MyCity » Ambulanta -> Arhiva Ambulante » Problem sa windows-om xp

Problem sa windows-om xp

Napisano na dan: 27.12.2014

Strana:
1
2

Problem sa windows-om xp

Sledeća strana

Pagination

Odgovori

Strana:
1
2

zrnicpredrag Poslao: 27 Dec 2014 15:57 Idi na vrh
offline zrnicpredrag Novi MyCity građanin Pridružio: 15 Avg 2014 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! the aplication or DLL C:\WINDOWS\sistem32\mscoree.dill is no valid Windows image.Please check this against your instalation diskette. Pri pokretanju racunara, izlazi mi stalno prozor sa ovim tekstom. Sta da radim?

Profil

Sass Drake Poslao: 27 Dec 2014 15:59 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ako sumnjaš na malware, isprati uputstvo i postavi tražene izvještaje. http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

zrnicpredrag Poslao: 27 Dec 2014 16:10 Idi na vrh
offline zrnicpredrag Novi MyCity građanin Pridružio: 15 Avg 2014 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-12-2014 Ran by Pedja (administrator) on PEDJA-E6017A3A8 on 27-12-2014 16:04:04 Running from C:\Documents and Settings\Pedja\My Documents\Downloads Loaded Profile: Pedja (Available profiles: Pedja) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States) Internet Explorer Version 7 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Dynex Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (DT Soft Ltd) E:\Program Files\DAEMON Tools Lite\DTLite.exe (BitTorrent Inc.) C:\Documents and Settings\Pedja\Application Data\uTorrent\uTorrent.exe (Nero AG) C:\Program Files\Nero\Update\NASvc.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Piriform Ltd) C:\Program Files\Speccy\Speccy.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2029640 2009-05-14] (ESET) HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [638976 2007-10-05] (Dynex Inc.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20053608 2011-05-12] (Realtek Semiconductor Corp.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.) HKLM\...\Run: [jsafesurf] => C:\WINDOWS\Help32\safesurf.exe HKLM\...\Run: [Denzi] => C:\Program Files\Denzi\Launcher.bat --wait HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-19\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-19\...\Policies\Explorer: [ForceClassicControlPanel] 1 HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-20\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-20\...\Policies\Explorer: [ForceClassicControlPanel] 1 HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\Run: [DriverMax_RESTART] => C:\Program Files\Innovative Solutions\DriverMax\devices.exe [9245096 2011-06-16] (Innovative Solutions) HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\Run: [Google Update] => C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.) HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\Run: [DAEMON Tools Lite] => E:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd) HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\Run: [UpdateChecker] => C:\Documents and Settings\Pedja\Local Settings\Application Data\Popajar\UpdateChecker\UpdateCheckerApp.exe [7168 2014-01-16] (Popajar, inc) HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\Run: [uTorrent] => C:\Documents and Settings\Pedja\Application Data\uTorrent\uTorrent.exe [1385808 2014-11-25] (BitTorrent Inc.) HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-12-27] (Google Inc.) HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\Policies\Explorer: [ForceClassicControlPanel] 1 HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\MountPoints2: {4c28373c-c0f2-11e0-9d22-001fc6d827d5} - F:\AutoRun.exe HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\MountPoints2: {726e5566-c1a1-11e0-9d26-baeff9488bc6} - G:\AutoRun.exe HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\MountPoints2: {94a02748-cb70-11e1-a5d0-001fc6d827d5} - G:\AutoRun.exe HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-18\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-18\...\Policies\Explorer: [ForceClassicControlPanel] 1 Lsa: [Authentication Packages] msv1_0 nwprovau Startup: C:\Documents and Settings\Pedja\Start Menu\Programs\Startup\Registration .LNK ShortcutTarget: Registration .LNK -> E:\Program Files\Ubisoft\Gearbox Software\BrothersInArmsEiB\Support\Register\RegistrationReminder.exe (No File) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-861567501-1454471165-1177238915-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = msn.com/?pc=up97&ocid=up97dhp&dt=071013 URLSearchHook: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://speedial.com/?f=2&a=spd_aw_14_49_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0EtCtDtC0FzyyEtByBzy0FyD0DtN0D0Tzu0SzyyEyCtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1Czu0S0P0D0YtN1L1G1B1V1N2Y1L1Qzu2StCtB0D0C0ByD0D0CtGyB0D0FtBtGyCtA0FyDtGtDyE0DyDtGtAtCyCyD0DtA0AtByDtByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0A0AzztCyC0D0BtG0C0F0EtBtGyC0DzyzytGtAtDyD0BtGyC0F0B0C0B0ByCzyyDyDyEyE2QtN1B1L1H1Ezu1O2U1M1B&cr=551095546&ir=" <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = speedial.com/results.php?f=4&q={searchTerms}&a=spd_aw_14_49_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0EtCtDtC0FzyyEtByBzy0FyD0DtN0D0Tzu0SzyyEyCtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1Czu0S0P0D0YtN1L1G1B1V1N2Y1L1Qzu2StCtB0D0C0ByD0D0CtGyB0D0FtBtGyCtA0FyDtGtDyE0DyDtGtAtCyCyD0DtA0AtByDtByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0A0AzztCyC0D0BtG0C0F0EtBtGyC0DzyzytGtAtDyD0BtGyC0F0B0C0B0ByCzyyDyDyEyE2QtN1B1L1H1Ezu1O2U1M1B&cr=551095546&ir= SearchScopes: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=3415001E101FA75C&affID=128493&tsp=5327 SearchScopes: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> {105E99FF-8B9A-4492-B155-06194B9056D2} URL = bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = websearch.ask.com/redirect?client=ie&tb=IMB&o=15785&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=^HQ&apn_dtid=^YYYYYY^YY^RS&apn_uid=A63E8087-65C6-489F-9AE0-CC8C88122527&apn_sauid=375D1D8E-2ACA-4B5B-8F2F-34EEBF33F068 SearchScopes: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = speedial.com/results.php?f=4&q={searchTerms}&a=spd_aw_14_49_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0EtCtDtC0FzyyEtByBzy0FyD0DtN0D0Tzu0SzyyEyCtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1Czu0S0P0D0YtN1L1G1B1V1N2Y1L1Qzu2StCtB0D0C0ByD0D0CtGyB0D0FtBtGyCtA0FyDtGtDyE0DyDtGtAtCyCyD0DtA0AtByDtByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0A0AzztCyC0D0BtG0C0F0EtBtGyC0DzyzytGtAtDyD0BtGyC0F0B0C0B0ByCzyyDyDyEyE2QtN1B1L1H1Ezu1O2U1M1B&cr=551095546&ir= SearchScopes: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = daemon-search.com/search?q={searchTerms} BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.) BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () Toolbar: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) DPF: {17492023-C23A-453E-A040-C7C580BBF700} download.microsoft.com/download/E/5/6/E5611.....ontrol.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} windowsupdate.microsoft.com/windowsupdate/v.....9686799046 DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocx DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} file:///C:/Program%20Files/AutoCAD%202002/InstBanr.ocx DPF: {C6637286-300D-11D4-AE0A-0010830243BD} file:///C:/Program%20Files/AutoCAD%202002/InstFred.ocx DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocx Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll () Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll () Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll () Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 109.245.57.6 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default FF NewTab: hxxp://www.buenosearch.com/?babsrc=NT_ss&mntrId=3415001E101FA75C&affID=128493&tsp=5327 FF SearchEngineOrder.1: Ask.com FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Google FF Homepage: hxxp://www.search.ask.com/?l=dis&o=15788 FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=IMB&o=15785&locale=en_US&apn_uid=A63E8087-65C6-489F-9AE0-CC8C88122527&apn_ptnrs=^HQ&apn_sauid=375D1D8E-2ACA-4B5B-8F2F-34EEBF33F068&apn_dtid=^YYYYYY^YY^RS&q= FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.) FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-861567501-1454471165-1177238915-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKU\S-1-5-21-861567501-1454471165-1177238915-1003: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Pedja\Application Data\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKU\S-1-5-21-861567501-1454471165-1177238915-1003: @talk.google.com/O1DPlugin -> C:\Documents and Settings\Pedja\Application Data\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKU\S-1-5-21-861567501-1454471165-1177238915-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-861567501-1454471165-1177238915-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-861567501-1454471165-1177238915-1003: facebook.com/fbDesktopPlugin -> C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Pedja\Application Data\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Pedja\Application Data\mozilla\plugins\npo1d.dll (Google) FF SearchPlugin: C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\searchplugins\askcom.xml FF SearchPlugin: C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\searchplugins\bingp.xml FF Extension: DAEMON Tools Toolbar - C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\DTToolbar@toolbarnet.com [2013-12-30] FF Extension: Ask Toolbar - C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\toolbar@ask.com [2014-08-04] FF Extension: Website Xplorer Lite - C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\{d87d56b2-1379-49f4-b081-af2850c79d8e} [2014-08-10] FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi [2014-02-14] FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011-08-29] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: Eset Plugin - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-07-07] FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: ======= CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (Google документи) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-27] CHR Extension: (Google диск) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-27] CHR Extension: (YouTube) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-27] CHR Extension: (Google претрага) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-27] CHR Extension: (Elite Unzip) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gafhhbahpojnjfhpepjjfjojbphnogmn [2014-10-01] CHR Extension: (Luvgag - funniest stuff online) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbemncfhifbcnlpdebhemmlpcjabheeb [2013-11-06] CHR Extension: (iLivid) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2014-10-26] CHR Extension: (Google новчаник) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Gmail) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-27] CHR HKLM\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.crx [Not Found] CHR HKLM\...\Chrome\Extension: [fjbbjfdilbioabojmcplalojlmdngbjl] - C:\Documents and Settings\Pedja\Local Settings\Temp\swlfiles\smileyswelovetoolbar.crx [2014-02-04] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100352 2008-04-14] (Microsoft Corporation) S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [20680 2009-05-14] (ESET) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [731840 2009-05-14] (ESET) S3 idsvc; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [864256 2007-10-11] (Microsoft Corporation) [File not signed] R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2011-08-29] (Sun Microsystems, Inc.) S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation) S4 msvsmon80; c:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation) R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG) S4 NetTcpPortSharing; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [122880 2007-10-11] (Microsoft Corporation) [File not signed] R2 NWCWorkstation; C:\WINDOWS\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative) S3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [3363384 2010-10-28] (Broadcom Corporation) R0 d347bus; C:\WINDOWS\System32\DRIVERS\d347bus.sys [155136 2004-08-22] ( ) [File not signed] R0 d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [5248 2004-08-22] ( ) [File not signed] R2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [114472 2009-05-14] (ESET) R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [107256 2009-05-14] (ESET) R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [133000 2009-05-14] (ESET) R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [33096 2009-05-14] (ESET) R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [55768 2009-05-14] (ESET) R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [138752 2010-06-16] (Windows (R) Server 2003 DDK provider) [File not signed] S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.) R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation) R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2001-08-23] (Microsoft Corporation) R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2001-08-23] (Microsoft Corporation) R3 NWRDR; C:\WINDOWS\System32\DRIVERS\nwrdr.sys [163584 2008-04-13] (Microsoft Corporation) R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed] R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed] R0 sfsync02; C:\WINDOWS\System32\drivers\sfsync02.sys [19968 2005-08-10] (Protection Technology) [File not signed] R3 smserial; C:\WINDOWS\System32\DRIVERS\smserial.sys [1095936 2010-09-29] (Motorola Inc.) [File not signed] R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2013-12-01] () [File not signed] R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361344 2008-04-28] (Microsoft Corporation) [File not signed] R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [225664 2008-04-13] (Microsoft Corporation) U3 auc4yr0i; C:\WINDOWS\system32\Drivers\auc4yr0i.sys [0 ] (Microsoft Corporation) R3 cpuz138; \??\C:\DOCUME~1\Pedja\LOCALS~1\Temp\cpuz138\cpuz138_x32.sys [X] S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-27 16:03 - 2014-12-27 16:04 - 00000000 ____D () C:\FRST 2014-12-27 15:23 - 2014-12-27 15:23 - 00000000 ____D () C:\Documents and Settings\Pedja\Application Data\Google 2014-12-27 15:21 - 2014-12-27 15:21 - 00000654 _____ () C:\Documents and Settings\All Users\Desktop\Speccy.lnk 2014-12-27 15:21 - 2014-12-27 15:21 - 00000000 ____D () C:\Program Files\Speccy 2014-12-27 15:21 - 2014-12-27 15:21 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Speccy 2014-12-27 15:20 - 2014-12-27 15:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Google 2014-12-27 14:34 - 2014-12-27 14:34 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2014-12-27 14:32 - 2014-12-27 14:32 - 00006824 _____ () C:\WINDOWS\KB898461.log 2014-12-27 14:32 - 2014-12-27 14:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB898461$ 2014-12-27 14:32 - 2014-12-27 14:32 - 00000000 ____D () C:\WINDOWS\system32\PreInstall 2014-12-27 14:27 - 2014-12-27 14:32 - 00000000 ____D () C:\WINDOWS\LastGood 2014-12-27 14:27 - 2012-06-02 15:19 - 00045080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2014-12-27 14:27 - 2012-06-02 15:19 - 00022040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltui.dll.mui 2014-12-27 14:27 - 2012-06-02 15:19 - 00017944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll.mui 2014-12-27 14:27 - 2012-06-02 15:19 - 00015384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaucpl.cpl.mui 2014-12-26 14:12 - 2014-12-27 14:32 - 00052203 _____ () C:\WINDOWS\iis6.log 2014-12-26 14:12 - 2014-12-27 14:32 - 00011266 _____ () C:\WINDOWS\msmqinst.log 2014-12-26 14:12 - 2014-12-27 14:32 - 00010961 _____ () C:\WINDOWS\tsoc.log 2014-12-26 14:12 - 2014-12-27 14:32 - 00006180 _____ () C:\WINDOWS\comsetup.log 2014-12-26 14:12 - 2014-12-27 14:32 - 00004761 _____ () C:\WINDOWS\ntdtcsetup.log 2014-12-26 14:12 - 2014-12-27 14:32 - 00003244 _____ () C:\WINDOWS\netfxocm.log 2014-12-26 14:12 - 2014-12-27 14:32 - 00001632 _____ () C:\WINDOWS\MedCtrOC.log 2014-12-26 14:12 - 2014-12-27 14:32 - 00001393 _____ () C:\WINDOWS\imsins.log 2014-12-26 14:12 - 2014-12-27 14:32 - 00000622 _____ () C:\WINDOWS\tabletoc.log 2014-12-26 14:12 - 2014-12-26 14:12 - 00004625 _____ () C:\WINDOWS\imsins.BAK 2014-12-26 14:12 - 2014-12-26 14:12 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-12-26 14:12 - 2014-12-26 14:12 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-12-26 14:11 - 2014-12-27 15:55 - 00007988 _____ () C:\WINDOWS\setupapi.log 2014-12-26 14:11 - 2014-12-27 14:32 - 00017268 _____ () C:\WINDOWS\ocgen.log 2014-12-26 14:11 - 2014-12-27 14:32 - 00017169 _____ () C:\WINDOWS\FaxSetup.log 2014-12-11 19:23 - 2014-12-11 19:23 - 00000000 ____D () C:\Documents and Settings\Pedja\.borland 2014-12-11 18:16 - 2014-12-11 18:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Delphi 7 Second Edition v7.2 2014-12-04 00:20 - 2014-12-07 02:34 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype 2014-12-04 00:18 - 2014-12-07 02:29 - 00000000 ____D () C:\Documents and Settings\Pedja\Application Data\Skype 2014-12-01 23:15 - 2014-12-24 21:14 - 00002035 _____ () C:\Documents and Settings\Pedja\Desktop\Chicken Lines.lnk 2014-12-01 23:15 - 2014-12-01 23:15 - 00001898 _____ () C:\Documents and Settings\Pedja\Start Menu\Programs\Chicken Lines.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-27 16:05 - 2014-10-02 16:51 - 00000000 ____D () C:\Documents and Settings\Pedja\Application Data\uTorrent 2014-12-27 16:05 - 2011-07-06 22:19 - 00000000 ____D () C:\Documents and Settings\Pedja\Local Settings\Temp 2014-12-27 16:01 - 2014-08-04 14:21 - 00000234 _____ () C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job 2014-12-27 15:42 - 2014-04-01 18:36 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-12-27 15:34 - 2013-02-27 15:56 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-27 15:31 - 2014-08-04 16:14 - 00000000 ____D () C:\Documents and Settings\Pedja\Local Settings\Application Data\AskToolbar 2014-12-27 15:23 - 2011-08-09 14:45 - 00000000 ____D () C:\Documents and Settings\Pedja\Local Settings\Application Data\Google 2014-12-27 15:21 - 2013-02-27 15:56 - 00000000 ____D () C:\Program Files\Google 2014-12-27 15:10 - 2011-08-09 14:45 - 00001012 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1454471165-1177238915-1003UA.job 2014-12-27 14:38 - 2011-07-06 22:12 - 00353213 _____ () C:\WINDOWS\WindowsUpdate.log 2014-12-27 14:36 - 2012-02-03 21:26 - 00000998 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-861567501-1454471165-1177238915-1003UA.job 2014-12-27 14:34 - 2013-02-27 15:56 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-27 14:34 - 2001-08-23 10:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-12-27 14:32 - 2011-07-06 22:14 - 00000000 ___HD () C:\WINDOWS\$hf_mig$ 2014-12-27 14:27 - 2011-07-06 23:50 - 00000000 ____D () C:\WINDOWS\Help 2014-12-27 14:16 - 2011-07-07 00:04 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-12-27 14:16 - 2011-07-07 00:04 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-12-27 14:16 - 2011-07-06 22:18 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Temp 2014-12-27 14:15 - 2011-07-06 22:18 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-12-27 00:55 - 2011-07-06 22:19 - 00000178 ___SH () C:\Documents and Settings\Pedja\ntuser.ini 2014-12-27 00:55 - 2011-07-06 22:18 - 00032502 _____ () C:\WINDOWS\SchedLgU.Txt 2014-12-27 00:09 - 2011-08-09 14:45 - 00000960 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1454471165-1177238915-1003Core.job 2014-12-26 20:36 - 2012-02-03 21:26 - 00000976 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-861567501-1454471165-1177238915-1003Core.job 2014-12-26 14:12 - 2011-07-07 00:01 - 00579048 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-12-24 19:35 - 2011-07-06 22:19 - 00000000 ____D () C:\Documents and Settings\Pedja 2014-12-24 17:40 - 2011-08-07 13:39 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\DatacardService 2014-12-22 01:35 - 2014-10-25 23:01 - 00000000 ____D () C:\Documents and Settings\Pedja\Desktop\uvod u informacione 2014-12-10 00:42 - 2014-04-01 18:36 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-12-10 00:42 - 2011-11-30 00:18 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-12-08 19:47 - 2014-08-21 04:05 - 00000000 ____D () C:\WINDOWS\system32\weber 2014-12-08 19:47 - 2011-11-27 00:38 - 00000000 __SHD () C:\WINDOWS\system32\MPK 2014-12-08 14:18 - 2014-08-04 20:30 - 00000000 ____D () C:\Documents and Settings\Pedja\Desktop\programi 2014-12-04 19:26 - 2013-12-01 20:26 - 00000000 ____D () C:\Documents and Settings\Pedja\Application Data\DAEMON Tools Lite Some content of TEMP: ==================== C:\Documents and Settings\Pedja\Local Settings\Temp\askToolbarInstaller.exe C:\Documents and Settings\Pedja\Local Settings\Temp\binkw32.dll C:\Documents and Settings\Pedja\Local Settings\Temp\comver.dll C:\Documents and Settings\Pedja\Local Settings\Temp\contentDATs.exe C:\Documents and Settings\Pedja\Local Settings\Temp\Core.dll C:\Documents and Settings\Pedja\Local Settings\Temp\drm_dialogs.dll C:\Documents and Settings\Pedja\Local Settings\Temp\Engine.dll C:\Documents and Settings\Pedja\Local Settings\Temp\GomEncDnInstaller.exe C:\Documents and Settings\Pedja\Local Settings\Temp\IFC23.dll C:\Documents and Settings\Pedja\Local Settings\Temp\iMesh_setup.exe C:\Documents and Settings\Pedja\Local Settings\Temp\msvci70.dll C:\Documents and Settings\Pedja\Local Settings\Temp\msvci70d.dll C:\Documents and Settings\Pedja\Local Settings\Temp\msvcirt.dll C:\Documents and Settings\Pedja\Local Settings\Temp\msvcp70.dll C:\Documents and Settings\Pedja\Local Settings\Temp\msvcp70d.dll C:\Documents and Settings\Pedja\Local Settings\Temp\msvcp71.dll C:\Documents and Settings\Pedja\Local Settings\Temp\msvcp71d.dll C:\Documents and Settings\Pedja\Local Settings\Temp\MSVCR70.dll C:\Documents and Settings\Pedja\Local Settings\Temp\MSVCR70d.dll C:\Documents and Settings\Pedja\Local Settings\Temp\MSVCR71.dll C:\Documents and Settings\Pedja\Local Settings\Temp\MSVCR71d.dll C:\Documents and Settings\Pedja\Local Settings\Temp\MSVCRt.dll C:\Documents and Settings\Pedja\Local Settings\Temp\NEW28A.tmp.exe C:\Documents and Settings\Pedja\Local Settings\Temp\ogg.dll C:\Documents and Settings\Pedja\Local Settings\Temp\ogg_d.dll C:\Documents and Settings\Pedja\Local Settings\Temp\ose00000.exe C:\Documents and Settings\Pedja\Local Settings\Temp\protect.dll C:\Documents and Settings\Pedja\Local Settings\Temp\protect.exe C:\Documents and Settings\Pedja\Local Settings\Temp\SecurityScan_Release.exe C:\Documents and Settings\Pedja\Local Settings\Temp\Setup.exe C:\Documents and Settings\Pedja\Local Settings\Temp\setup0533.exe C:\Documents and Settings\Pedja\Local Settings\Temp\SimBundD.exe C:\Documents and Settings\Pedja\Local Settings\Temp\SimBundD[1].exe C:\Documents and Settings\Pedja\Local Settings\Temp\SkypeSetup.exe C:\Documents and Settings\Pedja\Local Settings\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe C:\Documents and Settings\Pedja\Local Settings\Temp\Uninstall.exe C:\Documents and Settings\Pedja\Local Settings\Temp\UNTE3B.exe C:\Documents and Settings\Pedja\Local Settings\Temp\utt220F.tmp.exe C:\Documents and Settings\Pedja\Local Settings\Temp\vorbis.dll C:\Documents and Settings\Pedja\Local Settings\Temp\vorbisfile.dll C:\Documents and Settings\Pedja\Local Settings\Temp\vorbisfile_d.dll C:\Documents and Settings\Pedja\Local Settings\Temp\vorbis_d.dll C:\Documents and Settings\Pedja\Local Settings\Temp\Window.dll C:\Documents and Settings\Pedja\Local Settings\Temp\{673414F5-7245-49CE-908B-8CFC0EFFF172}-35.0.1916.114_chrome_installer.exe C:\Documents and Settings\Pedja\Local Settings\Temp\{C47B631E-D7EA-40D9-860F-DD9EA3D32E85}-35.0.1916.114_chrome_installer.exe C:\Documents and Settings\Pedja\Local Settings\Temp\{CF779371-10F5-4943-A341-E575FA900B12}-35.0.1916.114_chrome_installer.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ mycity.rs/must-login.png

Profil

Sass Drake Poslao: 27 Dec 2014 16:36 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Idi u Start -> Control Panel -> Add or Remove Programs i deinstaliraj sljedeće programe: Ask Toolbar DAEMON Tools Toolbar Smileys We Love Toolbar for IE Speedial UpdateChecker DriverMax 5 Korak 2 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. HKLM\...\Run: [jsafesurf] => C:\WINDOWS\Help32\safesurf.exe HKLM\...\Run: [Denzi] => C:\Program Files\Denzi\Launcher.bat --wait HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\Run: [UpdateChecker] => C:\Documents and Settings\Pedja\Local Settings\Application Data\Popajar\UpdateChecker\UpdateCheckerApp.exe [7168 2014-01-16] (Popajar, inc) HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\MountPoints2: {4c28373c-c0f2-11e0-9d22-001fc6d827d5} - F:\AutoRun.exe HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\MountPoints2: {726e5566-c1a1-11e0-9d26-baeff9488bc6} - G:\AutoRun.exe HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\MountPoints2: {94a02748-cb70-11e1-a5d0-001fc6d827d5} - G:\AutoRun.exe URLSearchHook: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://speedial.com/?f=2&a=spd_aw_14_49_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0EtCtDtC0FzyyEtByBzy0FyD0DtN0D0Tzu0SzyyEyCtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1Czu0S0P0D0YtN1L1G1B1V1N2Y1L1Qzu2StCtB0D0C0ByD0D0CtGyB0D0FtBtGyCtA0FyDtGtDyE0DyDtGtAtCyCyD0DtA0AtByDtByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0A0AzztCyC0D0BtG0C0F0EtBtGyC0DzyzytGtAtDyD0BtGyC0F0B0C0B0ByCzyyDyDyEyE2QtN1B1L1H1Ezu1O2U1M1B&cr=551095546&ir=" <======= ATTENTION SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_aw_14_49_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0EtCtDtC0FzyyEtByBzy0FyD0DtN0D0Tzu0SzyyEyCtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1Czu0S0P0D0YtN1L1G1B1V1N2Y1L1Qzu2StCtB0D0C0ByD0D0CtGyB0D0FtBtGyCtA0FyDtGtDyE0DyDtGtAtCyCyD0DtA0AtByDtByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0A0AzztCyC0D0BtG0C0F0EtBtGyC0DzyzytGtAtDyD0BtGyC0F0B0C0B0ByCzyyDyDyEyE2QtN1B1L1H1Ezu1O2U1M1B&cr=551095546&ir= SearchScopes: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=3415001E101FA75C&affID=128493&tsp=5327 SearchScopes: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=IMB&o=15785&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=^HQ&apn_dtid=^YYYYYY^YY^RS&apn_uid=A63E8087-65C6-489F-9AE0-CC8C88122527&apn_sauid=375D1D8E-2ACA-4B5B-8F2F-34EEBF33F068 SearchScopes: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_aw_14_49_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0EtCtDtC0FzyyEtByBzy0FyD0DtN0D0Tzu0SzyyEyCtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1Czu0S0P0D0YtN1L1G1B1V1N2Y1L1Qzu2StCtB0D0C0ByD0D0CtGyB0D0FtBtGyCtA0FyDtGtDyE0DyDtGtAtCyCyD0DtA0AtByDtByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0A0AzztCyC0D0BtG0C0F0EtBtGyC0DzyzytGtAtDyD0BtGyC0F0B0C0B0ByCzyyDyDyEyE2QtN1B1L1H1Ezu1O2U1M1B&cr=551095546&ir= SearchScopes: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms} BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () Toolbar: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) FF NewTab: hxxp://www.buenosearch.com/?babsrc=NT_ss&mntrId=3415001E101FA75C&affID=128493&tsp=5327 FF SearchEngineOrder.1: Ask.com FF Homepage: hxxp://www.search.ask.com/?l=dis&o=15788 FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=IMB&o=15785&locale=en_US&apn_uid=A63E8087-65C6-489F-9AE0-CC8C88122527&apn_ptnrs=^HQ&apn_sauid=375D1D8E-2ACA-4B5B-8F2F-34EEBF33F068&apn_dtid=^YYYYYY^YY^RS&q= FF SearchPlugin: C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\searchplugins\askcom.xml FF Extension: DAEMON Tools Toolbar - C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\DTToolbar@toolbarnet.com [2013-12-30] FF Extension: Ask Toolbar - C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\toolbar@ask.com [2014-08-04] FF Extension: Website Xplorer Lite - C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\{d87d56b2-1379-49f4-b081-af2850c79d8e} [2014-08-10] FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi [2014-02-14] CHR Extension: (Elite Unzip) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gafhhbahpojnjfhpepjjfjojbphnogmn [2014-10-01] CHR Extension: (Luvgag - funniest stuff online) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbemncfhifbcnlpdebhemmlpcjabheeb [2013-11-06] CHR Extension: (iLivid) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2014-10-26] CHR HKLM\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.crx [Not Found] CHR HKLM\...\Chrome\Extension: [fjbbjfdilbioabojmcplalojlmdngbjl] - C:\Documents and Settings\Pedja\Local Settings\Temp\swlfiles\smileyswelovetoolbar.crx [2014-02-04] Task: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job => C:\Program Files\Ask.com\UpdateTask.exe C:\WINDOWS\Help32 C:\Program Files\Denzi C:\Documents and Settings\Pedja\Local Settings\Application Data\Popajar C:\Program Files\Ask.com C:\Program Files\DAEMON Tools Toolbar C:\Program Files\WinToFlash Suggestor EmptyTemp: U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Korak 3 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. u EULA prozoru klikni na I agree. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Clean i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl" Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

Profil

zrnicpredrag Poslao: 27 Dec 2014 17:04 Idi na vrh
offline zrnicpredrag Novi MyCity građanin Pridružio: 15 Avg 2014 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ask Toolbar Smileys We Love Toolbar for IE Nece da se deinstaliraju, takodje opcija fix nece da se odradi.

Profil

Sass Drake Poslao: 27 Dec 2014 17:11 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! zrnicpredrag ::Ask Toolbar Smileys We Love Toolbar for IE Nece da se deinstaliraju, takodje opcija fix nece da se odradi. Preskoči programe koji neće da se instaliraju. Fix neće da se odradi jer ti se FRST.exe ne nalazi na Desktopu.

Profil

zrnicpredrag Poslao: 27 Dec 2014 17:55 Idi na vrh
offline zrnicpredrag Novi MyCity građanin Pridružio: 15 Avg 2014 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-12-2014 Ran by Pedja at 2014-12-27 17:12:07 Run:1 Running from C:\Documents and Settings\Pedja\Desktop Loaded Profile: Pedja (Available profiles: Pedja) Boot Mode: Normal ============================================== Content of fixlist: *************** HKLM\...\Run: [jsafesurf] => C:\WINDOWS\Help32\safesurf.exe HKLM\...\Run: [Denzi] => C:\Program Files\Denzi\Launcher.bat --wait HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\Run: [UpdateChecker] => C:\Documents and Settings\Pedja\Local Settings\Application Data\Popajar\UpdateChecker\UpdateCheckerApp.exe [7168 2014-01-16] (Popajar, inc) HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\MountPoints2: {4c28373c-c0f2-11e0-9d22-001fc6d827d5} - F:\AutoRun.exe HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\MountPoints2: {726e5566-c1a1-11e0-9d26-baeff9488bc6} - G:\AutoRun.exe HKU\S-1-5-21-861567501-1454471165-1177238915-1003\...\MountPoints2: {94a02748-cb70-11e1-a5d0-001fc6d827d5} - G:\AutoRun.exe URLSearchHook: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://speedial.com/?f=2&a=spd_aw_14_49_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0EtCtDtC0FzyyEtByBzy0FyD0DtN0D0Tzu0SzyyEyCtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1Czu0S0P0D0YtN1L1G1B1V1N2Y1L1Qzu2StCtB0D0C0ByD0D0CtGyB0D0FtBtGyCtA0FyDtGtDyE0DyDtGtAtCyCyD0DtA0AtByDtByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0A0AzztCyC0D0BtG0C0F0EtBtGyC0DzyzytGtAtDyD0BtGyC0F0B0C0B0ByCzyyDyDyEyE2QtN1B1L1H1Ezu1O2U1M1B&cr=551095546&ir=" <======= ATTENTION SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = speedial.com/results.php?f=4&q={searchTerms}&a=spd_aw_14_49_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0EtCtDtC0FzyyEtByBzy0FyD0DtN0D0Tzu0SzyyEyCtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1Czu0S0P0D0YtN1L1G1B1V1N2Y1L1Qzu2StCtB0D0C0ByD0D0CtGyB0D0FtBtGyCtA0FyDtGtDyE0DyDtGtAtCyCyD0DtA0AtByDtByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0A0AzztCyC0D0BtG0C0F0EtBtGyC0DzyzytGtAtDyD0BtGyC0F0B0C0B0ByCzyyDyDyEyE2QtN1B1L1H1Ezu1O2U1M1B&cr=551095546&ir= SearchScopes: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=3415001E101FA75C&affID=128493&tsp=5327 SearchScopes: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = websearch.ask.com/redirect?client=ie&tb=IMB&o=15785&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=^HQ&apn_dtid=^YYYYYY^YY^RS&apn_uid=A63E8087-65C6-489F-9AE0-CC8C88122527&apn_sauid=375D1D8E-2ACA-4B5B-8F2F-34EEBF33F068 SearchScopes: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = speedial.com/results.php?f=4&q={searchTerms}&a=spd_aw_14_49_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0EtCtDtC0FzyyEtByBzy0FyD0DtN0D0Tzu0SzyyEyCtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1Czu0S0P0D0YtN1L1G1B1V1N2Y1L1Qzu2StCtB0D0C0ByD0D0CtGyB0D0FtBtGyCtA0FyDtGtDyE0DyDtGtAtCyCyD0DtA0AtByDtByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0A0AzztCyC0D0BtG0C0F0EtBtGyC0DzyzytGtAtDyD0BtGyC0F0B0C0B0ByCzyyDyDyEyE2QtN1B1L1H1Ezu1O2U1M1B&cr=551095546&ir= SearchScopes: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = daemon-search.com/search?q={searchTerms} BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () Toolbar: HKU\S-1-5-21-861567501-1454471165-1177238915-1003 -> Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) FF NewTab: hxxp://www.buenosearch.com/?babsrc=NT_ss&mntrId=3415001E101FA75C&affID=128493&tsp=5327 FF SearchEngineOrder.1: Ask.com FF Homepage: hxxp://www.search.ask.com/?l=dis&o=15788 FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=IMB&o=15785&locale=en_US&apn_uid=A63E8087-65C6-489F-9AE0-CC8C88122527&apn_ptnrs=^HQ&apn_sauid=375D1D8E-2ACA-4B5B-8F2F-34EEBF33F068&apn_dtid=^YYYYYY^YY^RS&q= FF SearchPlugin: C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\searchplugins\askcom.xml FF Extension: DAEMON Tools Toolbar - C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\DTToolbar@toolbarnet.com [2013-12-30] FF Extension: Ask Toolbar - C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\toolbar@ask.com [2014-08-04] FF Extension: Website Xplorer Lite - C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\{d87d56b2-1379-49f4-b081-af2850c79d8e} [2014-08-10] FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi [2014-02-14] CHR Extension: (Elite Unzip) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gafhhbahpojnjfhpepjjfjojbphnogmn [2014-10-01] CHR Extension: (Luvgag - funniest stuff online) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbemncfhifbcnlpdebhemmlpcjabheeb [2013-11-06] CHR Extension: (iLivid) - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2014-10-26] CHR HKLM\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.crx [Not Found] CHR HKLM\...\Chrome\Extension: [fjbbjfdilbioabojmcplalojlmdngbjl] - C:\Documents and Settings\Pedja\Local Settings\Temp\swlfiles\smileyswelovetoolbar.crx [2014-02-04] Task: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job => C:\Program Files\Ask.com\UpdateTask.exe C:\WINDOWS\Help32 C:\Program Files\Denzi C:\Documents and Settings\Pedja\Local Settings\Application Data\Popajar C:\Program Files\Ask.com C:\Program Files\DAEMON Tools Toolbar C:\Program Files\WinToFlash Suggestor EmptyTemp: *************** HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\jsafesurf => value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Denzi => value deleted successfully. HKU\S-1-5-21-861567501-1454471165-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Run\\UpdateChecker => Value not found. "HKU\S-1-5-21-861567501-1454471165-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c28373c-c0f2-11e0-9d22-001fc6d827d5}" => Key deleted successfully. HKCR\CLSID\{4c28373c-c0f2-11e0-9d22-001fc6d827d5} => Key not found. "HKU\S-1-5-21-861567501-1454471165-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{726e5566-c1a1-11e0-9d26-baeff9488bc6}" => Key deleted successfully. HKCR\CLSID\{726e5566-c1a1-11e0-9d26-baeff9488bc6} => Key not found. "HKU\S-1-5-21-861567501-1454471165-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94a02748-cb70-11e1-a5d0-001fc6d827d5}" => Key deleted successfully. HKCR\CLSID\{94a02748-cb70-11e1-a5d0-001fc6d827d5} => Key not found. HKU\S-1-5-21-861567501-1454471165-1177238915-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} => value deleted successfully. "HKCR\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}" => Key deleted successfully. HKCR\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B} => Key not found. "HKU\S-1-5-21-861567501-1454471165-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully. HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found. "HKU\S-1-5-21-861567501-1454471165-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}" => Key deleted successfully. HKCR\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key not found. "HKU\S-1-5-21-861567501-1454471165-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}" => Key deleted successfully. HKCR\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B} => Key not found. "HKU\S-1-5-21-861567501-1454471165-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}" => Key deleted successfully. HKCR\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}" => Key deleted successfully. "HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value not found. HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value deleted successfully. HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found. HKU\S-1-5-21-861567501-1454471165-1177238915-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} => value deleted successfully. HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key not found. HKU\S-1-5-21-861567501-1454471165-1177238915-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value deleted successfully. HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found. Firefox newtab deleted successfully. Firefox SearchEngineOrder.1 deleted successfully. Firefox homepage deleted successfully. Firefox Keyword.URL deleted successfully. C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\searchplugins\askcom.xml => Moved successfully. C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\DTToolbar@toolbarnet.com => not found. C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\toolbar@ask.com => Moved successfully. C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\{d87d56b2-1379-49f4-b081-af2850c79d8e} => Moved successfully. C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi => Moved successfully. C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gafhhbahpojnjfhpepjjfjojbphnogmn => Moved successfully. C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbemncfhifbcnlpdebhemmlpcjabheeb => Moved successfully. C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf => Moved successfully. "HKLM\SOFTWARE\Google\Chrome\Extensions\acaoakiamfeidcmgooclgeleejkbaecf" => Key deleted successfully. "HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl" => Key deleted successfully. C:\Documents and Settings\Pedja\Local Settings\Temp\swlfiles\smileyswelovetoolbar.crx => Moved successfully. C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job => Moved successfully. C:\WINDOWS\Help32 => Moved successfully. "C:\Program Files\Denzi" => File/Directory not found. C:\Documents and Settings\Pedja\Local Settings\Application Data\Popajar => Moved successfully. C:\Program Files\Ask.com => Moved successfully. C:\Program Files\DAEMON Tools Toolbar => Moved successfully. "C:\Program Files\WinToFlash Suggestor" => File/Directory not found. EmptyTemp: => Removed 4.7 GB temporary data. The system needed a reboot. ==== End of Fixlog 17:13:30 ==== mycity.rs/must-login.png

Profil

Sass Drake Poslao: 27 Dec 2014 18:06 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odlično. Idemo dalje: Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: `process; startupall; drivers-services-list; skipfix-iedefaults; firefoxlook; chromelook; filesrcm;` Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku.

Profil

zrnicpredrag Poslao: 27 Dec 2014 18:30 Idi na vrh
offline zrnicpredrag Novi MyCity građanin Pridružio: 15 Avg 2014 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe v5.0.0.0 Updated 24-12-2014 Tool run by Pedja on sub 27.12.2014 at 18:18:31,03. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Pedja\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 12/27/2014 6:20:53 PM Zoek.exe System Restore Point Created Succesfully. ==== Running Processes ====================== C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\Nero\Update\NASvc.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\ctfmon.exe E:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Documents and Settings\Pedja\Application Data\uTorrent\uTorrent.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Pedja\Desktop\zoek.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-12-26 13:12:04 DA4D97CBAC72BAAE1147BA190B14F516 1393 ----a-w- C:\WINDOWS\imsins.BAK ====== C:\DOCUME~1\Pedja\LOCALS~1\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== 2014-12-27 13:27:35 C6965DA3999400037FD10B9D695CA052 22040 ----a-w- C:\WINDOWS\System32\wucltui.dll.mui 2014-12-27 13:27:35 BDC0C99E472176C8C2C853A68ADC5073 45080 ----a-w- C:\WINDOWS\System32\wups2.dll 2014-12-27 13:27:33 086D3BAAB62616874AFB672D7362492F 17944 ----a-w- C:\WINDOWS\System32\wuaueng.dll.mui 2014-12-27 13:27:29 FC49037B53F540A2308ECD4374A5C349 15384 ----a-w- C:\WINDOWS\System32\wuaucpl.cpl.mui 2014-12-27 13:27:28 6198AFA9092016D3FD04FF41FD62D13F 15384 ----a-w- C:\WINDOWS\System32\wuapi.dll.mui ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-12-27 14:21:29 -------- d-----w- C:\Program Files\Speccy ======= C: ===== ====== C:\Documents and Settings\Pedja\Application Data ====== 2014-12-27 14:23:04 -------- d-----w- C:\Documents and Settings\Pedja\Application Data\Google 2014-12-03 23:18:35 -------- d-----w- C:\Documents and Settings\Pedja\Application Data\Skype ====== C:\Documents and Settings\Pedja ====== 2014-12-27 16:25:01 9208E5A0A844FCCB39B5252C07B4E860 2173952 ----a-w- C:\Documents and Settings\Pedja\Desktop\AdwCleaner.exe 2014-12-27 15:02:29 6FC0C30FCE951864011DA10903086CEE 1114624 ----a-w- C:\Documents and Settings\Pedja\Desktop\FRST.exe 2014-12-24 18:35:02 -------- d--h--r- C:\Documents and Settings\Pedja\Recent 2014-12-11 18:23:24 -------- d-----w- C:\Documents and Settings\Pedja\.borland ====== C: exe-files == 2014-12-27 16:25:01 9208E5A0A844FCCB39B5252C07B4E860 2173952 ----a-w- C:\Documents and Settings\Pedja\Desktop\AdwCleaner.exe 2014-12-27 16:24:20 9208E5A0A844FCCB39B5252C07B4E860 2173952 ----a-w- C:\Documents and Settings\Pedja\My Documents\Downloads\AdwCleaner.exe 2014-12-27 15:02:29 6FC0C30FCE951864011DA10903086CEE 1114624 ----a-w- C:\Documents and Settings\Pedja\Desktop\FRST.exe 2014-12-27 14:21:18 5D61BE7DB55B026A5D61A3EED09D0EAD 39408 ----a-w- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2014-12-27 14:21:13 5D4BC124FAAE6730AC002CDB67BF1A1C 194032 ----a-w- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 2014-12-27 14:20:56 E8B7FD67DA14A7BE57A5CB80E3139E60 309704 ----a-w- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe 2014-12-27 14:20:56 211F96EB417FF837A70F5130E63A1A45 400840 ----a-w- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_64.exe 2014-12-27 14:20:39 4B78E9AE06F7C310E30EE2FA5B7EBC3C 1721296 ----a-w- C:\Program Files\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C993F490EED40C1B.exe 2014-12-27 14:20:38 1F2AFAB903C0D48480561F3BBD4539C2 739640 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleUpdateSetup_5CC4B0F53D73AD88.exe 2014-12-27 14:20:37 4BEAF576CB43358C4DB9F45AC7C09CDB 194032 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleUpdaterService_B33FC4DD36A473C6.exe 2014-12-27 14:20:36 E8B7FD67DA14A7BE57A5CB80E3139E60 309704 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_32_52E818EF81C83A9B.exe 2014-12-27 14:20:36 211F96EB417FF837A70F5130E63A1A45 400840 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_64_4D9709C1FA1422BA.exe 2014-12-27 14:20:35 4C401FCC6D0C95E1A5D989E403E18F2F 1072072 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_8CA8B41417E66DEB.exe 2014-12-27 14:20:08 5A6381E0AFB4E0B9FD318C1C76EFE9DC 5030744 ----a-w- C:\Program Files\Google\Update\Install\{F32D0198-15AB-4C83-8CB2-3E00EB9468DA}\googletoolbarinstaller_en_signed.exe 2014-12-27 14:20:08 5A6381E0AFB4E0B9FD318C1C76EFE9DC 5030744 ----a-w- C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\0.0.0.0\googletoolbarinstaller_en_signed.exe 2014-12-27 14:14:44 A7DD64E7AB5605665CE68A00814343D7 5122624 ----a-w- C:\Documents and Settings\Pedja\My Documents\Downloads\spsetup127 (1).exe 2014-12-27 14:14:23 A7DD64E7AB5605665CE68A00814343D7 5122624 ----a-w- C:\Documents and Settings\Pedja\My Documents\Downloads\spsetup127.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-861567501-1454471165-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "Google Update"="C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" "DAEMON Tools Lite"="E:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "uTorrent"="C:\Documents and Settings\Pedja\Application Data\uTorrent\uTorrent.exe /MINIMIZED" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" "nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" "nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" "nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" "nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" "SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" "RTHDCPL"="RTHDCPL.EXE" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "Google Update"="C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" "DAEMON Tools Lite"="E:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "uTorrent"="C:\Documents and Settings\Pedja\Application Data\uTorrent\uTorrent.exe /MINIMIZED" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Reader_sl" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools-1033] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="daemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FacebookUpdate" "hkey"="HKCU" "command"="\"C:\\Documents and Settings\\Pedja\\Local Settings\\Application Data\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleUpdate" "hkey"="HKCU" "command"="\"C:\\Documents and Settings\\Pedja\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Program Files\\uTorrent\\uTorrent.exe\" /MINIMIZED" ==== Startup Folders ====================== 2013-11-09 17:56:55 1037 ----a-w- C:\Documents and Settings\Pedja\Start Menu\Programs\Startup\Registration .LNK ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [10.12.2014 00:43] C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-861567501-1454471165-1177238915-1003Core.job --a------ [Undetermined Task] C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-861567501-1454471165-1177238915-1003UA.job --a------ C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [19.09.2012 19:30] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [27.02.2013 15:56] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [27.02.2013 15:56] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1454471165-1177238915-1003Core.job --a------ C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [18.10.2014 21:58] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1454471165-1177238915-1003UA.job --a------ C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [18.10.2014 21:58] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default user_pref("browser.search.selectedEngine", "Google"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "jqs@sun.com"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,\ [] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default - Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\1qwujxfb.default 3CD19649B2C3023D65E67C056457A2BC - C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 2AB6A7F373290AE20A19CF5F306E8C97 - C:\Documents and Settings\Pedja\Application Data\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer 76EFD64CD206B93E2EB5320A23C19AD7 - C:\Documents and Settings\Pedja\Application Data\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin 2BF85B6162528E0635DD8D632EB975C8 - C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll - Facebook Desktop 8FE7BA502945BE735D09D5703BD76FDA - C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll - Shockwave for Director / Shockwave for Director 5EB6F21D95E728C61BCFC89F899D6BB0 - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.260.3 1040BD9BF3DDAB7CDA2346F8375480A2 - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 6 U26 4393DCB856A2A109E266E6F59E2EF31A - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat 4393DCB856A2A109E266E6F59E2EF31A - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM A4315454EE75C8E8C0653457B642965A - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) Google Docs - Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {105E99FF-8B9A-4492-B155-06194B9056D2} Bing Url="http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFD_enRS620" ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on sub 27.12.2014 at 18:25:13,96 ======================

Profil

Sass Drake Poslao: 27 Dec 2014 18:54 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sada bi trebal oda si čist što se adwarea tiče. Reci mi kakvo je sada stanje sistema. Da li još dobijaš poruku o grešci?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa windows-om xp

Ko je trenutno na forumu

Ukupno su 904 korisnika na forumu :: 9 registrovanih, 0 sakrivenih i 895 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bigfoot, branko7, djordje92sm, Kriglord, kybonacci, Neutral-M, VJ, wizzardone, zziko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by