MyCity » Ambulanta -> Arhiva Ambulante » Provera Racunara

Provera Racunara

Napisano na dan: 15.3.2014

Strana:
1
2
3

Provera Racunara

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

TheChains Poslao: 15 Mar 2014 20:26 Idi na vrh
offline TheChains Zaslužni građanin Absolut Gut Pridružio: 13 Avg 2012 Poruke: 561 Gde živiš: Atakama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvoli: Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Zorica on sub 15.03.2014 at 20:01:03,44. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: D:\yoek\zoek.scr [Scan all users] [Script inserted] ==== System Restore Info ====================== 15.3.2014 20:03:21 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2861581720-2204672646-155532148-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2861581720-2204672646-155532148-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2861581720-2204672646-155532148-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411591160} deleted successfully HKEY_USERS\S-1-5-21-2861581720-2204672646-155532148-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511111108} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2861581720-2204672646-155532148-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default ---- Lines CT3215747 removed from prefs.js ---- user_pref("CT3215747.FF19Solved", "true"); user_pref("CT3215747.UserID", "UN38202098489889294"); user_pref("CT3215747.fullUserID", "UN38202098489889294.IN.20131222173810"); user_pref("CT3215747.installDate", "22/12/2013 17:38:14"); user_pref("CT3215747.installSessionId", "{7B568462-B8F8-45F0-972F-333930CF4C23}"); user_pref("CT3215747.installSp", "false"); user_pref("CT3215747.installerVersion", "1.8.1.4"); user_pref("CT3215747.searchRevert", "false"); user_pref("CT3215747.searchUninstallUserMode", "1"); user_pref("CT3215747.searchUserMode", "1"); user_pref("CT3215747.toolbarInstallDate", "22-12-2013 17:38:10"); user_pref("CT3215747.versionFromInstaller", "10.23.0.722"); user_pref("CT3215747.xpeMode", "1"); ---- Lines Torntv removed from prefs.js ---- user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.testingGaq.value", "%22http%3A//extclickm user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.name", "Torntv V6.0"); ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossrider.bic", "143d8e5032af83015ddc7675453a18df"); ---- Lines gophoto.it modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"descriptor\":\"C:\\\\Program ---- Lines defaulttab modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"descriptor\":\"C:\\\\Program ---- Lines smartbar removed from prefs.js ---- user_pref("smartbar.machineId", "V3A/SYYX/SXPIWSTYOGDI7YPLUKPCUE711FIEOXYMCASSAICELTZ7HICNN9R4RLB5CUMMHSIG2T37XXTNAKTXA"); ---- Lines a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108 removed from prefs.js ---- user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2 user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2 user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.active", true); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.addressbar", "NA"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.addressbarenhanced", ""); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.asyncdb.was_copied", "true"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.asyncdb_dbWasSet", true); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.asyncdb_dbWasSet_FF25_FIX", true); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.asyncinternaldb.was_copied", "true"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.asyncinternaldb_dbWasSet", true); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.asyncinternaldb_dbWasSet_FF25_FIX", true); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.backgroundver", 1); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.certdomaininstaller", ""); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.changeprevious", false); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.cookie.InstallationTime.expiration", "Fri Feb 01 user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.cookie.InstallationTime.value", "%221392573809%2 user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.cookie.InstallerParams.expiration", "Fri Feb 01 user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.cookie.InstallerParams.value", "%7B%22source_id% user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.cookie.jw_token.expiration", "Fri Feb 01 2030 00 user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.cookie.jw_token.value", "%2284936e85-5c22-8116-8 user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.description", "Turn YouTube videos to High Defin user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.domain", ""); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.enablesearch", false); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.homepage", ""); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.iframe", false); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.InstallationThankYouPage", true); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.InstallationTime", 1392573809); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.__defualt_browser__.expiration", "Fri user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.__defualt_browser__.value", "%22ff%22 user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.installer.expiration", "Fri Feb 01 20 user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.installer.value", "%7B%22InstallerIde user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerIdentifiers.expiration", "Fr user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerIdentifiers.value", "%7B%22i user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerParams.expiration", "Fri Feb user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerParams.value", "%7B%22source user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerParamsCache.expiration", "Fr user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerParamsCache.value", "%7B%22s user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerUserIdentifiersCache.expirat user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerUserIdentifiersCache.value", user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.monetization_plugin_bundledUrls.expir user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.monetization_plugin_bundledUrls.value user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.monetization_plugin_bundledWithHash.e user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.monetization_plugin_bundledWithHash.v user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.monetization_plugin_last_executable_r user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.monetization_plugin_last_executable_r user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.monetization_plugin_notBundledArr_.ex user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.monetization_plugin_notBundledArr_.va user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_appVer.expiration", "Fri Fe user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_appVer.value", "41"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_lastVersion.expiration", "F user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_lastVersion.value", "1"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_meta.expiration", "Fri Feb user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_meta.value", "%7B%7D"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_nextCheck.expiration", "Fri user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_nextCheck.value", "true"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_queue.expiration", "Fri Feb user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_queue.value", "%7B%7D"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_remote_resources.expiration user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_remote_resources.value", "% user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.lastDailyReport", "1394744440695"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.lastUpdate", "1394744449148"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.manifesturl", ""); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.name", "Plus-HD-8.1"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.newtab", ""); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.opensearch", ""); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plu user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.pluginsversion", 38); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.publisher", "Plus HD"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.searchstatus", 0); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.setnewtab", false); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.thankyou", ""); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.updateinterval", 360); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.ver", 41); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.apps", "51108"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.bic", "143d8e5032af83015ddc7675453a18df"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.cid", 51108); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.FilesValidatorDueTime", "1394744495467"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.firstrun", false); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.hadappinstalled", true); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.installationdate", 1392577385); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.modetype", "production"); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.reportInstall", true); user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.statsDailyCounter", 14); ---- Lines ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960 removed from prefs.js ---- user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.active", true); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.addressbar", "NA"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.addressbarenhanced", ""); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncdb.was_copied", "true"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncdb_dbWasSet", true); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncdb_dbWasSet_FF25_FIX", true); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncinternaldb.was_copied", "true"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncinternaldb_dbWasSet", true); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncinternaldb_dbWasSet_FF25_FIX", true); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.backgroundver", 8); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.certdomaininstaller", ""); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.changeprevious", false); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie._GPL_aoi.value", "%221393593470%22"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie._GPL_parent_zoneid.expiration", "Fri Feb user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie._GPL_parent_zoneid.value", "%22476142%22" user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.au.expiration", "Fri Feb 01 2030 00:00:00 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.au.value", "%222014-2-28%22"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.cm_page_views.expiration", "Fri Mar 14 20 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.cm_page_views.value", "8"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.cnt.expiration", "Fri Feb 01 2030 00:00:0 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.cnt.value", "%22RS%22"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.first_run.expiration", "Fri Feb 01 2030 0 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.first_run.value", "%221%22"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.install.expiration", "Fri Feb 01 2030 00: user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.install.value", "%222014-1-28%22"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.InstallationTime.expiration", "Fri Feb 01 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.InstallationTime.value", "%221390901749%2 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.InstallerParams.expiration", "Fri Feb 01 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.InstallerParams.value", "%7B%22source_id% user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.jw_token.expiration", "Fri Feb 01 2030 00 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.jw_token.value", "%224593f740-39ef-fae1-9 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.partner_is_not_installed.expiration", "Fr user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.partner_is_not_installed.value", "true"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.partner_last_seen.expiration", "Fri Feb 0 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.partner_last_seen.value", "1393248581753" user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.testingGaq.expiration", "Fri Feb 01 2030 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.description", "The must-have App extensions for user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.domain", ""); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.enablesearch", false); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.homepage", ""); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.iframe", false); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.InstallationThankYouPage", true); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.InstallationTime", 1390901749); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.__defualt_browser__.expiration", "Fri user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.__defualt_browser__.value", "%22ff%22 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.installer.expiration", "Fri Feb 01 20 user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.installer.value", "%7B%22InstallerIde user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerIdentifiers.expiration", "Fr user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerIdentifiers.value", "%7B%22i user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerParams.expiration", "Fri Feb user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerParams.value", "%7B%22source user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerParamsCache.expiration", "Fr user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerParamsCache.value", "%7B%22s user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerUserIdentifiersCache.expirat user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerUserIdentifiersCache.value", user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_bundledUrls.expir user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_bundledUrls.value user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_bundledWithHash.e user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_bundledWithHash.v user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_notBundledArr_.ex user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_notBundledArr_.va user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_appVer.expiration", "Fri Fe user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_appVer.value", "91"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_lastVersion.expiration", "F user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_lastVersion.value", "4"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_meta.expiration", "Fri Feb user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_meta.value", "%7B%7D"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_nextCheck.expiration", "Fri user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_nextCheck.value", "true"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_queue.expiration", "Fri Feb user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_queue.value", "%7B%7D"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_remote_resources.expiration user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_remote_resources.value", "% user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.lastDailyReport", "1394744440539"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.lastUpdate", "1394744449079"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.manifesturl", ""); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.newtab", ""); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.opensearch", ""); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plu user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.pluginsversion", 83); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.publisher", "installdaddy"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.searchstatus", 0); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.setnewtab", false); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.thankyou", ""); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.updateinterval", 360); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.ver", 91); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.apps", "45960"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.bic", "143d8e5032af83015ddc7675453a18df"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.cid", 45960); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.FilesValidatorDueTime", "1394744498275"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.firstrun", false); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.hadappinstalled", true); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.installationdate", 1390913324); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.modetype", "production"); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.reportInstall", true); user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.statsDailyCounter", 23); ---- FireFox user.js and prefs.js backups ---- user_15.03.2014_2013_.backup prefs_15.03.2014_2013_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater] "command"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Badoo Desktop] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon] "item"=- "command"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\playnowradio] "item"=- "command"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Tiny download manager] "command"=- "item"= ==== Deleting Files \ Folders ====================== C:\\Program Files\\Ask.com not found C:\\ProgramData\\Badoo\\Badoo Desktop not found C:\Users\Zorica\AppData\Roaming\YourFileDownloader deleted C:\\Program Files\\Mobogenie deleted C:\\Users\\Zorica\\AppData\\Local\\playnowradio deleted C:\\Users\\Zorica\\AppData\\Local\\DM deleted C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted C:\Program Files\Plus-HD-8.1 deleted C:\Program Files\Torntv V6.0 deleted C:\Users\Zorica\appdata\locallow\Torntv V6.0 deleted C:\Users\Zorica\daemonprocess.txt deleted C:\Users\Zorica\.android deleted C:\Program Files\Conduit deleted C:\Program Files\SmartTweak deleted C:\Program Files\Gophoto.it deleted C:\Users\Zorica\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mobogenie.lnk deleted C:\Users\Zorica\AppData\Roaming\Babylon deleted C:\PROGRA~2\APN deleted C:\PROGRA~2\win_mpwd_sys.dat deleted C:\PROGRA~2\Babylon deleted C:\PROGRA~2\Trymedia deleted C:\Users\Zorica\AppData\Local\CRE deleted C:\Users\Zorica\AppData\Local\Softonic deleted C:\Users\Zorica\AppData\Local\WhiteListing deleted C:\Users\Zorica\AppData\Local\NativeMessaging deleted C:\Users\Zorica\AppData\Local\Mobogenie deleted C:\Users\Zorica\AppData\Local\cache deleted C:\Users\Zorica\AppData\Local\Babylon deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design deleted C:\Users\Zorica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie deleted C:\Users\Zorica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software deleted C:\Users\Zorica\Downloads\SoftonicDownloader_for_naruto-the-way-of-the-ninja.exe deleted C:\Users\Zorica\AppData\LocalLow\Conduit deleted C:\Windows\system32\tasks\RunAsStdUser Task deleted C:\END deleted C:\Users\Zorica\Documents\Mobogenie deleted C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\CT3215747 deleted "C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\extensions\gophoto@gophoto.it.xpi" deleted ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default 95812430959AE88CDD0301AB3A71913B - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash A9C86900D2A61728C8326FE7147617C5 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update 01D93217A9EE48DD37072B671378CC9C - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51 9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13 FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Zorica\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 69AA47F09AA281C7D3C7716CA7E283B4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 380F9A643A149B9030142E7171EFA91B - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat D7EFF0B98C370E03D7E2593399D9B669 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision 75A1232EAC640B782CDD2132B5271AA8 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION 28986F0A2342A033345EF9E70D395E4F - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ikgjcmfodgjkcgimppbdnkmdhmepjckc - C:\Users\Zorica\AppData\Local\CRE\ikgjcmfodgjkcgimppbdnkmdhmepjckc.crx[] kiplfnciaokpcennlkldkdaeaaomamof - C:\Users\Zorica\AppData\Local\Torch\Plugins\TorchPlugin.crx[] pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files\Gophoto.it\gophotoit16.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ikgjcmfodgjkcgimppbdnkmdhmepjckc - C:\Users\Zorica\AppData\Local\CRE\ikgjcmfodgjkcgimppbdnkmdhmepjckc.crx[] Mario Forever DM - Zorica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikgjcmfodgjkcgimppbdnkmdhmepjckc Google Wallet - Zorica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda GoPhoto.it - Zorica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk DefaultTab - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc ==== Chrome Fix ====================== C:\Users\Zorica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikgjcmfodgjkcgimppbdnkmdhmepjckc deleted successfully C:\Users\Zorica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ikgjcmfodgjkcgimppbdnkmdhmepjckc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ikgjcmfodgjkcgimppbdnkmdhmepjckc deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-8.1 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateMyDrivers deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateMyDrivers.exe deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Zorica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Zorica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Zorica\AppData\Local\Mozilla\Firefox\Profiles\pq6l3t1i.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Zorica\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3354 folders=396 357481046 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Users\Zorica\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Zorica\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied C:\RECYCLER successfully emptied ==== EOF on sub 15.03.2014 at 20:23:30,36 ======================

Profil

argus Poslao: 15 Mar 2014 20:30 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je stanje sada?

Profil

TheChains Poslao: 15 Mar 2014 20:35 Idi na vrh
offline TheChains Zaslužni građanin Absolut Gut Pridružio: 13 Avg 2012 Poruke: 561 Gde živiš: Atakama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Za nijansu bolje, gotovo isto..

Profil

argus Poslao: 15 Mar 2014 20:42 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokreni ponovo FRST i okaci mi logove.

Profil

TheChains Poslao: 15 Mar 2014 20:46 Idi na vrh
offline TheChains Zaslužni građanin Absolut Gut Pridružio: 13 Avg 2012 Poruke: 561 Gde živiš: Atakama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 Ran by Zorica (administrator) on ZORICA-PC on 15-03-2014 20:44:53 Running from D:\FRSTI Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe (New Softwares.net) C:\Windows\system32\WinFLService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe ( New Softwares.net) C:\Windows\System32\WinFLTray.exe (DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe (New Softwares.net) C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe ( New Softwares.net) C:\Program Files\NewSoftware's\Folder Lock\FLComServ.exe (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\system32\prevhost.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Fences] - C:\Program Files\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation) HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [5317136 2014-02-11] (AVG Technologies CZ, s.r.o.) HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2013-08-31] (Microsoft Corporation) HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\Run: [WinFLTray] - C:\Windows\system32\WinFLTray.exe [321736 2013-08-24] ( New Softwares.net) HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\Run: [FLBackup] - C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe [275656 2013-08-24] (New Softwares.net) HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\Run: [MCShield Monitor] - C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-02-02] (MyCity) HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\Run: [WinThemePack Logon] - C:\Program Files\WinThemePack\Magic The Gathering Logon Screen\tweak.exe [10429625 2013-03-31] (WinThemePack.com) HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\Run: [svchost] - regsvr32 /s "C:\Temp:0031ED2C.dat" HKU\S-1-5-21-2861581720-2204672646-155532148-1000\...\MountPoints2: H - H:\PcOptions.exe Startup: C:\Users\Zorica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk ShortcutTarget: Fences.lnk -> C:\Program Files\Stardock\Fences\Fences.exe (Stardock Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xADC2A13B0D9DCE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-rs SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: SerialTrunc - {e76b4f24-4a2f-4e65-ad36-e2aa934e547c} - C:\Program Files\SerialTrunc\SerialTruncbho.dll (SerialTrunc) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50 FireFox: ======== FF ProfilePath: C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default FF user.js: detected! => C:\Users\Zorica\AppData\Roaming\Mozilla\Firefox\Profiles\pq6l3t1i.default\user.js FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Zorica\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-24] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-24] Chrome: ======= CHR Extension: (Google новчаник) - C:\Users\Zorica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21] ========================== Services (Whitelisted) ================= R2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1510896 2014-02-06] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3746112 2014-02-17] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [314048 2014-02-06] (AVG Technologies CZ, s.r.o.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [583680 2012-12-10] (Intel(R) Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [627744 2012-12-10] (Intel(R) Corporation) R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-15] (Intel Corporation) R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S2 pr2ah4nc; C:\Windows\system32\pr2ah4nc.exe [407152 2007-05-18] (CODEMASTERS) ==================== Drivers (Whitelisted) ==================== S3 androidusb; C:\Windows\System32\Drivers\smhwadb.sys [25728 2014-01-10] (Google Inc) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [122136 2014-01-19] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [196376 2014-02-06] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149272 2014-01-31] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2013-12-15] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [181016 2013-12-15] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [249112 2014-01-12] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [106264 2014-02-06] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2013-12-15] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [194328 2014-01-19] (AVG Technologies CZ, s.r.o.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-08-19] (DT Soft Ltd) R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [41912 2010-07-22] (FSPro Labs) S3 hw_usbdev; C:\Windows\System32\DRIVERS\hw_usbdev.sys [102272 2014-01-10] (Huawei Technologies Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-13] (Intel Corporation) R2 NEWDRIVER; C:\Windows\system32\WinVDEdrv6.sys [188176 2013-08-24] () R0 pe3ah4nc; C:\Windows\System32\drivers\pe3ah4nc.sys [64880 2007-05-18] (CODEMASTERS) R0 ps6ah4nc; C:\Windows\System32\drivers\ps6ah4nc.sys [55160 2007-05-18] (CODEMASTERS) S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation) S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation) S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation) S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation) S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation) S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation) S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation) S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation) S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation) S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation) S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation) S3 smhwser; C:\Windows\System32\DRIVERS\smhwser.sys [108032 2014-01-10] (QUALCOMM Incorporated) S3 USBET; C:\Windows\System32\DRIVERS\ETdrv.sys [5116544 2010-11-29] (Etron) R1 WinFLAdrv; C:\Windows\System32\WinFLAdrv.sys [29184 2013-08-24] () S3 MSICDSetup; \??\G:\CDriver.sys [X] S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X] S3 PBDOWNFORCE_SERVICE; \??\C:\Users\Zorica\AppData\Local\Temp\PHQF97F.tmp [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-15 20:20 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-03-15 20:03 - 2014-03-15 20:23 - 00039439 _____ () C:\zoek-results.log 2014-03-15 19:09 - 2014-03-15 20:18 - 00000000 ____D () C:\zoek_backup 2014-03-15 18:31 - 2014-03-15 18:31 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Zorica\Downloads\revosetup.exe 2014-03-15 18:31 - 2014-03-15 18:31 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-03-15 18:05 - 2014-03-15 18:05 - 00038213 _____ () C:\Users\Zorica\Downloads\289830_1954096077_FRST.txt 2014-03-15 17:41 - 2014-03-15 17:41 - 00041765 _____ () C:\Users\Zorica\Downloads\289830_1694730679_Addition.txt 2014-03-15 17:37 - 2014-03-15 17:37 - 00041765 _____ () C:\Users\Zorica\Downloads\Addition.txt 2014-03-15 17:36 - 2014-03-15 20:44 - 00000000 ____D () C:\FRST 2014-03-15 17:34 - 2014-03-15 17:34 - 00013980 _____ () C:\Users\Zorica\Downloads\289830_1724353748_attach.txt 2014-03-15 16:45 - 2014-03-15 16:45 - 00688992 ____R (Swearware) C:\Users\Zorica\Downloads\dds (1).scr 2014-03-15 16:35 - 2006-03-02 15:33 - 00000000 ____D () C:\Users\Zorica\Downloads\Pinout 2014-03-15 16:34 - 2014-03-15 16:34 - 03100868 _____ () C:\Users\Zorica\Downloads\14015_1017673869_Pinout_3_0_1_51.exe 2014-03-14 14:52 - 2014-03-15 20:22 - 00074580 _____ () C:\Windows\PFRO.log 2014-03-14 07:31 - 2014-03-15 20:23 - 00001503 _____ () C:\Windows\setupact.log 2014-03-14 07:31 - 2014-03-14 07:31 - 00000000 _____ () C:\Windows\setuperr.log 2014-03-13 22:10 - 2014-03-13 22:10 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming\AVG 2014-03-13 22:02 - 2014-03-13 22:28 - 00000000 ____D () C:\ProgramData\AVG 2014-03-13 22:00 - 2014-03-13 22:02 - 78353832 _____ (AVG) C:\Users\Zorica\Downloads\avg_tuh_stf_all_2014_295_24c34.exe 2014-03-13 21:41 - 2014-03-13 21:41 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming\AVG2014 2014-03-13 21:36 - 2014-03-13 21:36 - 00000947 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-03-13 21:36 - 2014-03-13 21:36 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming\TuneUp Software 2014-03-13 21:26 - 2014-03-13 21:54 - 00000000 ____D () C:\ProgramData\AVG2014 2014-03-13 21:26 - 2014-03-13 21:26 - 00000000 ___HD () C:\$AVG 2014-03-13 21:24 - 2014-03-15 18:35 - 00000000 ____D () C:\Program Files\AVG 2014-03-13 21:15 - 2014-03-15 20:29 - 00000000 ____D () C:\ProgramData\MFAData 2014-03-13 21:15 - 2014-03-14 09:31 - 00000000 ____D () C:\Users\Zorica\AppData\Local\Avg2014 2014-03-13 21:15 - 2014-03-13 21:15 - 00000000 ____D () C:\Users\Zorica\AppData\Local\MFAData 2014-03-12 12:44 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-12 12:44 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-12 12:44 - 2014-03-01 05:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-12 12:44 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-12 12:44 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-12 12:44 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-12 12:44 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-12 12:44 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-12 12:44 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-12 12:44 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-12 12:44 - 2014-03-01 04:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-12 12:44 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-12 12:44 - 2014-03-01 04:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-12 12:44 - 2014-03-01 04:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-12 12:44 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-12 12:44 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-12 12:44 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-12 12:44 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-12 12:44 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-12 12:44 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-12 12:44 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-12 12:44 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-12 12:44 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-12 12:43 - 2014-02-07 02:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-12 12:43 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-12 12:43 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-12 12:43 - 2014-01-28 03:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-10 14:14 - 2014-03-10 14:16 - 00000000 ____D () C:\Users\Zorica\Desktop\ogi slike 2014-03-10 14:07 - 2014-03-10 14:07 - 00000000 ____D () C:\Users\Zorica\Desktop\slike 2014-03-05 14:44 - 2014-03-15 17:49 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000UA.job 2014-03-05 14:44 - 2014-03-15 14:49 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000Core.job 2014-03-04 14:08 - 2014-03-04 14:08 - 00000000 ___RD () C:\Program Files\Skype 2014-03-04 14:08 - 2014-03-04 14:08 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-02-28 12:26 - 2014-02-28 12:26 - 00001034 _____ () C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk 2014-02-27 21:47 - 2014-02-28 12:24 - 00000000 ____D () C:\Program Files\SerialTrunc 2014-02-24 14:18 - 2014-02-24 14:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-02-20 16:35 - 2014-02-28 21:05 - 00000000 ____D () C:\Users\Zorica\Desktop\sklike 2014-02-17 19:00 - 2014-02-20 16:35 - 00000000 ___RD () C:\Users\Zorica\Desktop\ogi 2014-02-16 19:02 - 2014-02-16 19:02 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-02-13 13:13 - 2014-02-13 13:13 - 00000000 ____D () C:\Users\Zorica\AppData\Local\Codemasters 2014-02-13 01:38 - 2014-02-13 01:38 - 00000000 ____D () C:\Users\Public\Documents\Codemasters ==================== One Month Modified Files and Folders ======= 2014-03-15 20:44 - 2014-03-15 17:36 - 00000000 ____D () C:\FRST 2014-03-15 20:40 - 2013-10-21 11:30 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming\Skype 2014-03-15 20:38 - 2013-08-19 19:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-15 20:29 - 2014-03-13 21:15 - 00000000 ____D () C:\ProgramData\MFAData 2014-03-15 20:28 - 2009-07-14 05:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-15 20:28 - 2009-07-14 05:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-15 20:23 - 2014-03-15 20:03 - 00039439 _____ () C:\zoek-results.log 2014-03-15 20:23 - 2014-03-14 07:31 - 00001503 _____ () C:\Windows\setupact.log 2014-03-15 20:23 - 2013-09-30 10:00 - 00000000 ____D () C:\ProgramData\MCShield 2014-03-15 20:23 - 2013-08-19 19:53 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-15 20:23 - 2013-08-19 19:48 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-03-15 20:23 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-03-15 20:22 - 2014-03-14 14:52 - 00074580 _____ () C:\Windows\PFRO.log 2014-03-15 20:21 - 2013-09-26 22:13 - 01755961 _____ () C:\Windows\WindowsUpdate.log 2014-03-15 20:19 - 2013-09-08 21:14 - 00000378 _____ () C:\Windows\Tasks\update-sys.job 2014-03-15 20:18 - 2014-03-15 19:09 - 00000000 ____D () C:\zoek_backup 2014-03-15 20:17 - 2013-08-19 19:53 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-15 20:15 - 2013-08-19 19:38 - 00000000 ____D () C:\Users\Zorica 2014-03-15 19:22 - 2013-08-19 19:54 - 00002131 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-03-15 18:47 - 2013-12-10 17:24 - 00001108 __RSH () C:\Users\Zorica\ntuser.pol 2014-03-15 18:35 - 2014-03-13 21:24 - 00000000 ____D () C:\Program Files\AVG 2014-03-15 18:31 - 2014-03-15 18:31 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Zorica\Downloads\revosetup.exe 2014-03-15 18:31 - 2014-03-15 18:31 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-03-15 18:30 - 2013-09-08 21:14 - 00000378 _____ () C:\Windows\Tasks\update-S-1-5-21-2861581720-2204672646-155532148-1000.job 2014-03-15 18:05 - 2014-03-15 18:05 - 00038213 _____ () C:\Users\Zorica\Downloads\289830_1954096077_FRST.txt 2014-03-15 17:49 - 2014-03-05 14:44 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000UA.job 2014-03-15 17:41 - 2014-03-15 17:41 - 00041765 _____ () C:\Users\Zorica\Downloads\289830_1694730679_Addition.txt 2014-03-15 17:37 - 2014-03-15 17:37 - 00041765 _____ () C:\Users\Zorica\Downloads\Addition.txt 2014-03-15 17:34 - 2014-03-15 17:34 - 00013980 _____ () C:\Users\Zorica\Downloads\289830_1724353748_attach.txt 2014-03-15 16:45 - 2014-03-15 16:45 - 00688992 ____R (Swearware) C:\Users\Zorica\Downloads\dds (1).scr 2014-03-15 16:34 - 2014-03-15 16:34 - 03100868 _____ () C:\Users\Zorica\Downloads\14015_1017673869_Pinout_3_0_1_51.exe 2014-03-15 14:49 - 2014-03-05 14:44 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2861581720-2204672646-155532148-1000Core.job 2014-03-14 09:31 - 2014-03-13 21:15 - 00000000 ____D () C:\Users\Zorica\AppData\Local\Avg2014 2014-03-14 09:30 - 2013-10-26 06:11 - 00000000 ____D () C:\Users\Zorica\Desktop\Games 2014-03-14 07:31 - 2014-03-14 07:31 - 00000000 _____ () C:\Windows\setuperr.log 2014-03-14 03:47 - 2013-08-19 19:41 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-03-14 03:41 - 2013-08-29 17:08 - 00000000 ____D () C:\Users\Zorica\AppData\Local\Unity 2014-03-13 22:30 - 2013-11-26 19:41 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming\Winamp 2014-03-13 22:30 - 2013-08-19 20:04 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming\DAEMON Tools Pro 2014-03-13 22:29 - 2013-08-19 19:56 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming\uTorrent 2014-03-13 22:28 - 2014-03-13 22:02 - 00000000 ____D () C:\ProgramData\AVG 2014-03-13 22:18 - 2013-08-20 05:10 - 00000000 ____D () C:\Windows\Panther 2014-03-13 22:10 - 2014-03-13 22:10 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming\AVG 2014-03-13 22:02 - 2014-03-13 22:00 - 78353832 _____ (AVG) C:\Users\Zorica\Downloads\avg_tuh_stf_all_2014_295_24c34.exe 2014-03-13 21:54 - 2014-03-13 21:26 - 00000000 ____D () C:\ProgramData\AVG2014 2014-03-13 21:41 - 2014-03-13 21:41 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming\AVG2014 2014-03-13 21:36 - 2014-03-13 21:36 - 00000947 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-03-13 21:36 - 2014-03-13 21:36 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming\TuneUp Software 2014-03-13 21:26 - 2014-03-13 21:26 - 00000000 ___HD () C:\$AVG 2014-03-13 21:15 - 2014-03-13 21:15 - 00000000 ____D () C:\Users\Zorica\AppData\Local\MFAData 2014-03-13 21:14 - 2014-01-13 12:17 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming\AVAST Software 2014-03-13 21:14 - 2013-08-19 20:10 - 00000000 ____D () C:\ProgramData\Alwil Software 2014-03-13 21:14 - 2013-08-19 20:10 - 00000000 ____D () C:\Program Files\Alwil Software 2014-03-13 21:14 - 2009-07-14 03:04 - 00002577 _____ () C:\Windows\system32\config.nt 2014-03-12 18:38 - 2013-08-19 19:59 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-03-12 18:38 - 2013-08-19 19:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-03-12 17:38 - 2009-07-14 05:33 - 00409784 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-12 17:37 - 2014-02-03 14:19 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-12 14:16 - 2013-09-24 14:16 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-12 13:46 - 2013-09-04 13:30 - 00000000 ____D () C:\Users\Zorica\Documents\Images 2014-03-10 14:16 - 2014-03-10 14:14 - 00000000 ____D () C:\Users\Zorica\Desktop\ogi slike 2014-03-10 14:07 - 2014-03-10 14:07 - 00000000 ____D () C:\Users\Zorica\Desktop\slike 2014-03-09 20:18 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-03-06 22:44 - 2013-09-08 21:14 - 00000443 _____ () C:\Users\Zorica\AppData\Local\UserProducts.xml 2014-03-06 22:44 - 2013-09-08 21:14 - 00000000 ____D () C:\Users\Zorica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot 2014-03-05 14:44 - 2013-08-24 19:29 - 00000000 ____D () C:\Users\Zorica\AppData\Local\Facebook 2014-03-04 14:08 - 2014-03-04 14:08 - 00000000 ___RD () C:\Program Files\Skype 2014-03-04 14:08 - 2014-03-04 14:08 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-03-04 14:08 - 2013-08-19 23:14 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-04 14:08 - 2013-08-19 23:14 - 00000000 ____D () C:\ProgramData\Skype 2014-03-02 23:49 - 2013-08-19 19:55 - 00000000 ____D () C:\Program Files\Opera 2014-03-01 05:30 - 2014-03-12 12:44 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-01 05:11 - 2014-03-12 12:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-01 05:10 - 2014-03-12 12:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-01 04:52 - 2014-03-12 12:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-01 04:51 - 2014-03-12 12:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-01 04:47 - 2014-03-12 12:44 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-01 04:43 - 2014-03-12 12:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-01 04:43 - 2014-03-12 12:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-01 04:40 - 2014-03-12 12:44 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-01 04:38 - 2014-03-12 12:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-01 04:38 - 2014-03-12 12:44 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-01 04:37 - 2014-03-12 12:44 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-01 04:31 - 2014-03-12 12:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-01 04:25 - 2014-03-12 12:44 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-01 04:16 - 2014-03-12 12:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-01 04:14 - 2014-03-12 12:44 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-01 04:03 - 2014-03-12 12:44 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-01 04:00 - 2014-03-12 12:44 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-01 03:57 - 2014-03-12 12:44 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-01 03:32 - 2014-03-12 12:44 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-01 03:27 - 2014-03-12 12:44 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-01 03:25 - 2014-03-12 12:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-28 21:05 - 2014-02-20 16:35 - 00000000 ____D () C:\Users\Zorica\Desktop\sklike 2014-02-28 12:26 - 2014-02-28 12:26 - 00001034 _____ () C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk 2014-02-28 12:26 - 2013-09-30 10:00 - 00000000 ____D () C:\Program Files\MCShield 2014-02-28 12:24 - 2014-02-27 21:47 - 00000000 ____D () C:\Program Files\SerialTrunc 2014-02-28 12:24 - 2013-09-07 10:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-02-28 12:23 - 2013-08-19 20:01 - 00000000 ____D () C:\Program Files\Winrar 2014-02-24 14:18 - 2014-02-24 14:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-02-20 20:00 - 2013-08-19 19:42 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-20 16:35 - 2014-02-17 19:00 - 00000000 ___RD () C:\Users\Zorica\Desktop\ogi 2014-02-17 17:23 - 2014-01-24 18:51 - 00000000 ____D () C:\Users\Zorica\Desktop\sam u kuci 2,3 - Copy 2014-02-16 19:02 - 2014-02-16 19:02 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-02-16 19:01 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public 2014-02-13 23:59 - 2014-03-15 20:20 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-02-13 13:13 - 2014-02-13 13:13 - 00000000 ____D () C:\Users\Zorica\AppData\Local\Codemasters 2014-02-13 08:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-02-13 07:22 - 2013-08-19 19:52 - 00109672 _____ () C:\Users\Zorica\AppData\Local\GDIPFONTCACHEV1.DAT 2014-02-13 01:38 - 2014-02-13 01:38 - 00000000 ____D () C:\Users\Public\Documents\Codemasters 2014-02-13 01:13 - 2014-02-12 20:04 - 00000000 ____D () C:\Program Files\Codemasters Some content of TEMP: ==================== C:\Users\Zorica\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-11 09:05 ==================== End Of Log ============================

Profil

argus Poslao: 15 Mar 2014 20:50 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Addition log?

Profil

TheChains Poslao: 15 Mar 2014 20:56 Idi na vrh
offline TheChains Zaslužni građanin Absolut Gut Pridružio: 13 Avg 2012 Poruke: 561 Gde živiš: Atakama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: https://www.mycity.rs/must-login.png

Profil

argus Poslao: 15 Mar 2014 21:11 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: `Start S3 PBDOWNFORCE_SERVICE; \??\C:\Users\Zorica\AppData\Local\Temp\PHQF97F.tmp 2014-02-27 21:47 - 2014-02-28 12:24 - 00000000 ____D () C:\Program Files\SerialTrunc BHO: SerialTrunc - {e76b4f24-4a2f-4e65-ad36-e2aa934e547c} - C:\Program Files\SerialTrunc\SerialTruncbho.dll (SerialTrunc) Play Now Radio (HKCU\...\playnowradio) (Version: - playnowradio) <==== ATTENTION Task: {4AAC7AD9-74D4-47AA-9765-5A3ACF4AEF78} - \RunAsStdUser Task No Task File End` 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

TheChains Poslao: 15 Mar 2014 21:13 Idi na vrh
offline TheChains Zaslužni građanin Absolut Gut Pridružio: 13 Avg 2012 Poruke: 561 Gde živiš: Atakama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01 Ran by Zorica at 2014-03-15 21:12:13 Run:2 Running from D:\FRSTI Boot Mode: Normal ============================================== Content of fixlist: *************** Start S3 PBDOWNFORCE_SERVICE; \??\C:\Users\Zorica\AppData\Local\Temp\PHQF97F.tmp 2014-02-27 21:47 - 2014-02-28 12:24 - 00000000 ____D () C:\Program Files\SerialTrunc BHO: SerialTrunc - {e76b4f24-4a2f-4e65-ad36-e2aa934e547c} - C:\Program Files\SerialTrunc\SerialTruncbho.dll (SerialTrunc) Play Now Radio (HKCU\...\playnowradio) (Version: - playnowradio) <==== ATTENTION Task: {4AAC7AD9-74D4-47AA-9765-5A3ACF4AEF78} - \RunAsStdUser Task No Task File End ************* PBDOWNFORCE_SERVICE => Service deleted successfully. C:\Program Files\SerialTrunc => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e76b4f24-4a2f-4e65-ad36-e2aa934e547c} => Key deleted successfully. HKCR\CLSID\{e76b4f24-4a2f-4e65-ad36-e2aa934e547c} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4AAC7AD9-74D4-47AA-9765-5A3ACF4AEF78} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AAC7AD9-74D4-47AA-9765-5A3ACF4AEF78} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser Task => Key deleted successfully. ==== End of Fixlog ====Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01 Ran by Zorica at 2014-03-15 21:12:13 Run:2 Running from D:\FRSTI Boot Mode: Normal ============================================== Content of fixlist: ************* Start S3 PBDOWNFORCE_SERVICE; \??\C:\Users\Zorica\AppData\Local\Temp\PHQF97F.tmp 2014-02-27 21:47 - 2014-02-28 12:24 - 00000000 ____D () C:\Program Files\SerialTrunc BHO: SerialTrunc - {e76b4f24-4a2f-4e65-ad36-e2aa934e547c} - C:\Program Files\SerialTrunc\SerialTruncbho.dll (SerialTrunc) Play Now Radio (HKCU\...\playnowradio) (Version: - playnowradio) <==== ATTENTION Task: {4AAC7AD9-74D4-47AA-9765-5A3ACF4AEF78} - \RunAsStdUser Task No Task File End *************** PBDOWNFORCE_SERVICE => Service deleted successfully. C:\Program Files\SerialTrunc => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e76b4f24-4a2f-4e65-ad36-e2aa934e547c} => Key deleted successfully. HKCR\CLSID\{e76b4f24-4a2f-4e65-ad36-e2aa934e547c} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4AAC7AD9-74D4-47AA-9765-5A3ACF4AEF78} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AAC7AD9-74D4-47AA-9765-5A3ACF4AEF78} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser Task => Key deleted successfully. ==== End of Fixlog ====

Profil

argus Poslao: 15 Mar 2014 21:19 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	1Ovo se svidja korisniku: TheChains Registruj se da bi pohvalio/la poruku! To bi bilo sve, racunar bi morao bolje da radi posle ovog ciscenja. Klasicni malware nije postojao na racunaru osim adware-a koji si instalirao zajedno sa pojedinim programima. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provera Racunara

Ko je trenutno na forumu

Ukupno su 1152 korisnika na forumu :: 39 registrovanih, 3 sakrivenih i 1110 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., acatomic, Andrija357, babaroga, bigfoot, black sabah, Brana01, bufanje, cavatina, cemix, darionis, Denaya, DPera, Fog of War, gmlale, Hans Gajger, ILGromovnik, Mercury, Mi lao shu, milenko crazy north, Milos ZA, mrav pesadinac, prle122, procesor, RED4G-304, Reddot, royst33, savaskytec, Sirius, sombrero, tubular, uruk, vaso1, Vlada78, voja64, wizzardone, YugoSlav, zillbg, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by