Gadno zarazen komp

Gadno zarazen komp

offline
  • Pridružio: 10 Jan 2015
  • Poruke: 202
  • Gde živiš: Novi Sad

Napisano: 10 Jan 2015 21:43

probao sam da obrisem mnogo toga sakrivenog i digao sam sistem ali mi je ostalo nekih stvari sto ranije nisam imao neki fajlovi
http://prntscr.com/5qvt9y
to je posle dignutog sistema a pre mi je bio najvise problem roaming non stop mi je otvaralo google chrome umesto firefoxa iako ga uninstal
https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Dopuna: 10 Jan 2015 22:47

probao sam da obrisem mnogo toga sakrivenog i digao sam sistem ali mi je ostalo nekih stvari sto ranije nisam imao neki fajlovi
http://prntscr.com/5qvt9y
to je posle dignutog sistema a pre mi je bio najvise problem roaming non stop mi je otvaralo google chrome umesto firefoxa iako ga uninstal mada mislim da imam mnogo vise problema nego samo taj jedan jer sto sam sve pokusavao samo me vise ukopavalo
https://www.mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-01-2015
Ran by Dezika (administrator) on DEZIKA-PC on 10-01-2015 09:35:06
Running from C:\Users\Dezika\Downloads
Loaded Profile: Dezika (Available profiles: Dezika)
Platform: Microsoft Windows 7 Ultimate (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Skillbrains) C:\Users\Dezika\AppData\Local\Skillbrains\lightshot\4.4.2.10\Lightshot.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-10] (Realtek Semiconductor)
HKU\S-1-5-21-2057862342-2085638746-4218272507-1000\...\Run: [LightShot] => C:\Users\Dezika\AppData\Local\Skillbrains\lightshot\LightShot.exe [226592 2013-09-27] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2057862342-2085638746-4218272507-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50

FireFox:
========
FF ProfilePath: C:\Users\Dezika\AppData\Roaming\Mozilla\Firefox\Profiles\exlh3dq4.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-10] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 17:17 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-10 17:17 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-10 17:17 - 2012-06-02 14:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-10 17:17 - 2012-06-02 14:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-10 17:17 - 2012-06-02 14:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-10 17:17 - 2012-06-02 14:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-01-10 17:17 - 2012-06-02 14:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-01-10 17:17 - 2012-06-02 14:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-10 17:17 - 2012-06-02 14:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-10 17:12 - 2015-01-10 17:12 - 00000000 ____D () C:\Program Files\Intel
2015-01-10 17:12 - 2015-01-10 17:12 - 00000000 ____D () C:\Intel
2015-01-10 17:12 - 2010-03-02 00:04 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2015-01-10 17:11 - 2011-09-29 01:30 - 00490088 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2015-01-10 17:11 - 2011-09-29 01:30 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2015-01-10 17:11 - 2011-09-29 01:30 - 00080416 _____ () C:\Windows\system32\RtNicProp32.dll
2015-01-10 17:09 - 2015-01-10 09:07 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-10 17:08 - 2015-01-10 17:11 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-10 17:08 - 2015-01-10 17:11 - 00000000 ____D () C:\Program Files\Realtek
2015-01-10 17:08 - 2015-01-10 17:08 - 00000000 ____D () C:\Windows\system32\RTCOM
2015-01-10 17:08 - 2015-01-10 17:08 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-01-10 17:08 - 2012-06-19 00:54 - 03240400 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2015-01-10 17:08 - 2012-06-18 21:30 - 00293889 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-10 17:08 - 2012-06-08 00:23 - 00071808 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp32.dll
2015-01-10 17:08 - 2012-06-08 00:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO32.dll
2015-01-10 17:08 - 2012-06-08 00:18 - 03173008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2015-01-10 17:08 - 2012-06-05 18:44 - 00645776 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2015-01-10 17:08 - 2012-05-31 17:37 - 02417808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2015-01-10 17:08 - 2012-05-31 02:08 - 00087696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2015-01-10 17:08 - 2012-05-25 02:06 - 01706640 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-01-10 17:08 - 2012-04-09 22:40 - 02193472 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2015-01-10 17:08 - 2012-04-03 02:41 - 00709976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2015-01-10 17:08 - 2012-03-07 19:47 - 00176736 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2015-01-10 17:08 - 2012-03-07 19:47 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2015-01-10 17:08 - 2011-12-18 01:57 - 01836376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-01-10 17:08 - 2011-12-15 22:57 - 00054360 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld32.dll
2015-01-10 17:08 - 2011-12-13 00:58 - 01497704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2015-01-10 17:08 - 2011-11-22 00:28 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2015-01-10 17:08 - 2010-11-07 15:31 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2015-01-10 17:08 - 2010-11-07 15:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2015-01-10 17:08 - 2010-11-07 15:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2015-01-10 17:08 - 2010-11-07 15:31 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2015-01-10 17:08 - 2010-11-07 15:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2015-01-10 17:08 - 2010-11-07 15:31 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2015-01-10 17:08 - 2010-09-26 17:34 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-01-10 17:08 - 2009-12-03 23:43 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2015-01-10 17:08 - 2009-11-23 17:55 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2015-01-10 17:08 - 2009-11-23 17:55 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2015-01-10 17:08 - 2009-11-23 17:55 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2015-01-10 17:08 - 2009-11-23 17:55 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2015-01-10 17:08 - 2009-11-18 02:42 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2015-01-10 17:08 - 2009-11-17 15:13 - 00050776 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn32.dll
2015-01-10 17:04 - 2015-01-10 17:04 - 00001417 _____ () C:\Users\Dezika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-10 17:04 - 2015-01-10 17:04 - 00000020 ___SH () C:\Users\Dezika\ntuser.ini
2015-01-10 17:04 - 2015-01-10 17:04 - 00000000 __SHD () C:\Recovery
2015-01-10 17:04 - 2015-01-10 17:04 - 00000000 ____D () C:\Users\Dezika\AppData\Local\VirtualStore
2015-01-10 17:04 - 2015-01-10 17:04 - 00000000 ____D () C:\Users\Dezika
2015-01-10 17:04 - 2015-01-10 07:30 - 00063220 _____ () C:\Windows\WindowsUpdate.log
2015-01-10 17:04 - 2009-07-13 20:42 - 00000000 ___RD () C:\Users\Dezika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-10 17:04 - 2009-07-13 20:37 - 00000000 ___RD () C:\Users\Dezika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-10 17:00 - 2015-01-10 17:00 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-01-10 17:00 - 2015-01-10 17:00 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-01-10 16:58 - 2015-01-10 16:59 - 00001313 _____ () C:\Windows\TSSysprep.log
2015-01-10 16:58 - 2015-01-10 16:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-01-10 16:56 - 2015-01-10 17:04 - 00000000 ____D () C:\Windows\Panther
2015-01-10 09:35 - 2015-01-10 09:35 - 00004419 _____ () C:\Users\Dezika\Downloads\FRST.txt
2015-01-10 09:34 - 2015-01-10 09:35 - 00000000 ____D () C:\FRST
2015-01-10 09:34 - 2015-01-10 09:34 - 01115648 _____ (Farbar) C:\Users\Dezika\Downloads\FRST.exe
2015-01-10 09:29 - 2015-01-10 09:29 - 00000000 ____D () C:\Users\Dezika\AppData\Roaming\Macromedia
2015-01-10 09:29 - 2015-01-10 09:29 - 00000000 ____D () C:\Users\Dezika\AppData\Roaming\LolClient
2015-01-10 09:29 - 2015-01-10 09:29 - 00000000 ____D () C:\Users\Dezika\AppData\Roaming\Adobe
2015-01-10 09:07 - 2015-01-10 09:07 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2015-01-10 09:04 - 2015-01-10 09:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-10 09:04 - 2014-07-02 11:42 - 04389848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-01-10 09:04 - 2014-07-02 11:42 - 03063256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2015-01-10 09:04 - 2014-07-02 11:42 - 00670552 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-01-10 09:04 - 2014-07-02 11:42 - 00377288 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-01-10 09:04 - 2014-07-02 11:42 - 00062936 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-01-10 09:04 - 2014-07-01 21:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2015-01-10 09:03 - 2015-01-10 09:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-10 09:03 - 2015-01-10 09:03 - 24198088 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2015-01-10 09:03 - 2015-01-10 09:03 - 15296456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-10 09:03 - 2015-01-10 09:03 - 14498552 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2015-01-10 09:03 - 2015-01-10 09:03 - 11283344 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-10 09:03 - 2015-01-10 09:03 - 11222048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-10 09:03 - 2015-01-10 09:03 - 10681176 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-10 09:03 - 2015-01-10 09:03 - 03988952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-10 09:03 - 2015-01-10 09:03 - 02814656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2015-01-10 09:03 - 2015-01-10 09:03 - 01054552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234052.dll
2015-01-10 09:03 - 2015-01-10 09:03 - 00907552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234052.dll
2015-01-10 09:03 - 2015-01-10 09:03 - 00907096 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2015-01-10 09:03 - 2015-01-10 09:03 - 00869152 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2015-01-10 09:03 - 2015-01-10 09:03 - 00021215 _____ () C:\Windows\system32\nvinfo.pb
2015-01-10 09:03 - 2015-01-10 09:03 - 00000000 ____D () C:\Windows\LastGood
2015-01-10 09:03 - 2015-01-10 09:03 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-01-10 08:48 - 2015-01-10 09:07 - 00000000 ____D () C:\Users\Dezika\AppData\Roaming\IObit
2015-01-10 08:48 - 2015-01-10 09:07 - 00000000 ____D () C:\ProgramData\IObit
2015-01-10 08:48 - 2015-01-10 08:48 - 00023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2015-01-10 08:48 - 2015-01-10 08:48 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-10 08:48 - 2015-01-10 08:48 - 00000000 ____D () C:\Program Files\IObit
2015-01-10 08:45 - 2015-01-10 08:45 - 00000000 ____D () C:\ProgramData\Riot Games
2015-01-10 08:44 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-01-10 08:44 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-01-10 08:44 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-01-10 08:44 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-01-10 08:44 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-01-10 08:43 - 2015-01-10 08:43 - 00001503 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2015-01-10 08:43 - 2015-01-10 08:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-01-10 08:37 - 2015-01-10 08:44 - 00000000 ____D () C:\Users\Dezika\AppData\Roaming\Riot Games
2015-01-10 08:35 - 2015-01-10 08:57 - 00000990 _____ () C:\Windows\PFRO.log
2015-01-10 08:31 - 2015-01-06 04:36 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-10 08:30 - 2015-01-10 08:33 - 00000000 ____D () C:\AdwCleaner
2015-01-10 08:25 - 2015-01-10 08:58 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-10 08:24 - 2015-01-10 08:24 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-10 08:24 - 2015-01-10 08:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-10 08:24 - 2015-01-10 08:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-10 08:24 - 2015-01-10 08:24 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-10 08:24 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-10 08:24 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-10 08:24 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-10 08:22 - 2015-01-10 08:22 - 00000443 _____ () C:\Users\Dezika\AppData\Local\UserProducts.xml
2015-01-10 08:22 - 2015-01-10 08:22 - 00000003 _____ () C:\Users\Dezika\AppData\Local\updater.log
2015-01-10 08:22 - 2015-01-10 08:22 - 00000000 ____D () C:\Users\Dezika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
2015-01-10 08:22 - 2015-01-10 08:22 - 00000000 ____D () C:\Users\Dezika\AppData\Local\Skillbrains
2015-01-10 08:22 - 2015-01-10 08:22 - 00000000 ____D () C:\Program Files\Skillbrains
2015-01-10 08:18 - 2015-01-10 09:27 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-10 08:18 - 2015-01-10 09:26 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-10 08:18 - 2015-01-10 08:18 - 00057560 _____ () C:\Users\Dezika\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-10 08:18 - 2015-01-10 08:18 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-10 08:18 - 2015-01-10 08:18 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-10 08:18 - 2015-01-10 08:18 - 00000000 ____D () C:\Users\Dezika\AppData\Roaming\Mozilla
2015-01-10 08:18 - 2015-01-10 08:18 - 00000000 ____D () C:\Users\Dezika\AppData\Local\Mozilla
2015-01-10 08:18 - 2015-01-10 08:18 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-10 08:18 - 2015-01-10 08:18 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-10 07:57 - 2015-01-10 07:57 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-10 07:57 - 2015-01-10 07:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-10 07:57 - 2015-01-10 07:57 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-10 07:57 - 2015-01-10 07:57 - 00000000 ____D () C:\Users\Dezika\AppData\Roaming\NVIDIA
2015-01-10 07:57 - 2015-01-10 07:57 - 00000000 ____D () C:\Users\Dezika\AppData\Local\Macromedia
2015-01-10 07:57 - 2015-01-10 07:57 - 00000000 ____D () C:\Users\Dezika\AppData\Local\Adobe
2015-01-10 07:47 - 2015-01-10 07:47 - 00000000 ____D () C:\Users\Dezika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Patchv2 for mp3player menu
2015-01-10 07:45 - 2015-01-10 07:45 - 00000000 ____D () C:\Users\Dezika\AppData\Roaming\WinRAR
2015-01-10 07:44 - 2015-01-10 07:44 - 00000979 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2015-01-10 07:44 - 2015-01-10 07:44 - 00000000 ____D () C:\Users\Dezika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-10 07:44 - 2015-01-10 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-10 07:44 - 2015-01-10 07:44 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-10 07:42 - 2015-01-10 07:42 - 00001025 _____ () C:\Users\Dezika\Desktop\Counter-Strike Modern.lnk
2015-01-10 07:42 - 2015-01-10 07:42 - 00000000 ____D () C:\Users\Dezika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 MILF Community Edition

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 17:11 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\system32\restore
2015-01-10 17:04 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\rescache
2015-01-10 17:01 - 2009-07-13 20:33 - 00266808 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-10 17:00 - 2009-07-13 20:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-10 17:00 - 2009-07-13 18:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-10 16:58 - 2009-07-13 23:49 - 00000000 ____D () C:\Windows\CSC
2015-01-10 16:58 - 2009-07-13 20:34 - 00001774 _____ () C:\Windows\DtcInstall.log
2015-01-10 16:56 - 2009-07-13 20:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-01-10 16:56 - 2009-07-13 20:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-01-10 09:30 - 2009-07-13 20:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-10 09:30 - 2009-07-13 20:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-10 09:06 - 2009-07-13 20:39 - 00019923 _____ () C:\Windows\setupact.log
2015-01-10 09:04 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Help
2015-01-10 09:03 - 2009-07-13 14:09 - 16122344 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2015-01-10 08:58 - 2009-07-13 20:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-10 08:56 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Branding
2015-01-10 08:41 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-10 08:40 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-10 08:17 - 2009-07-13 18:37 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-10 07:32 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-01-10 07:30 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\NDF

Some content of TEMP:
====================
C:\Users\Dezika\AppData\Local\Temp\Quarantine.exe
C:\Users\Dezika\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-10 16:57

==================== End Of Log ============================

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U ovim izvještajima nisam našao ništa maliciozno. Odradićemo sad ARK provjeru.

Preuzmi TDSSKiller sa sljedeće adrese na Desktop:

TDSSKiller


Kad preuzimanje bude završeno:

Preimenuj TDSSKiller.exe u MyCity.exe

Pokreni MyCity.exe

U End user Licence Agreement dijalogu klikni na Accept.
Takođe, u KSN Statement dijalogu klikni na Accept.

Klikni na Change parametres.

U dijelu Additional options štrikliraj opcije Verify driver signatures i Detect TDLFS file system, a zatim klikni na OK.

Klikni na Start scan.

Kad završi prikazaće ti rezultate skeniranja.

Za sve ponađene objekte odaberi akciju Skip.

Klikni na Continue.

Prikači uz poruku izvještaj koji se nalazi na sljedećoj lokaciji:
C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt
(DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vrijeme kada je log napravljen)

offline
  • Pridružio: 10 Jan 2015
  • Poruke: 202
  • Gde živiš: Novi Sad

Napisano: 11 Jan 2015 20:29

izgleda sam obrisao pre dizanja sistema viruse msm da sam uspeo ali mi koci sve,net,kada se pali moram da iskljucim onaj L kabl od harda da bi nastavio da se upali,itd....zato sam mislio da nesto ima jos ali vidim da nije nasao nista,dosta stvari mi ne radi kako treba
http://prntscr.com/5r9uce

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png
imam dva danas sam radio to sam,nasao i odradio

Dopuna: 11 Jan 2015 20:37

i mozilla firefox mi je blokirala kad sam digao sistem pa sam morao da je izbrisem

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Sistem je čist. Vjerovatno imaš hardverski problem.

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Pridružio: 10 Jan 2015
  • Poruke: 202
  • Gde živiš: Novi Sad

http://prntscr.com/5rao4r
odradio

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Otvori temu u Windows potforumu i tamo iznesi svoj problem.

Ko je trenutno na forumu
 

Ukupno su 1314 korisnika na forumu :: 57 registrovanih, 5 sakrivenih i 1252 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Abazovic Mustafa, Acivi, aramis s, Asparagus, babaroga, Bane san, bankulen, bojank, Botovac, darcaud, DENIRO, Dimitrise93, dmdr, DPera, Duh sa sekirom, FileFinder, Frunze, GandorCC, Georgius, gorantrojka, HrcAk47, ILGromovnik, Ivan Campo, Ivan001, kalens021, kikisp, kunktator, kybonacci, Lubica, LUDI, Luka Blažević, mercedesamg, mile09, milenko crazy north, Mirage 2000N, Motocar, mrvica78, NoOneEver Dreams, Panter, Parker, pein, RecA, Ripanjac, S2M, ser.hill, Shinobi, Srle993, stalja, Sumadija34, theNedjeljko, Tragač, Trpe Grozni, vathra, VJ, Zi0mek, Zobara, Žrnov