kompjuter odnedavno koci

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Pozdrav.Kompjuter mi odnedavno koci,ucitava programe po vise minuta,i na kraju kad uspem da udjem u nesto,isto ucitava i zamagli ekran.U pitanju je windows 7,internet je od totala,brzina mu je bila oko 9,a sad je malo vise od 4.Od antivirusa imam eset smart security,i kad sa njim skeniram ne prikazuje viruse.Kad skeniram sa malwarebytes,pokazuje dva virusa:
Malwarebytes Anti-Malware 1.75.0.1300
[Link mogu videti samo ulogovani korisnici]

Verzija baze: v2014.02.05.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
korisnik :: KORISNIK-PC [administrator]

5.2.2014 16:00:48
MBAM-log-2014-02-05 (16-09-59).txt
Nadam se da sam sve odradila ovde kako treba,jer sam laik za kompjutere.Hvala unapred
Način skeniranja: Brzo skeniranje
Omogućene opcije skeniranja: Memorija | Automatsko pokretanje | Registar | Datotečni sistem | Heuristika/Dodatno | Heuristika/Shuriken | PUP | PUM
Onemogućene opcije skeniranja: P2P
Skeniranih objekata 195157
Proteklo vreme 5 minuta(e), 58 sekundi

Detektovani procesi u memoriji: 0
(Maliciozne stavke nisu pronađene)

Detektovani moduli u memoriji: 0
(Maliciozne stavke nisu pronađene)

Detektovani ključevi u registru: 2
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Nikakva akcija nije poduzeta.
HKCU\Software\Conduit\ValueApps (PUP.Optional.ValueApps.A) -> Nikakva akcija nije poduzeta.

Detektovane vrednosti u registru: 0
(Maliciozne stavke nisu pronađene)

Detektovani podaci u registru: 0
(Maliciozne stavke nisu pronađene)

Detektovane fascikle: 0
(Maliciozne stavke nisu pronađene)

Detektovane datoteke: 0
(Maliciozne stavke nisu pronađene)

(kraj)
Imam takodje i mcshield
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.51.2
Run by korisnik at 17:15:20 on 2014-02-05
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1919.852 [GMT 1:00]
.
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MCShield\MCShieldRTM.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Users\korisnik\Downloads\dds.pif
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
mStart Page = [Link mogu videti samo ulogovani korisnici]
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: &Google Search - c:\program files\google\googletoolbar.dll/cmsearch.html
IE: Backward &Links - c:\program files\google\googletoolbar.dll/cmbacklinks.html
IE: Cac&hed Snapshot of Page - c:\program files\google\googletoolbar.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Si&milar Pages - c:\program files\google\googletoolbar.dll/cmsimilar.html
IE: Translate into English - c:\program files\google\googletoolbar.dll/cmtrans.html
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [Link mogu videti samo ulogovani korisnici]
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{60935F40-AC0A-4066-9010-85F620F2664B} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\32.0.1700.107\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\id86kme9.default\
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\verimatrix\viewright web\npViewRight.dll
FF - plugin: c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\id86kme9.default\extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}\plugins\np-mswmp.dll
FF - plugin: c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\id86kme9.default\extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1207148.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_168.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_43.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - [Link mogu videti samo ulogovani korisnici]
FF - user.js: extensions.BabylonToolbar.id - d80ff46e00000000000000e04d7b27fd
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15682
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.4.9
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.4.9
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.4.917:28:19
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar_i.excTlbr - false
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109220&tt=4912_1
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2011-8-4 50624]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-3-26 232512]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\drivers\EpfwLWF.sys [2011-8-4 33656]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2011-8-9 163424]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2011-9-22 974944]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-15 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-3-26 701512]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-3-26 22856]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
R3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2012-9-10 18432]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 WatAdminSvc;Usluga tehnologije aktivacije operativnog sistema Windows;c:\windows\system32\wat\WatAdminSvc.exe [2012-3-26 1343400]
SUnknown TsUsbFlt;TsUsbFlt; [x]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== Created Last 30 ================
.
2014-01-15 07:32:12 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M ====================
.
2014-01-18 08:28:31 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-18 08:28:31 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
============= FINISH: 17:25:43,08 ===============

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav.



Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

filesrcm;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;

Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadrzaj tog loga u poruku.




Ivance95 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uh nadam se da sam odradila kako treba,evo izvestaj:
Zoek.exe v5.0.0.0 Updated 31-January-2014
Tool run by korisnik on sre 05.02.2014 at 22:38:34,30.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\korisnik\AppData\Local\Temp\Rar$EX30.832\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

5.2.2014 22:40:42 Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\korisnik\AppData\Local\Temp ====
====== Java Cache =====
2014-01-15 08:01:10 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\korisnik\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-695ab82f
2014-01-15 08:01:04 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\korisnik\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-3224b969
2014-01-15 08:01:05 96CDCBF23AC9A6E296ADC04E9ACD8052 99 ----a-w- C:\Users\korisnik\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap
2014-01-15 08:01:02 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\korisnik\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\3d7894d3-3115a3fe
2014-01-15 08:01:05 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\korisnik\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-11b2b174
====== C:\Windows\system32 =====
====== C:\Windows\system32\drivers =====
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C: =====
====== C:\Users\korisnik\AppData\Roaming ======
2014-01-22 07:14:18 111ABD766C0ADA02F74EABB852676401 7168 ----a-w- C:\Users\korisnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-21 10:07:47 -------- d-----w- C:\Users\korisnik\AppData\Locallow\Google
====== C:\Users\korisnik ======
2014-02-05 16:21:58 8B968045D75783A09592C3105F2865DA 688992 ----a-w- C:\Users\korisnik\Downloads\dds.com
2014-02-05 14:10:54 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Users\korisnik\Downloads\OTL.exe
2014-01-21 10:07:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

====== C: exe-files ==
2014-02-05 14:10:54 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Users\korisnik\Downloads\OTL.exe
2014-02-04 11:29:10 BA7524A2D91F895CE7502C78B6A4CBAF 732888 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.107\32.0.1700.107_32.0.1700.102_chrome_updater.exe
2014-02-02 00:46:30 F1FD0338891F32DB48990DA996A1DF58 486088 ----a-w- C:\Program Files\MCShield\MCS-Uninstall.exe
=== C: other files ==
2014-02-05 21:25:04 0BE568FD1E7D6C6D64D2272649F5C716 111 ----a-w- C:\Users\korisnik\AppData\Local\Temp\scripttest.vbs
2014-02-05 16:21:58 8B968045D75783A09592C3105F2865DA 688992 ----a-w- C:\Users\korisnik\Downloads\dds.com

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-643227427-2544039522-3149745375-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [05.02.2014 20:54]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [25.11.2012 13:45]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [25.11.2012 13:45]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\Advanced System Protector" ["C:\Program Files\RegClean Pro\SystweakASP.exe"]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{271C1CB9-ED3F-4714-959A-7A9F21366B3C}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\HardDiskSentinel\Hard Disk Sentinel_korisnik" [C:\Program Files\Hard Disk Sentinel\HDSentinel.exe]

==== Firefox Extensions ======================

ProfilePath: C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default
- Free Lunch Design TB - %ProfilePath%\extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}
- Default Tab - %ProfilePath%\extensions\addon@defaulttab.com.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default
FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash
2557FBC582910A71CDEB0F22886D118D - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll - Shockwave Flash
AC987EE8037531807C5D7E6217A23501 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
EB41064BC07017F5694CF16B4DEF6B10 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
C36444D7301A8C881FC7296B092609C7 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google Update
F3B0E300AFC94E1A775A2D935A7D384F - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll - Shockwave for Director / Shockwave for Director
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
E5AF72B7353FF8D431A7C463A4229524 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash
BA320B0A76BAF9DE67093FDBC2F958AD - C:\Program Files\Verimatrix\ViewRight Web\npViewRight.dll - Verimatrix ViewRight


==== Chrome Look ======================

Google Docs - korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Ask Video Search - korisnik\AppData\Local\Torch\User Data\Default\Extensions\khfhickdpicdaakidammlhdmhhpgfmkc
Torch Helper - korisnik\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg
Ask Image Search - korisnik\AppData\Local\Torch\User Data\Default\Extensions\maenakfpbfmdigldjpegddiphokaodjh

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://home.myplaycity.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://home.myplaycity.com/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://search.babylon.com/?affID=109220&tt=4912_1&babsrc=NT_ss&mntrId=d80ff46e00000000000000e04d7b27fd"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Search the web (Babylon) Url="http://search.babylon.com/?q={searchTerms}&affID=109220&tt=4912_1&babsrc=SP_ss&mntrId=d80ff46e00000000000000e04d7b27fd"
{B73DFF53-8CEA-46FF-A428-CAF577F33CF0} Ask Search Url="http://websearch.ask.com/redirect?client=ie&tb=NG4V5&o=APN10466&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^AC8&apn_dtid=^YYYYYY^YY^RS&apn_uid=4B36E549-E601-4965-A05C-C6A04A77DCE9&apn_sauid=23A4B989-6B3B-4FD7-8DF7-349EE7771082"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on sre 05.02.2014 at 22:47:58,63 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ponovo pokreni zoek ;


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;


U beli okvir prozora iskopiraj sledeći tekst:

khfhickdpicdaakidammlhdmhhpgfmkc;chr
lecpjhggilhbceadobnggaagnpfpafhg;chr
maenakfpbfmdigldjpegddiphokaodjh;chr
[Link mogu videti samo ulogovani korisnici];ff
{0633EE93-D776-472f-A0FF-E1416B8B2E3A};c
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9};c
{B73DFF53-8CEA-46FF-A428-CAF577F33CF0};c
emptyalltemp;
emptyclsid;
shortcutfix;
iedefaults;
autoclean;



Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadrzaj tog loga u poruku.



Ivance95 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zoek.exe v5.0.0.0 Updated 31-January-2014
Tool run by korisnik on cet 06.02.2014 at 9:29:32,27.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\korisnik\AppData\Local\Temp\Rar$EX95.896\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-02-05-214758.log 11051 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-643227427-2544039522-3149745375-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-643227427-2544039522-3149745375-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-643227427-2544039522-3149745375-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B73DFF53-8CEA-46FF-A428-CAF577F33CF0} deleted successfully
HKEY_USERS\S-1-5-21-643227427-2544039522-3149745375-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-643227427-2544039522-3149745375-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-643227427-2544039522-3149745375-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default

---- Lines [Link mogu videti samo ulogovani korisnici] modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program
---- Lines BabylonToolbar removed from prefs.js ----
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.autoRvrt", "false");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.id", "d80ff46e00000000000000e04d7b27fd");
user_pref("extensions.BabylonToolbar.instlDay", "15682");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.rvrt", "false");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=d80ff46e00000000000000e04d7b27fd&q=");
user_pref("extensions.BabylonToolbar.vrsn", "1.8.4.9");
user_pref("extensions.BabylonToolbar.vrsni", "1.8.4.9");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109220&tt=4912_1");
user_pref("extensions.BabylonToolbar_i.excTlbr", false);
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.4.917:28:19");
---- Lines BabylonToolbar removed from user.js ----

user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=d80ff46e00000000000000e04d7b27fd&q=");
user_pref("extensions.BabylonToolbar.id", "d80ff46e00000000000000e04d7b27fd");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.instlDay", "15682");
user_pref("extensions.BabylonToolbar.vrsn", "1.8.4.9");
user_pref("extensions.BabylonToolbar.vrsni", "1.8.4.9");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.4.917:28:19");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar_i.excTlbr", false);
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109220&tt=4912_1");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar.autoRvrt", "false");
user_pref("extensions.BabylonToolbar.rvrt", "false");
user_pref("extensions.BabylonToolbar_i.newTab", false);

---- Lines CT2670199 removed from prefs.js ----
user_pref("CT2670199.1000082.isPlayDisplay", "true");
user_pref("CT2670199.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"http://feedlive.n
user_pref("CT2670199.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT2670199.autoDisableScopes", 0);
user_pref("CT2670199.countryCode", "RS");
user_pref("CT2670199.defaultSearch", "false");
user_pref("CT2670199.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2670199.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2670199.enableAlerts", "true");
user_pref("CT2670199.enableFix404ByUser", "TRUE");
user_pref("CT2670199.enableSearchFromAddressBar", "true");
user_pref("CT2670199.FF19Solved", "true");
user_pref("CT2670199.FirstTime", "true");
user_pref("CT2670199.firstTimeDialogOpened", "true");
user_pref("CT2670199.FirstTimeFF3", "true");
user_pref("CT2670199.fixPageNotFoundError", "true");
user_pref("CT2670199.fixPageNotFoundErrorByUser", "true");
user_pref("CT2670199.fixPageNotFoundErrorInHidden", "true");
user_pref("CT2670199.fixUrls", true);
user_pref("CT2670199.fullUserID", "UN15069555063266596.UP.20130627092304");
user_pref("CT2670199.GK_ICY_NOTIF_SENT.enc", "c2VudA==");
user_pref("CT2670199.homepageuserchanged", true);
user_pref("CT2670199.InstallationDate0.2180191645578123.enc", "MTM2NjgxMzk3Mjc1OQ==");
user_pref("CT2670199.installDate", "24/4/2013 16:32:35");
user_pref("CT2670199.installerVersion", "1.4.1.3");
user_pref("CT2670199.installId", "dm");
user_pref("CT2670199.installType", "conduitnsisintegration");
user_pref("CT2670199.isCheckedStartAsHidden", true);
user_pref("CT2670199.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2670199.isFirstTimeToolbarLoading", "false");
user_pref("CT2670199.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT2670199.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2670199&octid=CT2670199&SearchSource
user_pref("CT2670199.lastVersion", "10.23.0.822");
user_pref("CT2670199.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2
user_pref("CT2670199.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
user_pref("CT2670199.mam_gk_appState_CouponBuddy.enc", "b24=");
user_pref("CT2670199.mam_gk_appState_Easytobook.enc", "b24=");
user_pref("CT2670199.mam_gk_appState_Easytobook_targeted.enc", "b24=");
user_pref("CT2670199.mam_gk_appState_PriceGong.enc", "b24=");
user_pref("CT2670199.mam_gk_appStateReportTime.enc", "MTM2NjgxMzk3NTM5NQ==");
user_pref("CT2670199.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkNvdXBvbkJ1ZGR5IiwiY3JpdGVyaWFzIjpbeyJjcml0ZXJpYUlkIjoiYzY4NmY4ZTAtM
user_pref("CT2670199.mam_gk_currentVersion.enc", "MS40LjQuNg==");
user_pref("CT2670199.mam_gk_eventsCache.enc", "eyIxMzRlZDU0ZC03MjlmLTRjZDAtYmRlMS01MDQ1NjM4MzYxZjkiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J
user_pref("CT2670199.mam_gk_first_time.enc", "MQ==");
user_pref("CT2670199.mam_gk_gadgetOpen.enc", "MA==");
user_pref("CT2670199.mam_gk_lastLoginTime.enc", "MTM2NjgxMzk3NTMxNA==");
user_pref("CT2670199.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOn
user_pref("CT2670199.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
user_pref("CT2670199.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHN
user_pref("CT2670199.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
user_pref("CT2670199.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
user_pref("CT2670199.mam_gk_userId.enc", "NWQ4YzVhN2ItOWU4NS00OGZkLWE4NTItNTMzOWRkYTg5MTli");
user_pref("CT2670199.migrateAppsAndComponents", true);
user_pref("CT2670199.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"http%3A%2F%2Fwww.mycity.rs%2FAmbulanta%2Fkompjuter-odnedavno-koci-2.html\",\"EB
user_pref("CT2670199.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2670199.openThankYouPage", "false");
user_pref("CT2670199.openUninstallPage", "true");
user_pref("CT2670199.PG_ENABLE", "dHJ1ZQ==");
user_pref("CT2670199.PG_ENABLE.enc", "dHJ1ZQ==");
user_pref("CT2670199.revertSettingsEnabled", "false");
user_pref("CT2670199.search.searchAppId", "129210744565641873");
user_pref("CT2670199.search.searchCount", "0");
user_pref("CT2670199.searchInNewTabEnabledByUser", "false");
user_pref("CT2670199.searchInNewTabEnabledInHidden", "true");
user_pref("CT2670199.searchSuggestEnabledByUser", "false");
user_pref("CT2670199.searchUserMode", "1");
user_pref("CT2670199.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2670199.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2670199.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT2670199.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2670199\"}");
user_pref("CT2670199.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://FreeLunchDesignTB.OurToolbar
user_pref("CT2670199.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Free Lunch Design TB \"}");
user_pref("CT2670199.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2670199.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
user_pref("CT2670199.serviceLayer_services_appsMetadata_lastUpdate", "1366814892780");
user_pref("CT2670199.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1366813968027");
user_pref("CT2670199.serviceLayer_services_Configuration_lastUpdate", "1391621853748");
user_pref("CT2670199.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1366813967788");
user_pref("CT2670199.serviceLayer_services_location_lastUpdate", "1372197097728");
user_pref("CT2670199.serviceLayer_services_login_10.15.2.23_lastUpdate", "1366869885912");
user_pref("CT2670199.serviceLayer_services_login_10.15.2.523_lastUpdate", "1368544400113");
user_pref("CT2670199.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372276119335");
user_pref("CT2670199.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374606338755");
user_pref("CT2670199.serviceLayer_services_login_10.16.70.505_lastUpdate", "1377713631598");
user_pref("CT2670199.serviceLayer_services_login_10.19.2.505_lastUpdate", "1378816543557");
user_pref("CT2670199.serviceLayer_services_login_10.20.0.513_lastUpdate", "1380439105165");
user_pref("CT2670199.serviceLayer_services_login_10.20.1.508_lastUpdate", "1382467441132");
user_pref("CT2670199.serviceLayer_services_login_10.21.1.507_lastUpdate", "1384422468413");
user_pref("CT2670199.serviceLayer_services_login_10.22.3.518_lastUpdate", "1385048007968");
user_pref("CT2670199.serviceLayer_services_login_10.22.5.510_lastUpdate", "1386943928430");
user_pref("CT2670199.serviceLayer_services_login_10.23.0.822_lastUpdate", "1391675052191");
user_pref("CT2670199.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1366813967839");
user_pref("CT2670199.serviceLayer_services_searchAPI_lastUpdate", "1391621853971");
user_pref("CT2670199.serviceLayer_services_serviceMap_lastUpdate", "1391621853602");
user_pref("CT2670199.serviceLayer_services_setupAPI_lastUpdate", "1366813964921");
user_pref("CT2670199.serviceLayer_services_toolbarContextMenu_lastUpdate", "1366813967710");
user_pref("CT2670199.serviceLayer_services_toolbarSettings_lastUpdate", "1391675051845");
user_pref("CT2670199.serviceLayer_services_translation_lastUpdate", "1391621853907");
user_pref("CT2670199.settingsINI", true);
user_pref("CT2670199.shouldFirstTimeDialog", "false");
user_pref("CT2670199.showToolbarPermission", "false");
user_pref("CT2670199.smartbar.CTID", "CT2670199");
user_pref("CT2670199.smartbar.isHidden", true);
user_pref("CT2670199.smartbar.toolbarName", "Free Lunch Design TB ");
user_pref("CT2670199.smartbar.Uninstall", "0");
user_pref("CT2670199.startPage", "false");
user_pref("CT2670199.toolbarAppHeartbeat.enc", "eyIxMjk2ODMzODc0ODY0MjgyMjYiOjEzNjY4MTM5NzI3NzJ9");
user_pref("CT2670199.toolbarBornServerTime", "24-4-2013");
user_pref("CT2670199.toolbarCurrentServerTime", "6-2-2014");
user_pref("CT2670199.toolbarLoginClientTime", "Wed Apr 24 2013 16:32:47 GMT+0200");
user_pref("CT2670199.toolbarNotificationHeartbeat.enc", "eyJ0eXBlIjoiaGVhcnRiZWF0IiwidGltZSI6MTM2NjgxNDc3OTI2MSwidXJsIjoiaHR0cDovL3NlYXJjaC5jb25kdWl0L
user_pref("CT2670199.toolbarNotificationQueue.enc", "W3siYXBwIjowLjIxODAxOTE2NDU1NzgxMjMsImFyZ3MiOnsiaWQiOjAuMjE4MDE5MTY0NTU3ODEyMywidG9vbGJhcklkIjoiQ
user_pref("CT2670199.toolbarNotificationSettings.enc", "eyJzZW5kTm90aWZpY2F0aW9ucyI6eyJhbGwiOnRydWUsImFwcHMiOnsiMC4yMTgwMTkxNjQ1NTc4MTIzIjp7InNob3ciOn
user_pref("CT2670199.toolbarNotificationUserId.enc", "NDcyMDAxODAxMjk=");
user_pref("CT2670199.url_history0001.enc", "aHR0cDovL3d3dy5vc2pqem1hai5jb20vdWNlbmljaV9za29sZV9qb3Zhbl9qb3Zhbm92aWNfem1hai5odG1sOjo6Y2xpY2toYW5kbGVyOj
user_pref("CT2670199.UserID", "UN15069555063266596");
user_pref("CT2670199_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1391675020073,\"isWithState\":\"\",\"timeFromStar
user_pref("valueApps.CT2670199.mam_gk_currentVersion", "312E31332E302E3137");
user_pref("valueApps.CT2670199.mam_gk_currentVersion.storedInFile", false);
user_pref("valueApps.CT2670199.mam_gk_globalKeysMigratedToLocalStorage", "31");
user_pref("valueApps.CT2670199.mam_gk_globalKeysMigratedToLocalStorage.storedInFile", false);
user_pref("valueApps.CT2670199.mam_gk_migrated_from_ls", "31");
user_pref("valueApps.CT2670199.mam_gk_migrated_from_ls.storedInFile", false);
user_pref("valueApps.CT2670199.mam_gk_userBornDate", "4E2F41");
user_pref("valueApps.CT2670199.mam_gk_userBornDate.storedInFile", false);
---- Lines conduit removed from prefs.js ----
user_pref("plugin.state.npconduitfirefoxplugin", 2);
user_pref("smartbar.conduitSearchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2928751&SearchSource=2&CUI=UN15878527073113725&UM=
---- Lines valueApps removed from prefs.js ----
user_pref("valueApps.storage.mam_gk_userId", "30393366666539362D396338652D343362332D396430662D633935373035363232383535");
---- Lines ask.com removed from prefs.js ----
user_pref("browser.search.order.1", "Ask.com");
user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
---- Lines smartbar removed from prefs.js ----
user_pref("smartbar.machineId", "G7RKKOZICDNPYKT1DSFSLQPNSBX9VORKNWGWKFTK2TE4X7XLROJWIF7G25WSEGITWWBRVG5GH/PLGAUI8QA9OA");
user_pref("smartbar.originalSearchAddressUrl", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
---- FireFox user.js and prefs.js backups ----

user_06.02.2014_0951_.backup
prefs_06.02.2014_0951_.backup

==== Deleting Files \ Folders ======================

C:\Users\korisnik\daemonprocess.txt deleted
C:\Users\korisnik\.android deleted
C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml deleted
C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml deleted
C:\Program Files\Mobogenie deleted
C:\Program Files\Mario Forever deleted
C:\Users\korisnik\AppData\Roaming\All CPU Meter_Settings.ini deleted
C:\Users\korisnik\AppData\Roaming\Advanced System Protector deleted
C:\Users\korisnik\AppData\Roaming\defaulttab deleted
C:\Users\korisnik\AppData\Roaming\Registry Mechanic deleted
C:\Users\korisnik\AppData\Roaming\Systweak deleted
C:\ProgramData\boost_interprocess deleted
C:\ProgramData\InstallMate deleted
C:\ProgramData\Premium deleted
C:\ProgramData\Babylon deleted
C:\Users\korisnik\AppData\Local\Mobogenie deleted
C:\Users\korisnik\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever deleted
C:\Users\korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com deleted
C:\Users\korisnik\AppData\LocalLow\searchresultstb deleted
C:\Users\korisnik\AppData\LocalLow\ilividtoolbarguid deleted
C:\Windows\system32\Tasks\Advanced System Protector deleted
C:\END deleted
C:\Users\korisnik\Documents\Mobogenie deleted
C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\searchplugins\babylon1.xml deleted
C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\searchplugins\askcom.xml deleted
C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\searchplugins\search-here-1.xml deleted
C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\searchplugins\search-here.xml deleted
C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\searchplugins\Search_Results.xml deleted
C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\valueApps deleted
C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\ilividtoolbarguid deleted
C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\jetpack deleted
C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\CT2670199 deleted
C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e} deleted
C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\smartbar deleted
C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\extensions\addon@defaulttab.com.xpi deleted
"C:\Users\korisnik\AppData\Local\iLivid" deleted
"C:\Users\korisnik\AppData\Local\PutLockerDownloader" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default
- Qualys BrowserCheck - %ProfilePath%\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default
FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash
AC987EE8037531807C5D7E6217A23501 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
EB41064BC07017F5694CF16B4DEF6B10 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
C36444D7301A8C881FC7296B092609C7 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google Update
F3B0E300AFC94E1A775A2D935A7D384F - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll - Shockwave for Director / Shockwave for Director
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
E5AF72B7353FF8D431A7C463A4229524 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash
BA320B0A76BAF9DE67093FDBC2F958AD - C:\Program Files\Verimatrix\ViewRight Web\npViewRight.dll - Verimatrix ViewRight


==== Chrome Look ======================

Google Docs - korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Ask Video Search - korisnik\AppData\Local\Torch\User Data\Default\Extensions\khfhickdpicdaakidammlhdmhhpgfmkc
Torch Helper - korisnik\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg
Ask Image Search - korisnik\AppData\Local\Torch\User Data\Default\Extensions\maenakfpbfmdigldjpegddiphokaodjh

==== Chrome Fix ======================

C:\Users\korisnik\AppData\Local\Torch\User Data\Default\Extensions\khfhickdpicdaakidammlhdmhhpgfmkc deleted successfully
C:\Users\korisnik\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg deleted successfully
C:\Users\korisnik\AppData\Local\Torch\User Data\Default\Extensions\maenakfpbfmdigldjpegddiphokaodjh deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://home.myplaycity.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://home.myplaycity.com/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://search.babylon.com/?affID=109220&tt=4912_1&babsrc=NT_ss&mntrId=d80ff46e00000000000000e04d7b27fd"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://home.myplaycity.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\ACDSee Pro 4.lnk - C:\Windows\Installer\{88D4FE78-6EA6-4DFB-9FC2-8BC316F0C2FD}\ACDSeeDesktopShortcu_F99F74B4972B4B06B8936B3B0DB0128B.exe
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\AIMP3.lnk - C:\Program Files\AIMP3\AIMP3.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk - C:\Program Files\MCShield\MCShieldRTM.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Deinstalacija programa Google Earth.lnk - C:\Windows\System32\msiexec.exe /x {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Pokretanje programa Google Earth u DirectX na?inu rada.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Pokretanje programa Google Earth u OpenGL na?inu rada.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Control Center.lnk - C:\Program Files\MCShield\MCShieldCC.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Real-Time Monitor.lnk - C:\Program Files\MCShield\MCShieldRTM.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\All scans.lnk - C:\ProgramData\MCShield\AllScans.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Last scan.lnk - C:\ProgramData\MCShield\LastScan.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Summary.lnk - C:\ProgramData\MCShield\Summary.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Tools\MCShield Translator.lnk - C:\Program Files\MCShield\Tools\Translator.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Uninstall\Uninstall MCShield.lnk - C:\Program Files\MCShield\MCS-Uninstall.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\korisnik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\korisnik\AppData\Local\Mozilla\Firefox\Profiles\id86kme9.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\korisnik\AppData\Local\Torch\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5058 folders=626 404256173 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\korisnik\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\korisnik\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\korisnik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on cet 06.02.2014 at 10:03:27,85 ======================

• 1Ovo se svidja korisniku: TwinHeadedEagle
  
  Registruj se da bi pohvalio/la poruku!

Kakvo je sada stanje, da li kompjuter manje koči? Potrebno je da ispratiš još neke korake radi dodatne provere.




Preuzmi FRST - (Farbar Recovery Scan Tool) i sacuvaj ga na Desktop

Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom.


Dvoklikom pokreni FRST;
Kada se alat startuje, klikni Yes na disclaimer.
Klikni na dugme Scan;
Alat ce kreirati izvestaj (FRST.txt) u isti direktorijum gde je i FRST.exe sacuvan.
Iskopiraj sadrzaj tog loga u poruku.
Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvestaj (Addition.txt). Taj izvestaj okaci u poruku koristeci opciju "Prikaci file".




Preuzmi aswMBR i sacuvaj ga na Desktop.

Dvoklikom pokreni aswMBR.

Ukoliko dobijes sledecu poruku:
Would you like to download latest Avast! virus definitions?
Klikni na dugme Yes i pricekaj da se proces preuzimanja definicija zavrsi.

Proveri da je pod AV Scan: izabrana opcija QuickScan

Klikni na Scan.

Kada zavrsi skeniranje ( Scan finished successfully ) klikni Save log.
Sacuvaj aswMBR log na Desktop.
Sadrzaj tog loga iskopiraj u temi.




Ivance95 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 06 Feb 2014 11:50

Manje koci,ali se jos uvek desava da pocne nesto da ucitava,i to traje po nekoliko minuta,i ne mozes za to vreme nista da radis.
Vazi odradicu ove sledece korake pa cu prikaciti.Hvala na ulozenom trudu i vremenu

Dopuna: 06 Feb 2014 12:40

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2014
Ran by korisnik (administrator) on KORISNIK-PC on 06-02-2014 12:11:02
Running from C:\Users\korisnik\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: [Link mogu videti samo ulogovani korisnici]
Download link for 64-Bit Version: [Link mogu videti samo ulogovani korisnici]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) ===================

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(H.D.S. Hungary) C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [3080264 2011-09-22] (ESET)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11487848 2011-12-05] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-643227427-2544039522-3149745375-1000\...\Run: [MCShield Monitor] - C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-02-02] (MyCity)
HKU\S-1-5-21-643227427-2544039522-3149745375-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-643227427-2544039522-3149745375-1000\...\Policies\Explorer: [NoInstrumentation] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll (Google Inc.)
Toolbar: HKCU - &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Link mogu videti samo ulogovani korisnici]
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default
FF Homepage: [Link mogu videti samo ulogovani korisnici]
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @verimatrix.com/ViewRightWeb - C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @verimatrix.com/ViewRightWeb - C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\searchplugins\Startpins.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml
FF Extension: Qualys BrowserCheck - C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\id86kme9.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2014-02-05]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-03-26]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Verimatrix ViewRight) - C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (Google документи) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-09]
CHR Extension: (Google диск) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-09]
CHR Extension: (YouTube) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-09]
CHR Extension: (Google претрага) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-09]
CHR Extension: (Google новчаник) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-11]
CHR Extension: (Gmail) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-09]

========================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [974944 2011-09-22] (ESET)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [232512 2012-03-26] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [163424 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [118104 2011-08-04] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [147480 2011-08-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [33656 2011-08-04] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2011-08-04] (ESET)
R3 LVUSBSta; C:\Windows\System32\drivers\lvusbsta.sys [22016 2005-05-27] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-02-06] (Malwarebytes Corporation)
R3 QCMerced; C:\Windows\System32\DRIVERS\LVCM.sys [1317152 2005-05-27] ()
R3 SrvHsfPCI; C:\Windows\System32\DRIVERS\VSTBS23.SYS [266752 2009-07-13] (Conexant Systems, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-06 12:11 - 2014-02-06 12:11 - 00011250 _____ () C:\Users\korisnik\Downloads\FRST.txt
2014-02-06 12:10 - 2014-02-06 12:11 - 00000000 ____D () C:\FRST
2014-02-06 12:07 - 2014-02-06 12:07 - 01139200 _____ (Farbar) C:\Users\korisnik\Downloads\FRST.exe
2014-02-06 11:50 - 2014-02-06 11:50 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-02-06 10:03 - 2014-02-06 10:03 - 00000328 _____ () C:\Windows\PFRO.log
2014-02-06 10:03 - 2014-02-06 10:03 - 00000056 _____ () C:\Windows\setupact.log
2014-02-06 10:03 - 2014-02-06 10:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-06 10:01 - 2014-02-06 09:29 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-06 09:30 - 2014-02-05 22:47 - 00011051 _____ () C:\zoek-results2014-02-05-214758.log
2014-02-05 23:21 - 2014-02-05 23:21 - 00001117 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-05 23:19 - 2014-02-05 23:19 - 00282784 _____ (Mozilla) C:\Users\korisnik\Downloads\Firefox Setup Stub 27.0.exe
2014-02-05 23:18 - 2014-02-05 23:18 - 00000000 ____D () C:\Users\korisnik\AppData\Roaming\Qualys
2014-02-05 22:48 - 2014-02-05 22:48 - 00011051 _____ () C:\Users\korisnik\Desktop\zoek-results.txt
2014-02-05 22:40 - 2014-02-06 10:03 - 00030460 _____ () C:\zoek-results.log
2014-02-05 22:33 - 2014-02-05 22:33 - 04088082 _____ () C:\Users\korisnik\Desktop\zoek.zip
2014-02-05 22:21 - 2014-02-06 09:59 - 00000000 ____D () C:\zoek_backup
2014-02-05 17:28 - 2014-02-05 17:27 - 00010695 _____ () C:\Users\korisnik\Desktop\attach.txt
2014-02-05 17:27 - 2014-02-05 17:25 - 00010933 _____ () C:\Users\korisnik\Desktop\dds.txt
2014-02-05 17:21 - 2014-02-05 17:22 - 00688992 _____ (Swearware) C:\Users\korisnik\Downloads\dds.com
2014-02-05 17:15 - 2014-02-05 17:15 - 00688992 _____ (Swearware) C:\Users\korisnik\Downloads\dds.pif
2014-02-05 17:14 - 2014-02-05 17:14 - 00688992 ____R (Swearware) C:\Users\korisnik\Downloads\dds.scr
2014-02-05 15:20 - 2014-02-05 15:20 - 00040586 _____ () C:\Users\korisnik\Desktop\Extras.Txt
2014-02-05 15:17 - 2014-02-05 15:17 - 00040586 _____ () C:\Users\korisnik\Downloads\Extras.Txt
2014-02-05 15:15 - 2014-02-05 15:15 - 00059070 _____ () C:\Users\korisnik\Downloads\OTL.Txt
2014-02-05 15:10 - 2014-02-05 15:11 - 00602112 _____ (OldTimer Tools) C:\Users\korisnik\Downloads\OTL.exe
2014-01-31 09:25 - 2014-02-06 10:02 - 00072722 _____ () C:\Windows\WindowsUpdate.log
2014-01-22 08:14 - 2014-01-22 08:15 - 00007168 _____ () C:\Users\korisnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-21 11:07 - 2014-01-21 11:07 - 00002182 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-01-15 08:32 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-15 08:32 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-15 08:32 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-15 08:32 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-15 08:31 - 2014-01-15 08:32 - 00005163 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log

==================== One Month Modified Files and Folders =======

2014-02-06 12:11 - 2014-02-06 12:11 - 00011250 _____ () C:\Users\korisnik\Downloads\FRST.txt
2014-02-06 12:11 - 2014-02-06 12:10 - 00000000 ____D () C:\FRST
2014-02-06 12:09 - 2009-07-14 05:34 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 12:09 - 2009-07-14 05:34 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 12:07 - 2014-02-06 12:07 - 01139200 _____ (Farbar) C:\Users\korisnik\Downloads\FRST.exe
2014-02-06 11:54 - 2012-11-21 17:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 11:50 - 2014-02-06 11:50 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-02-06 11:28 - 2012-11-25 13:46 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 10:07 - 2010-11-20 22:01 - 00726316 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-06 10:03 - 2014-02-06 10:03 - 00000328 _____ () C:\Windows\PFRO.log
2014-02-06 10:03 - 2014-02-06 10:03 - 00000056 _____ () C:\Windows\setupact.log
2014-02-06 10:03 - 2014-02-06 10:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-06 10:03 - 2014-02-05 22:40 - 00030460 _____ () C:\zoek-results.log
2014-02-06 10:03 - 2012-11-25 13:46 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 10:03 - 2012-03-26 21:04 - 00000000 ____D () C:\ProgramData\MCShield
2014-02-06 10:03 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 10:02 - 2014-01-31 09:25 - 00072722 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 09:59 - 2014-02-05 22:21 - 00000000 ____D () C:\zoek_backup
2014-02-06 09:58 - 2012-03-26 20:42 - 00000000 ____D () C:\Users\korisnik
2014-02-06 09:29 - 2014-02-06 10:01 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-06 09:09 - 2013-12-20 08:26 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-05 23:25 - 2012-03-26 21:23 - 00000000 ____D () C:\Users\korisnik\AppData\Local\Adobe
2014-02-05 23:24 - 2012-11-15 11:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 23:24 - 2012-03-26 21:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 23:21 - 2014-02-05 23:21 - 00001117 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-05 23:20 - 2012-11-15 11:25 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-05 23:19 - 2014-02-05 23:19 - 00282784 _____ (Mozilla) C:\Users\korisnik\Downloads\Firefox Setup Stub 27.0.exe
2014-02-05 23:18 - 2014-02-05 23:18 - 00000000 ____D () C:\Users\korisnik\AppData\Roaming\Qualys
2014-02-05 22:48 - 2014-02-05 22:48 - 00011051 _____ () C:\Users\korisnik\Desktop\zoek-results.txt
2014-02-05 22:47 - 2014-02-06 09:30 - 00011051 _____ () C:\zoek-results2014-02-05-214758.log
2014-02-05 22:33 - 2014-02-05 22:33 - 04088082 _____ () C:\Users\korisnik\Desktop\zoek.zip
2014-02-05 17:27 - 2014-02-05 17:28 - 00010695 _____ () C:\Users\korisnik\Desktop\attach.txt
2014-02-05 17:25 - 2014-02-05 17:27 - 00010933 _____ () C:\Users\korisnik\Desktop\dds.txt
2014-02-05 17:22 - 2014-02-05 17:21 - 00688992 _____ (Swearware) C:\Users\korisnik\Downloads\dds.com
2014-02-05 17:15 - 2014-02-05 17:15 - 00688992 _____ (Swearware) C:\Users\korisnik\Downloads\dds.pif
2014-02-05 17:14 - 2014-02-05 17:14 - 00688992 ____R (Swearware) C:\Users\korisnik\Downloads\dds.scr
2014-02-05 15:20 - 2014-02-05 15:20 - 00040586 _____ () C:\Users\korisnik\Desktop\Extras.Txt
2014-02-05 15:17 - 2014-02-05 15:17 - 00040586 _____ () C:\Users\korisnik\Downloads\Extras.Txt
2014-02-05 15:15 - 2014-02-05 15:15 - 00059070 _____ () C:\Users\korisnik\Downloads\OTL.Txt
2014-02-05 15:11 - 2014-02-05 15:10 - 00602112 _____ (OldTimer Tools) C:\Users\korisnik\Downloads\OTL.exe
2014-02-05 12:01 - 2012-11-25 13:45 - 00000000 ____D () C:\Program Files\Google
2014-02-05 11:50 - 2012-12-03 18:34 - 00000000 ____D () C:\Program Files\Super Cow
2014-02-04 12:35 - 2013-06-09 20:40 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 11:16 - 2012-03-26 21:04 - 00001042 _____ () C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
2014-02-03 11:16 - 2012-03-26 21:04 - 00000000 ____D () C:\Program Files\MCShield
2014-02-01 11:47 - 2013-07-07 22:04 - 00000000 ____D () C:\Windows\Minidump
2014-01-28 14:39 - 2012-03-26 20:57 - 00000971 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-01-28 14:39 - 2012-03-26 20:57 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-25 21:34 - 2013-11-03 10:34 - 00000000 ____D () C:\Users\korisnik\AppData\Roaming\AIMP3
2014-01-22 08:15 - 2014-01-22 08:14 - 00007168 _____ () C:\Users\korisnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-21 11:07 - 2014-01-21 11:07 - 00002182 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-01-21 11:07 - 2012-11-25 13:46 - 00000000 ____D () C:\Users\korisnik\AppData\Local\Google
2014-01-15 09:00 - 2013-10-27 18:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-15 08:32 - 2014-01-15 08:31 - 00005163 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-15 08:32 - 2012-03-26 21:28 - 00000000 ____D () C:\Program Files\Java
2014-01-13 15:06 - 2013-01-25 12:53 - 00000055 _____ () C:\Windows\popcinfo.dat
2014-01-13 15:06 - 2009-07-14 03:04 - 00000657 _____ () C:\Windows\win.ini
2014-01-13 14:13 - 2012-03-26 21:26 - 00000000 ____D () C:\Windows\system32\Macromed

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-30 19:04

==================== End Of Log ============================
[Link mogu videti samo ulogovani korisnici]
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-02-06 12:15:47
-----------------------------
12:15:47.834 OS Version: Windows 6.1.7601 Service Pack 1
12:15:47.834 Number of processors: 2 586 0x6B02
12:15:47.836 ComputerName: KORISNIK-PC UserName: korisnik
12:15:48.895 Initialize success
12:20:26.705 AVAST engine defs: 14020501
12:22:28.633 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:22:28.636 Disk 0 Vendor: WDC_WD3200AAJS-00VWA0 12.01B02 Size: 305245MB BusType: 3
12:22:28.788 Disk 0 MBR read successfully
12:22:28.791 Disk 0 MBR scan
12:22:29.043 Disk 0 Windows 7 default MBR code
12:22:29.058 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:22:29.111 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 49898 MB offset 206848
12:22:29.171 Disk 0 Partition - 00 05 Extended 255235 MB offset 102398310
12:22:29.220 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 155237 MB offset 307194993
12:22:29.278 Disk 0 scanning sectors +625121280
12:22:29.442 Disk 0 scanning C:\Windows\system32\drivers
12:22:50.227 Service scanning
12:23:26.744 Modules scanning
12:23:35.250 Disk 0 trace - called modules:
12:23:35.268
12:23:35.934 AVAST engine scan C:\Windows
12:23:38.991 AVAST engine scan C:\Windows\system32
12:33:28.315 AVAST engine scan C:\Windows\system32\drivers
12:33:59.097 AVAST engine scan C:\Users\korisnik
12:36:27.461 AVAST engine scan C:\ProgramData
12:37:14.207 Scan finished successfully
12:37:53.777 Disk 0 MBR has been saved successfully to "C:\Users\korisnik\Desktop\MBR.dat"
12:38:03.448 The log file has been saved successfully to "C:\Users\korisnik\Desktop\aswMBR.txt"

Dopuna: 06 Feb 2014 12:42

Evo,valjda sam dobro odradila sve.Istina,manje koci,ali i dalje se desava da odjednom izbaci za neki program da ne reaguje

Dopuna: 06 Feb 2014 18:37

Opet mi ne radi kako treba.Hocu da pokrenem neki program,kliknem na ikonu,treba mu par minuta da se pokrene,a kad se pokrene,zakoci,i vrti,ucitava,i po deset minuta.Kad upalim kompjuter par puta izadje windows se ne odaziva,restartujem,i onda se nekako pokrene,ali i dalje ista situacija sa programima.evo i sad dok pisem,zamagli se ekran i izadje da mozila ne reaguje,i desava se kao da ekran blicne nakratko .Kad hocu da ugasim komp,treba mu isto desetak minuta da se iskljuci.Sta vise da radim?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Tvoj kompjuter je čist što se malware-a tiče. Verovatno imaš problem sa hard diskom, ali je potrebno da otvoriš temu u Windows potforumu: [Link mogu videti samo ulogovani korisnici]




Takođe, poseti ovu temu da vidiš da li ti je pretraživač ranjiv i instaliraš ažurirane komponente
[Link mogu videti samo ulogovani korisnici]




• Sledeća procedura će implementirati završno čišćenje.

Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.




Ivance95 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Hvala puno na ulozenom trudu i vremenu.Veliki pozdrav