms}" "Default_Page_URL"="http://isearch.omiga-plus.com/?type=hp&ts=1420192551&from=ild&uid=TOSHIBAXDT01ACA050_14MHZDGGSXX14MHZDGGSX" "Start Page"="http://isearch.omiga-plus.com/?type=hp&ts=1420192551&from=ild&uid=TOSHIBAXDT01ACA050_14MHZDGGSXX14MHZDGGSX" "Search Page"="http://isearch.omiga-plus.com/web/?type=ds&ts=1420192551&from=ild&uid=TOSHIBAXDT01ACA050_14MHZDGGSXX14MHZDGGSX&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {33BB0A4E-99AF-4226-BDF6-49120163DE86} omiga-plus Url="http://isearch.omiga-plus.com/web/?type=ds&ts=1420192551&from=ild&uid=TOSHIBAXDT01ACA050_14MHZDGGSXX14MHZDGGSX&q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Mozilla\Firefox\Extensions\speedtest211@BestOffers deleted successfully ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Uninstall List x86 ====================== æTorrent [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] Adobe Shockwave Player 12.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player] Counter-Strike 1.6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Counter-Strike 1.6] Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] Intel(R) Processor Graphics [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] Intel(R) SDK for OpenCL - CPU Only Runtime Package [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}] Java 8 Update 25 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218025F0}] Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}] Microsoft Office Enterprise 2007 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ENTERPRISE] Microsoft Security Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{107F27B7-8EE4-4B3A-9CE5-497B120369DC}] Microsoft Security Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Security Client] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Nero Burning Core [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B166374C-105E-445E-8E5D-A86CA5742645}] Nero Burning ROM [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}] Nero Burning ROM 2014 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DEBA969E-2E0A-431B-8F81-E651C6C0F852}] Nero Burning ROM Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FA78CC15-9F90-443B-BA61-A66595F06432}] Nero ControlCenter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ABC88553-8770-4B97-B43E-5A90647A5B63}] Nero ControlCenter Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CDFE8F95-F80F-4115-9C3F-0E1FD8F9F58C}] Nero Core Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}] Nero SharedVideoCodecs [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2432E589-6256-4513-B0BF-EFA8E325D5F0}] Nero Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}] OpenOffice 4.0.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}] Prerequisite installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] SkypeT 6.20 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}] Speed Test App [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speed Test] swMSM [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}] TP-LINK 150Mbps Wireless N USB Adapter Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}] Unity Web Player [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer] VLC media player [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player] ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaaigjndjblmpeckabiffcpogflfgl deleted successfully ==== Empty IE Cache ====================== C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66YJXPWJ will be deleted at reboot C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3RVOMKQ will be deleted at reboot C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FC81IGRE will be deleted at reboot C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=244 folders=62 18186060 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Kozlina\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Kozlina\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files\SupTab\msvcr110.dll" not found "C:\Program Files\SupTab\msvcr110.dll" not found "C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Program Files\SupTab" not found "C:\ProgramData\IePluginServices" not found "C:\Program Files\SupTab" not found "C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66YJXPWJ" not found "C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3RVOMKQ" not found "C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FC81IGRE" not found ==== EOF on Sun 01/04/2015 at 14:04:51.69 ======================

Profil

magna86 Poslao: 04 Jan 2015 14:50 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu MiG-29M2, Sada pokreni ovaj zoek skript. Znaci, na isti nacin kao i prosli put ... Reboot; C:\Program Files\Common Files\Symantec Shared;f C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308};f C:\Program Files\SupTab;fs [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Kozlina^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk];r C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk;f C:\Windows\pss\MyPC Backup.lnk.Startup;f [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MaintainerSvc2.60.0411857];r [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Update PortalMore];r [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Util PortalMore];r C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\act1.bat;f [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions];r "speedtest211@BestOffers"=-;r C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers;f [-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speed Test];r AutoClean; Po restartu, iskopiraj sadrzaj novo-formiranog zoek loga da pogledam.

Profil

MiG-29M2 Poslao: 04 Jan 2015 15:31 Idi na vrh
offline MiG-29M2 Građanin Istoričar Pridružio: 02 Sep 2012 Poruke: 86 Gde živiš: Moskva, Rusija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe v5.0.0.0 Updated 31-12-2014 Tool run by Kozlina on Sun 01/04/2015 at 15:19:01.49. Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Kozlina\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-01-04-130451.log 53693 bytes ==== Empty Folders Check ====================== C:\Program Files\Common Files\Symantec Shared deleted successfully C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully C:\Users\Kozlina\AppData\Roaming\rmi deleted successfully C:\Users\Kozlina\AppData\Local\CRE deleted successfully C:\Users\Kozlina\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17DC3125-31EA-4541-97DA-F3D636C73C9} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CADCDC1-7EDD-4361-B55F-945A57992F9} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D7D3F7B-A85B-497C-BDA5-FCC06149FA5} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E843AA2-4CA2-4FD3-9FCE-44456DA9D8} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E9C1D96-55F9-4197-B9FF-5135EAA2E4CF} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EBF9219-7DE1-402B-8E33-C1550AFB0} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{214DE55B-435-4C0F-B9C7-99262EF9CCEB} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219C6D7C-40C7-470B-93FD-ECF42398E5D9} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25414BDE-CE1B-4BC3-A93-5498938EC182} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26410435-181D-455C-99C8-4224CCE499DB} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28C4721F-3A94-4736-B030-D5CB9A23A16C} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29EC3BD5-6557-440C-B473-485458E76C} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B682055-9FDD-4631-849A-8CC039105768} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6563E9-D609-42A4-8239-13DB5C64ADE} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30CF6BB6-9000-48A6-868-86F057893ED5} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35EB06AE-6B15-4044-A629-317BE38D15CD} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38622843-D485-4B29-804F-4C2A7AE65727} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39109523-8D97-4EDE-B7F9-14DCE25AC6FF} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39A38543-71C5-4457-99A5-FADC5481022} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A03D90-EB20-45A3-BEF6-E418A6CE5EA4} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{406D46CE-78AF-43B3-862F-E3E34DFEDB24} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4325D41B-788A-496A-8121-AE67983C8E0} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44498742-60C3-4B2C-B11F-348944FD1FF6} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44A7C8A0-E661-4CDA-9AB4-715599AAE0} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46DD1A96-787D-44AF-93F6-608B920D9A5} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A4FB015-2351-43E1-A859-4641129CE60} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D908F5B-9326-4C90-A2D4-D1B24CE4B77F} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4DA383DF-766A-4A0B-8445-E6DC9B84C2D} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5036BF7E-DF7D-419C-B5CE-9FB6694B71B0} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{506ADC4B-68FC-422E-BB63-9261C55C4A79} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{579E3B34-6955-4160-927-EDC5E0183EAC} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{579E9825-7D95-45BF-B679-587531DA34E1} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{580A9CBD-2045-4DC1-98E2-435FEA2923C3} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5864B488-7A48-4842-A925-9D1216E7A3DB} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5879830F-7FA7-4984-B2E2-6F399A8D210} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A8484EE-EFB6-457A-9B8C-35AE5FD310} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61493BFD-787D-4A44-AE3D-32B8C8C5B4A8} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6248CBF2-44F1-46DF-BCE6-A9C859C81A7C} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62FF8F1C-3732-4D79-A27A-675A6BA6E021} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{630D4DFA-8703-450C-A124-FA51F7DD62A7} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67E3EBEA-FB67-4725-AD21-3BEDCCE1F33} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6812B73D-E8C3-4544-B473-18A71CD8A110} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{708FB9DC-F150-458D-A420-33A81D1A718F} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71989FA2-C90E-488A-AFAA-909B1E9CD7E2} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7345AF93-AE8E-463F-9AED-76A473BBBBCC} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7469F5D8-D562-400C-9FE-ABA319724184} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{758A5629-7DFB-4993-9D6D-BB410B7ACE3} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75B725FD-1B15-4BD9-A3AB-9C75A61BB69D} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75BC49A4-5430-4B08-BFA6-E571AEB15DAE} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81257FF-D1B8-45B8-A03D-F7EF6736563} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86208616-46B-4BDB-B6C5-78D6AF9CE1A} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8625EB3A-5534-4FEC-B78-A83127B0FB58} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{873A2573-474E-417F-BA5C-35237EF0A3B9} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C9652B9-D1D1-41B8-B160-CE2E7D717BEE} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92E0ABF7-E21C-499C-AC63-EEEEDF412C5A} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97A02D5E-B142-4E80-9B92-56CAC1A65BA4} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99EC05FD-D8FF-436E-BE17-5EC549738B0} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C0C89A3-A99A-4B1A-925D-60B06B4773DB} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E63B7F-8E1-4DCD-B4DD-9123217EE755} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9EAEF65A-F1C6-467D-A79E-65D38749D4EA} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A032998C-A5F8-4DEB-952A-17A6BFDAE5F8} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2BA7C8-F05-4814-A9E5-FFE042039F8} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A478384-12DF-4E64-8871-876594C5B26F} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A6118547-96B3-471F-ADD8-B858579F93D0} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7A086BC-E38B-4F49-A31D-84BDBE276E} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7DA3BD-75B2-4A8A-95BD-C46F23D1EF31} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB66C318-8D24-4ACA-89E9-B3AE712661} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABF144F4-54B0-4D71-A866-A0728EC75E7A} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC629C50-BAC5-408F-82EF-B4C52917EE32} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD734A9-CEFF-469C-B2ED-20C035F796A6} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE955FED-9F70-44D4-BFC9-CF1FAD1803B} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF13BBA5-91CB-4625-B5B1-6E8565C58A9C} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5A9781B-B42B-460D-9114-5DE7F5157199} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B82C7264-2043-48FC-AA82-70CBCD3CB56C} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA1DED5E-C796-4061-9C6C-D2E5D527AE0} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBDC40FC-15E4-45F2-AC21-EB9EB667D6E9} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BCD35628-5574-47D5-83A6-72A2F01F53A} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE0BCC2-CAB3-4AE8-80F7-81FB59635BB4} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFD6783C-CD59-4621-ABAC-633A43CCD77} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFE63F7B-88D2-4565-B16D-934EC36EA0D2} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C25BC70C-1F92-4AFA-9C20-5E82D8F4ED9} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3CEB8F0-64AD-4ABA-883-5DEA4F1FA83D} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C46F921B-CA72-4779-B8D0-227938DF1DF4} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C51C6050-5915-4F44-AEBB-6843B78A2D} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5B76274-A48-4838-8F30-F5A48E329CDE} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6105381-C53E-40E4-9F19-2267BAFE980} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8D6D141-37C6-415C-8A3F-8778287DCF9F} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8F4861F-BEE0-421D-B8CC-E0142391BA11} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDBDB4DE-5742-44FB-8068-B7EF8E76A9E9} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEDDF6D6-AD3D-4C93-B1FE-E9BEC276B6BD} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEE147A4-617B-4C99-BCAB-C386467D1AC2} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0AA29C1-3960-445E-9CF5-74E0EA9BD36C} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0F96757-B7B6-444C-A83F-F2E71BAA637E} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA45EC25-FAEC-4489-A36D-BB3778DA60FD} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFD14CC0-A4E8-4F8B-93D9-594332A1B5C6} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E03618B8-1FE3-4695-BDC2-6E6564458274} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E05EB551-A249-4C49-BEE2-D934489ECF8} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E304AED7-19A9-4768-A851-ECBA6AA913F6} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E425A71E-AAC-474F-B6CB-45B07DBDF2DB} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E51B901A-4E80-4718-A41A-DF4C24DC8D} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5E59413-F179-4165-8353-F12423B62639} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5F5521E-7B18-4B7B-B1E1-A4FC826D5DD2} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E851B1D1-31D9-49BE-A78A-CE6A15E86D8} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA5A9F1F-28C4-487F-9CEF-98119A9075FC} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB44B215-36BF-4B75-B132-A386E6851DE} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EED8FFE9-3EBB-4EDC-A0FF-CF911F3C2069} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F377414F-AEF2-411C-9992-1498B798C08} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4761C60-3F34-46A3-80F6-418A1A648C84} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4A256B3-518A-46D5-AD9C-3634F9478E2D} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F567E5A8-3064-4EE2-BA81-A3B884AAE44B} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7615E23-7026-4013-BE19-6AAFDD8B509A} deleted successfully HKEY_USERS\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD9EC617-BAD3-450C-BC4E-C1989D45A9FB} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginServices deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Kozlina^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MaintainerSvc2.60.0411857] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Update PortalMore] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Util PortalMore] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "speedtest211@BestOffers"=- [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speed Test] [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command] @="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Deleting Files \ Folders ====================== C:\Program Files\SupTab not found C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found "C:\Program Files\Common Files\Symantec Shared" not found "C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}" not found "C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk" not found "C:\Windows\pss\MyPC Backup.lnk.Startup" not found "C:\Users\Kozlina\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers" not found C:\Users\Kozlina\AppData\LocalLow\{035ECF50-FE42-48AF-323B-7FCB751672FE} deleted C:\Users\Kozlina\AppData\LocalLow\{1208D09B-76A2-BE08-80E2-F140935ED5BE} deleted C:\Users\Kozlina\AppData\LocalLow\{477F9403-8FED-F340-C4A0-B203F34BDF4C} deleted C:\Users\Kozlina\AppData\LocalLow\{60BA0CC9-DBFF-22A8-32B5-2BDFF7E0581E} deleted C:\Users\Kozlina\AppData\LocalLow\{8FDEC8A2-61AD-66BC-933F-99242EC94AA5} deleted C:\Users\Kozlina\AppData\LocalLow\{B192F318-9500-0340-960D-FD026A8845F1} deleted C:\Users\Kozlina\AppData\LocalLow\{C253BAE7-8D0C-A386-5C0A-BD3FA3D75864} deleted C:\Users\Kozlina\AppData\LocalLow\{D36E7A54-A6F6-5B09-F222-8646025DD5AD} deleted C:\Users\Kozlina\AppData\LocalLow\{D48E4086-8C5E-D39E-5C56-785E1C4E9525} deleted C:\PROGRA~2\702815bab5647f75 deleted C:\Users\Kozlina\AppData\Roaming\appdataFr2.bin deleted C:\PROGRA~2\InstallMate deleted C:\Users\Kozlina\AppData\Local\TB deleted C:\Users\Kozlina\Downloads\HDVidCodec.exe deleted C:\Users\Kozlina\AppData\LocalLow\TB deleted C:\Users\Kozlina\AppData\LocalLow\ilividbandoomoviestoolbar deleted C:\Windows\System32\drivers\{169497b9-55ad-4428-8f84-60e3161c1843}Gw.sys deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted "C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\act1.bat" deleted "C:\Users\Kozlina\AppData\Roaming\XAGF" deleted "C:\Users\Kozlina\AppData\Roaming\ZKKYDE" deleted ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Kozlina\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Kozlina\AppData\Local\Comodo\Dragon deleted ==== Chromium Look ====================== Google Chrome Version: 34.0.1847.116 (Possible outdated, latest Stable version: 39.0.2171.95) ==== Chromium Fix ====================== C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage deleted successfully C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== shortcuts on Users Desktops ====================== C:\Users\Kozlina\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe isearch.omiga-plus.com/?type=sc&ts=1420.....14MHZDGGSX C:\Users\Kozlina\Desktop\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Kozlina\Desktop\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe C:\Users\Kozlina\Desktop\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Kozlina\Desktop\Norton Installation Files.lnk - C:\Users\Public\Downloads\Norton\{NISADM-B201-4abb-B07C-C084B04B4F12} C:\Users\Kozlina\Desktop\µTorrent.lnk - ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Half-Life.lnk - E:\C.S. 1.6\hl.exe C:\Users\Public\Desktop\Nero Burning ROM 2014.lnk - C:\Windows\Installer\{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}\ARPPRODUCTICON.exe C:\Users\Public\Desktop\nhfdf.lnk - E:\C.S. 1.6\cstrike.exe C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk - C:\Program Files\OpenOffice 4\program\soffice.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe isearch.omiga-plus.com/?type=sc&ts=1420.....14MHZDGGSX C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe isearch.omiga-plus.com/?type=sc&ts=1420.....14MHZDGGSX ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe isearch.omiga-plus.com/?type=sc&ts=1420.....14MHZDGGSX C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe isearch.omiga-plus.com/?type=sc&ts=1420.....14MHZDGGSX C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe isearch.omiga-plus.com/?type=sc&ts=1420.....14MHZDGGSX C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Security Essentials.lnk - C:\Program Files\Microsoft Security Client\msseces.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe isearch.omiga-plus.com/?type=sc&ts=1420.....14MHZDGGSX C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe ==== shortcuts After Repair ====================== C:\Users\Kozlina\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\4c58d791-811e-4e97-9d01-134610c416d3 deleted successfully HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully ==== Empty IE Cache ====================== C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0JZGZK29 will be deleted at reboot C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46ZU189G will be deleted at reboot C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L5S9TN50 will be deleted at reboot C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VRJVZJYV will be deleted at reboot C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=378 folders=86 27322067 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Kozlina\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Kozlina\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0JZGZK29" not found "C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46ZU189G" not found "C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L5S9TN50" not found "C:\Users\Kozlina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VRJVZJYV" not found ==== EOF on Sun 01/04/2015 at 15:28:14.31 ======================

Profil

magna86 Poslao: 04 Jan 2015 15:48 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu, hajde jos jedan put pokreni zoek koristeci ovaj script: `ShortcutFix; Reboot;` Ovo bi trebalo da kraje relativno kratko. Po restart iskopiraj mi sveze formiran zoek izvestaj. --- --- --- --- --- Potom, idi u Control Panel -> Programs and Features i deinstaliraj Google Chrome. Obavezno označni opciju Also delete your browsing data. Bookmarks možeš da izvezeš i da ih kasnije opet ubaciš no oni ce svakako zajedno sa tvojom istorijom biti ponovo sinhronizovane po upisivanju Google (gmail) naloga. Kada ga deinstaliraš, preuzmi svezu instalaciju Google Crome browsera sa official stranice i instaliraj ga. https://www.google.com/chrome/browser/ --- --- --- --- --- Ponovo pokreni FRST, pritisni [Scan] dugme i iskopiraj mi sadrzaj sveze formiranog FRST.txt izvestaja.

Profil

MiG-29M2 Poslao: 04 Jan 2015 15:57 Idi na vrh
offline MiG-29M2 Građanin Istoričar Pridružio: 02 Sep 2012 Poruke: 86 Gde živiš: Moskva, Rusija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe v5.0.0.0 Updated 31-12-2014 Tool run by Kozlina on Sun 01/04/2015 at 15:50:23.53. Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Kozlina\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-01-04-130451.log 53693 bytes C:\zoek-results2015-01-04-142814.log 37566 bytes ==== shortcuts on Users Desktops ====================== C:\Users\Kozlina\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Kozlina\Desktop\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Kozlina\Desktop\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe C:\Users\Kozlina\Desktop\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Kozlina\Desktop\Norton Installation Files.lnk - C:\Users\Public\Downloads\Norton\{NISADM-B201-4abb-B07C-C084B04B4F12} C:\Users\Kozlina\Desktop\µTorrent.lnk - ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Half-Life.lnk - E:\C.S. 1.6\hl.exe C:\Users\Public\Desktop\Nero Burning ROM 2014.lnk - C:\Windows\Installer\{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}\ARPPRODUCTICON.exe C:\Users\Public\Desktop\nhfdf.lnk - E:\C.S. 1.6\cstrike.exe C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk - C:\Program Files\OpenOffice 4\program\soffice.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Security Essentials.lnk - C:\Program Files\Microsoft Security Client\msseces.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe C:\Users\Kozlina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe ==== C:\zoek_backup content ====================== C:\zoek_backup (files=378 folders=86 27322067 bytes) ==== After Reboot ====================== ==== EOF on Sun 01/04/2015 at 15:51:50.62 ======================

Profil

MiG-29M2 Poslao: 04 Jan 2015 16:05 Idi na vrh
offline MiG-29M2 Građanin Istoričar Pridružio: 02 Sep 2012 Poruke: 86 Gde živiš: Moskva, Rusija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-01-2015 03 Ran by Kozlina (administrator) on KOZLINA-PC on 04-01-2015 15:59:47 Running from C:\Users\Kozlina\Desktop Loaded Profile: Kozlina (Available profiles: Kozlina) Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (BitTorrent Inc.) C:\Users\Kozlina\AppData\Roaming\uTorrent\uTorrent.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6323928 2013-06-27] (Realtek Semiconductor) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKU\S-1-5-21-1525115900-622450574-1316485768-1000\...\Run: [uTorrent] => C:\Users\Kozlina\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2015-01-02] (BitTorrent Inc.) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-11-21] (Microsoft Corporation) HKLM\...\AppCertDlls: [x64] -> c:\program files\movies app\datamngr\x64\apcrtldr.dll <===== ATTENTION HKLM\...\AppCertDlls: [x86] -> c:\program files\movies app\datamngr\apcrtldr.dll <===== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1525115900-622450574-1316485768-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-1525115900-622450574-1316485768-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = google.com/search?q={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 212.200.191.166 212.200.190.166 FireFox: ======== FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKU\S-1-5-21-1525115900-622450574-1316485768-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kozlina\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) Chrome: ======= CHR Profile: C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-04] CHR Extension: (Google Docs) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-04] CHR Extension: (Google Drive) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-04] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-04] CHR Extension: (YouTube) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-04] CHR Extension: (Google Search) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-04] CHR Extension: (Google Sheets) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-04] CHR Extension: (Google Wallet) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-04] CHR Extension: (Gmail) - C:\Users\Kozlina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-04] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277024 2012-10-11] (Intel Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation) S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-19] (Nero AG) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2012-10-18] (Atheros Communications, Inc.) R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [40936 2013-01-19] () R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-20] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation) S3 usbcamcl; C:\Windows\System32\DRIVERS\usbcamcl.sys [28416 2011-08-18] (usb camera) S3 MSICDSetup; \??\D:\CDriver.sys [X] S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X] S1 {169497b9-55ad-4428-8f84-60e3161c1843}Gw; system32\drivers\{169497b9-55ad-4428-8f84-60e3161c1843}Gw.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-04 15:58 - 2015-01-04 15:58 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-01-04 15:58 - 2015-01-04 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-01-04 15:57 - 2015-01-04 15:57 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-04 15:57 - 2015-01-04 15:57 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-04 15:51 - 2015-01-04 15:50 - 00024064 _____ () C:\Windows\zoek-delete.exe 2015-01-04 15:50 - 2015-01-04 15:28 - 00037566 _____ () C:\zoek-results2015-01-04-142814.log 2015-01-04 15:19 - 2015-01-04 14:04 - 00053693 _____ () C:\zoek-results2015-01-04-130451.log 2015-01-04 14:00 - 2015-01-04 15:51 - 00006339 _____ () C:\zoek-results.log 2015-01-04 13:57 - 2015-01-04 15:26 - 00000000 ____D () C:\zoek_backup 2015-01-04 13:57 - 2015-01-04 13:57 - 01295360 _____ () C:\Users\Kozlina\Downloads\zoek.exe 2015-01-04 13:57 - 2015-01-04 13:57 - 01295360 _____ () C:\Users\Kozlina\Desktop\zoek.exe 2015-01-04 13:56 - 2015-01-04 13:56 - 04279080 _____ () C:\Users\Kozlina\Downloads\zoek.rar 2015-01-04 11:14 - 2015-01-04 11:14 - 00025827 _____ () C:\Users\Kozlina\Desktop\Addition.txt 2015-01-04 11:12 - 2015-01-04 15:59 - 00008799 _____ () C:\Users\Kozlina\Desktop\FRST.txt 2015-01-04 11:11 - 2015-01-04 15:59 - 00000000 ____D () C:\FRST 2015-01-04 11:10 - 2015-01-04 11:10 - 01115136 _____ (Farbar) C:\Users\Kozlina\Desktop\FRST.exe 2015-01-03 12:55 - 2015-01-03 12:55 - 01720572 _____ () C:\Users\Kozlina\Downloads\MPlayerX.dmg 2015-01-02 23:03 - 2015-01-02 23:03 - 00840936 _____ () C:\Users\Kozlina\Downloads\installer_adobe_flash_player_English.exe 2014-12-30 12:13 - 2014-12-30 12:13 - 00087633 _____ () C:\Users\Kozlina\Downloads\akcioniplan (2).zip 2014-12-30 11:53 - 2014-12-30 11:53 - 00087633 _____ () C:\Users\Kozlina\Downloads\akcioniplan (1).zip 2014-12-30 11:51 - 2014-12-30 11:51 - 00087633 _____ () C:\Users\Kozlina\Downloads\akcioniplan.zip 2014-12-30 11:50 - 2014-12-30 11:50 - 00000000 ____D () C:\Users\Kozlina\Desktop\mama i lenka 2014-12-22 12:42 - 2014-12-22 12:49 - 00000000 ____D () C:\Users\Kozlina\Desktop\New folder 2014-12-10 17:00 - 2014-12-10 17:00 - 00000000 ____D () C:\Windows\system32\appraiser 2014-12-10 14:18 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-12-10 14:18 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-12-10 14:18 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-12-10 14:18 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-12-10 14:18 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-12-10 07:55 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2014-12-10 07:55 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2014-12-10 07:55 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-12-10 07:55 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-12-10 07:55 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-12-10 07:55 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-12-10 07:55 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-12-10 07:55 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2014-12-10 07:55 - 2014-11-24 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-12-10 07:55 - 2014-11-24 21:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-10 07:55 - 2014-11-24 21:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-10 07:55 - 2014-11-24 21:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-10 07:55 - 2014-11-24 21:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-10 07:55 - 2014-11-24 21:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-10 07:55 - 2014-11-24 21:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-10 07:55 - 2014-11-24 21:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-12-10 07:55 - 2014-11-24 21:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-10 07:55 - 2014-11-24 21:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-12-10 07:55 - 2014-11-24 21:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-10 07:55 - 2014-11-24 21:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-10 07:55 - 2014-11-24 21:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-10 07:55 - 2014-11-24 21:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-10 07:55 - 2014-11-24 21:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-12-10 07:55 - 2014-11-24 21:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-10 07:55 - 2014-11-24 21:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-10 07:55 - 2014-11-24 21:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-10 07:55 - 2014-11-24 21:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-10 07:55 - 2014-11-24 21:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-10 07:55 - 2014-11-24 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-12-10 07:55 - 2014-11-24 21:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-12-10 07:55 - 2014-11-11 03:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-10 07:55 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2014-12-10 07:55 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-10 07:54 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2014-12-10 07:54 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-12-10 07:54 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-10 07:54 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2014-12-10 07:54 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2014-12-10 07:54 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-04 15:58 - 2014-03-29 18:17 - 00000000 ____D () C:\Users\Kozlina\AppData\Local\Google 2015-01-04 15:58 - 2014-03-29 18:17 - 00000000 ____D () C:\Program Files\Google 2015-01-04 15:58 - 2009-07-14 05:34 - 00014576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-04 15:58 - 2009-07-14 05:34 - 00014576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-04 15:57 - 2014-04-15 17:39 - 00000000 ____D () C:\Users\Kozlina\AppData\Roaming\uTorrent 2015-01-04 15:57 - 2014-03-29 18:17 - 00000000 ____D () C:\Users\Kozlina\AppData\Local\Deployment 2015-01-04 15:56 - 2014-03-29 17:26 - 00001413 _____ () C:\Users\Kozlina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-01-04 15:54 - 2014-03-29 17:25 - 01247320 _____ () C:\Windows\WindowsUpdate.log 2015-01-04 15:51 - 2014-03-29 18:33 - 00052314 _____ () C:\Windows\PFRO.log 2015-01-04 15:51 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-04 15:51 - 2009-07-14 05:39 - 00069176 _____ () C:\Windows\setupact.log 2015-01-04 15:28 - 2014-11-08 05:26 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2015-01-04 15:26 - 2014-04-16 05:20 - 00000000 ____D () C:\Users\Kozlina\AppData\Local\Comodo 2015-01-04 15:26 - 2014-04-16 05:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google 2015-01-04 15:26 - 2014-04-16 05:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo 2015-01-04 15:26 - 2014-04-16 05:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2015-01-04 15:26 - 2014-04-16 05:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2015-01-04 15:26 - 2014-04-15 17:37 - 00000088 ____R () C:\Windows\system32\config\rev_MasterServers.vdf 2015-01-04 15:26 - 2014-04-15 17:37 - 00000088 ____R () C:\Windows\system32\config\MasterServers.vdf 2015-01-04 15:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\GroupPolicy 2015-01-04 14:01 - 2014-11-09 15:00 - 00000000 ____D () C:\Windows\pss 2015-01-04 13:52 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\DVD Maker 2015-01-04 10:53 - 2014-10-30 11:02 - 00000000 ____D () C:\Users\Kozlina\Desktop\1 2014-12-30 16:01 - 2014-03-29 17:31 - 00730320 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-13 03:53 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-12-10 17:00 - 2014-07-10 00:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-12-10 17:00 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat 2014-12-10 14:19 - 2014-05-24 00:57 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-12-10 14:17 - 2014-03-30 07:53 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-10 14:13 - 2014-03-30 07:53 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-12-07 22:44 - 2014-03-29 18:21 - 00000000 ____D () C:\Users\Kozlina\AppData\Roaming\Skype Some content of TEMP: ==================== C:\Users\Kozlina\AppData\Local\Temp\7za.exe C:\Users\Kozlina\AppData\Local\Temp\hijackthis.exe C:\Users\Kozlina\AppData\Local\Temp\sed.exe C:\Users\Kozlina\AppData\Local\Temp\swxcacls.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-04 10:25 ==================== End Of Log ============================

Profil

magna86 Poslao: 04 Jan 2015 17:52 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Po postavljanju ovih logova postavi mi i tvoj (vas) feedback o stanju sistema i slicno ... 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start VerifySignature: C:\Windows\System32\DRIVERS\ISCTD.sys CloseProcesses: HKLM\...\AppCertDlls: [x64] -> c:\program files\movies app\datamngr\x64\apcrtldr.dll <===== ATTENTION HKLM\...\AppCertDlls: [x86] -> c:\program files\movies app\datamngr\apcrtldr.dll <===== ATTENTION FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File Hosts: C:\Windows\zoek-delete.exe c:\program files\movies app RemoveDirectory: C:\zoek_backup EmptyTemp: End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. ----------------------------------------------------------------------- Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

MiG-29M2 Poslao: 05 Jan 2015 00:26 Idi na vrh
offline MiG-29M2 Građanin Istoričar Pridružio: 02 Sep 2012 Poruke: 86 Gde živiš: Moskva, Rusija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-01-2015 03 Ran by Kozlina at 2015-01-05 00:18:14 Run:1 Running from C:\Users\Kozlina\Desktop Loaded Profile: Kozlina (Available profiles: Kozlina) Boot Mode: Normal ============================================== Content of fixlist: *************** Start VerifySignature: C:\Windows\System32\DRIVERS\ISCTD.sys CloseProcesses: HKLM\...\AppCertDlls: [x64] -> c:\program files\movies app\datamngr\x64\apcrtldr.dll <===== ATTENTION HKLM\...\AppCertDlls: [x86] -> c:\program files\movies app\datamngr\apcrtldr.dll <===== ATTENTION FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File Hosts: C:\Windows\zoek-delete.exe c:\program files\movies app RemoveDirectory: C:\zoek_backup EmptyTemp: End *************** "C:\Windows\System32\DRIVERS\ISCTD.sys" => File is digitaly signed. Processes closed successfully. HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => value deleted successfully. HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => value deleted successfully. "HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10" => Key deleted successfully. "HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4" => Key deleted successfully. C:\Windows\System32\Drivers\etc\hosts => Moved successfully. Hosts was reset successfully. C:\Windows\zoek-delete.exe => Moved successfully. "c:\program files\movies app" => File/Directory not found. "C:\zoek_backup" => Removed successfully. EmptyTemp: => Removed 378.2 MB temporary data. The system needed a reboot. ==== End of Fixlog 00:18:24 ====

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa iskacucim prozorima 2

Ko je trenutno na forumu

Ukupno su 922 korisnika na forumu :: 16 registrovanih, 2 sakrivenih i 904 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Alibaba1981, grenadir, ivan1973, jackreacher011011, janbo, kybonacci, laurusri, mile23, Milos ZA, Miloskec, operniki, ozzy, Parker, Rogan33, Trpe Grozni, W123

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by