Dali mi je sistem zarazen

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Pozdrav!
Postovani posto mi se racunar gasio sam od sebe ali mi nije nista detektovao antivirus ja sam jedino ocistio i izduvao kuciste od prasine detaljno pa me sada zanima da nije sta slucajno pokupio od virusa a da ja to nemogu da otkrijem.


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2014
Ran by Milana (administrator) on MILANA-8285484F on 25-05-2014 09:31:17
Running from C:\Documents and Settings\Milana\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: [Link mogu videti samo ulogovani korisnici]
Download link for 64-Bit Version: [Link mogu videti samo ulogovani korisnici]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Vimicro) C:\WINDOWS\Domino.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ZSMCSNAP) C:\WINDOWS\vmsnap3.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
() C:\Program Files\Opera\21.0.1432.67\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-22] (AVAST Software)
HKLM\...\Run: [Domino] => C:\WINDOWS\Domino.EXE [49152 2006-06-28] (Vimicro)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2000-01-01] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [VMSnap3] => C:\WINDOWS\VMSnap3.EXE [49152 2006-08-30] (ZSMCSNAP)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-725345543-1078145449-682003330-1003\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\MCShieldRTM.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-725345543-1078145449-682003330-1003\...\Run: [Facebook Update] => C:\Documents and Settings\Milana\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [138096 2014-05-14] (Facebook Inc.)
Startup: C:\Documents and Settings\Milana\Start Menu\Programs\Startup\Yahoo! Widgets.lnk
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Milana\Application Data\Mozilla\Firefox\Profiles\3pnk96nv.default
FF Homepage: [Link mogu videti samo ulogovani korisnici]
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: [Link mogu videti samo ulogovani korisnici]/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Milana\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-22]

Chrome:
=======
CHR HomePage: [Link mogu videti samo ulogovani korisnici]
CHR StartupUrls: "hxxp://www.default-search.net?sid=476&aid=106&itype=n&ver=12302&tm=325&src=hmp"
CHR Extension: (Google документи) - C:\Documents and Settings\Milana\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-22]
CHR Extension: (The Simple Life) - C:\Documents and Settings\Milana\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jjbgfbonmdidcihleedajlcaidfhffac [2014-04-22]
CHR Extension: (Google новчаник) - C:\Documents and Settings\Milana\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-22]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-22]

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-12] (SUPERAntiSpyware.com)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2007-06-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-22] (AVAST Software)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-05-04] (Oracle Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1774904 2014-04-15] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2000-01-01] (Creative)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-04-22] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-04-22] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-05-15] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-04-22] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [777488 2014-05-15] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411680 2014-05-15] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-04-22] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180632 2014-04-22] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2000-01-01] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13464 2014-04-27] ()
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2014-03-26] (TuneUp Software)
R3 vmfilter303; C:\WINDOWS\System32\drivers\vmfilter303.sys [428160 2006-04-25] (Vimicro Corporation)
R3 ZSMC303; C:\WINDOWS\System32\Drivers\usbVM303.sys [392122 2006-12-01] (Vimicro Corporation)
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-25 09:31 - 2014-05-25 09:31 - 00011178 _____ () C:\Documents and Settings\Milana\Desktop\FRST.txt
2014-05-25 09:31 - 2014-05-25 09:31 - 00000000 ____D () C:\FRST
2014-05-25 09:26 - 2014-05-25 09:26 - 01055232 _____ (Farbar) C:\Documents and Settings\Milana\Desktop\FRST.exe
2014-05-25 09:17 - 2014-05-25 09:17 - 00013104 _____ () C:\Documents and Settings\Milana\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-05-25 09:17 - 2014-05-25 09:17 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-05-25 09:17 - 2014-05-25 09:17 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-05-25 09:16 - 2014-05-25 09:16 - 00091888 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-18 17:44 - 2008-04-14 05:42 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusd.dll
2014-05-18 17:44 - 2008-04-14 00:15 - 00015104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2014-05-18 17:44 - 2008-04-14 00:15 - 00015104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2014-05-18 17:44 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusb.dll
2014-05-14 20:19 - 2014-05-21 21:52 - 00020480 ___SH () C:\Documents and Settings\Milana\Desktop\Thumbs.db
2014-05-14 11:57 - 2014-05-25 06:02 - 00001002 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-725345543-1078145449-682003330-1003UA.job
2014-05-14 11:57 - 2014-05-21 12:02 - 00000980 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-725345543-1078145449-682003330-1003Core.job
2014-05-10 08:23 - 2014-05-10 08:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-09 19:44 - 2014-04-15 15:59 - 00036152 _____ (TuneUp Software) C:\WINDOWS\system32\uxtuneup.dll
2014-05-09 18:09 - 2014-05-09 18:09 - 00000000 ____D () C:\Documents and Settings\Milana\Local Settings\Application Data\Avg2014
2014-05-09 17:41 - 2014-05-09 17:41 - 00000000 ____H () C:\WINDOWS\system32\config\SYSTEM_tureg_new.LOG
2014-05-09 17:41 - 2014-05-09 17:41 - 00000000 ____H () C:\WINDOWS\system32\config\SOFTWARE_tureg_new.LOG
2014-05-09 17:41 - 2014-05-09 17:41 - 00000000 ____H () C:\WINDOWS\system32\config\SECURITY_tureg_new.LOG
2014-05-09 17:41 - 2014-05-09 17:41 - 00000000 ____H () C:\WINDOWS\system32\config\SAM_tureg_new.LOG
2014-05-09 17:41 - 2014-05-09 17:41 - 00000000 ____H () C:\WINDOWS\system32\config\DEFAULT_tureg_new.LOG
2014-05-08 17:37 - 2014-05-08 17:37 - 00001747 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-05-08 17:37 - 2014-05-08 17:37 - 00001747 _____ () C:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk
2014-05-08 17:37 - 2014-05-08 17:37 - 00001741 _____ () C:\Documents and Settings\All Users\Desktop\TuneUp Utilities 2014.lnk
2014-05-08 17:37 - 2014-05-08 17:37 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2014-05-08 17:37 - 2014-05-08 17:37 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\TuneUp Software
2014-05-08 17:37 - 2014-05-08 17:37 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\TuneUp Software
2014-05-08 17:37 - 2014-05-08 17:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2014
2014-05-08 17:35 - 2014-05-09 19:38 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-05-04 17:09 - 2014-05-04 17:09 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-04 17:09 - 2014-05-04 17:07 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-05-04 17:09 - 2014-05-04 17:07 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-05-04 17:08 - 2014-05-04 17:08 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-05-04 17:08 - 2014-05-04 17:07 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-05-04 17:08 - 2014-05-04 17:07 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-05-04 17:08 - 2014-05-04 17:07 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-05-04 17:07 - 2014-05-04 17:07 - 00000000 ____D () C:\Program Files\Java
2014-05-04 11:01 - 2014-05-04 11:01 - 00000000 ____D () C:\WINDOWS\Sun
2014-05-01 09:53 - 2014-05-01 09:53 - 00000000 ____D () C:\Program Files\ESET
2014-04-27 08:30 - 2014-04-27 08:30 - 00000000 ____D () C:\Program Files\Intel
2014-04-27 08:30 - 2000-01-01 02:00 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\system32\CSVer.dll
2014-04-27 08:26 - 2000-01-01 02:00 - 01691480 _____ (Creative) C:\WINDOWS\system32\Drivers\Ambfilt.sys
2014-04-27 08:26 - 2000-01-01 02:00 - 01395800 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\Monfilt.sys
2014-04-27 08:26 - 2000-01-01 02:00 - 00359016 _____ (Realtek Semiconductor Crop.) C:\WINDOWS\vncutil.exe
2014-04-27 08:26 - 2000-01-01 02:00 - 00129640 _____ (Realtek Semiconductor) C:\WINDOWS\RtkAudioService.exe
2014-04-27 08:26 - 2000-01-01 02:00 - 00087256 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoInstIIXP.dll
2014-04-27 08:26 - 2000-01-01 02:00 - 00026084 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2014-04-27 08:26 - 2000-01-01 02:00 - 00011368 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDRXP.dll
2014-04-27 08:14 - 2014-04-27 08:14 - 00000000 ____D () C:\Program Files\Belkin
2014-04-27 07:59 - 2014-04-27 08:05 - 00000000 ____D () C:\Program Files\SlimCleaner
2014-04-27 07:57 - 2014-04-27 08:37 - 00013464 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-04-27 07:57 - 2014-04-27 08:00 - 00000000 ____D () C:\Documents and Settings\Milana\Local Settings\Application Data\SlimWare Utilities Inc
2014-04-26 20:30 - 2014-04-26 20:30 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-04-26 20:04 - 2014-05-17 15:08 - 00023624 _____ () C:\WINDOWS\system32\Drivers\hitmanpro35.sys
2014-04-26 20:03 - 2014-04-26 20:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Hitman Pro
2014-04-26 06:55 - 2014-05-14 11:57 - 00000000 ____D () C:\Documents and Settings\Milana\Local Settings\Application Data\Facebook
2014-04-25 20:56 - 2014-04-25 20:56 - 00001580 _____ () C:\Documents and Settings\All Users\Desktop\Defraggler.lnk
2014-04-25 20:56 - 2014-04-25 20:56 - 00000000 ____D () C:\Program Files\Defraggler
2014-04-25 18:55 - 2014-05-24 22:07 - 00007680 _____ () C:\Documents and Settings\Milana\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== One Month Modified Files and Folders =======

2014-05-25 09:31 - 2014-05-25 09:31 - 00011178 _____ () C:\Documents and Settings\Milana\Desktop\FRST.txt
2014-05-25 09:31 - 2014-05-25 09:31 - 00000000 ____D () C:\FRST
2014-05-25 09:26 - 2014-05-25 09:26 - 01055232 _____ (Farbar) C:\Documents and Settings\Milana\Desktop\FRST.exe
2014-05-25 09:23 - 2014-03-22 07:38 - 00417631 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-25 09:17 - 2014-05-25 09:17 - 00013104 _____ () C:\Documents and Settings\Milana\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-05-25 09:17 - 2014-05-25 09:17 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-05-25 09:17 - 2014-05-25 09:17 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-05-25 09:17 - 2014-04-22 20:55 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-05-25 09:17 - 2014-04-22 20:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MCShield
2014-05-25 09:17 - 2014-04-22 08:36 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-25 09:17 - 2014-03-22 09:24 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-05-25 09:17 - 2014-03-22 07:42 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-25 09:16 - 2014-05-25 09:16 - 00091888 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-25 09:14 - 2014-04-22 21:30 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-05-25 09:14 - 2014-03-22 09:03 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-05-25 09:14 - 2014-03-22 07:43 - 00000178 ___SH () C:\Documents and Settings\Milana\ntuser.ini
2014-05-25 09:14 - 2014-03-22 07:43 - 00000000 ____D () C:\Documents and Settings\Milana
2014-05-25 09:14 - 2014-03-22 07:42 - 00032618 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-25 09:11 - 2014-04-22 21:16 - 00000000 ____D () C:\Documents and Settings\Milana\Application Data\Skype
2014-05-25 09:09 - 2014-04-22 21:16 - 00002267 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-05-25 08:37 - 2014-04-22 21:04 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-25 07:53 - 2014-04-22 20:36 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-25 06:02 - 2014-05-14 11:57 - 00001002 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-725345543-1078145449-682003330-1003UA.job
2014-05-24 22:07 - 2014-04-25 18:55 - 00007680 _____ () C:\Documents and Settings\Milana\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-23 07:57 - 2014-04-22 20:39 - 00001815 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-05-21 21:52 - 2014-05-14 20:19 - 00020480 ___SH () C:\Documents and Settings\Milana\Desktop\Thumbs.db
2014-05-21 12:02 - 2014-05-14 11:57 - 00000980 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-725345543-1078145449-682003330-1003Core.job
2014-05-18 18:16 - 2014-04-22 21:28 - 00000000 ____D () C:\Documents and Settings\Milana\Application Data\vlc
2014-05-17 15:08 - 2014-04-26 20:04 - 00023624 _____ () C:\WINDOWS\system32\Drivers\hitmanpro35.sys
2014-05-15 12:38 - 2014-03-22 09:24 - 00777488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-05-15 12:38 - 2014-03-22 09:24 - 00411680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-05-15 12:38 - 2014-03-22 09:24 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys
2014-05-14 16:59 - 2014-04-22 21:47 - 00000000 ____D () C:\Program Files\Opera
2014-05-14 12:39 - 2014-04-22 21:04 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-05-14 12:39 - 2014-04-22 21:04 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-05-14 11:57 - 2014-04-26 06:55 - 00000000 ____D () C:\Documents and Settings\Milana\Local Settings\Application Data\Facebook
2014-05-11 19:07 - 2014-04-22 20:49 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-05-11 19:07 - 2014-04-22 20:49 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-11 05:22 - 2014-04-22 22:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 08:24 - 2014-05-10 08:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-09 20:15 - 2014-04-22 21:15 - 00000000 ____D () C:\WINDOWS\system32\mui
2014-05-09 20:15 - 2014-04-22 21:15 - 00000000 ____D () C:\WINDOWS\mui
2014-05-09 20:15 - 2014-03-22 07:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-09 20:15 - 2004-08-04 14:00 - 00000231 _____ () C:\WINDOWS\system.ini
2014-05-09 19:38 - 2014-05-08 17:35 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-05-09 18:09 - 2014-05-09 18:09 - 00000000 ____D () C:\Documents and Settings\Milana\Local Settings\Application Data\Avg2014
2014-05-09 17:42 - 2014-04-22 21:23 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY_tureg_old
2014-05-09 17:42 - 2014-04-22 21:22 - 15204352 _____ () C:\WINDOWS\system32\config\SOFTWARE_tureg_old
2014-05-09 17:42 - 2014-04-22 21:22 - 04718592 _____ () C:\WINDOWS\system32\config\SYSTEM_tureg_old
2014-05-09 17:41 - 2014-05-09 17:41 - 00000000 ____H () C:\WINDOWS\system32\config\SYSTEM_tureg_new.LOG
2014-05-09 17:41 - 2014-05-09 17:41 - 00000000 ____H () C:\WINDOWS\system32\config\SOFTWARE_tureg_new.LOG
2014-05-09 17:41 - 2014-05-09 17:41 - 00000000 ____H () C:\WINDOWS\system32\config\SECURITY_tureg_new.LOG
2014-05-09 17:41 - 2014-05-09 17:41 - 00000000 ____H () C:\WINDOWS\system32\config\SAM_tureg_new.LOG
2014-05-09 17:41 - 2014-05-09 17:41 - 00000000 ____H () C:\WINDOWS\system32\config\DEFAULT_tureg_new.LOG
2014-05-09 17:41 - 2014-03-22 07:42 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-05-09 17:41 - 2014-03-22 07:42 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-05-09 17:40 - 2014-04-22 21:23 - 00262144 _____ () C:\WINDOWS\system32\config\SAM_tureg_old
2014-05-09 17:40 - 2014-04-22 21:22 - 00262144 _____ () C:\WINDOWS\system32\config\DEFAULT_tureg_old
2014-05-08 17:42 - 2014-04-22 21:25 - 00000000 __SHD () C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-05-08 17:37 - 2014-05-08 17:37 - 00001747 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-05-08 17:37 - 2014-05-08 17:37 - 00001747 _____ () C:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk
2014-05-08 17:37 - 2014-05-08 17:37 - 00001741 _____ () C:\Documents and Settings\All Users\Desktop\TuneUp Utilities 2014.lnk
2014-05-08 17:37 - 2014-05-08 17:37 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2014-05-08 17:37 - 2014-05-08 17:37 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\TuneUp Software
2014-05-08 17:37 - 2014-05-08 17:37 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\TuneUp Software
2014-05-08 17:37 - 2014-05-08 17:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2014
2014-05-04 17:09 - 2014-05-04 17:09 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-04 17:08 - 2014-05-04 17:08 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-05-04 17:07 - 2014-05-04 17:09 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-05-04 17:07 - 2014-05-04 17:09 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-05-04 17:07 - 2014-05-04 17:08 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-05-04 17:07 - 2014-05-04 17:08 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-05-04 17:07 - 2014-05-04 17:08 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-05-04 17:07 - 2014-05-04 17:07 - 00000000 ____D () C:\Program Files\Java
2014-05-04 11:01 - 2014-05-04 11:01 - 00000000 ____D () C:\WINDOWS\Sun
2014-05-01 09:53 - 2014-05-01 09:53 - 00000000 ____D () C:\Program Files\ESET
2014-04-27 08:40 - 2014-04-22 21:20 - 00000000 ____D () C:\Program Files\Unlocker
2014-04-27 08:37 - 2014-04-27 07:57 - 00013464 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-04-27 08:35 - 2014-03-22 09:10 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-04-27 08:30 - 2014-04-27 08:30 - 00000000 ____D () C:\Program Files\Intel
2014-04-27 08:26 - 2014-03-22 08:51 - 00000000 ____D () C:\WINDOWS\system32\RTCOM
2014-04-27 08:14 - 2014-04-27 08:14 - 00000000 ____D () C:\Program Files\Belkin
2014-04-27 08:14 - 2014-03-22 08:50 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-04-27 08:05 - 2014-04-27 07:59 - 00000000 ____D () C:\Program Files\SlimCleaner
2014-04-27 08:05 - 2014-04-22 21:13 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-04-27 08:00 - 2014-04-27 07:57 - 00000000 ____D () C:\Documents and Settings\Milana\Local Settings\Application Data\SlimWare Utilities Inc
2014-04-26 20:30 - 2014-04-26 20:30 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-04-26 20:03 - 2014-04-26 20:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Hitman Pro
2014-04-25 20:56 - 2014-04-25 20:56 - 00001580 _____ () C:\Documents and Settings\All Users\Desktop\Defraggler.lnk
2014-04-25 20:56 - 2014-04-25 20:56 - 00000000 ____D () C:\Program Files\Defraggler

Some content of TEMP:
====================
C:\Documents and Settings\Milana\Local Settings\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nije pokupio viruse, ali je ostalo nešto tragova potencijalno neželjenog softvera i ESET-ov folder u Program Files-u.



Korak 1

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.default-search.net?sid=476&aid=106&.....=ds&p=
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg [X]
C:\Program Files\ESET


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum





Korak 2

isprati ovo uputstvo za postavljanje početne stranice na [Link mogu videti samo ulogovani korisnici] u Google Chrome-u.

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 25 Maj 2014 11:59

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:25-05-2014
Ran by Milana at 2014-05-25 11:51:14 Run:1
Running from C:\Documents and Settings\Milana\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici]
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg [X]
C:\Program Files\ESET
*****************

HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
F06DEFF2-5B9C-490D-910F-35D3A9119622 => Service deleted successfully.
C:\Program Files\ESET => Moved successfully.

==== End of Fixlog ====

Dopuna: 25 Maj 2014 12:12

Korak dva odradjen

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.


Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);

Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

U postavljenim izvještajima nisam našao ništa sporno. Čist si.




• Sledeća procedura će implementirati završno čišćenje.

Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
Taj izvještaj mi nije potreban.

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.





Posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Hvala na pomoci