MyCity » Ambulanta -> Arhiva Ambulante » Pomoc

Pomoc

Napisano na dan: 29.5.2015

Strana:
1
2

Pomoc

Sledeća strana

Pagination

Odgovori

Strana:
1
2

tracer05 Poslao: 29 Maj 2015 21:02 Idi na vrh
offline tracer05 Novi MyCity građanin Pridružio: 11 Jan 2014 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Dobar dan dobri ljudi davno me nije bilo bez problema ali eto dosao je i taj dan kad sam i ja u skripcu pa se logujem u stari forum na kojem znam da postoje dobri ljudi koji ce pomoci za dz (sto je danas retkost) Nebih da vas gnjavim glupavom proverom sistema ali eto da nemam na racunaru neke programe koje bih morao da backup-ujem reinstaliram skidam ponovo iste programe, backup-ujem razne fotografije koje bi mi zatrebale skidam igre za steam update-ujem windows 7 <-- (uf) ... opet instaliram ubuntu update-ujem ga do 14.04 itd da ne nastavljam... Problem je u tome sto sam pre neki dan skinuo program koji nije iz dobrog izvora da budem precizniji popularan pokretac igre za minecraft <-- don't judge me prijatelj je zeleo da igra samnom a ja nemam original pa sam na brzaka nasao phoenix neki tamo levi launcher da skinem igru. E sad problem je u tome sto sam ja veoma paranoican da nisam otvorio svoj sistem nekom liku koji bi da skuplja podatke sa racunara ( jer ne bih zeleo da izgubim steam account niti bilo ciji nalog koji je na ovom kompjuteru) ili nesto drugo ako me razumete E sad sta me je uspanicilo jeste to dok sam instalirao program (uvek drzim ukljucen process hacker i exewatch) pa gledam da mi se nesto ne uvuce (nije efikasno niti 50% korisno ali sta cu opet kazem dont judge me) da nastavim dok se instalirao program otvorio se novi process consolehost.exe i ping.exe program koji su se otvarali i zatvarali zajedno po 3-4 puta pa me je to uspanicilo) Pre nego sto sam instalirao program okacio sam fajl na virustotal koji nije nasao nista i pokrenuo Malwarebytes anti malware program koji takodje nije nista nasao i jos anti rootkit od malwarebyte's-a i on nije nasao nista. Sto se tice kompjutera, on je spor kao i inace hardware low end : athlon x2 270 3.4 GHz 2gb ram-a graficka ko integrisana intelova (amd hd 4350) i 2 gb ram-a bez obican hard wd blue 160gb nema losih sektora skeniran pre nekoliko meseci u mint kondiciji iako ima 7 godina. nema se para pa tako da ne mogu da se zalim da se usporio kompjuter ono da je ocigledno jedino sam primetio da se otvori jos neki consolehost ili neki slican program nakon boot-a u windows Nisam jedini na ovom forumu koji ima "da se kaze problem" niti imam neku ozbiljnu infekciju ali bilo bi lepo kad bi neki dobar covek odvojio malo svoga vremena i otklonio moju sumnju kako ne bih morao da se bakcem sa reinstalacijom sistema. Hvala puno Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015 Ran by tracer (administrator) on PC on 29-05-2015 20:55:49 Running from C:\Users\tracer\Downloads Loaded Profiles: tracer (Available Profiles: tracer) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe () C:\root\exewatch\exewatch.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-2367803196-2067336672-868351685-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [785416 2015-02-18] (Sandboxie Holdings, LLC) IFEO\taskmgr.exe: [Debugger] "C:\Program Files\Process Hacker 2\ProcessHacker.exe" ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-2367803196-2067336672-868351685-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-04-08] (IObit) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-14] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-14] (Oracle Corporation) BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit) Tcpip\Parameters: [DhcpNameServer] 212.200.191.166 212.200.190.166 FireFox: ======== FF ProfilePath: C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-18] () FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-14] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-14] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-18] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF user.js: detected! => C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default\user.js [2015-05-29] FF Extension: Advanced SystemCare Surfing Protection - C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default\Extensions\iobitascsurfingprotection@iobit.com [2015-05-29] FF Extension: AdBlock for YouTube™ - C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2015-04-21] FF Extension: Adblock Plus - C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-21] Chrome: ======= CHR Profile: C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-08] CHR Extension: (Google Docs) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-08] CHR Extension: (Google Drive) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-08] CHR Extension: (YouTube) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-08] CHR Extension: (Google Search) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-08] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-08] CHR Extension: (Google Wallet) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-08] CHR Extension: (Gmail) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08] CHR Profile: C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Docs) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-08] CHR Extension: (Google Drive) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-08] CHR Extension: (YouTube) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-08] CHR Extension: (Adblock Plus) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-08] CHR Extension: (Google Search) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-08] CHR Extension: (Google Sheets) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-08] CHR Extension: (Bookmark Manager) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15] CHR Extension: (Google Keep - notes and lists) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2015-04-08] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-08] CHR Extension: (Google Wallet) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-08] CHR Extension: (Gmail) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-30] (Advanced Micro Devices, Inc.) [File not signed] S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2585376 2015-03-26] (IObit) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175112 2015-02-18] (Sandboxie Holdings, LLC) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices) R1 KProcessHacker2; C:\Program Files\Process Hacker 2\kprocesshacker.sys [39576 2013-11-13] (wj32) R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-29] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [237064 2015-02-18] (Sandboxie Holdings, LLC) S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-29 20:55 - 2015-05-29 20:56 - 00009834 _____ () C:\Users\tracer\Downloads\FRST.txt 2015-05-29 20:55 - 2015-05-29 20:55 - 00000000 ____D () C:\FRST 2015-05-29 20:54 - 2015-05-29 20:54 - 02108928 _____ (Farbar) C:\Users\tracer\Downloads\FRST64.exe 2015-05-29 20:22 - 2015-05-29 20:22 - 00000056 _____ () C:\Windows\setupact.log 2015-05-29 20:22 - 2015-05-29 20:22 - 00000000 _____ () C:\Windows\setuperr.log 2015-05-29 20:21 - 2015-05-29 20:21 - 00001070 _____ () C:\Windows\PFRO.log 2015-05-29 19:54 - 2015-05-29 19:54 - 56811520 _____ () C:\Windows\system32\config\SOFTWARE.iobit 2015-05-29 19:54 - 2015-05-29 19:54 - 00114688 _____ () C:\Windows\system32\config\DEFAULT.iobit 2015-05-29 19:54 - 2015-05-29 19:54 - 00102400 _____ () C:\Windows\system32\config\SAM.iobit 2015-05-29 19:54 - 2015-05-29 19:54 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit 2015-05-29 19:49 - 2015-05-29 19:50 - 00000000 ____D () C:\Users\tracer\Desktop\Backup 2015-05-29 19:39 - 2015-05-29 19:39 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled 2015-05-29 19:39 - 2015-05-29 19:39 - 00000000 ____D () C:\Users\tracer\AppData\Roaming\Apple Computer 2015-05-29 19:39 - 2015-05-29 19:39 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} 2015-05-29 19:37 - 2015-05-29 19:38 - 48076576 _____ (IObit) C:\Users\tracer\Downloads\advanced-systemcare-setup.exe 2015-05-29 13:39 - 2015-05-29 13:39 - 07970248 _____ () C:\Users\tracer\Downloads\FTBLauncher_64bit.zip 2015-05-29 12:47 - 2015-05-29 12:48 - 04410761 _____ () C:\Users\tracer\Downloads\FTB_1.4.3.zip 2015-05-29 12:18 - 2015-05-29 12:31 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-05-29 12:15 - 2015-05-29 12:15 - 16502728 _____ (Malwarebytes Corp.) C:\Users\tracer\Downloads\mbar-1.09.1.1004.exe 2015-05-27 13:36 - 2015-05-27 13:36 - 00887415 _____ () C:\Users\tracer\Downloads\OptiFine_1.7.2_HD_U_D5.jar 2015-05-27 13:27 - 2015-05-29 19:15 - 00000000 ____D () C:\Users\tracer\AppData\Roaming\.minecraft 2015-05-27 13:27 - 2015-05-27 13:27 - 05260925 _____ () C:\Users\tracer\Downloads\ShiginimaSE_v2000.zip 2015-05-27 13:27 - 2015-04-03 06:56 - 03034896 _____ () C:\Users\tracer\Desktop\Minecraft.exe 2015-05-27 13:25 - 2015-05-27 13:25 - 01932162 _____ () C:\Users\tracer\Downloads\ShiginimaSE_v1406.zip 2015-05-27 13:23 - 2015-05-27 13:23 - 01360038 _____ () C:\Users\tracer\Downloads\Minecraft_mpgh.net.rar 2015-05-27 13:23 - 2015-05-27 13:23 - 00000000 ____D () C:\Users\tracer\Documents\versions 2015-05-21 20:25 - 2015-05-21 20:25 - 00004859 _____ () C:\Users\tracer\Downloads\97076646-Narodni-Poslanik.txt 2015-05-18 23:20 - 2015-05-18 23:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-05-16 16:58 - 2015-05-16 16:59 - 00015908 _____ () C:\Users\tracer\Downloads\subscription_manager 2015-05-14 18:38 - 2015-05-15 18:33 - 08277056 _____ () C:\Users\tracer\Documents\test.skb 2015-05-14 18:27 - 2015-05-14 18:27 - 03056228 _____ () C:\Users\tracer\Desktop\M.skp 2015-05-09 10:17 - 2015-05-09 10:19 - 00000000 ____D () C:\Fraps 2015-05-09 10:17 - 2015-05-09 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2015-05-09 10:16 - 2015-05-09 10:16 - 02326976 _____ (Beepa Pty Ltd) C:\Users\tracer\Downloads\setup.exe 2015-05-08 21:51 - 2015-05-15 19:41 - 08257566 _____ () C:\Users\tracer\Documents\test.skp 2015-05-08 20:56 - 2015-05-08 20:56 - 00000000 ____D () C:\Users\tracer\AppData\Roaming\SketchUp 2015-05-08 20:52 - 2015-05-08 20:52 - 00000000 ____D () C:\ProgramData\Reprise 2015-05-08 20:52 - 2015-05-08 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015 2015-05-08 20:51 - 2015-05-08 20:51 - 00000000 ____D () C:\ProgramData\SketchUp 2015-05-08 20:51 - 2015-05-08 20:51 - 00000000 ____D () C:\Program Files\SketchUp 2015-05-08 20:48 - 2015-05-08 20:50 - 12689048 _____ () C:\Users\tracer\Downloads\64-Bit.rar 2015-05-08 20:43 - 2015-05-08 20:45 - 114480888 _____ (Trimble Navigation Limited) C:\Users\tracer\Downloads\SketchUpMake-en-x64.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-29 20:29 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-29 20:29 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-29 20:28 - 2009-07-14 07:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-29 20:26 - 2015-02-22 00:44 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-05-29 20:25 - 2015-04-08 18:43 - 00002888 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_tracer 2015-05-29 20:25 - 2015-04-08 18:43 - 00000000 ____D () C:\Program Files (x86)\IObit 2015-05-29 20:22 - 2015-04-08 18:52 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-29 20:22 - 2015-02-22 21:12 - 00000216 _____ () C:\Windows\Tasks\ExeWatch.job 2015-05-29 20:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-29 20:15 - 2015-03-20 20:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-29 20:10 - 2015-02-22 09:15 - 01526880 _____ () C:\Windows\WindowsUpdate.log 2015-05-29 20:07 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-05-29 20:04 - 2015-02-22 09:06 - 00000000 ____D () C:\Windows\Panther 2015-05-29 20:03 - 2015-04-08 18:52 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-29 19:49 - 2015-04-19 18:06 - 00000000 ____D () C:\New folder 2015-05-29 19:40 - 2015-04-08 18:43 - 00000000 ____D () C:\ProgramData\ProductData 2015-05-29 19:39 - 2015-04-08 18:43 - 00000000 ____D () C:\ProgramData\IObit 2015-05-29 19:38 - 2015-04-08 18:43 - 00000000 ____D () C:\Users\tracer\AppData\Roaming\IObit 2015-05-29 19:36 - 2015-02-22 20:48 - 00000000 ____D () C:\root 2015-05-29 13:51 - 2015-03-14 16:35 - 00000000 ____D () C:\Users\tracer\AppData\Local\ftblauncher 2015-05-29 13:05 - 2015-04-08 18:47 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-05-29 12:54 - 2015-03-14 16:35 - 00000000 ____D () C:\Users\tracer\Minecraft 2015-05-25 21:05 - 2015-04-08 18:53 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-24 22:02 - 2015-02-22 00:47 - 00007606 _____ () C:\Users\tracer\AppData\Local\Resmon.ResmonCfg 2015-05-22 00:09 - 2015-04-08 20:38 - 00001002 _____ () C:\Users\tracer\Desktop\Sandboxed Web Browser.lnk 2015-05-19 15:04 - 2015-04-21 22:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-05-18 19:57 - 2015-04-08 18:52 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-18 19:57 - 2015-04-08 18:52 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-18 19:10 - 2015-02-22 21:52 - 00000000 ____D () C:\Program Files\Process Hacker 2 2015-05-18 19:08 - 2015-03-20 20:05 - 00000000 ____D () C:\Users\tracer\AppData\Local\Adobe 2015-05-18 19:07 - 2015-03-20 20:06 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-05-18 19:07 - 2015-03-20 20:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-05-18 19:07 - 2015-03-20 20:06 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-05-09 15:14 - 2015-04-09 10:00 - 00000000 ____D () C:\Program Files (x86)\EWB512 2015-05-08 19:06 - 2015-04-08 18:47 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-05-08 19:06 - 2015-04-08 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-05-08 19:06 - 2015-04-08 18:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-05-05 09:31 - 2015-02-22 09:14 - 00000000 ____D () C:\Users\tracer ==================== Files in the root of some directories ======= 2015-02-22 00:47 - 2015-05-24 22:02 - 0007606 _____ () C:\Users\tracer\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== C:\Users\tracer\AppData\Local\Temp\ASCSetup_32130465.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-24 10:38 ==================== End of log ============================ Proverio bih ja sam svoj sistem da se razumem u vase programe koji prave ove log-ove da znam da ih citam i da znam kako da skriptam sa tim vasim combofix-om i sta sve ne koristite ali eto kad ne znas moras pitati za pomoc mycity.rs/must-login.png

Profil

helen1 Poslao: 29 Maj 2015 21:43 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: CreateRestorePoint: AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm FF user.js: detected! => C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default\user.js [2015-05-29] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] EmptyTemp: 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.

Profil

tracer05 Poslao: 29 Maj 2015 22:55 Idi na vrh
offline tracer05 Novi MyCity građanin Pridružio: 11 Jan 2014 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo uradio sam sta ste trazili od mene i resetovao sam kompjuter i dobio sam ovaj log na kraju Fix result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015 Ran by tracer at 2015-05-29 22:47:13 Run:1 Running from C:\Users\tracer\Desktop Loaded Profiles: tracer (Available Profiles: tracer) Boot Mode: Normal ============================================== fixlist content: *************** CreateRestorePoint: AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm FF user.js: detected! => C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default\user.js [2015-05-29] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] EmptyTemp: *************** Restore point was successfully created. C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS Removed successfully. C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default\user.js => Moved successfully. VBoxNetFlt => Service Removed successfully VGPU => Service Removed successfully EmptyTemp: => Removed 435.6 MB temporary data. The system needed a reboot. ==== End of Fixlog 22:48:05 ==== I koliko vidim sve sto si trazio/trazila je uradjeno Ako je to sve svaka cast na brzom odgovoru zahvaljujem se jedino mogu da pomenem kad sam usao u windows pojavio mi se command line jako brzo i nestao nije bilo nikakvog teksta (da sam mogao da registrujem). Hvala jos jednom ako treba postavicu novi frst log Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015 Ran by tracer (administrator) on PC on 29-05-2015 22:53:33 Running from C:\Users\tracer\Desktop Loaded Profiles: tracer (Available Profiles: tracer) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\root\exewatch\exewatch.exe (wj32) C:\Program Files\Process Hacker 2\ProcessHacker.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-2367803196-2067336672-868351685-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [785416 2015-02-18] (Sandboxie Holdings, LLC) IFEO\taskmgr.exe: [Debugger] "C:\Program Files\Process Hacker 2\ProcessHacker.exe" ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-2367803196-2067336672-868351685-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-04-08] (IObit) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-14] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-14] (Oracle Corporation) BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit) Tcpip\Parameters: [DhcpNameServer] 212.200.191.166 212.200.190.166 FireFox: ======== FF ProfilePath: C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-18] () FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-14] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-14] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-18] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Extension: Advanced SystemCare Surfing Protection - C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default\Extensions\iobitascsurfingprotection@iobit.com [2015-05-29] FF Extension: AdBlock for YouTube™ - C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2015-04-21] FF Extension: Adblock Plus - C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-21] Chrome: ======= CHR Profile: C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-08] CHR Extension: (Google Docs) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-08] CHR Extension: (Google Drive) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-08] CHR Extension: (YouTube) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-08] CHR Extension: (Google Search) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-08] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-08] CHR Extension: (Google Wallet) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-08] CHR Extension: (Gmail) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08] CHR Profile: C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Docs) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-08] CHR Extension: (Google Drive) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-08] CHR Extension: (YouTube) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-08] CHR Extension: (Adblock Plus) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-08] CHR Extension: (Google Search) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-08] CHR Extension: (Google Sheets) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-08] CHR Extension: (Bookmark Manager) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15] CHR Extension: (Google Keep - notes and lists) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2015-04-08] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-08] CHR Extension: (Google Wallet) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-08] CHR Extension: (Gmail) - C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-30] (Advanced Micro Devices, Inc.) [File not signed] S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2585376 2015-03-26] (IObit) S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175112 2015-02-18] (Sandboxie Holdings, LLC) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices) R1 KProcessHacker2; C:\Program Files\Process Hacker 2\kprocesshacker.sys [39576 2013-11-13] (wj32) R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-29] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [237064 2015-02-18] (Sandboxie Holdings, LLC) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-29 22:53 - 2015-05-29 22:54 - 00009342 _____ () C:\Users\tracer\Desktop\FRST.txt 2015-05-29 21:04 - 2015-05-29 21:04 - 00000000 _____ () C:\Users\tracer\Desktop\httpwww.mycity.rsAmbulantaPomoc-492.html#p1760120.txt 2015-05-29 20:56 - 2015-05-29 20:56 - 00026235 _____ () C:\Users\tracer\Downloads\Addition.txt 2015-05-29 20:55 - 2015-05-29 22:53 - 00000000 ____D () C:\FRST 2015-05-29 20:55 - 2015-05-29 20:56 - 00019429 _____ () C:\Users\tracer\Downloads\FRST.txt 2015-05-29 20:54 - 2015-05-29 20:54 - 02108928 _____ (Farbar) C:\Users\tracer\Desktop\FRST64.exe 2015-05-29 20:22 - 2015-05-29 22:49 - 00000112 _____ () C:\Windows\setupact.log 2015-05-29 20:22 - 2015-05-29 20:22 - 00000000 _____ () C:\Windows\setuperr.log 2015-05-29 20:21 - 2015-05-29 22:48 - 00002482 _____ () C:\Windows\PFRO.log 2015-05-29 19:54 - 2015-05-29 19:54 - 56811520 _____ () C:\Windows\system32\config\SOFTWARE.iobit 2015-05-29 19:54 - 2015-05-29 19:54 - 00114688 _____ () C:\Windows\system32\config\DEFAULT.iobit 2015-05-29 19:54 - 2015-05-29 19:54 - 00102400 _____ () C:\Windows\system32\config\SAM.iobit 2015-05-29 19:54 - 2015-05-29 19:54 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit 2015-05-29 19:49 - 2015-05-29 19:50 - 00000000 ____D () C:\Users\tracer\Desktop\Backup 2015-05-29 19:39 - 2015-05-29 19:39 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled 2015-05-29 19:39 - 2015-05-29 19:39 - 00000000 ____D () C:\Users\tracer\AppData\Roaming\Apple Computer 2015-05-29 19:39 - 2015-05-29 19:39 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} 2015-05-29 19:37 - 2015-05-29 19:38 - 48076576 _____ (IObit) C:\Users\tracer\Downloads\advanced-systemcare-setup.exe 2015-05-29 13:39 - 2015-05-29 13:39 - 07970248 _____ () C:\Users\tracer\Downloads\FTBLauncher_64bit.zip 2015-05-29 12:47 - 2015-05-29 12:48 - 04410761 _____ () C:\Users\tracer\Downloads\FTB_1.4.3.zip 2015-05-29 12:18 - 2015-05-29 12:31 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-05-29 12:15 - 2015-05-29 12:15 - 16502728 _____ (Malwarebytes Corp.) C:\Users\tracer\Downloads\mbar-1.09.1.1004.exe 2015-05-27 13:36 - 2015-05-27 13:36 - 00887415 _____ () C:\Users\tracer\Downloads\OptiFine_1.7.2_HD_U_D5.jar 2015-05-27 13:27 - 2015-05-29 19:15 - 00000000 ____D () C:\Users\tracer\AppData\Roaming\.minecraft 2015-05-27 13:27 - 2015-05-27 13:27 - 05260925 _____ () C:\Users\tracer\Downloads\ShiginimaSE_v2000.zip 2015-05-27 13:27 - 2015-04-03 06:56 - 03034896 _____ () C:\Users\tracer\Desktop\Minecraft.exe 2015-05-27 13:25 - 2015-05-27 13:25 - 01932162 _____ () C:\Users\tracer\Downloads\ShiginimaSE_v1406.zip 2015-05-27 13:23 - 2015-05-27 13:23 - 01360038 _____ () C:\Users\tracer\Downloads\Minecraft_mpgh.net.rar 2015-05-27 13:23 - 2015-05-27 13:23 - 00000000 ____D () C:\Users\tracer\Documents\versions 2015-05-21 20:25 - 2015-05-21 20:25 - 00004859 _____ () C:\Users\tracer\Downloads\97076646-Narodni-Poslanik.txt 2015-05-18 23:20 - 2015-05-18 23:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-05-16 16:58 - 2015-05-16 16:59 - 00015908 _____ () C:\Users\tracer\Downloads\subscription_manager 2015-05-14 18:38 - 2015-05-15 18:33 - 08277056 _____ () C:\Users\tracer\Documents\test.skb 2015-05-14 18:27 - 2015-05-14 18:27 - 03056228 _____ () C:\Users\tracer\Desktop\M.skp 2015-05-09 10:17 - 2015-05-09 10:19 - 00000000 ____D () C:\Fraps 2015-05-09 10:17 - 2015-05-09 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2015-05-09 10:16 - 2015-05-09 10:16 - 02326976 _____ (Beepa Pty Ltd) C:\Users\tracer\Downloads\setup.exe 2015-05-08 21:51 - 2015-05-15 19:41 - 08257566 _____ () C:\Users\tracer\Documents\test.skp 2015-05-08 20:56 - 2015-05-08 20:56 - 00000000 ____D () C:\Users\tracer\AppData\Roaming\SketchUp 2015-05-08 20:52 - 2015-05-08 20:52 - 00000000 ____D () C:\ProgramData\Reprise 2015-05-08 20:52 - 2015-05-08 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015 2015-05-08 20:51 - 2015-05-08 20:51 - 00000000 ____D () C:\ProgramData\SketchUp 2015-05-08 20:51 - 2015-05-08 20:51 - 00000000 ____D () C:\Program Files\SketchUp 2015-05-08 20:48 - 2015-05-08 20:50 - 12689048 _____ () C:\Users\tracer\Downloads\64-Bit.rar 2015-05-08 20:43 - 2015-05-08 20:45 - 114480888 _____ (Trimble Navigation Limited) C:\Users\tracer\Downloads\SketchUpMake-en-x64.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-29 22:53 - 2009-07-14 07:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-29 22:49 - 2015-04-08 18:52 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-29 22:49 - 2015-02-22 21:12 - 00000216 _____ () C:\Windows\Tasks\ExeWatch.job 2015-05-29 22:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-29 22:15 - 2015-03-20 20:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-29 22:13 - 2015-04-08 18:47 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-05-29 22:02 - 2015-04-08 18:52 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-29 21:22 - 2015-02-22 00:44 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-05-29 20:29 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-29 20:29 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-29 20:25 - 2015-04-08 18:43 - 00002888 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_tracer 2015-05-29 20:25 - 2015-04-08 18:43 - 00000000 ____D () C:\Program Files (x86)\IObit 2015-05-29 20:10 - 2015-02-22 09:15 - 01526880 _____ () C:\Windows\WindowsUpdate.log 2015-05-29 20:07 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-05-29 20:04 - 2015-02-22 09:06 - 00000000 ____D () C:\Windows\Panther 2015-05-29 19:49 - 2015-04-19 18:06 - 00000000 ____D () C:\New folder 2015-05-29 19:40 - 2015-04-08 18:43 - 00000000 ____D () C:\ProgramData\ProductData 2015-05-29 19:39 - 2015-04-08 18:43 - 00000000 ____D () C:\ProgramData\IObit 2015-05-29 19:38 - 2015-04-08 18:43 - 00000000 ____D () C:\Users\tracer\AppData\Roaming\IObit 2015-05-29 19:36 - 2015-02-22 20:48 - 00000000 ____D () C:\root 2015-05-29 13:51 - 2015-03-14 16:35 - 00000000 ____D () C:\Users\tracer\AppData\Local\ftblauncher 2015-05-29 12:54 - 2015-03-14 16:35 - 00000000 ____D () C:\Users\tracer\Minecraft 2015-05-25 21:05 - 2015-04-08 18:53 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-24 22:02 - 2015-02-22 00:47 - 00007606 _____ () C:\Users\tracer\AppData\Local\Resmon.ResmonCfg 2015-05-22 00:09 - 2015-04-08 20:38 - 00001002 _____ () C:\Users\tracer\Desktop\Sandboxed Web Browser.lnk 2015-05-19 15:04 - 2015-04-21 22:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-05-18 19:57 - 2015-04-08 18:52 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-18 19:57 - 2015-04-08 18:52 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-18 19:10 - 2015-02-22 21:52 - 00000000 ____D () C:\Program Files\Process Hacker 2 2015-05-18 19:08 - 2015-03-20 20:05 - 00000000 ____D () C:\Users\tracer\AppData\Local\Adobe 2015-05-18 19:07 - 2015-03-20 20:06 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-05-18 19:07 - 2015-03-20 20:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-05-18 19:07 - 2015-03-20 20:06 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-05-09 15:14 - 2015-04-09 10:00 - 00000000 ____D () C:\Program Files (x86)\EWB512 2015-05-08 19:06 - 2015-04-08 18:47 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-05-08 19:06 - 2015-04-08 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-05-08 19:06 - 2015-04-08 18:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-05-05 09:31 - 2015-02-22 09:14 - 00000000 ____D () C:\Users\tracer ==================== Files in the root of some directories ======= 2015-02-22 00:47 - 2015-05-24 22:02 - 0007606 _____ () C:\Users\tracer\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-24 10:38 ==================== End of log ============================ Hvala jos jednom!

Profil

helen1 Poslao: 29 Maj 2015 23:07 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jos cemo uraditi jednu proveru, koja ce trajati malo duze, mozda i duze od sat vremena. Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: `autoclean; emptyclsid; emptyfolderscheck;delete emptyalltemp;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

tracer05 Poslao: 29 Maj 2015 23:57 Idi na vrh
offline tracer05 Novi MyCity građanin Pridružio: 11 Jan 2014 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zahvaljujem na pomoci ali moram da vas obavestim da je kompjuter zauzet tako da necu moci sad ovo da uradim , verovatno cu moci sutra uvece tako da ne ocekujete sad odgovor , hvala na razumevanju vi odgovorite kad vama odgovara meni se ne zuri hvala jos jednom

Profil

helen1 Poslao: 29 Maj 2015 23:59 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nema problema, kad stignes, samo eto, da znas da ce ovaj put skeniranje trajati duze, pa planiraj da tad kompjuter bude zauzet i da se ne treba koristit za druge stvari dok skeniranje traje.

Profil

tracer05 Poslao: 30 Maj 2015 22:10 Idi na vrh
offline tracer05 Novi MyCity građanin Pridružio: 11 Jan 2014 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 30 Maj 2015 22:09 Morao sam ovako da okacim jer nije htelo da postavi zbog nekih bezbednosnih razloga mycity.rs/must-login.png Samo da dodam (mozda je bitno) Cim sam dosao kuci upalio sam bio kompjuter i boot-uje on sve normalno udje u windows sve se pojavi ja da zgrabim mis i tastaturu ono nece nista i op bsod. Resetujem ja i udje sve normalno u kompjuter uradim ovo sto ste trazili reboot-ujem kompjuter kako je trazio program a sad ovaj put zablokira kompjuter na post-u , znaci pojavi se logo biostar-ov od bios-a i ono za f8 tab za bios i aj ja da udjem kad ono i tu zablokira pa sam opet restartovao i uslo je normalno. Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by tracer on Sat 05/30/2015 at 21:42:07.12. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\tracer\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 5/30/2015 9:43:41 PM Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully C:\Users\tracer\AppData\Local\Adobe deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found C:\found.000 deleted C:\found.001 deleted C:\found.002 deleted C:\Users\tracer\AppData\Roaming\ProductData deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\Package Cache deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted "C:\Users\tracer\AppData\Local\{EFB7E959-E799-45B2-A536-A3E72EFE3857}" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\iobitascsurfingprotection@iobit.com - AdBlock for YouTube - %ProfilePath%\extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\tracer\AppData\Roaming\Mozilla\Firefox\Profiles\bu38ycvz.default 2E661988463BCFA1B95D4DAAB9B0B6FA - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll - Shockwave Flash ==== Chromium Look ====================== Chrome Hotword Shared Module - tracer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg Bookmark Manager - tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik Chrome Hotword Shared Module - tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg ==== Chromium Startpages ====================== C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences ovix.com,":{"setting":1},"[.]www.filmovizija.com,":{"setting":1},"[.]www.gledajfilm.net,":{"setting":1},"[.]www.ofilmovi.net,":{"setting":1},"[.]www.onlinesaprevodom.com,":{"setting":1},"[.]www.uzivoradio.com,":{"setting":1},"[.]www.uzivoradio.net,":{"setting":1},"[.]www.youtube.com,":{"setting":1}},"popups":{"[.]gamebanana.com,":{"setting":1},"[.]helpx.adobe.com,":{"setting":1},"[.]imageshack.us,":{"setting":1},"[.]www.gamebanana.com,":{"setting":1},"[.]www.youtube.com,":{"setting":1},"https://[.]woobox.com:443,":{"setting":1}},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[.]adf.ly,":{"plugins":1},"[.]battlelog.battlefield.com,":{"plugins":1},"[.]catchvideo.net,":{"plugins":1},"[.]filmovi.infopult.net,":{"plugins":1},"[.]filmovionline.tv,":{"plugins":1},"[.]gamebanana.com,":{"popups":1},"[.]helpx.adobe.com,":{"popups":1},"[.]imageshack.us,":{"popups":1},"[.]java.com,":{"plugins":1},"[.]tunein.com,":{"plugins":1},"[.]webtribune.rs,":{"fullscreen":1},"[.]www.balkankino.com,":{"plugins":1},"[.]www.bunniestudios.com,":{"fullscreen":1},"[.]www.download-baza.com,":{"plugins":1},"[.]www.film-club.net,":{"plugins":1},"[.]www.filmovisaprevodom.com,":{"plugins":1},"[.]www.filmovix.com,":{"plugins":1},"[.]www.filmovizija.com,":{"plugins":1},"[.]www.gamebanana.com,":{"popups":1},"[.]www.gledajfilm.net,":{"fullscreen":1,"plugins":1},"[.]www.microsoft.com,":{"multiple-automatic-downloads":1},"[.]www.ofilmovi.net,":{"plugins":1},"[.]www.onlinesaprevodom.com,":{"plugins":1},"[.]www.slideshare.net,":{"fullscreen":1},"[.]www.uzivoradio.com,":{"plugins":1},"[.]www.uzivoradio.net,":{"plugins":1},"[.]www.youtube.com,":{"fullscreen":1,"plugins":1,"popups":1},"http://videomega.tv:80,http://filmotopia.com:80":{"fullscreen":1},"http://www.twitch.tv:80,":{"media-stream-camera":2,"media-stream-mic":2},"http://www.youtube.com:80,":{"media-stream-camera":2,"media-stream-mic":2},"https://[.]woobox.com:443,":{"popups":1},"https://[.]www.facebook.com:443,*":{"fullscreen":1}},"plugin_whitelist":{"adobe-flash-player":false},"pref_version":1},"created_by_version":"41.0.2272.118","default_content_setting_values":{"geolocation":2},"default_content_settings":{"geolocation":2},"exit_type":"Normal","exited_cleanly":true,"gaia_info_picture_url":"https://lh5.googleusercontent.com/-6DptHSxaF6w/AAAAAAAAAAI/AAAAAAAAADE/Z9g73rJpLA8/s256-c/photo.jpg","gaia_info_update_time":"13077409642876800","icon_version":3,"managed_user_id":"","managed_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"root","per_host_zoom_levels":{},"using_default_avatar":false,"using_default_name":false,"using_gaia_avatar":true},"protection":{"macs":{}},"reverse_autologin":{"enabled":false},"safebrowsing":{"enabled":true},"savefile":{"default_directory":"C:\\Users\\tracer\\Desktop"},"search":{"suggest_enabled":true},"selectfile":{"last_directory":"C:\\Users\\tracer\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13072985700666300"},"signin":{"signedin_time":"13072987320190600"},"sync":{"app_list":true,"app_settings":true,"apps":true,"autofill":true,"autofill_profile":true,"autofill_wallet":true,"bookmarks":true,"dictionary":true,"encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAXrwJtYHnBkCCfIdLtJJ52wAAAAACAAAAAAAQZgAAAAEAACAAAABOf4+zwuqjmyJXJ9CgLR3cAnLL03Sw/DjCrFk4nulCWwAAAAAOgAAAAAIAACAAAADLGnj6yc893wV39GnlI63p3YXRS7hvhDDC4OffqRc6SEAAAABwNKbDbdpzoHo8Dcfu6mIIoGDdgil/XF3BaIPaCwSriY2T92g4HvCUt8nHufFpL+0v1JK6tXkv8XeceqcuiByJQAAAAHjVtrrosPppfWHVXLAresbH8JGbdg8NUr0MeakSGJLGOPs1xd35LHPJYXVTFG+2yA8bFQzEY7I692Lqe+16r1c=","extension_settings":true,"extensions":true,"favicon_images":true,"favicon_tracking":true,"first_sync_time":"13072987320200600","has_setup_completed":true,"history_delete_directives":true,"keystore_encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAXrwJtYHnBkCCfIdLtJJ52wAAAAACAAAAAAAQZgAAAAEAACAAAAAHliRDfSKHByPAA/lMCNTqZuqCKJ9QJnvB5foThKBvzQAAAAAOgAAAAAIAACAAAAChNeYcKQ90TI9BjYbipTq1LSZ6WOjBhsp1P0/CxRrA9VAAAADiAMAM7HXOTBsioeRK4B3L5AFRz1sLQPcb8JFUl/WKOm0RF444CuPa5bfWBqRoBoJTufyqiiSuXq4SqfbptRM8xIGFDWIKy5+BhAeUwa0Qo0AAAABYkgTelZITzCBv1VsM5OE14D8JUhTw417uwtWq3lkTF/JZpMYaJRAc2jvVWroPPbeSs8UUvmxnp4+dRUWgPA17","last_synced_time":"13077488282839200","managed_user_settings":true,"managed_user_shared_settings":true,"managed_user_whitelists":true,"managed_users":true,"passwords":true,"preferences":true,"priority_preferences":true,"search_engines":true,"session_sync_guid":"session_syncZS/ENZ+yWf3N8ssHuln0eQ==","sessions":true,"suppress_start":false,"tabs":true,"themes":true,"typed_urls":true},"sync_promo":{"startup_count":4},"translate_accepted_count":{"ar":2,"bs":0,"cs":1,"de":4,"en":1,"es":0,"fr":2,"hr":0,"mk":0,"pl":14,"ru":0,"sl":0,"sq":1,"sr":0,"th":1,"vi":1,"zh-CN":4},"translate_blocked_languages":[],"translate_denied_count":{"ar":0,"bs":10,"cs":0,"de":0,"en":0,"es":1,"fr":0,"hr":108,"mk":4,"pl":0,"ru":2,"sl":3,"sq":0,"sr":1,"th":0,"vi":0,"zh-CN":0},"translate_language_blacklist":["sr","en"],"translate_site_blacklist":[],"translate_too_often_denied":true,"translate_whitelists":{"pl":"en"}} ggjehodndflmmgagdbamhnfd":"612371B36E8E385ED21094745EA0DAFE114B03FDD43743A4492BFE18B37F9C2D","lccekmodgklaepjeofjdjpbminllajkg":"2D6A5CA19CB9C97250F7BB72D1A8A08B5A1452069ED18C3E9CA765534EA99D0D","mfehgcgbbipciphmccgaenjidiccnmng":"5EB9DCF5AECDE28A5A3C0731D9B221271E673AE4828AE6024F9210D7D4E7D61C","mfffpogegjflfpflabcdkioaeobkgjik":"09B36BAF2E6DEFD16460723627F2ADD23B6AFD250D1910C14B074B5C2E591B3F","mgndgikekgjfcpckkfioiadnlibdjbkf":"097813B915AE7C1A0A5410F20F3F51C49D1EA1F6D70439D57F931C4912468A61","mhjfbmdgcfjbbpaeojofohoefgiehjai":"E145B3A280F76B5CD59D733B125DB32C84B902E90148164B22BFDC7390A72E7D","mmbnjoljpgkhiaicaejkdcjbfjknipnc":"18D9D47834E5C3067D85B6FA03E807CA997E653695CEC32D6BEF9A54304A9AC9","nbpagnldghgfoolbancepceaanlmhfmd":"D813CEAC12A59337411A4987D2B6B4E670F18405131D98FDC1E1EC53C84212CF","neajdppkdcdipfabeoofebfddakdcjhd":"2996C41D9438458E821CF0C7289B79615EB74DD4B63A9F724B17D4CAFEA3934C","nkeimhogjdpnpccoofpliimaahmaaome":"500CE79D8623DB7CE36B145C024FB0721936F1FB1FDDA2FB0F6B8F7CAECEF293","nmmhkkegccagdldgiimedpiccmgmieda":"EE9E6377F4F077FAE374070EA3BBC5C12578215F9EFAFEE3BF58FF446093C858","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"8C78B88F93C38A48C15B6D5C2F18AE8DFAE94C3748B4AC85132BFA052D77FB4C","pjkljhegncpnkpknbcohdijeoejaedia":"772ADACA75840B97A69ED33B473808938BB2AEA5437BF8BFCFC507CB12EA8EF3"}},"google":{"services":{"last_username":"18E4103646863135DF117EC657439805C5370C168266922A545840F69E151CDF","username":"5FC85FC5994585CAFB9A0C149074EC70536F26EDC04B0C77180B6FB946DDEA4D"}},"homepage":"D9522879A384101E4BE8E44BFD9EC185CA18DA6DBDA46DBE454EAA0D8E450B73","homepage_is_newtabpage":"5BF78F8917560DC41C423AAC143426CB2061DC4DDB92BB4841CDFA168C9C8DAC","pinned_tabs":"5161EC47A1EE5F76B69836DF914E24D3EC0248C809B0E7012FD061D6793B4839","prefs":{"preference_reset_time":"9818F8B9FF1C854EA1419E952FAC6E43E0715B70528ABCC35E463B07B09AAD99"},"profile":{"reset_prompt_memento":"2C42707AB9F97CCC7646C2036DBC5DF10ACDBD8B15F4087EEAEF72B442C9A7FD"},"safebrowsing":{"incidents_sent":"25DB71BCD7EFE395E3F98EBFD01D89FDE0B14E758CEF0CF1D0D4D41B1F0610C5"},"search_provider_overrides":"788B17945D4CCA208C7ACC5504857EF745F5E905EF77DC5A02619C50C69C95D9","session":{"restore_on_startup":"024BD1879774BAB1C70AC6687279B7888C0FEF57EE5CEA170C0C2C733CE2422D","startup_urls":"4574ED6B91A6593FAB62B240A02334AC6EC6CBBC0F88DD7558E207168F805DD7"},"software_reporter":{"prompt_reason":"832FF6E7FEB604FEE230D1E167782ACC49FDB17D2A8DA1D8F405CE3BB8072343","prompt_seed":"B759769CE46015C931EE08C02AB5956DCC0B0A3C80C7D8851DC355CB5E21685F","prompt_version":"7D05AD3784824E823B362B0F8F4F97E6CB9FAB9B231D1A0FFE96EA03F05A26B8"},"sync":{"remaining_rollback_tries":"595E77E18DEB17B45E2C33CECD7E453D64854EE36AE186FF516EEFAFFB257CE6"}},"super_mac":"4C6A0829BE816CEAA23FC65453D90293128638842CB2F5D10E5E816865C97106"},"session":{"restore_on_startup":5,"startup_urls":["http://www.google.rs/","http://t3-1.search.com/","http://search.creativetoolbars.com/?src=hp&id=smartbar&g=","http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1324&v=r11551-267&t=4","http://www.google.com/"]},"sync":{"remaining_rollback_tries":0}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\tracer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\tracer\AppData\Local\Mozilla\Firefox\Profiles\bu38ycvz.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\tracer\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=96 folders=31 17967763 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\tracer\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\tracer\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on Sat 05/30/2015 at 21:58:01.92 ====================== evo i log-ovi od bsod-a Dopuna: 30 Maj 2015 22:10 mycity.rs/must-login.png Ups zaboravio sam da dodam bsod log izvinjavam se za dupli post

Profil

helen1 Poslao: 30 Maj 2015 22:20 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zanimljivo, posto nismo dirali nista sto je od sistemskog znacaja. Sad cemo da vidimo: Preuzmi instalaciju za WhoCrashed program sa sledeceg linka: http://www.resplendence.com/download/whocrashedSetup.exe Ovaj program ce analizom pokusati proveriti koji drajver je uzrocnik greske. Napomena: ovaj program zahteva instalaciju. Dvoklikom pokreni instalaciju i klikni Next. Stikliraj opciju I Accept the agreement pa zatim ponovo na Next. Program instaliraj na onu lokaciju i pod onim imenom koju ti program ponudi. Klikni na Next i u sledecem prozoru klikni Next Stikliraj opciju Create a Desktop Icon i potom klikni na Next pa zatim na Install. Kada instaliras WhoCrashed program,pokreni ga. Napomena: Ukoliko ti program izbaci obavestenje koje bi trebalo da izgleda ovako: Klikni na Download the requested file from Microsoft site now i pricekaj da se proces preuzimanja dodatnih fajlova i njihova instalacija dovrsi. Kada se program pokrene klikni na dugme Analyze. Kada program zavrsi analizu izbacice ti prozor sa obavestenjem. Klikni Ok. Desni klik na prostor stranice programa sa izvestajem i izaberi opciju Select All. Desni klik na prostor stranice programa sa izvestajem i izaberi opciju Copy Otvori novi notepad i izaberi opciju Paste da bi kopirao sadrzaj loga u notepad. Sada mozes zatvoriti program. Okaci notepad sa sadrzajem loga u sledecu poruku.

Profil

tracer05 Poslao: 30 Maj 2015 22:30 Idi na vrh
offline tracer05 Novi MyCity građanin Pridružio: 11 Jan 2014 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 30 Maj 2015 22:24 mycity.rs/must-login.png Evo i to Dopuna: 30 Maj 2015 22:30 Evo koliko sam malo procitao a evo postavicu i tekst: The error occurs as a result of one or more causes: corrupt boot volume, corrupted or deleted ntoskrnl.exe file, invalid boot.ini configuration or missing drivers for hard disk controller. Mogao bih da dodam da sam mozda ja kriv jer sam davno dok sam cistio kompjuter jednom izvukao sata kabel i power kabel od cd citaca i tako ih ostavio a posto mi je sad zatrebalo (hteo sam da reinstaliram windows) ugurao i power i sata kabel dok je kompjuter radio (znam pametan sam jako) mada se kompjuter nije bunio ali nije hteo da cita cd pa sam restartovao verovatno nije prepoznao tek tako citac) pa sad je to uzrokovalo neki problem da dobijem bsod

Profil

helen1 Poslao: 30 Maj 2015 22:34 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da, i ja sam pretrazivao malo i moze biti svasta. Daces mi malo vremena da vidim sta bi jos moglo da bude. Ti resetuj jos koji put, pa vidi da li normalno ulazi u sistem.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pomoc

Ko je trenutno na forumu

Ukupno su 837 korisnika na forumu :: 48 registrovanih, 5 sakrivenih i 784 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., Andrija357, ArchaBasha, Areal84, bankulen, cenejac111, dejina811, Dimitrise93, Djole, DPera, drazenm, FileFinder, FOX, havoc995, ikan, JOntra, Karla, kolle.the.kid, Kubovac, lord sir giga, Marko Marković, mercedesamg, Mi lao shu, mile23, Milos ZA, Milos82, nenad81, oldtimer, opt1, ozzy, pacika, Panter, pedja.st, Pohovani_00, RJ, sasa76, Shinobi, solic, Srki94, Srle993, StepskiVuk, tubular, vlad4, zziko, |_MeD_|, šumar bk2, 1107

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by