Provera laptopa

Provera laptopa

offline
  • Mare Ivanović
  • Sam svoj majstor
  • Pridružio: 30 Maj 2013
  • Poruke: 423
  • Gde živiš: U kući

Pozdrav, zeleo bih da testiram laptop koji sam kupio, da li je zarazen malwareom i sl.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-07-2016
Ran by sasa (administrator) on HOME (06-07-2016 18:29:22)
Running from C:\Documents and Settings\sasa\Desktop
Loaded Profiles: sasa (Available Profiles: sasa)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINDOWS\System32\WgaTray.exe
() C:\WINDOWS\VistaDriveIcon\VistaDrv.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\JUSCHED.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\FIREFOX.EXE
(Microsoft Corporation) C:\WINDOWS\System32\WSCNTFY.EXE
(Microsoft Corporation) C:\WINDOWS\System32\WUAUCLT.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VDrive] => C:\WINDOWS\VistaDriveIcon\VistaDrv.exe [132096 2008-01-02] ()
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [573440 2007-10-12] (Motorola Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-21-1177238915-764733703-842925246-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6775512 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-1177238915-764733703-842925246-1003\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-21-1177238915-764733703-842925246-1003\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoSMHelp] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{83D13663-9052-4FAA-A77E-EF400E8780CF}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1177238915-764733703-842925246-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-07-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-07-04] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1177238915-764733703-842925246-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

FireFox:
========
FF ProfilePath: C:\Documents and Settings\sasa\Application Data\Mozilla\Firefox\Profiles\9ow6ke72.default
FF Homepage: www.google.rs
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-07-05] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-04] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-04] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Documents and Settings\sasa\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\sasa\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-04]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [58368 2009-11-20] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\WINDOWS\system32\msdtc.exe [30720 2009-11-19] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [116736 2009-11-20] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AgereSoftModem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [1202560 2008-02-29] (Agere Systems) [File not signed]
R3 DKbFltr; C:\WINDOWS\System32\DRIVERS\DKbFltr.sys [16896 2004-12-07] (Dritek System Inc.) [File not signed]
R3 ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [737874 2004-08-20] (Intel Corporation) [File not signed]
S3 M3AD; C:\WINDOWS\System32\drivers\m3aux.sys [136832 2007-10-12] (Motorola Inc) [File not signed]
R3 mnich; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 smserial; C:\WINDOWS\System32\DRIVERS\smserial.sys [980608 2007-10-12] (Motorola Inc.) [File not signed]
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2216064 2008-01-07] (Intel® Corporation)
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 18:29 - 2016-07-06 18:29 - 00007459 _____ C:\Documents and Settings\sasa\Desktop\FRST.txt
2016-07-06 18:29 - 2016-07-06 18:29 - 00000000 ____D C:\FRST
2016-07-06 18:28 - 2016-07-06 18:29 - 01740288 _____ (Farbar) C:\Documents and Settings\sasa\Desktop\FRST.exe
2016-07-06 14:37 - 2016-07-06 14:37 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2016-07-05 21:12 - 2016-07-05 21:12 - 00000000 __SHD C:\FOUND.002
2016-07-05 19:38 - 2016-07-05 19:35 - 00001494 _____ C:\Documents and Settings\sasa\Desktop\Disk Cleaner.lnk
2016-07-05 19:35 - 2016-07-05 19:35 - 00000000 ____D C:\Program Files\Disk Cleaner
2016-07-05 19:35 - 2016-07-05 19:35 - 00000000 ____D C:\Documents and Settings\sasa\Application Data\Disk Cleaner
2016-07-05 19:35 - 2016-07-05 19:35 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Disk Cleaner
2016-07-05 19:30 - 2016-07-05 19:30 - 00000045 _____ C:\WINDOWS\system32\initdebug.nfo
2016-07-05 19:27 - 2016-07-05 19:27 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\McAfee
2016-07-05 19:18 - 2016-07-05 19:18 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-07-05 19:18 - 2016-07-05 19:18 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-07-05 19:18 - 2016-07-05 19:18 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\McAfee
2016-07-04 18:19 - 2016-07-04 18:19 - 00153088 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2016-07-04 18:19 - 2016-07-04 18:19 - 00095808 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-07-04 18:19 - 2016-07-04 18:19 - 00000000 ____D C:\Program Files\Common Files\Java
2016-07-04 18:19 - 2016-07-04 18:19 - 00000000 ____D C:\Documents and Settings\sasa\Local Settings\Application Data\Sun
2016-07-04 18:19 - 2016-07-04 18:19 - 00000000 ____D C:\Documents and Settings\sasa\Application Data\Sun
2016-07-04 18:19 - 2016-07-04 18:19 - 00000000 ____D C:\Documents and Settings\sasa\.oracle_jre_usage
2016-07-04 18:19 - 2016-07-04 18:19 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2016-07-04 18:18 - 2016-07-04 18:18 - 00000000 ____D C:\Program Files\Java
2016-07-04 18:18 - 2016-07-04 18:18 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Oracle
2016-07-04 18:15 - 2016-07-04 18:15 - 00000000 ____D C:\Documents and Settings\sasa\Application Data\Oracle
2016-07-04 18:05 - 2016-07-04 18:05 - 00000634 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-04 18:05 - 2016-07-04 18:05 - 00000628 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2016-07-04 18:05 - 2016-07-04 18:05 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-07-04 18:05 - 2016-07-04 18:05 - 00000000 ____D C:\Documents and Settings\sasa\Local Settings\Application Data\Mozilla
2016-07-04 18:05 - 2016-07-04 18:05 - 00000000 ____D C:\Documents and Settings\sasa\Application Data\Mozilla
2016-07-04 18:04 - 2016-07-04 18:04 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-07-04 17:20 - 2016-07-04 17:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-04 17:16 - 2016-07-04 17:16 - 00000000 ____D C:\WINDOWS\ERUNT
2016-07-04 17:14 - 2016-07-04 17:14 - 00000586 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2016-07-04 17:14 - 2016-07-04 17:14 - 00000000 ____D C:\Program Files\CCleaner
2016-07-04 14:23 - 2016-07-04 14:23 - 00000000 ___RD C:\Documents and Settings\sasa\My Documents\My Videos
2016-07-04 14:23 - 2016-07-04 14:23 - 00000000 ___RD C:\Documents and Settings\sasa\My Documents\My Pictures
2016-07-04 14:23 - 2016-07-04 14:23 - 00000000 ___RD C:\Documents and Settings\sasa\My Documents\My Music
2016-06-27 22:01 - 2016-06-27 22:01 - 00000000 __SHD C:\Documents and Settings\NetworkService\IETldCache
2016-06-27 20:14 - 2016-06-27 21:11 - 00065536 _____ C:\WINDOWS\system32\config\ACS.evt
2016-06-27 20:14 - 2016-06-27 20:14 - 00000000 __RHD C:\Documents and Settings\All Users\Application Data\Atheros
2016-06-27 20:14 - 2016-06-27 20:14 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-06-27 20:13 - 2016-06-27 20:13 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TP-LINK
2016-06-21 13:33 - 2008-04-13 17:15 - 00010368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-06-21 13:33 - 2008-04-13 17:15 - 00010368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidusb.sys
2016-06-21 13:33 - 2001-08-17 06:48 - 00012160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2016-06-21 13:33 - 2001-08-17 06:48 - 00012160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mouhid.sys
2016-06-18 23:03 - 2016-06-18 23:03 - 00000000 __SHD C:\Recycled
2016-06-18 17:03 - 2016-06-18 17:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2834886$
2016-06-18 17:03 - 2016-06-18 17:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2506212$
2016-06-18 17:03 - 2016-06-18 17:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2479943$
2016-06-18 15:13 - 2016-06-18 15:13 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2922229$
2016-06-18 15:13 - 2016-06-18 15:13 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2868626$
2016-06-18 15:13 - 2016-06-18 15:13 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2712808$
2016-06-18 15:13 - 2016-06-18 15:13 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2387149$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB970430$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2916036$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2659262$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2585542$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2564958$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2544893-v2$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2536276-v2$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2478971$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2345886$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB975558_WM8$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB955759$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2900986$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2847311$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2691442$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2631813$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2296011$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2115168$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB974318$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2898715$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2802968$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2655992$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2443105$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2378111_WM9$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2229593$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB982132$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB975713$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2929961$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2862335$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2686509$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2598479$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2485663$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB978338$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB972270$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2904266$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2780091$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2507938$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2347290$
2016-06-18 15:07 - 2016-06-18 15:07 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB979687$
2016-06-18 15:07 - 2016-06-18 15:07 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2930275$
2016-06-18 15:07 - 2016-06-18 15:07 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2876217$
2016-06-18 15:07 - 2016-06-18 15:07 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2864063$
2016-06-18 15:07 - 2016-06-18 15:07 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2483185$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB977816$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB975560$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2876331$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2862152$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2850869$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2770660$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2719985$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB974392$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2893294$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2859537$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2820917$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2757638$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2508429$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2419632$
2016-06-18 15:04 - 2016-06-18 15:04 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB977914$
2016-06-18 15:04 - 2016-06-18 15:04 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB971029$
2016-06-18 15:04 - 2016-06-18 15:04 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2892075$
2016-06-18 15:04 - 2016-06-18 15:04 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2749655$
2016-06-18 15:04 - 2016-06-18 15:04 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2619339$
2016-06-18 15:03 - 2016-06-18 15:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB979482$
2016-06-18 15:03 - 2016-06-18 15:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB978706$
2016-06-18 15:03 - 2016-06-18 15:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB978542$
2016-06-18 15:03 - 2016-06-18 15:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2705219-v2$
2016-06-18 15:03 - 2016-06-18 15:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2509553$
2016-06-18 15:02 - 2016-06-18 15:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB982665$
2016-06-18 15:02 - 2016-06-18 15:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2676562$
2016-06-18 15:02 - 2016-06-18 15:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2478960$
2016-06-17 03:14 - 2010-11-18 11:12 - 00081920 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isign32.dll
2016-06-17 03:13 - 2013-08-08 18:56 - 00386560 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\themeui.dll
2016-06-17 03:13 - 2009-12-08 02:23 - 00474112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shlwapi.dll
2016-06-17 03:12 - 2013-08-05 06:30 - 01289728 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ole32.dll
2016-06-17 03:12 - 2011-01-21 07:44 - 00439296 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shimgvw.dll
2016-06-17 03:12 - 2010-07-12 05:55 - 00218112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wordpad.exe
2016-06-17 03:11 - 2013-12-05 04:26 - 01172992 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml3.dll
2016-06-17 03:11 - 2013-01-01 23:49 - 01292288 ____N C:\WINDOWS\system32\dllcache\quartz.dll
2016-06-17 03:11 - 2009-11-27 10:11 - 00017920 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msyuv.dll
2016-06-17 03:10 - 2013-03-08 01:36 - 00293376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winsrv.dll
2016-06-17 03:10 - 2012-06-08 07:26 - 08462848 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shell32.dll
2016-06-17 03:09 - 2009-12-16 11:43 - 00343040 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mspaint.exe
2016-06-17 03:09 - 2009-11-27 09:28 - 00048128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iyuv_32.dll
2016-06-17 03:09 - 2009-11-27 09:28 - 00008704 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsbyuv.dll
2016-06-17 03:08 - 2011-07-15 06:29 - 00457856 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mrxsmb.sys
2016-06-17 03:07 - 2010-08-23 09:12 - 00617472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comctl32.dll
2016-06-17 03:07 - 2009-10-20 09:20 - 00265728 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\http.sys
2016-06-17 03:04 - 2013-07-02 19:12 - 00025088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2016-06-17 03:04 - 2013-07-02 18:59 - 00014976 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB978695_WM9$
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB973904$
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2807986$
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2603381$
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2592799$
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2570947$
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2535512$
2016-06-17 03:01 - 2016-06-17 03:01 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB981997$
2016-06-17 03:01 - 2016-06-17 03:01 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB979309$
2016-06-17 03:01 - 2016-06-17 03:01 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2862330$
2016-06-17 03:01 - 2016-06-17 03:01 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2723135-v2$
2016-06-17 03:01 - 2016-06-17 03:01 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2698365$
2016-06-17 03:01 - 2016-06-17 03:01 - 00000000 ____D C:\WINDOWS\ie8updates
2016-06-17 03:00 - 2016-06-17 03:01 - 00000000 ____D C:\Program Files\MSXML 4.0
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2914368$
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2661637$
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2620712$
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2584146$
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2566454$
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2423089$
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2393802$
2016-06-17 02:57 - 2013-02-11 17:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys
2016-06-17 02:57 - 2011-11-18 05:35 - 00060416 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\packager.exe
2016-06-17 02:56 - 2013-09-23 11:33 - 11113472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 06017536 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 02006016 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2016-06-17 02:56 - 2013-09-23 11:33 - 01215488 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00920064 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00743424 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00630272 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00522240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00247808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00206848 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00184320 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00105984 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00055296 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2016-06-17 02:56 - 2012-05-28 05:25 - 00081920 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado28.tlb
2016-06-17 02:55 - 2013-08-08 17:55 - 00144128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2016-06-17 02:55 - 2013-08-08 17:55 - 00032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2016-06-17 02:55 - 2013-08-08 17:55 - 00005376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2016-06-17 02:55 - 2009-03-18 04:02 - 00030336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2016-06-17 02:54 - 2013-07-03 20:03 - 02149888 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2016-06-17 02:54 - 2013-07-03 19:59 - 02193536 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2016-06-17 02:54 - 2013-07-03 19:08 - 02028544 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2016-06-17 02:54 - 2012-01-11 12:06 - 00003072 ____N C:\WINDOWS\system32\iacenc.dll
2016-06-17 02:54 - 2012-01-11 12:06 - 00003072 ____N C:\WINDOWS\system32\dllcache\iacenc.dll
2016-06-17 02:54 - 2010-10-11 07:59 - 00045568 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe
2016-06-17 02:54 - 2010-01-13 07:01 - 00086016 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cabview.dll
2016-06-10 16:09 - 2016-06-10 16:09 - 00000000 __SHD C:\FOUND.001
2016-06-06 14:25 - 2016-06-06 14:25 - 00000000 __SHD C:\FOUND.000

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 18:12 - 2016-06-04 18:56 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-06 18:12 - 2016-06-04 17:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-06 18:12 - 2009-11-20 00:45 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-07-06 16:44 - 2016-06-04 18:34 - 00000178 ___SH C:\Documents and Settings\sasa\ntuser.ini
2016-07-06 16:44 - 2016-06-04 17:54 - 00032428 _____ C:\WINDOWS\SchedLgU.Txt
2016-07-05 20:06 - 2016-06-04 18:56 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-04 17:20 - 2016-06-04 17:33 - 139785240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-04 14:23 - 2016-06-04 18:34 - 00000692 _____ C:\Documents and Settings\sasa\Start Menu\Programs\Windows Media Player.lnk
2016-07-02 01:07 - 2016-06-04 17:29 - 00001474 _____ C:\Documents and Settings\All Users\Start Menu\Microsoft Update.lnk
2016-07-02 01:05 - 2016-06-04 18:53 - 00002315 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2016-07-02 01:02 - 2016-06-04 18:34 - 00001503 _____ C:\Documents and Settings\sasa\Start Menu\Programs\Remote Assistance.lnk
2016-07-02 01:02 - 2016-06-04 17:33 - 00001511 _____ C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2016-06-30 17:05 - 2016-06-04 17:21 - 00095072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-18 15:57 - 2016-06-04 17:22 - 00351662 _____ C:\WINDOWS\system32\PerfStringBackup.INI

Some files in TEMP:
====================
C:\Documents and Settings\sasa\Local Settings\Temp\sfamcc00001.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2009-11-20 00:45] - [2009-11-20 00:45] - 1552384 ____A (Microsoft Corporation) F8540FC5FDAD3C3A2E668ACB0BACCE59

C:\WINDOWS\system32\winlogon.exe
[2009-11-19 17:45] - [2009-11-20 00:45] - 0557056 ____A (Microsoft Corporation) 6AE82FE2B77E79E2CD2819599CD75CFB

C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll
[2009-11-19 17:45] - [2009-11-20 00:45] - 0637440 ____A (Microsoft Corporation) E7A939813423DCF45BAAA8FAC9BA744D

C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Sistem je čist što se malwarea tiče.

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Ko je trenutno na forumu
 

Ukupno su 1050 korisnika na forumu :: 37 registrovanih, 4 sakrivenih i 1009 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., ajo baba, Asparagus, Atomski čoban, babaroga, Brana01, CikaKURE, Dimitrise93, DonRumataEstorski, Dorcolac, DPera, hooraay, HrcAk47, ivan1973, jackreacher011011, Još malo pa deda, Karla, Lazarus, LUDI, milenko crazy north, milos.cbr, moldway, naki011, nebidrag, nemkea71, nenad81, NoOneEver Dreams, Romibrat, sasa87, Sirius, Srle993, stegonosa, theNedjeljko, vathra, W123, zlaya011, |_MeD_|