Usporen rad

1

Usporen rad

rip
  • Vuco  Male
  • Nezaboravni član
  • Pridružio: 26 Sep 2012
  • Poruke: 43
  • Gde živiš: Kragujevac

Ovako od nedavno se zesce usporio ceo komp znaci sve otvorim neki program i par sekundi ne mogu nista sa njim da uradim isto tako i net ako otvorim vise tab-ova zakuca ili na samo jednom tabu zakuca i sporo skrola stranu GUZ - Glavom U Zid Od programa imam AVG,Online Armor Malwarebytes i oni nista ne prijavljuju sem sto Malware skoro svaki sajt oznaci kao maliciozan i fejs,YT...

I moram da otvorim nepotpunu temu posto vise nista nmg da skinem sa neta Bebee Dol tako da ni DDS nmg da okacim,ako postoji neki drugi nacin da se proveri Shocked negde je izgleda pokupio nesto ili je neki drugi Evil or Very Mad

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Pozdrav,

Sta se desava sa DDS-om. Ne mozes da skines ili nece da radi?

rip
  • Vuco  Male
  • Nezaboravni član
  • Pridružio: 26 Sep 2012
  • Poruke: 43
  • Gde živiš: Kragujevac

Nece da skine izbaci samo prazan tab (United)i tako stoji ne pokrece skidanje..

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Da li si probao desni klik, pa Save link as

rip
  • Vuco  Male
  • Nezaboravni član
  • Pridružio: 26 Sep 2012
  • Poruke: 43
  • Gde živiš: Kragujevac

Evo ga

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: BrowserJavaVersion: 10.21.2
Run by Korisnik at 19:43:02 on 2013-05-17
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.2015.582 [GMT 2:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: Online Armor Firewall *Enabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\UnsignedThemesSvc.exe
C:\Program Files\Online Armor\OAcat.exe
C:\Program Files\Online Armor\oasrv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Online Armor\oaui.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\RAMRush\RAMRush.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\Online Armor\OAhlp.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=RS&install_date=20130120&user_guid=28705F0918EB4FCCA1D06D3C921CC948&machine_id=e1b260cae9aa7c6d8e253322599965b1&browser=IE&os=win&os_version=6.1-x86-SP1
mStart Page = hxxp://search.gboxapp.com/
mURLSearchHooks: Mario Forever Toolbar: {707db484-2428-402d-afb5-d85b387544c7} - LocalServer32 - <no file>
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - LocalServer32 - <no file>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: Mario Forever Toolbar: {707db484-2428-402d-afb5-d85b387544c7} - LocalServer32 - <no file>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - LocalServer32 - <no file>
BHO: Nuclear Games Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Nuclear Games Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
TB: Mario Forever Toolbar: {707DB484-2428-402D-AFB5-D85B387544C7} - LocalServer32 - <no file>
TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - LocalServer32 - <no file>
TB: Nuclear Games Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
TB: Mario Forever Toolbar: {707db484-2428-402d-afb5-d85b387544c7} - LocalServer32 - <no file>
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ftweak_RAMRush] c:\program files\ramrush\RAMRush.exe
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [RemoteControl10] "c:\program files\cyberlink\powerdvd10\PDVD10Serv.exe"
mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [@OnlineArmor GUI] "c:\program files\online armor\oaui.exe"
StartupFolder: c:\users\korisnik\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\korisnik\appdata\roaming\micros~1\windows\startm~1\programs\startup\rainme~1.lnk - c:\program files\rainmeter\Rainmeter.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:2
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Zuma/Images/stg_drm.ocx
DPF: {31150A86-0BBA-409F-BEB4-F3922D10BF34} - file:///C:/Users/Korisnik/AppData/Local/Microsoft/Windows%20Sidebar/Gadgets/xplugCam.gadget/en-US/xplug.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Zuma/Images/armhelper.ocx
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{C3BFA016-3C64-48F2-8FE0-79696CB443F2} : DHCPNameServer = 192.168.1.1 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
STS: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - c:\program files\online armor\oaevent.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\cx8ept1r.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=RS&install_date=20130120&user_guid=28705F0918EB4FCCA1D06D3C921CC948&machine_id=e1b260cae9aa7c6d8e253322599965b1&browser=FF&os=win&os_version=6.1-x86-SP1
FF - prefs.js: keyword.URL - hxxp://klit.startnow.com/s/?src=addrbar&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=RS&install_date=20130120&user_guid=28705F0918EB4FCCA1D06D3C921CC948&machine_id=e1b260cae9aa7c6d8e253322599965b1&browser=FF&os=win&os_version=6.1-x86-SP1&q=
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\14.2.0\npsitesafety.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\nitro\reader 3\npdf.dll
FF - plugin: c:\program files\nitro\reader 3\npnitroie.dll
FF - plugin: c:\program files\nitro\reader 3\npnitromozilla.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1202122.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: extensions.BabylonToolbar_i.id - ac0a69450000000000006c626d3b9c13
FF - user.js: extensions.BabylonToolbar_i.hardId - ac0a69450000000000006c626d3b9c13
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15446
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111294&tt=010812_rbt_3112_6
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
FF - user.js: extensions.BabylonToolbar.id - ac0a69450000000000006c626d3b9c13
FF - user.js: extensions.BabylonToolbar.instlDay - 15556
FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1
FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.123:10:42
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-11-16 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-10-9 33112]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2013-5-16 208320]
R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2013-5-16 44992]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2013-5-16 27648]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/05/24 16:39:53];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-6-28 87536]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-16 5814904]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
R2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [2009-7-13 25448]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-5-16 22856]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf_x86.sys [2013-4-18 16024]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-5-24 327784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-7-28 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-8-17 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-8-17 8576]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-5-24 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-24 52224]
.
=============== Created Last 30 ================
.
2013-05-16 22:24:51 -------- dc----w- c:\program files\MSXML 4.0
2013-05-16 22:02:53 -------- d-----w- c:\users\korisnik\appdata\local\Secunia PSI
2013-05-16 22:01:48 -------- d-----w- c:\users\korisnik\appdata\roaming\OnlineArmor
2013-05-16 22:01:48 -------- d-----w- c:\programdata\OnlineArmor
2013-05-16 22:01:17 -------- dc----w- c:\program files\Secunia
2013-05-16 21:58:26 44992 ----a-w- c:\windows\system32\drivers\oahlp32.sys
2013-05-16 21:58:26 27648 ----a-w- c:\windows\system32\drivers\OAmon.sys
2013-05-16 21:58:25 208320 ----a-w- c:\windows\system32\drivers\OADriver.sys
2013-05-16 21:58:14 -------- dc----w- c:\program files\Online Armor
2013-05-16 21:41:41 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-16 21:41:41 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2013-05-16 18:40:35 -------- d-----w- c:\users\korisnik\appdata\roaming\Auslogics
2013-05-16 18:39:53 -------- dc----w- c:\program files\Auslogics
2013-05-16 18:12:31 -------- dc----w- c:\program files\RAMRush
2013-05-16 10:33:31 -------- dc----w- c:\program files\Nitro
2013-05-16 10:33:31 -------- dc----w- c:\program files\common files\Nitro
2013-05-16 10:33:31 -------- d-----w- c:\programdata\Nitro
2013-05-16 10:30:06 -------- dc----w- c:\program files\Winamp Detect
2013-05-16 10:08:46 -------- dc----w- c:\program files\SmartTweak Software
2013-05-15 23:34:47 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 12:03:25 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 12:03:25 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 12:03:25 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 12:02:58 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 12:02:57 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 12:01:11 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-15 12:01:11 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 12:01:11 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-12 21:16:55 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-11 10:37:28 209472 -c--a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2013-05-08 13:01:13 -------- dc----w- c:\program files\Cheat Engine 6.2
2013-04-27 12:24:06 -------- dc----w- c:\program files\EA GAMES
2013-04-27 00:56:23 442368 ----a-w- c:\windows\system32\vp6vfw.dll
2013-04-24 13:43:38 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-21 18:16:18 -------- d-----w- c:\programdata\Package Cache
2013-04-21 12:29:26 -------- d---a-w- C:\ADCDA2
2013-04-18 13:55:52 16024 ----a-w- c:\windows\system32\drivers\psi_mf_x86.sys
.
==================== Find3M ====================
.
2013-05-16 22:18:44 405360 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 15:33:53 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-13 04:45:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-04 22:11:34 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-04-04 22:02:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-04 22:02:17 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-04-04 21:58:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-04 21:57:45 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-03-19 05:04:13 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48:45 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49:16 69632 ----a-w- c:\windows\system32\smss.exe
2013-03-16 17:27:10 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-16 17:27:10 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-18 18:37:59 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
.
============= FINISH: 19:45:55.44 ===============
mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Korak 1.

Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop
Pokreni ga, a zatim klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt



Korak 2.

Preuzmi program GMER sa donjeg linka na Desktop:


GMER download
Klikni dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.



Dvoklikom pokrenite GMER.
Sačekaj da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, klikni No;

klikni Scan i sačekaj da skeniranje bude završeno;

klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer1);

klikni desnim tasterom u prozor programa Gmer i odaberi Options > 3rd party - klikni Scan;

po završetku skeniranja klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer2);

klikni taster >>> i odaberi Autostart karticu;

po završetku kratkotrajnog skeniranja, klikni Copy;

otvori Notepad i u njega postavi kopirani tekst - izveštaj sačuvaj na Desktop (pod nazivom Gmer3);


Slikoviti prikaz postupka

Priloži sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

rip
  • Vuco  Male
  • Nezaboravni član
  • Pridružio: 26 Sep 2012
  • Poruke: 43
  • Gde živiš: Kragujevac

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Kakvo je sada stanje?

rip
  • Vuco  Male
  • Nezaboravni član
  • Pridružio: 26 Sep 2012
  • Poruke: 43
  • Gde živiš: Kragujevac

Sad je normalno!Hvala matori Very Happy jel pokupio nesto il je bio zatrpan bespotrebnim stvarima?

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Arrow Da, bio si pretrpan raznim toolbarima i smecem, malware nije prisutan. Potrebno je da ispratiš sledeće korake...



Arrow Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings


Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.

Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt



Arrow Preporučujem da za zaštitu USB memorijskih uredjaja koristiš MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad, a pokazao se kao jedan od najboljih vidova zaštite od malware-a koji se prenosi putem USB mem. uređaja. Skineš, instaliraš, ubodeš USB mem. uređaj, izvrši se skeniranje nakon čega dobiješ obaveštenje da je uređaj čist (ukoliko je stvarno tako); ili dobiješ log u kome vidiš informacije o malware-u koji je nađen i obrisan.


Home Page MCShield-a ::Anti-Malware Tool:: v2: http://amf.mycity.rs/mcshield/

Više o MCShield-u možeš saznati u ovim temama:
v1: http://www.mycity.rs/MyCity-Laboratorija/MCShield.html
v2: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html




Arrow Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj.
Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html



Arrow Takode, isprati i temu "Kako izbeci i ukloniti toolbar-ove" , procitaj i isprati korake u njoj. Link do teme je: http://www.mycity.rs/Zastita/Kako-izbeci-i-ukloniti-toolbar-ove.html



TwinHeadedEagle (AMF Tim)

Ko je trenutno na forumu
 

Ukupno su 1394 korisnika na forumu :: 45 registrovanih, 7 sakrivenih i 1342 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Rade, A.R.Chafee.Jr., Aleksandar Tomić, aleksmajstor, babaroga, BlekMen, Brana01, cemix, darios, Dimitrise93, draganca, dragoljub11987, dule10savic, FileFinder, goxin, Griffon vulture, ILGromovnik, Ivica1102, kikisp, kolle.the.kid, Kubovac, ljuba, Mcdado, Mercury, milenko crazy north, Milos ZA, milutin134, nemkea71, nikola287, pein, powSrb, Ripanjac, Seeker, solic, srbijaiznadsvega, Srle993, vathra, Vlad000, vladaa012, VP6919, W123, YU-UKI, zillbg, zzapNDjuric99, Čivi