Da li imam virus?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 28 Jan 2014 21:37

Evo sad sam na starom racunaru i nemam anitvirus jer kada ga imam onda kompjuter samo koci.Sad posto nemam pojavio se problem igrao sam igra pre 10 minuta i sve bilo dobro i sad youtube opet poceo da koci znaci danima sve bilo dobro ((

DDS:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.45.2
Run by Slavko Radic at 21:33:37 on 2014-01-28
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.302 [GMT 1:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
uSearch Bar = [Link mogu videti samo ulogovani korisnici]
mStart Page = [Link mogu videti samo ulogovani korisnici]
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = [Link mogu videti samo ulogovani korisnici]
uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici]
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - [Link mogu videti samo ulogovani korisnici]
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - [Link mogu videti samo ulogovani korisnici]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{DCDA6A31-04D3-488B-BDC7-FBF8DD2AA9B8} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
AppInit_DLLs=
Hosts: 192.168.1.2 ps2nfs04.ea.com
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\slavko radic\application data\mozilla\firefox\profiles\ocykmfzx.default\
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll
.
============= SERVICES / DRIVERS ===============
.
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-1-19 1691480]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-7-25 162672]
S4 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .inf: inffile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-01-27 17:37:50 -------- d-----w- c:\documents and settings\slavko radic\local settings\application data\FilesFrog Update Checker
2014-01-05 21:17:50 -------- d-----w- c:\documents and settings\all users\application data\SoftWarehouse
2014-01-05 00:10:42 -------- d-----w- c:\documents and settings\slavko radic\AppData
2014-01-05 00:10:20 -------- d-----w- c:\documents and settings\all users\application data\cff81145b297ae00
2014-01-05 00:10:19 -------- d-----w- c:\documents and settings\slavko radic\local settings\application data\Comodo
.
==================== Find3M ====================
.
2014-01-27 22:02:07 1073452 -c--a-w- c:\windows\system32\nvdrsdb1.bin
2014-01-27 22:02:07 1 -c--a-w- c:\windows\system32\nvdrssel.bin
2014-01-27 22:01:58 1073452 -c--a-w- c:\windows\system32\nvdrsdb0.bin
2013-12-12 19:50:25 692616 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-12 19:50:24 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03:31 7168 -c--a-w- c:\windows\system32\xpsp4res.dll
.
============= FINISH: 21:34:30,10 ===============
attach:

[Link mogu videti samo ulogovani korisnici]

I imam 32 bitni windows ali ne znam u cemu je sad greska Bilo u redu i sad opet koci youtube! Da li mozda imam virus?

Dopuna: 28 Jan 2014 21:56

I da na pomenem kad sam na youtube onda se pojavi znak uzvicnik gore kod adrese i pise: this website does not supply identity information'' i sta sad to znaci? Kako da popravim sve to? :/

• 1Ovo se svidja korisniku: spasa
  
  Registruj se da bi pohvalio/la poruku!

Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.


Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);

Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Izvini ali ne mogu da ti postavim gmer! Kliknem na scan i ono radi i dode malo dalje i onda izbaci error i pise ''error memory could not be ridden i (oxcf4837837 click to terminate process'' i kliknes ok i izskljuci program.Ima li neki dugi program jer ovaj nece :/

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi aswMBR i sačuvaj ga na Desktop.

Dvoklikom pokreni aswMBR.

Ukoliko dobiješ sljedeću poruku:
Would you like to download latest Avast! virus definitions?
Klikni na dugme Yes i pričekaj da se proces preuzimanja definicija završi.

Provjeri da je pod AV Scan: izabrana opcija QuickScan

Klikni na Scan.

Kada završi skeniranje ( Scan finished successfully ) klikni Save log.
Sačuvaj aswMBR log na Desktop.
Sadržaj tog loga iskopiraj u temi.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Sad imam neka 3 fajla u korpi ali ne mogu da ih obrisem! Ja ne znam sta se desava sa mojim kompjuterom ali nesto se cudno ponasa :/

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi aswMBR i sačuvaj ga na Desktop.

Dvoklikom pokreni aswMBR.

Ukoliko dobiješ sljedeću poruku:
Would you like to download latest Avast! virus definitions?
Klikni na dugme Yes i pričekaj da se proces preuzimanja definicija završi.

Provjeri da je pod AV Scan: izabrana opcija QuickScan

Klikni na Scan.

Kada završi skeniranje ( Scan finished successfully ) klikni Save log.
Sačuvaj aswMBR log na Desktop.
Sadržaj tog loga iskopiraj u temi.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 28 Jan 2014 23:06

Evo ga:

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-01-28 22:40:38
-----------------------------
22:40:38.109 OS Version: Windows 5.1.2600 Service Pack 3
22:40:38.109 Number of processors: 1 586 0x5F03
22:40:38.109 ComputerName: SLAVKO UserName:
22:40:39.375 Initialize success
22:46:06.703 AVAST engine defs: 14012801
22:46:14.781 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
22:46:14.781 Disk 0 Vendor: Maxtor_6Y080L0 YAR41BW0 Size: 78167MB BusType: 3
22:46:14.984 Disk 0 MBR read successfully
22:46:14.984 Disk 0 MBR scan
22:46:15.062 Disk 0 Windows XP default MBR code
22:46:15.078 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 39999 MB offset 1
22:46:15.078 Disk 0 Partition - 00 0F Extended LBA 38166 MB offset 81919982
22:46:15.093 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 38166 MB offset 81919983
22:46:15.109 Disk 0 scanning sectors +160085982
22:46:15.296 Disk 0 scanning C:\WINDOWS\system32\drivers
22:46:32.796 Service scanning
22:47:11.921 Modules scanning
22:47:32.390 Disk 0 trace - called modules:
22:47:32.890 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
22:47:32.890 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8626d030]
22:47:32.890 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\0000005d[0x8626ff18]
22:47:32.890 5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8622dd98]
22:47:33.734 AVAST engine scan C:\WINDOWS
22:47:42.109 AVAST engine scan C:\WINDOWS\system32
22:52:47.781 AVAST engine scan C:\WINDOWS\system32\drivers
22:53:05.687 AVAST engine scan C:\Documents and Settings\Slavko Radic
23:04:02.609 AVAST engine scan C:\Documents and Settings\All Users
23:04:32.187 Scan finished successfully
23:05:11.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Slavko Radic\Desktop\MBR.dat"
23:05:11.312 The log file has been saved successfully to "C:\Documents and Settings\Slavko Radic\Desktop\aswMBR.txt"

Dopuna: 28 Jan 2014 23:12

I sta sad?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Postavljeni izvještaji ne pokazuju tragove aktivnog malware-a, no ako želiš obavićemo još jednu provjeru sa FRST-om.




Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop:
Postoji 32-bit. i 64-bitna verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom.
Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija.

dvoklikom pokreni program, kada se alat pokrene klikni Yes na Disclaimer prozor;
klikni na dugme Scan;
po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan;
iskopiraj sadržaj FRST.txt izveštaja u poruku;
po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt);
okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 28 Jan 2014 23:35

can result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-01-2014 03
Ran by Slavko Radic (administrator) on SLAVKO on 28-01-2014 23:31:41
Running from C:\Documents and Settings\Slavko Radic\My Documents\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: [Link mogu videti samo ulogovani korisnici]
Download link for 64-Bit Version: [Link mogu videti samo ulogovani korisnici]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) ===================

(PixArt Imaging Incorporation) C:\WINDOWS\Pixart\Pac7302\Monitor.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PAC7302_Monitor] - C:\WINDOWS\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [15517472 2013-01-31] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMCTray.dll [108832 2013-01-31] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1982312 2013-01-31] ()
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
MountPoints2: F - F:\Launch.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} [Link mogu videti samo ulogovani korisnici]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici]
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Slavko Radic\Application Data\Mozilla\Firefox\Profiles\ocykmfzx.default
FF Homepage: [Link mogu videti samo ulogovani korisnici]
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========================== Services (Whitelisted) =================

S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation)

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-07-01] (Advanced Micro Devices)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [220032 2004-08-03] (Conexant Systems, Inc.)
R3 HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [1041536 2004-08-03] (Conexant Systems, Inc.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [105344 2006-08-14] (NVIDIA Corporation)
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [168040 2010-04-09] (NVIDIA Corporation)
S3 PAC7302; C:\WINDOWS\System32\DRIVERS\PAC7302.SYS [461824 2009-04-28] (PixArt Imaging Inc.)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [685056 2004-08-03] (Conexant Systems, Inc.)
S4 IntelIde; No ImagePath
U5 Nsynas32; C:\Windows\System32\Drivers\Nsynas32.sys [17784 2001-04-09] (Syncrosoft Hard- und Software GmbH)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL;
U3 aswMBR; \??\C:\DOCUME~1\SLAVKO~1\LOCALS~1\Temp\aswMBR.sys [x]
U3 mbr; \??\C:\DOCUME~1\SLAVKO~1\LOCALS~1\Temp\mbr.sys [x]
U3 uxtdypob; \??\C:\DOCUME~1\SLAVKO~1\LOCALS~1\Temp\uxtdypob.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-28 23:30 - 2014-01-28 23:30 - 00000000 ____D C:\FRST
2014-01-28 23:05 - 2014-01-28 23:05 - 00002128 _____ C:\Documents and Settings\Slavko Radic\Desktop\aswMBR.txt
2014-01-28 23:05 - 2014-01-28 23:05 - 00000512 _____ C:\Documents and Settings\Slavko Radic\Desktop\MBR.dat
2014-01-28 17:48 - 2014-01-28 17:50 - 01463630 _____ C:\Documents and Settings\Slavko Radic\Downloads\snes9x-1.53-win32.zip
2014-01-27 18:37 - 2014-01-27 18:41 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Local Settings\Application Data\FilesFrog Update Checker
2014-01-16 19:16 - 2014-01-28 22:21 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Application Data\Skype
2014-01-15 19:45 - 2014-01-15 19:45 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Application Data\WinRAR
2014-01-05 22:17 - 2014-01-05 22:18 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SoftWarehouse
2014-01-05 15:12 - 2014-01-05 23:40 - 00000000 ____D C:\Documents and Settings\Slavko Radic\My Documents\My Games
2014-01-05 01:10 - 2014-01-05 22:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\cff81145b297ae00
2014-01-05 01:10 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\Application Data\Google
2014-01-05 01:10 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\Application Data\Comodo
2014-01-05 01:10 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Local Settings\Application Data\Comodo
2014-01-04 21:23 - 2014-01-04 21:23 - 00000045 _____ C:\WINDOWS\system32\initdebug.nfo
2013-12-29 22:50 - 2013-12-29 22:50 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\KONAMI

==================== One Month Modified Files and Folders =======

2014-01-28 23:30 - 2014-01-28 23:30 - 00000000 ____D C:\FRST
2014-01-28 23:06 - 2012-04-13 15:30 - 00000830 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-28 23:05 - 2014-01-28 23:05 - 00002128 _____ C:\Documents and Settings\Slavko Radic\Desktop\aswMBR.txt
2014-01-28 23:05 - 2014-01-28 23:05 - 00000512 _____ C:\Documents and Settings\Slavko Radic\Desktop\MBR.dat
2014-01-28 22:24 - 2012-03-05 21:52 - 00000000 __SHD C:\Documents and Settings\Slavko Radic\UserData
2014-01-28 22:24 - 2012-03-01 18:30 - 00000000 ____D C:\Documents and Settings\Slavko Radic
2014-01-28 22:21 - 2014-01-16 19:16 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Application Data\Skype
2014-01-28 22:20 - 2012-04-18 19:49 - 00002265 ____C C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-01-28 22:20 - 2012-03-01 18:24 - 01150647 ____C C:\WINDOWS\WindowsUpdate.log
2014-01-28 17:50 - 2014-01-28 17:48 - 01463630 _____ C:\Documents and Settings\Slavko Radic\Downloads\snes9x-1.53-win32.zip
2014-01-28 10:59 - 2013-07-08 19:00 - 00000324 ____C C:\WINDOWS\Tasks\YourFile DownloaderUpdate.job
2014-01-28 10:59 - 2012-03-01 19:17 - 00000159 ____C C:\WINDOWS\wiadebug.log
2014-01-28 10:59 - 2012-03-01 19:17 - 00000049 ____C C:\WINDOWS\wiaservc.log
2014-01-28 10:59 - 2012-03-01 18:29 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2014-01-28 10:06 - 2012-03-01 18:30 - 00000178 __SHC C:\Documents and Settings\Slavko Radic\ntuser.ini
2014-01-28 10:06 - 2012-03-01 18:29 - 00032620 ____N C:\WINDOWS\SchedLgU.Txt
2014-01-27 23:02 - 2012-08-10 19:55 - 01073452 ____C C:\WINDOWS\system32\nvdrsdb1.bin
2014-01-27 23:02 - 2012-08-10 19:55 - 00000001 ____C C:\WINDOWS\system32\nvdrssel.bin
2014-01-27 23:01 - 2012-08-10 19:55 - 01073452 ____C C:\WINDOWS\system32\nvdrsdb0.bin
2014-01-27 18:47 - 2012-03-02 15:45 - 00000000 ___RD C:\Documents and Settings\Slavko Radic\Desktop\igre
2014-01-27 18:41 - 2014-01-27 18:37 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Local Settings\Application Data\FilesFrog Update Checker
2014-01-27 18:41 - 2012-03-05 12:35 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Local Settings\Application Data\Google
2014-01-27 18:41 - 2012-03-05 12:34 - 00000000 ____D C:\Program Files\Google
2014-01-27 18:40 - 2013-01-21 11:30 - 00000803 _____ C:\Documents and Settings\Slavko Radic\Start Menu\Programs\Internet Explorer.lnk
2014-01-27 15:37 - 2004-08-04 13:00 - 00002206 ____C C:\WINDOWS\system32\wpa.dbl
2014-01-18 12:12 - 2013-12-28 22:40 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Desktop\Important
2014-01-16 21:12 - 2012-03-01 19:13 - 00000223 ___SH C:\boot.ini
2014-01-16 21:12 - 2004-08-04 13:00 - 00000852 ____C C:\WINDOWS\win.ini
2014-01-16 21:12 - 2004-08-04 13:00 - 00000227 ____C C:\WINDOWS\system.ini
2014-01-15 19:45 - 2014-01-15 19:45 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Application Data\WinRAR
2014-01-15 09:04 - 2013-08-14 21:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-15 08:59 - 2012-05-26 05:49 - 83425928 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-07 00:56 - 2012-03-01 18:36 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2014-01-06 18:47 - 2012-03-02 21:39 - 00000634 ____C C:\WINDOWS\SIERRA.INI
2014-01-05 23:40 - 2014-01-05 15:12 - 00000000 ____D C:\Documents and Settings\Slavko Radic\My Documents\My Games
2014-01-05 22:19 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\cff81145b297ae00
2014-01-05 22:18 - 2014-01-05 22:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SoftWarehouse
2014-01-05 22:18 - 2013-07-07 20:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\InstallMate
2014-01-05 20:22 - 2012-04-07 09:48 - 00000023 ____C C:\WINDOWS\BlendSettings.ini
2014-01-05 15:26 - 2012-03-01 18:23 - 00000000 ____D C:\WINDOWS\system32\DirectX
2014-01-05 01:10 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\Application Data\Google
2014-01-05 01:10 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\Application Data\Comodo
2014-01-05 01:10 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Local Settings\Application Data\Comodo
2014-01-04 21:23 - 2014-01-04 21:23 - 00000045 _____ C:\WINDOWS\system32\initdebug.nfo
2014-01-03 16:29 - 2012-03-01 18:30 - 00001599 _____ C:\Documents and Settings\Slavko Radic\Start Menu\Programs\Remote Assistance.lnk
2013-12-31 14:30 - 2013-01-13 15:18 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Application Data\AIMP3
2013-12-29 22:50 - 2013-12-29 22:50 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\KONAMI

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

[Link mogu videti samo ulogovani korisnici]
Imas neki savet? Mislim da li nesto treba da obrisem sa kompa? I kako da obrisem ono iz korpe?

Dopuna: 28 Jan 2014 23:38

Jedino ne volim ovaj kompjuter jer mnogo koci kad igras igre mislim onako baguje i tako to.Jer to je problem do malog MB rama i graficke ali mislim ne vredi mi ga nadogradivati jer ionako koci a i star je vise od 10 godina.Ovaj kompjuter je od kompanije fujitsu siemens.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ja malware i adware u izvještajima ne vidim, pa ti ostaje da uradiš sljedeće:




• Sledeća procedura će implementirati završno čišćenje.

Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.





Otvori temu u Windows potforumu i tamo objasni svoj problem.