Nema programa u programs and features

1

Nema programa u programs and features

offline
  • Pridružio: 26 Mar 2011
  • Poruke: 221

Postovani imam note book Asus eeps 1001px ,na njemu je instaliran windows 7 home premium 32 bit,odavno je poceo lose da radi,da koci i ako ima 1gr radio je dobro,ali kad u google pretrazivacu ukucavam slova pola slova ukuca prazno,vratim se pa iznova...od skoro se pojavio novi problem,hteo sam da gledam on line seriju trazio mi je da instaliram javu za gledanje...pokusao sam ali mi se onda instalirao i neki program MyPs Backup,on se non stop pali prilikom ukljucenja note booka,hteo sam da ga izbrisem tj deinstaliram ali kada sam to probao programom kojim inace sve deinstaliram Revo uninstaler pokazo mi je da imam instalirana samo dva programa,onda sam otisao u control panel pa u programs and features tamo takodje pokazuje da imam instalirana samo dva programa na notebooku,a imam ih vise npr bs player,ofice...i svi rade ok,ali ja ne mogu da deinstaliram vise ni jedan program,potrebna mi je pomoc,mozda je virus ili nesto dr,evo mog loga.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-05-2015 01
Ran by ASUS (administrator) on ASUS-PC on 26-05-2015 15:24:02
Running from C:\Users\ASUS\Desktop
Loaded Profiles: ASUS (Available Profiles: ASUS)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files\OLBPre\OLBPre.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
() C:\ProgramData\mts mobilni internet\OnlineUpdate\ouc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\OLBPre\OLBPre.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {7f01558a-e36e-11e3-9c00-bcaec51997ab} - E:\Startme.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {ace608fb-3cea-11e4-94cc-bcaec51997ab} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {b9fd2f8b-2df5-11e4-b68f-bcaec51997ab} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {f414bca0-d9e4-11e4-8ed9-bcaec51997ab} - E:\AutoRun.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {f414bcae-d9e4-11e4-8ed9-bcaec51997ab} - E:\AutoRun.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2015-05-20]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\OLBPre\OLBPre.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1429.....832&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1429.....832&q={searchTerms}
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchalgo.com/?cid=5071
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1739059202-3565848293-805263540-1000 -> DefaultScope {a8177b71-ee19-4e0f-b2f9-02d533eb946D} URL = http://www.searchalgo.com/search.html?q={searchTerms}&cid=5071
SearchScopes: HKU\S-1-5-21-1739059202-3565848293-805263540-1000 -> {a8177b71-ee19-4e0f-b2f9-02d533eb946D} URL = http://www.searchalgo.com/search.html?q={searchTerms}&cid=5071
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-04-25] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-04-08] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0AAFBB01-C496-474D-8BC2-940C0A776BD8}: [NameServer] 172.21.21.158 172.21.21.157

FireFox:
========
FF ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\ij5a11r8.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: SearchAlgo
FF SearchEngineOrder.1: SearchAlgo
FF SelectedSearchEngine: SearchAlgo
FF Homepage: https://www.google.rs/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-23] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\ij5a11r8.default\user.js [2015-04-16]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-23] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\ij5a11r8.default\searchplugins\SearchAlgo.xml [2015-05-21]
FF SearchPlugin: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\ij5a11r8.default\searchplugins\sweet-page.xml [2015-04-16]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-17]
FF HKLM\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\ij5a11r8.default\extensions\quick_searchff@gmail.com
FF HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1429195789&from=cor&uid=WDCXWD1600BEVT-80A23T0_WD-WX91A90D6832D6832"
CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-07]
CHR Extension: (Google Drive) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-07]
CHR Extension: (YouTube) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-07]
CHR Extension: (Google Search) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-07]
CHR Extension: (Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-07]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 Disc Soft Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [813328 2014-04-28] (Disc Soft Ltd)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [276048 2013-02-06] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 mts mobilni internet. RunOuc; C:\Program Files\mts mobilni internet\UpdateDog\ouc.exe [656976 2013-05-21] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2014-05-27] (Google Inc)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [15744 2014-05-27] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2014-05-27] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis.sys [74240 2014-05-27] (LG Electronics Inc.)
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [24704 2014-05-24] (Disc Soft Ltd)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () []
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [101248 2013-03-04] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27776 2013-03-04] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [208384 2013-06-29] (Huawei Technologies Co., Ltd.)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [95232 2013-01-25] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 15:24 - 2015-05-26 15:24 - 00012422 _____ () C:\Users\ASUS\Desktop\FRST.txt
2015-05-26 15:23 - 2015-05-26 15:24 - 00000000 ____D () C:\FRST
2015-05-26 15:22 - 2015-05-26 15:22 - 01146880 _____ (Farbar) C:\Users\ASUS\Desktop\FRST.exe
2015-05-20 23:57 - 2015-05-26 12:23 - 00000000 ____D () C:\Program Files\OLBPre
2015-05-20 23:57 - 2015-05-20 23:57 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Performersoft
2015-05-20 23:57 - 2015-01-24 15:30 - 03427328 _____ (Performersoft, LLC.) C:\Windows\performersoftsetup.dll
2015-05-20 23:56 - 2015-05-21 00:04 - 00004421 _____ () C:\stat_log
2015-05-20 14:49 - 2015-05-20 23:35 - 00000000 ____D () C:\Users\ASUS\Desktop\Vikings S03 Complete Season 3 720p WEB-DL AAC x264-PSYPHER
2015-05-17 13:48 - 2015-05-17 13:48 - 00000000 ____D () C:\Program Files\Magic Photo Editor
2015-05-17 12:30 - 2015-05-18 00:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-16 20:06 - 2015-05-21 00:13 - 00000000 ____D () C:\Users\ASUS\Desktop\slikeM

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 15:12 - 2014-05-22 20:32 - 01328677 _____ () C:\Windows\WindowsUpdate.log
2015-05-26 15:10 - 2014-08-02 14:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-26 15:09 - 2015-03-08 14:51 - 00023602 _____ () C:\Windows\setupact.log
2015-05-26 15:09 - 2009-07-14 06:53 - 00032614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-26 15:09 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-26 12:33 - 2015-03-07 21:23 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-26 12:03 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-26 12:03 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-21 00:30 - 2014-08-06 09:34 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\AIMP3
2015-05-21 00:21 - 2015-03-08 14:51 - 00005170 _____ () C:\Windows\PFRO.log
2015-05-21 00:14 - 2015-03-08 15:37 - 00000000 ____D () C:\Users\ASUS\Desktop\New folder
2015-05-20 23:58 - 2009-07-14 04:04 - 00000541 _____ () C:\Windows\win.ini
2015-05-20 16:44 - 2014-05-22 23:13 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\uTorrent
2015-05-18 15:28 - 2015-03-07 21:23 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-18 00:46 - 2014-05-22 21:42 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-15 00:03 - 2015-01-07 13:42 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-04-29 22:38 - 2010-11-20 23:01 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2015-01-13 14:01 - 2015-01-13 14:01 - 0001025 _____ () C:\Users\ASUS\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
C:\Users\ASUS\AppData\Local\Temp\CloudBackup21.exe
C:\Users\ASUS\AppData\Local\Temp\divx3ff8.exe
C:\Users\ASUS\AppData\Local\Temp\DivXSetup.exe
C:\Users\ASUS\AppData\Local\Temp\GdiPlus.dll
C:\Users\ASUS\AppData\Local\Temp\InstallerMessageBox.exe
C:\Users\ASUS\AppData\Local\Temp\NPSInstallerProxy.exe
C:\Users\ASUS\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-18 11:59

==================== End of log ============================
https://www.mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8426
  • Gde živiš: Novi Beograd

Zdravo,

zaista interesantan problem. Probacemo da pomognemo.

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

------

Zatim mi postavi novi FRST log sa Addition logom, takodje.

offline
  • Pridružio: 26 Mar 2011
  • Poruke: 221

Ok ,hvala,evo trazenog.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-05-2015 01
Ran by ASUS (administrator) on ASUS-PC on 26-05-2015 16:59:04
Running from C:\Users\ASUS\Desktop
Loaded Profiles: ASUS (Available Profiles: ASUS)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\ProgramData\mts mobilni internet\OnlineUpdate\ouc.exe
(Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {7f01558a-e36e-11e3-9c00-bcaec51997ab} - E:\Startme.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {ace608fb-3cea-11e4-94cc-bcaec51997ab} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {b9fd2f8b-2df5-11e4-b68f-bcaec51997ab} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {f414bca0-d9e4-11e4-8ed9-bcaec51997ab} - E:\AutoRun.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {f414bcae-d9e4-11e4-8ed9-bcaec51997ab} - E:\AutoRun.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-04-25] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-04-08] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0AAFBB01-C496-474D-8BC2-940C0A776BD8}: [NameServer] 172.21.21.158 172.21.21.157

FireFox:
========
FF ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\ij5a11r8.default
FF DefaultSearchEngine: SearchAlgo
FF SearchEngineOrder.1: SearchAlgo
FF SelectedSearchEngine: SearchAlgo
FF Homepage: https://www.google.rs/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-23] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-23] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\ij5a11r8.default\searchplugins\SearchAlgo.xml [2015-05-21]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-17]
FF HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-07]
CHR Extension: (Google Drive) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-07]
CHR Extension: (YouTube) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-07]
CHR Extension: (Google Search) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-07]
CHR Extension: (Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-07]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 Disc Soft Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [813328 2014-04-28] (Disc Soft Ltd)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [276048 2013-02-06] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 mts mobilni internet. RunOuc; C:\Program Files\mts mobilni internet\UpdateDog\ouc.exe [656976 2013-05-21] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2014-05-27] (Google Inc)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [15744 2014-05-27] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2014-05-27] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis.sys [74240 2014-05-27] (LG Electronics Inc.)
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [24704 2014-05-24] (Disc Soft Ltd)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () []
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [101248 2013-03-04] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27776 2013-03-04] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [208384 2013-06-29] (Huawei Technologies Co., Ltd.)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [95232 2013-01-25] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 16:59 - 2015-05-26 17:00 - 00011046 _____ () C:\Users\ASUS\Desktop\FRST.txt
2015-05-26 16:58 - 2015-05-26 16:58 - 00004042 _____ () C:\Users\ASUS\Desktop\AdwCleaner[S0].txt
2015-05-26 16:48 - 2015-05-26 16:56 - 00000000 ____D () C:\AdwCleaner
2015-05-26 16:47 - 2015-05-26 16:47 - 02223104 _____ () C:\Users\ASUS\Desktop\AdwCleaner.exe
2015-05-26 15:23 - 2015-05-26 16:59 - 00000000 ____D () C:\FRST
2015-05-26 15:22 - 2015-05-26 15:22 - 01146880 _____ (Farbar) C:\Users\ASUS\Desktop\FRST.exe
2015-05-20 23:56 - 2015-05-21 00:04 - 00004421 _____ () C:\stat_log
2015-05-20 14:49 - 2015-05-20 23:35 - 00000000 ____D () C:\Users\ASUS\Desktop\Vikings S03 Complete Season 3 720p WEB-DL AAC x264-PSYPHER
2015-05-17 13:48 - 2015-05-17 13:48 - 00000000 ____D () C:\Program Files\Magic Photo Editor
2015-05-17 12:30 - 2015-05-18 00:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-16 20:06 - 2015-05-21 00:13 - 00000000 ____D () C:\Users\ASUS\Desktop\slikeM

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 16:57 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-26 16:56 - 2015-03-08 14:51 - 00023714 _____ () C:\Windows\setupact.log
2015-05-26 16:56 - 2014-05-22 20:32 - 01362700 _____ () C:\Windows\WindowsUpdate.log
2015-05-26 16:33 - 2015-03-07 21:23 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-26 16:10 - 2014-08-02 14:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-26 15:09 - 2009-07-14 06:53 - 00032614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-26 12:03 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-26 12:03 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-21 00:30 - 2014-08-06 09:34 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\AIMP3
2015-05-21 00:21 - 2015-03-08 14:51 - 00005170 _____ () C:\Windows\PFRO.log
2015-05-21 00:14 - 2015-03-08 15:37 - 00000000 ____D () C:\Users\ASUS\Desktop\New folder
2015-05-20 23:58 - 2009-07-14 04:04 - 00000541 _____ () C:\Windows\win.ini
2015-05-20 16:44 - 2014-05-22 23:13 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\uTorrent
2015-05-18 15:28 - 2015-03-07 21:23 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-18 00:46 - 2014-05-22 21:42 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-15 00:03 - 2015-01-07 13:42 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-04-29 22:38 - 2010-11-20 23:01 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2015-01-13 14:01 - 2015-01-13 14:01 - 0001025 _____ () C:\Users\ASUS\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
C:\Users\ASUS\AppData\Local\Temp\CloudBackup21.exe
C:\Users\ASUS\AppData\Local\Temp\divx3ff8.exe
C:\Users\ASUS\AppData\Local\Temp\DivXSetup.exe
C:\Users\ASUS\AppData\Local\Temp\GdiPlus.dll
C:\Users\ASUS\AppData\Local\Temp\InstallerMessageBox.exe
C:\Users\ASUS\AppData\Local\Temp\NPSInstallerProxy.exe
C:\Users\ASUS\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\ASUS\AppData\Local\Temp\Quarantine.exe
C:\Users\ASUS\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-18 11:59

==================== End of log ============================
https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8426
  • Gde živiš: Novi Beograd

Nisi mi okacio Addition log. Dva puta si mi okacio FRST log.

offline
  • Pridružio: 26 Mar 2011
  • Poruke: 221

Izvini,sada
https://www.mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8426
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKLM\...\Run: [NPSStartup] => [X]
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {7f01558a-e36e-11e3-9c00-bcaec51997ab} - E:\Startme.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {ace608fb-3cea-11e4-94cc-bcaec51997ab} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {b9fd2f8b-2df5-11e4-b68f-bcaec51997ab} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {f414bca0-d9e4-11e4-8ed9-bcaec51997ab} - E:\AutoRun.exe
HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\MountPoints2: {f414bcae-d9e4-11e4-8ed9-bcaec51997ab} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF DefaultSearchEngine: SearchAlgo
FF SearchEngineOrder.1: SearchAlgo
FF SelectedSearchEngine: SearchAlgo
FF SearchPlugin: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\ij5a11r8.default\searchplugins\SearchAlgo.xml [2015-05-21]
FF HKU\S-1-5-21-1739059202-3565848293-805263540-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 26 Mar 2011
  • Poruke: 221

Izvoli
https://www.mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8426
  • Gde živiš: Novi Beograd

Kakvo je sad stanje?

offline
  • Pridružio: 26 Mar 2011
  • Poruke: 221

Isto,nista se nije promenilo,evo i slika

nema nista samo dva programa,a evo druge gde se vidi da su u sistemu



offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8426
  • Gde živiš: Novi Beograd

Uradi jos jednu proveru dok probamo da nadjemo resenje. Very Happy

Arrow Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;



• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.





>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.





Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Ko je trenutno na forumu
 

Ukupno su 566 korisnika na forumu :: 25 registrovanih, 4 sakrivenih i 537 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: amaterSRB, Apok, awathorn, branko7, Crazzer, dac, dankisha, darionis, darkangel, hyla, Konda, Kruger, Krusarac, L3g1oN, Misirac, Mixelotti, orginalnike, panonski mornar, sakota79, stug, theNedjeljko, Toni, vasa.93, zixmix, |_MeD_|