MyCity » Ambulanta -> Arhiva Ambulante » Provjera kompjutera :)

Provjera kompjutera :)

Napisano na dan: 1.10.2013

Strana:
1
2

Provjera kompjutera :)

Sledeća strana

Pagination

Odgovori

Strana:
1
2

11neco11 Poslao: 01 Okt 2013 19:11 Idi na vrh
offline 11neco11 Elitni građanin Nemanja Djukanovic Pridružio: 18 Dec 2012 Poruke: 1761 Gde živiš: Niksic - Crna Gora	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 01 Okt 2013 19:11 :arrow: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.25.2 Run by user at 19:09:01 on 2013-10-01 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3979.2570 [GMT 2:00] . AV: Microsoft Security Essentials Enabled/Updated {641105E6-77ED-3F35-A304-765193BCB75F} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials Enabled/Updated {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Hpservice.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SysWOW64\IoctlSvc.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtWlan.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: GretechBHO Class: {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 mRun: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: NameServer = 192.168.0.2 TCP: Interfaces\{77768D0A-C844-42CC-87DB-649D46EEC224}\642796C656 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{7F861404-6040-4804-843D-EEA2DA4BCF42} : DHCPNameServer = 192.168.0.2 TCP: Interfaces\{7F861404-6040-4804-843D-EEA2DA4BCF42}\B414A594E4F4 : DHCPNameServer = 195.66.189.137 195.66.189.138 TCP: Interfaces\{7F861404-6040-4804-843D-EEA2DA4BCF42}\B416A796E6F6 : DHCPNameServer = 195.66.189.137 195.66.189.138 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q= FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-08-14 14:58; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} . ============= SERVICES / DRIVERS =============== . R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-3-27 19224] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-2-20 283200] R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-4-26 33560] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-12-13 13592] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 139616] R2 RtlService;RtlService;C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [2013-4-25 40960] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-9-16 3273088] R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-1-19 158880] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-1-19 30368] R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-6 331264] R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-3-27 356632] R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-3-27 789272] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-7-18 366600] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-12-13 708200] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2012-8-24 175928] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992] S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-22 1255736] . =============== Created Last 30 ================ . 2013-10-01 17:06:59 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F44593BE-F37D-4F5D-978D-38F1652067D4}\offreg.dll 2013-09-30 18:52:19 9694160 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F44593BE-F37D-4F5D-978D-38F1652067D4}\mpengine.dll 2013-09-29 21:54:03 9694160 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-09-16 10:30:40 4806016 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2013-09-16 10:30:40 4806016 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2013-09-14 15:11:04 -------- d-----w- C:\Program Files\Common Files\Native Instruments 2013-09-14 15:11:02 -------- d-----w- C:\ProgramData\Native Instruments 2013-09-11 15:39:39 -------- d-----w- C:\Users\user\AppData\Roaming\Unity 2013-09-06 09:11:05 965008 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{365C5B77-C66A-40F9-BDB5-14769EACB5DC}\gapaengine.dll . ==================== Find3M ==================== . 2013-09-11 12:20:13 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-09-11 12:20:13 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-07-17 23:20:16 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-07-17 23:20:14 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-07-17 23:20:14 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll . ============= FINISH: 19:10:08,91 =============== Dopuna: 01 Okt 2013 19:11 https://www.mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 01 Okt 2013 23:22 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	3Ovo se svidja korisnicima: SlobaBgd, NIx Car, Dusan Registruj se da bi pohvalio/la poruku! Sta je ovo? Kako ti zamisljas Ambulantu, da je to mesto gde svratis, postavis izvestaje, ne kazes ni jednu rec i ocekujes da ti neko pomogne? Pre par dana si bio u Ambulanti, sta je sada problem? Znaci, tako kako ti to zamisljas nece moci, ovde rade ljudi(koji imaju zivot), a ne roboti, pa se tako i ponasaj, i detaljno opisi problem. Sa druge strane, postoje i programi kao sto je MalwareBytes, pomocu kojih mozes i sam nekada da preskeniras i proveri kakvo je stanje sistema. Ne mora za svaku sitnicu da se postavlja ovde tema...

Profil

neco1993 Poslao: 02 Okt 2013 01:34 Idi na vrh
offline neco1993 Novi MyCity građanin Pridružio: 05 Dec 2012 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 02 Okt 2013 1:27 neco mi je dao nalog da mi pregledate komp. od virus-a Dopuna: 02 Okt 2013 1:27 Cini mi se da je malo usporio ... Dopuna: 02 Okt 2013 1:30 skidao je filmove ... muziku i cini mu se da je usporio komp. eto to je problem Dopuna: 02 Okt 2013 1:34 inace imam 2 profila ... tako da kome treba davam ...

Profil

11neco11 Poslao: 02 Okt 2013 02:25 Idi na vrh
offline 11neco11 Elitni građanin Nemanja Djukanovic Pridružio: 18 Dec 2012 Poruke: 1761 Gde živiš: Niksic - Crna Gora	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pregledaj mi jos ovaj komp i neces me gledati bez ako bas ne prigusti moze ?

Profil

TwinHeadedEagle Poslao: 02 Okt 2013 08:36 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Racunar ce biti pregledan, ali pokazi malo postovanja i odvoji makar onoliko vremena za ovaj problem, koliko i mi odvajamo, a ne taj fazon, ubacis izvestaje bez ijedne reci... Korak 1. Preuzmi Farbar Recovery Scan Tool i sacuvaj ga na Desktop Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom. Tvoj Windows je 64-bitna verzija. Dvoklikom pokreni FRST; Kada se alat startuje, klikni Yes na disclaimer. Klikni na dugme Scan; Alat ce kreirati izvestaj (FRST.txt) u isti direktorijum gde je i FRST.exe sacuvan. Iskopiraj sadrzaj tog loga u poruku. Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvestaj (Addition.txt). Taj izvestaj okaci u poruku koristeci opciju "Prikaci file". Korak 2. Preuzmi program GMER sa donjeg linka na Desktop: GMER download Klikni dati link; Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Dvoklikom pokrenite GMER. Sačekaj da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, klikni No; klikni Scan i sačekaj da skeniranje bude završeno; klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer1); klikni desnim tasterom u prozor programa Gmer i odaberi Options > 3rd party - klikni Scan; po završetku skeniranja klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer2); klikni taster >>> i odaberi Autostart karticu; po završetku kratkotrajnog skeniranja, klikni Copy; otvori Notepad i u njega postavi kopirani tekst - izveštaj sačuvaj na Desktop (pod nazivom Gmer3); Slikoviti prikaz postupka Priloži sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

Profil

11neco11 Poslao: 02 Okt 2013 14:23 Idi na vrh
offline 11neco11 Elitni građanin Nemanja Djukanovic Pridružio: 18 Dec 2012 Poruke: 1761 Gde živiš: Niksic - Crna Gora	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 02 Okt 2013 13:39 U redu , izvinjavam se ... Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02 Ran by user (administrator) on USER-PC on 02-10-2013 13:33:42 Running from C:\Users\user\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek) C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtWlan.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation) HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation) HKLM-x32\...\Run: [LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [54832 2007-02-08] () HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3EA79C9157D9CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121213180138128&tb_oid=13-12-2012&tb_mrud=13-12-2012 SearchScopes: HKLM-x32 - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121213180138128&tb_oid=13-12-2012&tb_mrud=13-12-2012 SearchScopes: HKCU - DefaultScope {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox SearchScopes: HKCU - D01FAD5E251647EDA55368FAC16139C4 URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121213180138128&tb_oid=13-12-2012&tb_mrud=13-12-2012 SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: GretechBHO Class - {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll (Gretech Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.2 FireFox: ======== FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default FF DefaultSearchEngine: Bing FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q= FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\searchplugins\bingp.xml FF Extension: fhdp - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\fhdp@fhdp.tv.xpi FF Extension: hdvc - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\hdvc@hdvc.com.xpi FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} Chrome: ======= CHR RestoreOnStartup: "hxxp://www.google.rs/" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (downloadUpdater) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll (AOL LLC) CHR Plugin: (downloadUpdater2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll (AOL LLC) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Unity Player) - C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [kkfggacklibaabdomphfdpcodjgihgon] - C:\Program Files (x86)\FirstRowSportApp.com\stv10.crx CHR HKLM-x32\...\Chrome\Extension: [kpkbnefaikfaeadgidhpoanckoiaheli] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx ==================== Services (Whitelisted) ================= R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG) R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [173616 2007-02-08] () R2 RtlService; C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) ==================== Drivers (Whitelisted) ==================== R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-20] (DT Soft Ltd) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] () R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl [13560 2006-11-03] (Cyberlink Corp.) R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl [13560 2006-11-03] (Cyberlink Corp.) S3 netr28ux; system32\DRIVERS\netr28ux.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-02 13:33 - 2013-10-02 13:33 - 00000000 ____D C:\FRST 2013-10-02 13:32 - 2013-10-02 13:32 - 01953880 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe 2013-10-01 22:31 - 2013-10-01 22:31 - 00004121 _____ C:\Users\user\Downloads\302837_1925962237_attach.txt 2013-10-01 19:10 - 2013-10-01 19:10 - 00013376 _____ C:\Users\user\Desktop\dds.txt 2013-10-01 19:10 - 2013-10-01 19:10 - 00004121 _____ C:\Users\user\Desktop\attach.txt 2013-10-01 19:08 - 2013-10-01 19:08 - 00688992 ____R (Swearware) C:\Users\user\Downloads\dds.scr 2013-10-01 09:08 - 2013-10-01 09:08 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2013-09-29 23:53 - 2013-09-29 23:54 - 03332688 _____ C:\Users\user\Downloads\Adobe_Photoshop_Elements_12.exe 2013-09-16 02:17 - 2013-09-16 02:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-14 17:14 - 2013-09-14 17:14 - 00000000 ____D C:\Users\user\Documents\Native Instruments 2013-09-14 17:11 - 2013-09-14 17:11 - 00000000 ____D C:\ProgramData\Native Instruments 2013-09-14 17:11 - 2013-09-14 17:11 - 00000000 ____D C:\Program Files\Common Files\Native Instruments 2013-09-14 16:59 - 2013-09-14 17:07 - 00000000 ____D C:\Users\user\Downloads\Native Instruments Traktor Pro 2 v2.1.2 B12125 (Full) [RH] 2013-09-11 17:39 - 2013-09-11 17:39 - 00000000 ____D C:\Users\user\AppData\Roaming\Unity 2013-09-02 17:49 - 2013-10-01 09:07 - 00002308 _____ C:\Windows\PFRO.log ==================== One Month Modified Files and Folders ======= 2013-10-02 13:33 - 2013-10-02 13:33 - 00000000 ____D C:\FRST 2013-10-02 13:32 - 2013-10-02 13:32 - 01953880 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe 2013-10-02 13:28 - 2013-06-18 21:57 - 01368593 _____ C:\Windows\WindowsUpdate.log 2013-10-02 13:28 - 2012-12-13 20:00 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype 2013-10-02 12:56 - 2013-08-28 12:51 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-02 12:56 - 2013-08-28 12:51 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-02 12:52 - 2013-02-04 21:27 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-02 00:19 - 2013-08-13 15:01 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{33603993-C091-4AE7-8460-6E9BDA9A71F7} 2013-10-01 22:31 - 2013-10-01 22:31 - 00004121 _____ C:\Users\user\Downloads\302837_1925962237_attach.txt 2013-10-01 19:10 - 2013-10-01 19:10 - 00013376 _____ C:\Users\user\Desktop\dds.txt 2013-10-01 19:10 - 2013-10-01 19:10 - 00004121 _____ C:\Users\user\Desktop\attach.txt 2013-10-01 19:08 - 2013-10-01 19:08 - 00688992 ____R (Swearware) C:\Users\user\Downloads\dds.scr 2013-10-01 12:38 - 2009-07-14 06:45 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-01 12:38 - 2009-07-14 06:45 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-01 09:08 - 2013-10-01 09:08 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2013-10-01 09:07 - 2013-09-02 17:49 - 00002308 _____ C:\Windows\PFRO.log 2013-10-01 09:07 - 2013-09-01 12:35 - 00002418 _____ C:\Windows\setupact.log 2013-10-01 09:07 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-29 23:54 - 2013-09-29 23:53 - 03332688 _____ C:\Users\user\Downloads\Adobe_Photoshop_Elements_12.exe 2013-09-27 21:59 - 2013-05-04 15:43 - 00000000 ____D C:\Users\user\Documents\VirtualDJ 2013-09-27 08:54 - 2012-12-13 20:00 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-09-24 19:36 - 2009-07-14 07:08 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-09-22 16:45 - 2013-03-19 16:20 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps 2013-09-20 21:37 - 2013-08-28 12:53 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-19 15:46 - 2009-07-14 07:13 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-16 15:43 - 2012-12-13 19:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-16 03:48 - 2013-02-08 08:02 - 00000000 ____D C:\Users\user\AppData\Roaming\uTorrent 2013-09-16 02:17 - 2013-09-16 02:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-14 17:14 - 2013-09-14 17:14 - 00000000 ____D C:\Users\user\Documents\Native Instruments 2013-09-14 17:11 - 2013-09-14 17:11 - 00000000 ____D C:\ProgramData\Native Instruments 2013-09-14 17:11 - 2013-09-14 17:11 - 00000000 ____D C:\Program Files\Common Files\Native Instruments 2013-09-14 17:07 - 2013-09-14 16:59 - 00000000 ____D C:\Users\user\Downloads\Native Instruments Traktor Pro 2 v2.1.2 B12125 (Full) [RH] 2013-09-11 17:39 - 2013-09-11 17:39 - 00000000 ____D C:\Users\user\AppData\Roaming\Unity 2013-09-11 14:20 - 2013-02-04 21:27 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-11 14:20 - 2013-02-04 21:27 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-11 14:20 - 2012-12-13 19:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl Some content of TEMP: ==================== C:\Users\user\AppData\Local\Temp\Uninstall.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-28 20:16 ==================== End Of Log ============================ Dopuna: 02 Okt 2013 13:41 https://www.mycity.rs/must-login.png Dopuna: 02 Okt 2013 14:23 https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 02 Okt 2013 19:03 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvori Notepad i iskopiraj sledeci tekst koji se nalazi unutar osencenog prostora. SearchScopes: HKLM-x32 - DefaultScope {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121213180138128&tb_oid=13-12-2012&tb_mrud=13-12-2012 SearchScopes: HKLM-x32 - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121213180138128&tb_oid=13-12-2012&tb_mrud=13-12-2012 SearchScopes: HKCU - D01FAD5E251647EDA55368FAC16139C4 URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121213180138128&tb_oid=13-12-2012&tb_mrud=13-12-2012 SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Extension: fhdp - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\fhdp@fhdp.tv.xpi FF Extension: hdvc - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\hdvc@hdvc.com.xpi C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\fhdp@fhdp.tv.xpi C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\hdvc@hdvc.com.xpi CHR HKLM-x32\...\Chrome\Extension: [kkfggacklibaabdomphfdpcodjgihgon] - C:\Program Files (x86)\FirstRowSportApp.com\stv10.crx CHR HKLM-x32\...\Chrome\Extension: [kpkbnefaikfaeadgidhpoanckoiaheli] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx C:\Program Files (x86)\FirstRowSportApp.com C:\Program Files (x86)\HDvidCodec.com C:\Users\user\AppData\Local\Temp\Uninstall.exe CMD: ipconfig /flushdns U okviru Notepad-a klikni na File --> Save As Fajl nazovi fixlist.txt i sacuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sacekaj dok program ne završi Ukoliko program zatraži restart racunara, omoguci mu da to nesmetano obavi. Nakon završetka rada, otvorice se Notepad, sa sadržajem koji treba da kopiraš u temu. Takode, na Desktop-u ce se nalaziti fixlog.txt. Nakon toga: Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop. Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje. Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu. Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu.

Profil

11neco11 Poslao: 03 Okt 2013 19:21 Idi na vrh
offline 11neco11 Elitni građanin Nemanja Djukanovic Pridružio: 18 Dec 2012 Poruke: 1761 Gde živiš: Niksic - Crna Gora	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 03 Okt 2013 19:09 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013 Ran by user at 2013-10-03 19:07:41 Run:1 Running from C:\Users\user\Desktop Boot Mode: Normal ============================================== Content of fixlist: *************** SearchScopes: HKLM-x32 - DefaultScope {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121213180138128&tb_oid=13-12-2012&tb_mrud=13-12-2012 SearchScopes: HKLM-x32 - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121213180138128&tb_oid=13-12-2012&tb_mrud=13-12-2012 SearchScopes: HKCU - D01FAD5E251647EDA55368FAC16139C4 URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121213180138128&tb_oid=13-12-2012&tb_mrud=13-12-2012 SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Extension: fhdp - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\fhdp@fhdp.tv.xpi FF Extension: hdvc - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\hdvc@hdvc.com.xpi C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\fhdp@fhdp.tv.xpi C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\hdvc@hdvc.com.xpi CHR HKLM-x32\...\Chrome\Extension: [kkfggacklibaabdomphfdpcodjgihgon] - C:\Program Files (x86)\FirstRowSportApp.com\stv10.crx CHR HKLM-x32\...\Chrome\Extension: [kpkbnefaikfaeadgidhpoanckoiaheli] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx C:\Program Files (x86)\FirstRowSportApp.com C:\Program Files (x86)\HDvidCodec.com C:\Users\user\AppData\Local\Temp\Uninstall.exe CMD: ipconfig /flushdns ************* HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\D01FAD5E251647EDA55368FAC16139C4 => Key deleted successfully. HKCR\CLSID\D01FAD5E251647EDA55368FAC16139C4 => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\fhdp@fhdp.tv.xpi => Moved successfully. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\hdvc@hdvc.com.xpi => Moved successfully. "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\fhdp@fhdp.tv.xpi " => File/Directory not found. "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\hdvc@hdvc.com.xpi " => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kkfggacklibaabdomphfdpcodjgihgon => Key deleted successfully. C:\Program Files (x86)\FirstRowSportApp.com\stv10.crx => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli => Key deleted successfully. C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx => Moved successfully. C:\Program Files (x86)\FirstRowSportApp.com => Moved successfully. C:\Program Files (x86)\HDvidCodec.com => Moved successfully. "C:\Users\user\AppData\Local\Temp\Uninstall.exe " => File/Directory not found. ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ==== End of Fixlog ==== Dopuna: 03 Okt 2013 19:10 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013 Ran by user at 2013-10-03 19:07:41 Run:1 Running from C:\Users\user\Desktop Boot Mode: Normal ============================================== Content of fixlist: ************* SearchScopes: HKLM-x32 - DefaultScope {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121213180138128&tb_oid=13-12-2012&tb_mrud=13-12-2012 SearchScopes: HKLM-x32 - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121213180138128&tb_oid=13-12-2012&tb_mrud=13-12-2012 SearchScopes: HKCU - D01FAD5E251647EDA55368FAC16139C4 URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121213180138128&tb_oid=13-12-2012&tb_mrud=13-12-2012 SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Extension: fhdp - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\fhdp@fhdp.tv.xpi FF Extension: hdvc - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\hdvc@hdvc.com.xpi C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\fhdp@fhdp.tv.xpi C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\hdvc@hdvc.com.xpi CHR HKLM-x32\...\Chrome\Extension: [kkfggacklibaabdomphfdpcodjgihgon] - C:\Program Files (x86)\FirstRowSportApp.com\stv10.crx CHR HKLM-x32\...\Chrome\Extension: [kpkbnefaikfaeadgidhpoanckoiaheli] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx C:\Program Files (x86)\FirstRowSportApp.com C:\Program Files (x86)\HDvidCodec.com C:\Users\user\AppData\Local\Temp\Uninstall.exe CMD: ipconfig /flushdns *************** HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\D01FAD5E251647EDA55368FAC16139C4 => Key deleted successfully. HKCR\CLSID\D01FAD5E251647EDA55368FAC16139C4 => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\fhdp@fhdp.tv.xpi => Moved successfully. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\hdvc@hdvc.com.xpi => Moved successfully. "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\fhdp@fhdp.tv.xpi " => File/Directory not found. "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\Extensions\hdvc@hdvc.com.xpi " => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kkfggacklibaabdomphfdpcodjgihgon => Key deleted successfully. C:\Program Files (x86)\FirstRowSportApp.com\stv10.crx => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli => Key deleted successfully. C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx => Moved successfully. C:\Program Files (x86)\FirstRowSportApp.com => Moved successfully. C:\Program Files (x86)\HDvidCodec.com => Moved successfully. "C:\Users\user\AppData\Local\Temp\Uninstall.exe " => File/Directory not found. ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ==== End of Fixlog ==== Dopuna: 03 Okt 2013 19:17 nisam sacuvao adw clener izvjestaj kliknuh X i zatvori se ... Dopuna: 03 Okt 2013 19:21 evo ga iz lokal disc C ..... Uradio sam i tfc https://www.mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 03 Okt 2013 23:30 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Postavi mi svez FRST izvestaj i kazi mi kakvo je sada stanje?

Profil

11neco11 Poslao: 04 Okt 2013 02:19 Idi na vrh
offline 11neco11 Elitni građanin Nemanja Djukanovic Pridružio: 18 Dec 2012 Poruke: 1761 Gde živiš: Niksic - Crna Gora	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 04 Okt 2013 2:19 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013 Ran by user (administrator) on USER-PC on 04-10-2013 02:17:10 Running from C:\Users\user\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Realtek) C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtWlan.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation) HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation) HKLM-x32\...\Run: [LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [54832 2007-02-08] () HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3EA79C9157D9CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: GretechBHO Class - {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll (Gretech Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.2 FireFox: ======== FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default FF DefaultSearchEngine: Bing FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q= FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pvxzdxly.default\searchplugins\bingp.xml FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} Chrome: ======= CHR RestoreOnStartup: "hxxp://www.google.rs/" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (downloadUpdater) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll No File CHR Plugin: (downloadUpdater2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Unity Player) - C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx ==================== Services (Whitelisted) ================= R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG) R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [173616 2007-02-08] () R2 RtlService; C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) ==================== Drivers (Whitelisted) ==================== R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-20] (DT Soft Ltd) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] () R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl [13560 2006-11-03] (Cyberlink Corp.) R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl [13560 2006-11-03] (Cyberlink Corp.) S3 netr28ux; system32\DRIVERS\netr28ux.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-03 19:18 - 2013-10-03 19:18 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2013-10-03 19:15 - 2013-10-03 19:12 - 00004091 _____ C:\Users\user\Desktop\AdwCleaner[S0].txt 2013-10-03 19:15 - 2013-10-03 19:11 - 00004113 _____ C:\Users\user\Desktop\AdwCleaner[R0].txt 2013-10-03 19:12 - 2013-10-03 19:18 - 00000112 _____ C:\Windows\setupact.log 2013-10-03 19:12 - 2013-10-03 19:12 - 00000000 _____ C:\Windows\setuperr.log 2013-10-03 19:10 - 2013-10-03 19:12 - 00000000 ____D C:\AdwCleaner 2013-10-03 19:07 - 2013-10-03 19:07 - 00448512 _____ (OldTimer Tools) C:\Users\user\Desktop\TFC.exe 2013-10-03 19:06 - 2013-10-03 19:07 - 01045226 _____ C:\Users\user\Desktop\adwcleaner.exe 2013-10-03 19:05 - 2013-10-03 19:05 - 01954124 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe 2013-10-02 19:13 - 2013-10-03 19:02 - 00000000 ____D C:\Users\user\Desktop\neco 2013-10-02 13:33 - 2013-10-02 13:33 - 00000000 ____D C:\FRST 2013-10-01 22:31 - 2013-10-01 22:31 - 00004121 _____ C:\Users\user\Downloads\302837_1925962237_attach.txt 2013-10-01 19:08 - 2013-10-01 19:08 - 00688992 ____R (Swearware) C:\Users\user\Desktop\dds.scr 2013-09-29 23:53 - 2013-09-29 23:54 - 03332688 _____ C:\Users\user\Downloads\Adobe_Photoshop_Elements_12.exe 2013-09-16 02:17 - 2013-09-16 02:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-14 17:14 - 2013-09-14 17:14 - 00000000 ____D C:\Users\user\Documents\Native Instruments 2013-09-14 17:11 - 2013-09-14 17:11 - 00000000 ____D C:\ProgramData\Native Instruments 2013-09-14 17:11 - 2013-09-14 17:11 - 00000000 ____D C:\Program Files\Common Files\Native Instruments 2013-09-14 16:59 - 2013-09-14 17:07 - 00000000 ____D C:\Users\user\Downloads\Native Instruments Traktor Pro 2 v2.1.2 B12125 (Full) [RH] 2013-09-11 17:39 - 2013-09-11 17:39 - 00000000 ____D C:\Users\user\AppData\Roaming\Unity ==================== One Month Modified Files and Folders ======= 2013-10-04 02:16 - 2013-08-28 12:51 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-04 02:16 - 2013-02-04 21:27 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-04 02:16 - 2012-12-13 20:00 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype 2013-10-04 00:34 - 2013-06-18 21:57 - 01522617 _____ C:\Windows\WindowsUpdate.log 2013-10-03 19:25 - 2009-07-14 06:45 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-03 19:25 - 2009-07-14 06:45 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-03 19:19 - 2013-08-28 12:51 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-03 19:18 - 2013-10-03 19:18 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2013-10-03 19:18 - 2013-10-03 19:12 - 00000112 _____ C:\Windows\setupact.log 2013-10-03 19:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-03 19:12 - 2013-10-03 19:15 - 00004091 _____ C:\Users\user\Desktop\AdwCleaner[S0].txt 2013-10-03 19:12 - 2013-10-03 19:12 - 00000000 _____ C:\Windows\setuperr.log 2013-10-03 19:12 - 2013-10-03 19:10 - 00000000 ____D C:\AdwCleaner 2013-10-03 19:11 - 2013-10-03 19:15 - 00004113 _____ C:\Users\user\Desktop\AdwCleaner[R0].txt 2013-10-03 19:07 - 2013-10-03 19:07 - 00448512 _____ (OldTimer Tools) C:\Users\user\Desktop\TFC.exe 2013-10-03 19:07 - 2013-10-03 19:06 - 01045226 _____ C:\Users\user\Desktop\adwcleaner.exe 2013-10-03 19:05 - 2013-10-03 19:05 - 01954124 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe 2013-10-03 19:02 - 2013-10-02 19:13 - 00000000 ____D C:\Users\user\Desktop\neco 2013-10-03 19:01 - 2013-02-08 08:02 - 00000000 ____D C:\Users\user\AppData\Roaming\uTorrent 2013-10-03 19:01 - 2012-12-13 20:01 - 00000000 ____D C:\Users\user\AppData\Roaming\Winamp 2013-10-03 19:00 - 2013-03-19 16:20 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps 2013-10-03 18:57 - 2013-08-13 15:01 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{33603993-C091-4AE7-8460-6E9BDA9A71F7} 2013-10-02 21:58 - 2013-05-04 15:43 - 00000000 ____D C:\Users\user\Documents\VirtualDJ 2013-10-02 19:15 - 2009-07-14 07:13 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-02 13:33 - 2013-10-02 13:33 - 00000000 ____D C:\FRST 2013-10-01 22:31 - 2013-10-01 22:31 - 00004121 _____ C:\Users\user\Downloads\302837_1925962237_attach.txt 2013-10-01 19:08 - 2013-10-01 19:08 - 00688992 ____R (Swearware) C:\Users\user\Desktop\dds.scr 2013-09-29 23:54 - 2013-09-29 23:53 - 03332688 _____ C:\Users\user\Downloads\Adobe_Photoshop_Elements_12.exe 2013-09-27 08:54 - 2012-12-13 20:00 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-09-24 19:36 - 2009-07-14 07:08 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-09-20 21:37 - 2013-08-28 12:53 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-16 15:43 - 2012-12-13 19:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-16 02:17 - 2013-09-16 02:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-14 17:14 - 2013-09-14 17:14 - 00000000 ____D C:\Users\user\Documents\Native Instruments 2013-09-14 17:11 - 2013-09-14 17:11 - 00000000 ____D C:\ProgramData\Native Instruments 2013-09-14 17:11 - 2013-09-14 17:11 - 00000000 ____D C:\Program Files\Common Files\Native Instruments 2013-09-14 17:07 - 2013-09-14 16:59 - 00000000 ____D C:\Users\user\Downloads\Native Instruments Traktor Pro 2 v2.1.2 B12125 (Full) [RH] 2013-09-11 17:39 - 2013-09-11 17:39 - 00000000 ____D C:\Users\user\AppData\Roaming\Unity 2013-09-11 14:20 - 2013-02-04 21:27 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-11 14:20 - 2013-02-04 21:27 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-11 14:20 - 2012-12-13 19:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-28 20:16 ==================== End Of Log ============================ Dopuna: 04 Okt 2013 2:19 Cini mi se bolje Jeeej ^^

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provjera kompjutera :)

Ko je trenutno na forumu

Ukupno su 954 korisnika na forumu :: 33 registrovanih, 6 sakrivenih i 915 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 8u47, A.R.Chafee.Jr., Atomski čoban, BORUTUS, Bubimir, Caruga5, cavatina, debeli, Dovla, esx66, Frunze, gomago, ILGromovnik, Još malo pa deda, Kubovac, kunktator, Marko Marković, MB120mm, mikrimaus, mrav pesadinac, panzerwaffe, pein, raptorsi, Romibrat, saputnik plavetnila, Shinobi, stalja, Steeeefan, torivoje, Trpe Grozni, vasa.93, VP6919, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by