MyCity » Ambulanta -> Arhiva Ambulante » Crash nakon odredjenoga vremena

Crash nakon odredjenoga vremena

Napisano na dan: 29.9.2014

Strana:
1
2

Crash nakon odredjenoga vremena

Sledeća strana

Pagination

Odgovori

Strana:
1
2

bios1 Poslao: 29 Sep 2014 13:19 Idi na vrh
offline bios1 Ugledni građanin Pridružio: 18 Jan 2012 Poruke: 435	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Prvo kada igram igricu pes12, odigram prvo poluvreme tj. pred kraj prvog poluvremena pocinje da steka ili da koci, onda kada igram war3(dotu) igram jedno 20 minuta i onda pocne nenormalno stekanje, sinoc na bs palejeru gledam seriju i u 37 minutu isto tako samo odjednom pocne da koci i tekst i slika i zvuk i ne moguce je da se gleda, ujedno mi zastopa i cjeli kopm pa moram restart, tako isto i pesom kad sam igrao i kad izadjem samo kres, ne shvatam u cemu je problem, pre je sve radilo normalno... https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-09-2014 02 Ran by JUNGA (administrator) on JUNG on 29-09-2014 12:52:04 Running from C:\Documents and Settings\JUNGA\My Documents\Downloads Loaded Profile: JUNGA (Available profiles: JUNGA & Administrator) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States) Internet Explorer Version 6 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Skillbrains) C:\Documents and Settings\JUNGA\Local Settings\Application Data\Skillbrains\lightshot\5.1.4.9\Lightshot.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-11] (AVAST Software) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-03-03] (Advanced Micro Devices, Inc.) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [1368064 2004-04-01] (Analog Devices, Inc.) HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [794624 2004-03-26] (Analog Devices, Inc.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-484763869-2146843535-1417001333-1003\...\Run: [LightShot] => C:\Documents and Settings\JUNGA\Local Settings\Application Data\Skillbrains\lightshot\Lightshot.exe [226560 2014-07-01] () HKU\S-1-5-21-484763869-2146843535-1417001333-1003\...\MountPoints2: {c3f15d5d-46ff-11e4-b4f7-00112ff83d99} - E:\AutoRun.exe ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home SearchScopes: HKLM - DefaultScope value is missing. BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\JUNGA\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: pokki.com/PokkiDownloadHelper -> C:\Documents and Settings\JUNGA\Local Settings\Application Data\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki) FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-11] Chrome: ======= CHR HomePage: Default -> CHR CustomProfile: C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-08-11] CHR Extension: (Google документи) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-11] CHR Extension: (Google диск) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-11] CHR Extension: (Turn Off the Lights) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-09-22] CHR Extension: (YouTube) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-11] CHR Extension: (Download FB Album mod) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2014-08-23] CHR Extension: (Google претрага) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-11] CHR Extension: (Video download helper) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dbkchnicaiglcjpgbmpfmoafckkomdcm [2014-08-11] CHR Extension: (Slagalica fer igra - Ludara.com) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpifakoabdhigpeebhalfkjkoidenba [2014-08-11] CHR Extension: (Quick Javascript Switcher) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\geddoclleiomckbhadiaipdggiiccfje [2014-08-11] CHR Extension: (AdBlock) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-11] CHR Extension: (Hide My AdBlocker) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2014-08-11] CHR Extension: (Hola Better Internet) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-08-11] CHR Extension: (avast! Online Security) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-11] CHR Extension: (Turn Off the Lights) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\labjanboighjienkhiabgpefblkbmemd [2014-09-22] CHR Extension: (pricechop) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp [2014-09-01] CHR Extension: (Google новчаник) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-11] CHR Extension: (Gmail) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-11] CHR Extension: (pricechop) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9 [2014-09-01] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-11] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-11] (AVAST Software) S3 idsvc; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [864256 2007-10-11] (Microsoft Corporation) [File not signed] R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-11] (Oracle Corporation) S4 NetTcpPortSharing; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [122880 2007-10-11] (Microsoft Corporation) [File not signed] R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [File not signed] S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-08-11] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-08-11] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-08-11] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-08-11] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-08-11] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-08-11] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-08-11] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-08-11] () S3 MidiSyn; C:\WINDOWS\System32\drivers\MidiSyn.sys [235100 2002-09-21] (Analog Devices Inc) R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [114376 2013-10-23] (Power Software Ltd) R3 senfilt; C:\WINDOWS\System32\drivers\senfilt.sys [381056 2004-04-27] (Sensaura) R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yukonwxp.sys [174464 2003-11-10] (Marvell Semiconductor Inc.) S4 IntelIde; No ImagePath S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-29 12:51 - 2014-09-29 12:52 - 00000000 ____D () C:\FRST 2014-09-28 13:25 - 2014-09-28 13:25 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\DatacardService 2014-09-28 13:24 - 2014-09-28 13:59 - 00000000 ____D () C:\Documents and Settings\JUNGA\Desktop\New Folder (2) 2014-09-27 19:47 - 2002-12-29 01:14 - 00081920 _____ () C:\WINDOWS\system32\Startup.cpl 2014-09-25 13:37 - 2014-09-25 14:11 - 00006008 _____ () C:\Documents and Settings\JUNGA\Desktop\New Text Document.txt 2014-09-22 23:58 - 2014-09-23 00:00 - 00000000 ____D () C:\Documents and Settings\JUNGA\Desktop\New Folder (3) 2014-09-22 21:48 - 2014-09-22 21:48 - 13674406 _____ () C:\Documents and Settings\JUNGA\Desktop\dbr.wav 2014-09-19 10:32 - 2014-09-19 10:32 - 00000000 ___RD () C:\Program Files\Skype 2014-09-19 10:32 - 2014-09-19 10:32 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-09-19 10:32 - 2014-09-19 10:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Skype 2014-09-18 02:30 - 2014-09-18 02:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes 2014-09-16 19:12 - 2014-09-16 19:12 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\TuneUp Software 2014-09-16 19:12 - 2014-09-16 19:12 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\TuneUp Software 2014-09-16 18:57 - 2014-09-17 01:52 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt 2014-09-16 18:56 - 2014-09-16 18:56 - 00000000 ____D () C:\Documents and Settings\JUNGA\Local Settings\Application Data\TuneUp Software 2014-09-16 18:56 - 2014-09-16 18:56 - 00000000 ____D () C:\Documents and Settings\JUNGA\Application Data\TuneUp Software 2014-09-16 18:49 - 2014-09-16 18:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TuneUp Software 2014-09-16 18:48 - 2014-09-16 18:48 - 00000000 __SHD () C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-09-16 18:45 - 2014-09-16 18:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\GRETECH 2014-09-15 10:12 - 2014-09-15 10:12 - 00000000 ____D () C:\Program Files\Marvell 2014-09-07 22:35 - 2014-09-07 22:35 - 00001804 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-07 22:33 - 2014-09-07 22:34 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-09-07 22:33 - 2014-09-07 22:33 - 00000000 ____D () C:\Program Files\Adobe 2014-09-07 22:31 - 2014-09-07 22:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe 2014-09-07 22:21 - 2014-09-07 22:37 - 00000000 ____D () C:\Documents and Settings\JUNGA\Local Settings\Application Data\Adobe 2014-09-05 21:38 - 2014-09-29 00:43 - 00000998 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-484763869-2146843535-1417001333-1003UA.job 2014-09-05 21:38 - 2014-09-28 21:43 - 00000976 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-484763869-2146843535-1417001333-1003Core.job 2014-09-05 21:38 - 2014-09-05 21:39 - 00000000 ____D () C:\Documents and Settings\JUNGA\Local Settings\Application Data\Facebook 2014-09-05 13:22 - 2014-09-16 18:44 - 00000856 _____ () C:\Documents and Settings\JUNGA\Start Menu\GOM Player.lnk 2014-09-05 13:22 - 2014-09-05 13:22 - 00000000 ____D () C:\Program Files\GRETECH 2014-09-05 13:22 - 2014-09-05 13:22 - 00000000 ____D () C:\Documents and Settings\JUNGA\Application Data\GRETECH 2014-09-05 13:22 - 2014-09-05 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\GOM Player 2014-09-02 19:56 - 2014-09-02 19:56 - 00000000 ____D () C:\Documents and Settings\JUNGA\Desktop\New Folder 2014-09-01 19:02 - 2014-09-01 19:02 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\KONAMI 2014-09-01 18:45 - 2014-09-01 18:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\KONAMI 2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\KONAMI 2014-09-01 17:45 - 2014-09-01 17:45 - 00000394 __RSH () C:\Documents and Settings\All Users\ntuser.pol 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\SUPPORT_388945a0 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\JUNGA\Local Settings\Application Data\Torch 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\JUNGA\Local Settings\Application Data\Comodo 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\JUNGA\Local Settings\Application Data\Chromatic Browser 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Torch 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Chromatic Browser 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\HelpAssistant 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\Guest\Local Settings\Application Data\Torch 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\Guest\Local Settings\Application Data\Google 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\Guest\Local Settings\Application Data\Chromatic Browser 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\Guest 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\222456a3e1d9af1a 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo 2014-09-01 17:45 - 2014-09-01 17:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Chromatic Browser 2014-08-30 15:48 - 2014-08-30 15:48 - 00000044 _____ () C:\WINDOWS\wawx_dumpreg64.dll 2014-08-30 15:48 - 2014-08-30 15:48 - 00000044 _____ () C:\Documents and Settings\JUNGA\Application Data\twow_sysprepdt.dat 2014-08-30 15:47 - 2014-08-30 15:47 - 00000000 ____D () C:\Documents and Settings\JUNGA\Application Data\Eurobattle.net 2014-08-30 15:44 - 2014-08-30 15:47 - 00000000 ____D () C:\Program Files\Eurobattle.net 2014-08-30 15:44 - 2014-08-30 15:44 - 00000692 _____ () C:\Documents and Settings\JUNGA\Desktop\Eurobattle.net Client.lnk 2014-08-30 15:12 - 2014-09-29 00:52 - 00000000 ____D () C:\Documents and Settings\JUNGA\Desktop\Warcraft III ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-29 12:53 - 2014-08-11 01:35 - 00000000 ____D () C:\Documents and Settings\JUNGA\Local Settings\Temp 2014-09-29 12:44 - 2014-08-11 01:26 - 01658021 _____ () C:\WINDOWS\WindowsUpdate.log 2014-09-29 12:43 - 2014-08-11 02:03 - 00000362 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-09-29 12:43 - 2014-08-11 01:44 - 00000880 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-29 12:43 - 2014-08-11 01:33 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-09-29 11:55 - 2014-08-11 01:44 - 00000884 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-29 00:56 - 2014-08-11 03:14 - 00175436 _____ () C:\WINDOWS\setupact.log 2014-09-29 00:22 - 2014-08-11 23:54 - 00000376 _____ () C:\WINDOWS\Tasks\update-sys.job 2014-09-29 00:01 - 2014-08-15 09:41 - 00014848 _____ () C:\Documents and Settings\JUNGA\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-28 23:15 - 2014-08-11 01:35 - 00000000 ____D () C:\Documents and Settings\JUNGA 2014-09-28 19:29 - 2014-08-11 23:54 - 00000376 _____ () C:\WINDOWS\Tasks\update-S-1-5-21-484763869-2146843535-1417001333-1003.job 2014-09-28 18:55 - 2014-08-11 11:49 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt 2014-09-28 18:55 - 2014-08-11 01:35 - 00000178 ___SH () C:\Documents and Settings\JUNGA\ntuser.ini 2014-09-28 18:55 - 2014-08-11 01:33 - 00032500 _____ () C:\WINDOWS\SchedLgU.Txt 2014-09-28 13:46 - 2014-08-11 03:14 - 00966174 _____ () C:\WINDOWS\setupapi.log 2014-09-28 13:43 - 2014-08-19 20:43 - 00000000 ____D () C:\Documents and Settings\JUNGA\Application Data\Skype 2014-09-28 13:41 - 2014-08-12 12:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MCShield 2014-09-28 02:11 - 2014-08-11 10:53 - 00000340 _____ () C:\WINDOWS\Tasks\Driver Robot.job 2014-09-27 19:25 - 2014-08-11 03:13 - 00000211 ___SH () C:\boot.ini 2014-09-27 19:25 - 2001-08-23 13:00 - 00000638 _____ () C:\WINDOWS\win.ini 2014-09-27 19:25 - 2001-08-23 13:00 - 00000227 _____ () C:\WINDOWS\system.ini 2014-09-26 11:35 - 2001-08-23 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-09-21 12:11 - 2014-08-14 12:35 - 00000000 ____D () C:\Documents and Settings\JUNGA\Application Data\uTorrent 2014-09-19 10:32 - 2014-08-19 20:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype 2014-09-18 11:56 - 2014-08-11 03:09 - 00000000 ____D () C:\WINDOWS\java 2014-09-15 19:29 - 2014-08-11 23:54 - 00000506 _____ () C:\Documents and Settings\JUNGA\Local Settings\Application Data\UserProducts.xml 2014-09-15 19:29 - 2014-08-11 23:54 - 00000000 ____D () C:\Documents and Settings\JUNGA\Start Menu\Programs\Lightshot 2014-09-10 22:08 - 2014-08-11 13:18 - 00000000 ____D () C:\Documents and Settings\JUNGA\My Documents\The KMPlayer 2014-09-07 22:37 - 2014-08-22 13:08 - 00000000 ____D () C:\Documents and Settings\JUNGA\Application Data\Adobe 2014-09-05 21:39 - 2014-08-11 02:05 - 00000000 ____D () C:\Documents and Settings\JUNGA\Local Settings\Application Data\Temp 2014-09-01 18:45 - 2014-08-26 13:52 - 00000000 ____D () C:\Program Files\Empire Interactive 2014-09-01 18:45 - 2014-08-11 11:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-09-01 18:43 - 2014-08-23 01:25 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-09-01 18:30 - 2014-08-23 01:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp 2014-09-01 17:45 - 2014-08-11 01:44 - 00000000 ____D () C:\Program Files\Google 2014-09-01 17:45 - 2014-08-11 01:44 - 00000000 ____D () C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google 2014-08-31 18:50 - 2014-08-11 01:45 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat 2014-08-30 17:28 - 2014-08-11 03:14 - 00108600 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-08-30 17:28 - 2014-08-11 01:37 - 00016768 _____ () C:\Documents and Settings\JUNGA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT Some content of TEMP: ==================== C:\Documents and Settings\JUNGA\Local Settings\Temp\1_flashplayer.exe C:\Documents and Settings\JUNGA\Local Settings\Temp\AutoRun.exe C:\Documents and Settings\JUNGA\Local Settings\Temp\AutoRunGUI.dll C:\Documents and Settings\JUNGA\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwaa6gl.dll C:\Documents and Settings\JUNGA\Local Settings\Temp\DseShExt-x86.dll C:\Documents and Settings\JUNGA\Local Settings\Temp\GomEncDnInstaller.exe C:\Documents and Settings\JUNGA\Local Settings\Temp\jre-7u67-windows-i586-iftw.exe C:\Documents and Settings\JUNGA\Local Settings\Temp\nsb9C5.tmp.exe C:\Documents and Settings\JUNGA\Local Settings\Temp\safeguard.exe C:\Documents and Settings\JUNGA\Local Settings\Temp\SDShelEx-win32.dll C:\Documents and Settings\JUNGA\Local Settings\Temp\Uninstall.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================

Profil

argus Poslao: 29 Sep 2014 14:49 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start HKU\S-1-5-21-484763869-2146843535-1417001333-1003\...\MountPoints2: {c3f15d5d-46ff-11e4-b4f7-00112ff83d99} - E:\AutoRun.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR Extension: (pricechop) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp [2014-09-01] C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp CHR Extension: (pricechop) - C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9 [2014-09-01] C:\Documents and Settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X] EmptyTemp: CMD: bitsadmin /reset /allusers End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

bios1 Poslao: 29 Sep 2014 15:19 Idi na vrh
offline bios1 Ugledni građanin Pridružio: 18 Jan 2012 Poruke: 435	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: https://www.mycity.rs/must-login.png

Profil

argus Poslao: 29 Sep 2014 15:32 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sad isprati kako se ponasa pa javi stanje.

Profil

bios1 Poslao: 29 Sep 2014 20:56 Idi na vrh
offline bios1 Ugledni građanin Pridružio: 18 Jan 2012 Poruke: 435	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jedva napisah ovo, sada mi mi izbacuje ovo http://prntscr.com/4risgm dok sam na Guglu, zaboravih da napisem i da mi se racunar isto tako sporo pali onaj log od Windowsa se ucitva pola godine, a oficijalni zvuk kad se upali cuje se nekako usporeno, i ima jos ovaj problem, iz cista mira kad sam na netu, nema veze koja je stranica, kliknem npr. na sliku ili na jutjub neki video samo mi se odjednom otvori, iskoci nova stranica ili me cak direktno preusmjeri na tu neku stranicu ne znam koja je sada, kada se ponovo to desi okacicu ovdje SS...

Profil

argus Poslao: 29 Sep 2014 21:01 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt Korak 2 Preuzmi instalaciju za Malwarebytes Anti-Malware (MBAM) ver.2.0 i instaliraj aplikaciju. Dvoklik na mbam-setup.exe i prati uputstva za instalaciju. Instalacija je klasicna, "Next > I Agree . . > Next > Install" princip. Po zavrsenoj instalaciji, klikni Finish. Napomena: 14 dana besplatna trail verzija je pre-selektovana. Mozes decekirati ovu opciju ako zelis. - Po prvom pokretanju, MBAM ce zapoceti "Update" u nameri da preuzme najsvezije definicije. Ili ... klik na 'Update Now >>' link ili dugme radi preuzimanja svezih definicija. • Konfigurisati skener; Na 'Settings' tabu, Detection and Protection podesiti sledece opcije: 1. pod-tab Detection Options, cekirati kucicu za 'Scan for rootkits'; 2. pod-tab Non-Malware Protection, za 'PUP detections', prostarati se da je selektovana 'Threat detections as malware' opcija. • Izvrsiti 'Threat Scan'; Klik na Scan tab, zatim na 'Scan Now >>' da bi izvrsio skeniranje. Ukoliko MBAM prijavi da je 'update' dostupan, klik na 'Update Now' a potom nastaviti do skeniranja. Obavestenje: kod nekih teskih infekcija, moguce je dobiti sledecu poruku "Could not load DDA driver". U tom slucaju, klik Yes na tu poruku, dopustiti ucitavanje drajvera po restartu racunara, dozvoliti restart. Potom, nastaviti sa ostatkom instrukcija. • Po zavrsenom skeniranju, klik na Apply Action dugme ukoliko je pretnja detektovana. Sacekati da program zatrazi restart! - Klik na Yes na poruku koja govori da ce se sistem restartovati. • Postaviti izvestaj (export-ovati logfile) na uvid; Ponovo pokrenuti MBAM, klik na History tab > Application Logs. Dvoklik na 'Scan Log' koji pokazuje vreme i datum upravo izvrsenog skeniranja. 1. U novom prozoru klik na 'Export' dugme, pa izabrati 'Text file (*.txt)'; 2. Kada se pojavi Save File dialog, izabrati da se log sacuva na Desktop. U tom istom prozoru, dole pod File name: upisi 'mbam' kao naziv izvestaja i klikni dugme Save. - Po dobijenoj poruci ("Your file has been successfully exported") izvestaj koji si nazvao kao 'mbam' bice sacuvan na Desktop. Okaci mbam.txt uz poruku koristeci opciju Prikači fajl.

Profil

bios1 Poslao: 30 Sep 2014 00:07 Idi na vrh
offline bios1 Ugledni građanin Pridružio: 18 Jan 2012 Poruke: 435	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 29 Sep 2014 22:41 pOSLJE ovoga restarta izleti mi opet neki error, pritisecem dugme na tastaturi da ga fotografisem ali nista se ne desava udjem u start kad ono lightshot izbrisan, nemam pojam kako vjerovatno u ovom cisecnju..evo slike od erroa http://prntscr.com/4rkaxu izvjestaji: https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png Dopuna: 30 Sep 2014 0:07 Igram Dot-u skoro kraj igre, probijamo im bazu, ne steka sve fino, mozda dva puta u toku igre desilo se manje stekanje od nekih 3-5 sekudnih.. Kad odjednom samo mi restart puce pa je%^^$£m ti racunar i sve :p

Profil

argus Poslao: 30 Sep 2014 14:50 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Iz te slike ne mogu nista da zakljucim. Da odradimo jos jednu proceru. Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku; Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata; Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata; Ako nakon restarta dobijaš grešku prilikom startovanja pojedinih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to ce rešiti problem.

Profil

bios1 Poslao: 30 Sep 2014 21:32 Idi na vrh
offline bios1 Ugledni građanin Pridružio: 18 Jan 2012 Poruke: 435	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 14-09-29.02 - JUNGA 09/30/2014 20:55:20.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.659 [GMT 2:00] Running from: c:\documents and settings\JUNGA\Desktop\ComboFix.exe AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp c:\documents and settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\background.html c:\documents and settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\content.js c:\documents and settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lCQIWmK.js c:\documents and settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lsdb.js c:\documents and settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\manifest.json c:\documents and settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0Htz.js c:\documents and settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0mF.js c:\documents and settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp c:\documents and settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\background.html c:\documents and settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\content.js c:\documents and settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lCQIWmK.js c:\documents and settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lsdb.js c:\documents and settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\manifest.json c:\documents and settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0Htz.js c:\documents and settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0mF.js c:\documents and settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp c:\documents and settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\background.html c:\documents and settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\content.js c:\documents and settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lCQIWmK.js c:\documents and settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lsdb.js c:\documents and settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\manifest.json c:\documents and settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0Htz.js c:\documents and settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0mF.js c:\documents and settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp c:\documents and settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\background.html c:\documents and settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\content.js c:\documents and settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lCQIWmK.js c:\documents and settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lsdb.js c:\documents and settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\manifest.json c:\documents and settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0Htz.js c:\documents and settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0mF.js c:\documents and settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp c:\documents and settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\background.html c:\documents and settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\content.js c:\documents and settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lCQIWmK.js c:\documents and settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lsdb.js c:\documents and settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\manifest.json c:\documents and settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0Htz.js c:\documents and settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0mF.js c:\documents and settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp c:\documents and settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\background.html c:\documents and settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\content.js c:\documents and settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lCQIWmK.js c:\documents and settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lsdb.js c:\documents and settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\manifest.json c:\documents and settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0Htz.js c:\documents and settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0mF.js c:\documents and settings\JUNGA\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp c:\documents and settings\JUNGA\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\background.html c:\documents and settings\JUNGA\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\content.js c:\documents and settings\JUNGA\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lCQIWmK.js c:\documents and settings\JUNGA\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lsdb.js c:\documents and settings\JUNGA\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\manifest.json c:\documents and settings\JUNGA\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0Htz.js c:\documents and settings\JUNGA\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0mF.js c:\documents and settings\JUNGA\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp c:\documents and settings\JUNGA\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\background.html c:\documents and settings\JUNGA\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\content.js c:\documents and settings\JUNGA\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lCQIWmK.js c:\documents and settings\JUNGA\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lsdb.js c:\documents and settings\JUNGA\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\manifest.json c:\documents and settings\JUNGA\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0Htz.js c:\documents and settings\JUNGA\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0mF.js c:\documents and settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nlhdndkaidfjgljicelephophjafongl_0.localstorage c:\documents and settings\JUNGA\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\background.html c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\content.js c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lCQIWmK.js c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lsdb.js c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\manifest.json c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0Htz.js c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0mF.js c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\background.html c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\content.js c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lCQIWmK.js c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\lsdb.js c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\manifest.json c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0Htz.js c:\documents and settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\mpbnnlmpgmcnjogffdnjjjphpbdnmobp\3.9\o0mF.js C:\install.exe c:\windows\wawx_dumpreg64.dll . . ((((((((((((((((((((((((( Files Created from 2014-08-28 to 2014-09-30 ))))))))))))))))))))))))))))))) . . 2014-09-30 20:34 . 2014-09-30 20:34 -------- d-----w- c:\program files\Skillbrains 2014-09-30 20:34 . 2014-09-30 20:34 -------- d-----w- c:\documents and settings\JUNGA\Local Settings\Application Data\Skillbrains 2014-09-30 19:12 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll 2014-09-30 19:11 . 2014-09-30 17:39 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-09-30 19:08 . 2014-05-12 05:26 53208 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-09-30 19:08 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-09-30 19:08 . 2014-09-30 19:09 -------- d-----w- c:\program files\Malwarebytes Anti-Malware 2014-09-30 19:05 . 2014-09-30 20:21 -------- d-----w- C:\AdwCleaner 2014-09-29 10:51 . 2014-09-29 12:45 -------- d-----w- C:\FRST 2014-09-28 11:25 . 2014-09-28 11:25 -------- d-----w- c:\documents and settings\All Users\Application Data\DatacardService 2014-09-27 17:47 . 2002-12-28 23:14 81920 ----a-w- c:\windows\system32\Startup.cpl 2014-09-19 08:32 . 2014-09-19 08:32 -------- d-----w- c:\program files\Common Files\Skype 2014-09-19 08:32 . 2014-09-19 08:32 -------- d-----r- c:\program files\Skype 2014-09-18 00:30 . 2014-09-18 00:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2014-09-16 17:12 . 2014-09-16 17:12 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\TuneUp Software 2014-09-16 17:12 . 2014-09-16 17:12 -------- d-----w- c:\documents and settings\LocalService\Application Data\TuneUp Software 2014-09-16 16:56 . 2014-09-16 16:56 -------- d-----w- c:\documents and settings\JUNGA\Local Settings\Application Data\TuneUp Software 2014-09-16 16:56 . 2014-09-16 16:56 -------- d-----w- c:\documents and settings\JUNGA\Application Data\TuneUp Software 2014-09-16 16:49 . 2014-09-16 16:57 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software 2014-09-16 16:48 . 2014-09-16 16:48 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-09-16 16:48 . 2014-09-16 16:48 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files 2014-09-16 16:45 . 2014-09-16 16:45 -------- d-----w- c:\documents and settings\All Users\Application Data\GRETECH 2014-09-15 08:12 . 2014-09-15 08:12 -------- d-----w- c:\program files\Marvell 2014-09-07 20:33 . 2014-09-07 20:34 -------- d-----w- c:\program files\Common Files\Adobe 2014-09-07 20:21 . 2014-09-07 20:37 -------- d-----w- c:\documents and settings\JUNGA\Local Settings\Application Data\Adobe 2014-09-05 19:38 . 2014-09-05 19:39 -------- d-----w- c:\documents and settings\JUNGA\Local Settings\Application Data\Facebook 2014-09-05 11:22 . 2014-09-05 11:22 -------- d-----w- c:\documents and settings\JUNGA\Application Data\GRETECH 2014-09-05 11:22 . 2014-09-05 11:22 -------- d-----w- c:\program files\GRETECH 2014-09-01 16:45 . 2014-09-01 16:45 -------- d-----w- c:\documents and settings\All Users\Application Data\KONAMI 2014-09-01 15:45 . 2014-09-29 12:44 -------- d--h--w- c:\windows\system32\GroupPolicy 2014-09-01 15:45 . 2014-09-01 15:45 -------- d-----w- c:\documents and settings\All Users\Application Data\222456a3e1d9af1a 2014-09-01 15:45 . 2014-09-01 15:45 -------- d-----w- c:\documents and settings\JUNGA\Local Settings\Application Data\Comodo 2014-09-01 15:45 . 2014-09-01 15:45 -------- d-----w- c:\documents and settings\SUPPORT_388945a0 2014-09-01 15:45 . 2014-09-01 15:45 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Comodo 2014-09-01 15:45 . 2014-09-01 15:45 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google 2014-09-01 15:45 . 2014-09-01 15:45 -------- d-----w- c:\documents and settings\HelpAssistant 2014-09-01 15:45 . 2014-09-01 15:45 -------- d-----w- c:\documents and settings\Guest . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-08-23 11:51 . 2014-08-23 11:51 2710 ----a-w- C:\STF2C.tmp 2014-08-22 11:08 . 2014-08-22 11:08 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-08-22 11:08 . 2014-08-22 11:08 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-08-11 11:02 . 2014-08-11 11:02 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2014-08-11 11:02 . 2014-08-11 11:03 145408 ----a-w- c:\windows\system32\javacpl.cpl 2014-08-11 00:03 . 2014-08-10 23:59 414520 ----a-w- c:\windows\system32\drivers\aswsp.sys 2014-08-10 23:59 . 2014-08-10 23:59 779536 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2014-08-10 23:59 . 2014-08-10 23:59 57800 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2014-08-10 23:59 . 2014-08-10 23:59 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-08-10 23:59 . 2014-08-10 23:59 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2014-08-10 23:59 . 2014-08-10 23:59 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2014-08-10 23:59 . 2014-08-10 23:59 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys 2014-08-10 23:59 . 2014-08-10 23:59 55112 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2014-08-10 23:59 . 2014-08-10 23:59 276432 ----a-w- c:\windows\system32\aswBoot.exe 2014-08-10 23:59 . 2014-08-10 23:59 43152 ----a-w- c:\windows\avastSS.scr . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2014-08-10 23:59 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightShot"="c:\documents and settings\JUNGA\Local Settings\Application Data\Skillbrains\lightshot\Lightshot.exe" [2014-06-18 226560] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-11 4085896] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-03 61440] "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-04-01 1368064] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-05-08 959904] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] 2014-09-05 19:38 138096 ----atw- c:\documents and settings\JUNGA\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Program Files\\Winamp\\winamp.exe"= "c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2012\\pes2012.exe"= "c:\\Documents and Settings\\JUNGA\\Application Data\\uTorrent\\uTorrent.exe"= "c:\\WINDOWS\\System32\\dplaysvr.exe"= "c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x2.exe"= "c:\\Program Files\\Steam\\Steam.exe"= "c:\\Program Files\\Steam\\bin\\steamwebhelper.exe"= "c:\\Program Files\\Eurobattle.net\\gproxy.exe"= "c:\\Documents and Settings\\JUNGA\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [8/11/2014 1:59 AM 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [8/11/2014 1:59 AM 192352] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [8/11/2014 1:59 AM 779536] R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [8/11/2014 1:59 AM 414520] R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [8/11/2014 1:59 AM 24184] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [8/11/2014 1:59 AM 67824] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [9/30/2014 9:08 PM 1809720] R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [9/30/2014 9:08 PM 860472] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9/30/2014 9:08 PM 23256] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [9/30/2014 9:11 PM 110296] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [4/3/2014 8:21 PM 315008] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [4/12/2013 12:33 PM 104720] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?] . --- Other Services/Drivers In Memory --- . NewlyCreated - MBAMSWISSARMY . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-08-14 06:56 1104200 ----a-w- c:\program files\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2014-09-30 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-10 23:59] . 2014-09-28 c:\windows\Tasks\Driver Robot.job - c:\program files\Driver Robot\Driver Robot.lnk [2014-08-11 08:54] . 2014-09-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-484763869-2146843535-1417001333-1003Core.job - c:\documents and settings\JUNGA\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2014-09-05 19:38] . 2014-09-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-484763869-2146843535-1417001333-1003UA.job - c:\documents and settings\JUNGA\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2014-09-05 19:38] . 2014-10-01 c:\windows\Tasks\update-S-1-5-21-484763869-2146843535-1417001333-1003.job - c:\program files\Skillbrains\Updater\Updater.exe [2014-09-30 16:44] . 2014-10-01 c:\windows\Tasks\update-sys.job - c:\program files\Skillbrains\Updater\Updater.exe [2014-09-30 16:44] . . ------- Supplementary Scan ------- . TCP: DhcpNameServer = 192.168.1.1 . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2014-09-30 21:07 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(856) c:\windows\system32\Ati2evxx.dll . Completion time: 2014-09-30 21:10:26 ComboFix-quarantined-files.txt 2014-09-30 19:10 . Pre-Run: 15,260,078,080 bytes free Post-Run: 15,223,205,888 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - F92AB017281C7692630FCD2A65E44627 8F558EB6672622401DA993E1E865C861

Profil

argus Poslao: 30 Sep 2014 21:49 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je stanje sada?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Crash nakon odredjenoga vremena

Ko je trenutno na forumu

Ukupno su 544 korisnika na forumu :: 17 registrovanih, 2 sakrivenih i 525 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 9k38, A.R.Chafee.Jr., Dimitrise93, drimer, esx66, HrcAk47, indja, loon123, Metanoja, Mi lao shu, mikrimaus, pavlo, Profica, raketaš, vathra, Zimbabwe, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by