Komp se cudno ponasa

1

Komp se cudno ponasa

offline
  • Pridružio: 30 Avg 2014
  • Poruke: 314
  • Gde živiš: Montenegro

Napisano: 13 Maj 2015 13:16

to je moj lap top i ja radim na njega ,ali zar moze neki program da naudi ovome sto saam ponudio

Dopuna: 13 Maj 2015 15:57

Lap top koristim za posao ....samo zelim da ga malo ubrzam sa radom jer je bas u zadnje vrijeme usporio i tesko radi uz to na google stranice iskacu ako ima kakve sanse da se malo dotjera

Dopuna: 13 Maj 2015 21:32

da ne bih otvarao novu temu i kompjuter mi se cudno ponasa pa da ga provjerimo Smile

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2015
Ran by Pc (administrator) on PC-PC on 13-05-2015 21:29:24
Running from C:\Users\Pc\Desktop
Loaded Profiles: Pc (Available profiles: Pc)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(BitTorrent Inc.) C:\Users\Pc\AppData\Roaming\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8202008 2015-04-08] (Piriform Ltd)
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {019359da-d582-11e4-91ae-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {0f4dd092-ee41-11e4-a5ba-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {2d5ecd69-d6e5-11e4-8167-806e6f6e6963} - H:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {6187dff3-e2da-11e4-8038-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {6187e025-e2da-11e4-8038-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {6187e030-e2da-11e4-8038-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {708bfde3-d982-11e4-ad73-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {708bfe23-d982-11e4-ad73-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {7ed1a970-edc4-11e4-a649-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {d18b8898-e3f6-11e4-9bd5-74d4358015a2} - G:\autorun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {ec9c8187-d5c9-11e4-a50b-806e6f6e6963} - G:\AutoRun.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Tcpip\..\Interfaces\{1A9BEF45-4855-444A-AB13-8E49C1296B12}: [NameServer] 213.133.3.5 213.133.3.10
Tcpip\..\Interfaces\{9B75A607-FEB6-4E83-B35F-CC444442CEB4}: [NameServer] 213.133.3.5 213.133.3.10

FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-06] (Google Inc.)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://www.google.rs/"
CHR Profile: C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-06]
CHR Extension: (Google Drive) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-06]
CHR Extension: (YouTube) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-06]
CHR Extension: (Google Search) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-06]
CHR Extension: (Window Tiler) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdbbdcilpcejpjggageekankfnelfpj [2015-05-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-10]
CHR Extension: (Google Wallet) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-06]
CHR Extension: (Gmail) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 392f5ca0; c:\Program Files (x86)\CutterSystem\CutterSystem.dll [1649152 2015-05-05] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-02-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [651856 2013-10-26] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-28] (REALiX(tm))
R3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [121728 2013-10-23] (Huawei Technologies Co., Ltd.)
R3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [376448 2013-10-23] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 21:29 - 2015-05-13 21:30 - 00008595 _____ () C:\Users\Pc\Desktop\Main.txt
2015-05-13 21:29 - 2015-05-13 21:29 - 00000000 ____D () C:\FRST
2015-05-13 21:26 - 2015-05-13 21:28 - 02104832 _____ (Farbar) C:\Users\Pc\Desktop\FRST64.exe
2015-05-13 21:23 - 2015-05-13 21:23 - 00000000 _____ () C:\Users\Pc\AppData\Local\Temp.dat
2015-05-13 21:13 - 2015-05-13 21:13 - 00000000 ____D () C:\Users\Pc\Documents\Activision
2015-05-12 15:10 - 2015-05-12 15:11 - 00000000 ____D () C:\ProgramData\4136676349476659692
2015-05-10 08:45 - 2015-05-12 14:45 - 00000020 _____ () C:\Users\Pc\AppData\Roaming\appdataFr3.bin
2015-05-10 08:45 - 2015-05-10 08:45 - 00000000 ____D () C:\ProgramData\The AdBlocker
2015-05-06 14:49 - 2015-05-13 06:38 - 00000896 _____ () C:\Windows\setupact.log
2015-05-06 14:49 - 2015-05-06 14:49 - 00000572 _____ () C:\Windows\PFRO.log
2015-05-06 14:49 - 2015-05-06 14:49 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-06 14:08 - 2015-05-06 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-06 13:22 - 2015-05-13 21:27 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-06 13:22 - 2015-05-13 13:27 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-06 13:22 - 2015-05-06 13:22 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-06 13:22 - 2015-05-06 13:22 - 00003634 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-06 11:55 - 2015-05-06 11:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-06 11:54 - 2015-05-06 12:05 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-06 11:54 - 2015-05-06 11:54 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-06 11:39 - 2015-05-06 11:39 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-06 11:39 - 2015-05-06 11:39 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\39FE441C.sys
2015-05-06 11:36 - 2015-05-06 11:37 - 00000000 ____D () C:\AdwCleaner
2015-05-05 14:37 - 2015-05-05 14:37 - 00000000 ____D () C:\Program Files (x86)\CutterSystem
2015-05-04 22:30 - 2015-05-04 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare 3
2015-04-28 18:36 - 2015-04-28 18:37 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2015-04-28 18:36 - 2015-04-28 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
2015-04-28 18:36 - 2013-10-23 05:44 - 00376448 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys
2015-04-28 18:36 - 2013-10-23 05:43 - 00121728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys
2015-04-28 18:36 - 2013-09-02 09:50 - 00456192 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2015-04-28 18:36 - 2013-06-29 11:17 - 00246272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2015-04-28 18:36 - 2013-03-04 10:32 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2015-04-28 18:36 - 2013-03-04 10:32 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2015-04-28 18:36 - 2013-03-04 10:32 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2015-04-28 18:36 - 2013-03-04 10:32 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2015-04-28 18:36 - 2013-03-04 10:21 - 00226048 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2015-04-28 18:36 - 2013-01-25 03:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2015-04-28 18:36 - 2012-12-22 03:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2015-04-28 18:36 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2015-04-28 18:36 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2015-04-28 14:45 - 2015-04-28 14:45 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Far Cry 3
2015-04-27 18:04 - 2015-04-28 23:27 - 00004479 _____ () C:\Users\Pc\Documents\TombRaider.log
2015-04-27 17:40 - 2015-04-27 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square Enix
2015-04-27 17:38 - 2009-06-07 16:25 - 00077824 _____ () C:\Windows\SysWOW64\xvid.ax
2015-04-27 17:38 - 2009-06-07 16:16 - 00819200 _____ () C:\Windows\SysWOW64\xvidcore.dll
2015-04-26 02:29 - 2011-06-03 22:59 - 00057648 _____ (FSPro Labs) C:\Windows\system32\Drivers\FSPFltd2.sys
2015-04-21 10:48 - 2015-04-21 10:48 - 00000000 ____D () C:\Users\Pc\AppData\Local\Electronic Arts
2015-04-21 10:38 - 2015-04-21 10:38 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-04-21 00:28 - 2015-04-21 00:28 - 00000000 ____D () C:\ProgramData\EA Core
2015-04-19 22:50 - 2015-04-24 12:03 - 00007168 ____H () C:\Users\Pc\Desktop\photothumb.db
2015-04-19 22:49 - 2015-04-28 18:33 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\PhotoScape
2015-04-19 22:48 - 2015-04-19 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2015-04-19 22:48 - 2015-04-19 22:48 - 00000000 ____D () C:\Program Files (x86)\PhotoScape
2015-04-18 23:57 - 2015-04-28 14:45 - 00000000 ____D () C:\Users\Pc\Documents\My Games
2015-04-18 19:36 - 2015-04-18 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2015-04-17 15:42 - 2015-04-17 15:42 - 00000000 ____D () C:\Users\Pc\AppData\Local\id Software
2015-04-17 09:43 - 2015-04-17 09:43 - 00000000 ____D () C:\Users\Pc\AppData\Local\Activision
2015-04-16 22:16 - 2015-04-16 22:16 - 00000000 ____D () C:\Users\Pc\AppData\Local\storage
2015-04-16 22:16 - 2015-04-16 22:16 - 00000000 ____D () C:\ProgramData\Ubisoft
2015-04-16 22:10 - 2015-04-16 22:10 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Splinter Cell - Conviction
2015-04-16 22:10 - 2015-04-16 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splinter Cell - Conviction
2015-04-16 21:32 - 2015-04-16 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 21:30 - 2015-03-28 21:45 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\BitTorrent
2015-05-13 21:18 - 2015-03-28 21:49 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-13 21:09 - 2015-03-29 17:26 - 00000000 ___RD () C:\Users\Pc\Desktop\Games
2015-05-13 19:54 - 2015-03-28 21:18 - 01708046 _____ () C:\Windows\WindowsUpdate.log
2015-05-13 06:54 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 06:54 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 06:46 - 2009-07-14 07:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-13 06:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-06 14:08 - 2015-03-28 21:47 - 00000000 ____D () C:\Users\Pc\AppData\Local\Google
2015-05-06 14:08 - 2015-03-28 21:47 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-04 21:43 - 2015-03-30 19:19 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-05-01 23:17 - 2015-03-28 21:46 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-28 23:47 - 2015-04-05 00:37 - 00000000 ____D () C:\ProgramData\Orbit
2015-04-28 18:37 - 2015-03-28 21:55 - 00000000 ____D () C:\ProgramData\DatacardService
2015-04-28 14:45 - 2015-04-04 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-04-28 14:45 - 2015-03-28 21:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-28 14:26 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-27 18:04 - 2015-04-05 18:20 - 00000000 ____D () C:\Users\Pc\AppData\Local\SKIDROW
2015-04-27 14:11 - 2015-03-28 21:49 - 00000000 ____D () C:\Users\Pc\Documents\Freemake
2015-04-27 14:11 - 2015-03-28 21:49 - 00000000 ____D () C:\ProgramData\Freemake
2015-04-25 14:05 - 2015-03-28 21:50 - 00000000 ____D () C:\ProgramData\MCShield
2015-04-21 10:48 - 2015-04-02 14:34 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-04-18 19:12 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-04-17 13:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-04-16 21:54 - 2015-03-28 21:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-15 01:38 - 2015-03-28 21:49 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 01:37 - 2015-03-28 21:49 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 01:37 - 2015-03-28 21:49 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 09:02 - 2015-03-28 21:47 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\DAEMON Tools Lite

==================== Files in the root of some directories =======

2015-05-10 08:45 - 2015-05-12 14:45 - 0000020 _____ () C:\Users\Pc\AppData\Roaming\appdataFr3.bin
2015-05-13 21:23 - 2015-05-13 21:23 - 0000000 _____ () C:\Users\Pc\AppData\Local\Temp.dat
2015-03-28 21:37 - 2015-03-28 21:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Pc\AppData\Local\Temp\Quarantine.exe
C:\Users\Pc\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 07:12

==================== End Of Log ============================

https://www.mycity.rs/must-login.png

Dopuna: 14 Maj 2015 14:06

Ako necete da mi pomognete oko lap topa mozete makar oko kompa ? ili recite Smile

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Zdravo,

- Reinstaliraj Chrome jer je verovatno ostecen i namesten na drugaciji nacin rada.

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

offline
  • Pridružio: 30 Avg 2014
  • Poruke: 314
  • Gde živiš: Montenegro

https://www.mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Da li si reinstalirao Chrome?

Ako jesi, postavi mi novi FRST log.

offline
  • Pridružio: 30 Avg 2014
  • Poruke: 314
  • Gde živiš: Montenegro

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2015 02
Ran by Pc (administrator) on PC-PC on 15-05-2015 21:41:54
Running from C:\Users\Pc\Desktop
Loaded Profiles: Pc (Available profiles: Pc)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8202008 2015-04-08] (Piriform Ltd)
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {019359da-d582-11e4-91ae-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {0f4dd092-ee41-11e4-a5ba-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {2d5ecd69-d6e5-11e4-8167-806e6f6e6963} - H:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {6187dff3-e2da-11e4-8038-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {6187e025-e2da-11e4-8038-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {6187e030-e2da-11e4-8038-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {708bfde3-d982-11e4-ad73-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {708bfe23-d982-11e4-ad73-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {7ed1a970-edc4-11e4-a649-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {d18b8898-e3f6-11e4-9bd5-74d4358015a2} - G:\autorun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {ec9c8187-d5c9-11e4-a50b-806e6f6e6963} - G:\AutoRun.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Tcpip\..\Interfaces\{1A9BEF45-4855-444A-AB13-8E49C1296B12}: [NameServer] 213.133.3.5 213.133.3.10
Tcpip\..\Interfaces\{9B75A607-FEB6-4E83-B35F-CC444442CEB4}: [NameServer] 213.133.3.5 213.133.3.10

FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-06] (Google Inc.)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://www.google.rs/"
CHR Profile: C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-06]
CHR Extension: (Google Drive) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-06]
CHR Extension: (YouTube) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-06]
CHR Extension: (Google Search) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-06]
CHR Extension: (Window Tiler) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdbbdcilpcejpjggageekankfnelfpj [2015-05-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-10]
CHR Extension: (Google Wallet) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-06]
CHR Extension: (Gmail) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 392f5ca0; c:\Program Files (x86)\CutterSystem\CutterSystem.dll [1649152 2015-05-05] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-02-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [651856 2013-10-26] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-28] (REALiX(tm))
R3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [121728 2013-10-23] (Huawei Technologies Co., Ltd.)
R3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [376448 2013-10-23] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-15 21:41 - 2015-05-15 21:42 - 00008802 _____ () C:\Users\Pc\Desktop\FRST.txt
2015-05-15 21:41 - 2015-05-15 21:41 - 00000000 ____D () C:\FRST
2015-05-15 21:39 - 2015-05-15 21:41 - 02106368 _____ (Farbar) C:\Users\Pc\Desktop\FRST64.exe
2015-05-15 13:40 - 2015-05-15 13:40 - 00000024 _____ () C:\Users\Pc\AppData\Roaming\appdataFr25.bin
2015-05-14 23:51 - 2015-05-14 23:53 - 02204160 _____ () C:\Users\Pc\Desktop\adwcleaner_4.203.exe
2015-05-13 21:23 - 2015-05-13 21:23 - 00000000 _____ () C:\Users\Pc\AppData\Local\Temp.dat
2015-05-13 21:13 - 2015-05-13 21:13 - 00000000 ____D () C:\Users\Pc\Documents\Activision
2015-05-10 08:45 - 2015-05-14 15:32 - 00000020 _____ () C:\Users\Pc\AppData\Roaming\appdataFr3.bin
2015-05-06 14:49 - 2015-05-15 14:34 - 00001232 _____ () C:\Windows\setupact.log
2015-05-06 14:49 - 2015-05-06 14:49 - 00000572 _____ () C:\Windows\PFRO.log
2015-05-06 14:49 - 2015-05-06 14:49 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-06 14:08 - 2015-05-06 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-06 13:22 - 2015-05-15 21:27 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-06 13:22 - 2015-05-15 14:34 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-06 13:22 - 2015-05-06 13:22 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-06 13:22 - 2015-05-06 13:22 - 00003634 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-06 11:55 - 2015-05-06 11:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-06 11:54 - 2015-05-06 12:05 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-06 11:54 - 2015-05-06 11:54 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-06 11:39 - 2015-05-06 11:39 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-06 11:39 - 2015-05-06 11:39 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\39FE441C.sys
2015-05-06 11:36 - 2015-05-15 13:38 - 00000000 ____D () C:\AdwCleaner
2015-05-05 14:37 - 2015-05-05 14:37 - 00000000 ____D () C:\Program Files (x86)\CutterSystem
2015-05-04 22:30 - 2015-05-04 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare 3
2015-04-28 18:36 - 2015-04-28 18:37 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2015-04-28 18:36 - 2015-04-28 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
2015-04-28 18:36 - 2013-10-23 05:44 - 00376448 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys
2015-04-28 18:36 - 2013-10-23 05:43 - 00121728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys
2015-04-28 18:36 - 2013-09-02 09:50 - 00456192 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2015-04-28 18:36 - 2013-06-29 11:17 - 00246272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2015-04-28 18:36 - 2013-03-04 10:32 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2015-04-28 18:36 - 2013-03-04 10:32 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2015-04-28 18:36 - 2013-03-04 10:32 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2015-04-28 18:36 - 2013-03-04 10:32 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2015-04-28 18:36 - 2013-03-04 10:21 - 00226048 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2015-04-28 18:36 - 2013-01-25 03:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2015-04-28 18:36 - 2012-12-22 03:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2015-04-28 18:36 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2015-04-28 18:36 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2015-04-28 14:45 - 2015-04-28 14:45 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Far Cry 3
2015-04-27 18:04 - 2015-04-28 23:27 - 00004479 _____ () C:\Users\Pc\Documents\TombRaider.log
2015-04-27 17:40 - 2015-04-27 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square Enix
2015-04-27 17:38 - 2009-06-07 16:25 - 00077824 _____ () C:\Windows\SysWOW64\xvid.ax
2015-04-27 17:38 - 2009-06-07 16:16 - 00819200 _____ () C:\Windows\SysWOW64\xvidcore.dll
2015-04-26 02:29 - 2011-06-03 22:59 - 00057648 _____ (FSPro Labs) C:\Windows\system32\Drivers\FSPFltd2.sys
2015-04-21 10:48 - 2015-04-21 10:48 - 00000000 ____D () C:\Users\Pc\AppData\Local\Electronic Arts
2015-04-21 10:38 - 2015-04-21 10:38 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-04-21 00:28 - 2015-04-21 00:28 - 00000000 ____D () C:\ProgramData\EA Core
2015-04-19 22:50 - 2015-04-24 12:03 - 00007168 ____H () C:\Users\Pc\Desktop\photothumb.db
2015-04-19 22:49 - 2015-04-28 18:33 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\PhotoScape
2015-04-19 22:48 - 2015-04-19 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2015-04-19 22:48 - 2015-04-19 22:48 - 00000000 ____D () C:\Program Files (x86)\PhotoScape
2015-04-18 23:57 - 2015-04-28 14:45 - 00000000 ____D () C:\Users\Pc\Documents\My Games
2015-04-18 19:36 - 2015-04-18 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2015-04-17 15:42 - 2015-04-17 15:42 - 00000000 ____D () C:\Users\Pc\AppData\Local\id Software
2015-04-17 09:43 - 2015-04-17 09:43 - 00000000 ____D () C:\Users\Pc\AppData\Local\Activision
2015-04-16 22:16 - 2015-04-16 22:16 - 00000000 ____D () C:\Users\Pc\AppData\Local\storage
2015-04-16 22:16 - 2015-04-16 22:16 - 00000000 ____D () C:\ProgramData\Ubisoft
2015-04-16 22:10 - 2015-04-16 22:10 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Splinter Cell - Conviction
2015-04-16 22:10 - 2015-04-16 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splinter Cell - Conviction
2015-04-16 21:32 - 2015-04-16 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-15 21:18 - 2015-03-28 21:49 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-15 19:54 - 2015-03-28 21:18 - 01758834 _____ () C:\Windows\WindowsUpdate.log
2015-05-15 14:42 - 2009-07-14 07:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-15 14:42 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-15 14:42 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-15 14:34 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-14 06:54 - 2015-03-28 21:45 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\BitTorrent
2015-05-13 21:09 - 2015-03-29 17:26 - 00000000 ___RD () C:\Users\Pc\Desktop\Games
2015-05-06 14:08 - 2015-03-28 21:47 - 00000000 ____D () C:\Users\Pc\AppData\Local\Google
2015-05-06 14:08 - 2015-03-28 21:47 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-04 21:43 - 2015-03-30 19:19 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-05-01 23:17 - 2015-03-28 21:46 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-28 23:47 - 2015-04-05 00:37 - 00000000 ____D () C:\ProgramData\Orbit
2015-04-28 18:37 - 2015-03-28 21:55 - 00000000 ____D () C:\ProgramData\DatacardService
2015-04-28 14:45 - 2015-04-04 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-04-28 14:45 - 2015-03-28 21:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-28 14:26 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-27 18:04 - 2015-04-05 18:20 - 00000000 ____D () C:\Users\Pc\AppData\Local\SKIDROW
2015-04-27 14:11 - 2015-03-28 21:49 - 00000000 ____D () C:\Users\Pc\Documents\Freemake
2015-04-27 14:11 - 2015-03-28 21:49 - 00000000 ____D () C:\ProgramData\Freemake
2015-04-25 14:05 - 2015-03-28 21:50 - 00000000 ____D () C:\ProgramData\MCShield
2015-04-21 10:48 - 2015-04-02 14:34 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-04-18 19:12 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-04-17 13:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-04-16 21:54 - 2015-03-28 21:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-15 01:38 - 2015-03-28 21:49 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 01:37 - 2015-03-28 21:49 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 01:37 - 2015-03-28 21:49 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-05-15 13:40 - 2015-05-15 13:40 - 0000024 _____ () C:\Users\Pc\AppData\Roaming\appdataFr25.bin
2015-05-10 08:45 - 2015-05-14 15:32 - 0000020 _____ () C:\Users\Pc\AppData\Roaming\appdataFr3.bin
2015-05-13 21:23 - 2015-05-13 21:23 - 0000000 _____ () C:\Users\Pc\AppData\Local\Temp.dat
2015-03-28 21:37 - 2015-03-28 21:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-14 07:24

==================== End Of Log ============================

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:


CreateRestorePoint:
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {019359da-d582-11e4-91ae-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {0f4dd092-ee41-11e4-a5ba-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {2d5ecd69-d6e5-11e4-8167-806e6f6e6963} - H:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {6187dff3-e2da-11e4-8038-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {6187e025-e2da-11e4-8038-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {6187e030-e2da-11e4-8038-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {708bfde3-d982-11e4-ad73-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {708bfe23-d982-11e4-ad73-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {7ed1a970-edc4-11e4-a649-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {d18b8898-e3f6-11e4-9bd5-74d4358015a2} - G:\autorun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {ec9c8187-d5c9-11e4-a50b-806e6f6e6963} - G:\AutoRun.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
R2 392f5ca0; c:\Program Files (x86)\CutterSystem\CutterSystem.dll [1649152 2015-05-05] () [File not signed]
c:\Program Files (x86)\CutterSystem\CutterSystem.dll
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 30 Avg 2014
  • Poruke: 314
  • Gde živiš: Montenegro

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-05-2015 02
Ran by Pc at 2015-05-16 01:33:26 Run:1
Running from C:\Users\Pc\Desktop
Loaded Profiles: Pc (Available profiles: Pc)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CreateRestorePoint:
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {019359da-d582-11e4-91ae-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {0f4dd092-ee41-11e4-a5ba-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {2d5ecd69-d6e5-11e4-8167-806e6f6e6963} - H:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {6187dff3-e2da-11e4-8038-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {6187e025-e2da-11e4-8038-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {6187e030-e2da-11e4-8038-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {708bfde3-d982-11e4-ad73-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {708bfe23-d982-11e4-ad73-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {7ed1a970-edc4-11e4-a649-74d4358015a2} - G:\AutoRun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {d18b8898-e3f6-11e4-9bd5-74d4358015a2} - G:\autorun.exe
HKU\S-1-5-21-421543275-951560458-1404525424-1000\...\MountPoints2: {ec9c8187-d5c9-11e4-a50b-806e6f6e6963} - G:\AutoRun.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
R2 392f5ca0; c:\Program Files (x86)\CutterSystem\CutterSystem.dll [1649152 2015-05-05] () [File not signed]
c:\Program Files (x86)\CutterSystem\CutterSystem.dll
EmptyTemp:
*****************

Restore point was successfully created.
"HKU\S-1-5-21-421543275-951560458-1404525424-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{019359da-d582-11e4-91ae-74d4358015a2}" => Key deleted successfully.
HKCR\CLSID\{019359da-d582-11e4-91ae-74d4358015a2} => Key not found.
"HKU\S-1-5-21-421543275-951560458-1404525424-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f4dd092-ee41-11e4-a5ba-74d4358015a2}" => Key deleted successfully.
HKCR\CLSID\{0f4dd092-ee41-11e4-a5ba-74d4358015a2} => Key not found.
"HKU\S-1-5-21-421543275-951560458-1404525424-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2d5ecd69-d6e5-11e4-8167-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{2d5ecd69-d6e5-11e4-8167-806e6f6e6963} => Key not found.
"HKU\S-1-5-21-421543275-951560458-1404525424-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6187dff3-e2da-11e4-8038-74d4358015a2}" => Key deleted successfully.
HKCR\CLSID\{6187dff3-e2da-11e4-8038-74d4358015a2} => Key not found.
"HKU\S-1-5-21-421543275-951560458-1404525424-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6187e025-e2da-11e4-8038-74d4358015a2}" => Key deleted successfully.
HKCR\CLSID\{6187e025-e2da-11e4-8038-74d4358015a2} => Key not found.
"HKU\S-1-5-21-421543275-951560458-1404525424-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6187e030-e2da-11e4-8038-74d4358015a2}" => Key deleted successfully.
HKCR\CLSID\{6187e030-e2da-11e4-8038-74d4358015a2} => Key not found.
"HKU\S-1-5-21-421543275-951560458-1404525424-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{708bfde3-d982-11e4-ad73-74d4358015a2}" => Key deleted successfully.
HKCR\CLSID\{708bfde3-d982-11e4-ad73-74d4358015a2} => Key not found.
"HKU\S-1-5-21-421543275-951560458-1404525424-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{708bfe23-d982-11e4-ad73-74d4358015a2}" => Key deleted successfully.
HKCR\CLSID\{708bfe23-d982-11e4-ad73-74d4358015a2} => Key not found.
"HKU\S-1-5-21-421543275-951560458-1404525424-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ed1a970-edc4-11e4-a649-74d4358015a2}" => Key deleted successfully.
HKCR\CLSID\{7ed1a970-edc4-11e4-a649-74d4358015a2} => Key not found.
"HKU\S-1-5-21-421543275-951560458-1404525424-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d18b8898-e3f6-11e4-9bd5-74d4358015a2}" => Key deleted successfully.
HKCR\CLSID\{d18b8898-e3f6-11e4-9bd5-74d4358015a2} => Key not found.
"HKU\S-1-5-21-421543275-951560458-1404525424-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ec9c8187-d5c9-11e4-a50b-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{ec9c8187-d5c9-11e4-a50b-806e6f6e6963} => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
VGPU => Service deleted successfully.
392f5ca0 => Service deleted successfully.
c:\Program Files (x86)\CutterSystem\CutterSystem.dll => Moved successfully.
EmptyTemp: => Removed 172.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog 01:33:45 ====

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Kakvo je sad stanje?

I, po drugi put, da li si reinstalirao Chrome?

offline
  • Pridružio: 30 Avg 2014
  • Poruke: 314
  • Gde živiš: Montenegro

Sad je bolje to se osjedi na rad kompjutera ,jesam izvini sto nijesam odmah odg Smile

Izvini ako smetam bi li mogao da malo dotjeramo lap top moj ?

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Ajde, probacemo da doteramo i laptop. Pisem ti u toj temi.

Jos ovo uradi:
Sledeća procedura će implementirati završno čišćenje.



Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.

Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;
Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.

Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno.


Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
- Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
- DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Ko je trenutno na forumu
 

Ukupno su 943 korisnika na forumu :: 21 registrovanih, 2 sakrivenih i 920 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -[CoA]-, Bobrock1, bojank, Djordje29, draganl, HrcAk47, Karla, kinez88, kjkszpj, Kriglord, krkalon, Krvava Devetka, LUDI, opt1, paja69, panzerwaffe, Regrut Boskica, sabros, Shilok, sovanova95, styg