Nepotrebni program

Nepotrebni program

offline
  • Pridružio: 01 Sep 2014
  • Poruke: 130
  • Gde živiš: Niksic- Srbska Sparta!!!

Napisano: 26 Sep 2014 16:17

Imam jedan program istartsurf ne mogu nikako da ga obrisem pa cak ni preko cc cleanera. A preko tog programa mi se otvara pocetna strana google. Kako mogu taj program da obrisem ? Sad ce izvestaj Smile

Dopuna: 26 Sep 2014 16:21

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-09-2014
Ran by SaVo (administrator) on SAVO-PC on 26-09-2014 16:13:00
Running from C:\Users\SaVo\Downloads
Loaded Profile: SaVo (Available profiles: SaVo)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\Telenor Internet\BackgroundService\ServiceManager.exe
() C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\Telenor Internet\ModemApplication.exe
(BitTorrent Inc.) C:\Users\SaVo\AppData\Roaming\BitTorrent\BitTorrent.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Telenor_Montenegro Lighter ModemListener] => C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe [109120 2013-01-11] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747264 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1509278285-1037933664-276767201-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1509278285-1037933664-276767201-1000\...\MountPoints2: {0dd54d9f-426e-11e4-b3c6-00a0c6000000} - G:\I_am_Alive_Setup.exe
HKU\S-1-5-21-1509278285-1037933664-276767201-1000\...\MountPoints2: {6371993c-4266-11e4-8359-001d7d35b28a} - H:\autorun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = istartsurf.com/?type=hp&ts=1411397792&f.....XX6RY4FMST
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDAC0F1BC73D6CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = istartsurf.com/?type=hp&ts=1411397792&f.....XX6RY4FMST
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = istartsurf.com/web/?type=ds&ts=14113977.....RY4FMST&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = istartsurf.com/?type=hp&ts=1411397792&f.....XX6RY4FMST
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = istartsurf.com/?type=hp&ts=1411397792&f.....XX6RY4FMST
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = istartsurf.com/web/?type=ds&ts=14113977.....RY4FMST&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe istartsurf.com/?type=sc&ts=1411397792&f.....XX6RY4FMST
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = istartsurf.com/web/?type=ds&ts=14113977.....RY4FMST&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = istartsurf.com/web/?type=ds&ts=14113977.....RY4FMST&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = istartsurf.com/web/?type=ds&ts=14113977.....RY4FMST&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = istartsurf.com/web/?type=ds&ts=14113977.....RY4FMST&q={searchTerms}
BHO: Senses -> {11111111-1111-1111-1111-110611191115} -> C:\Program Files\Senses\Senses-bho.dll No File
BHO: No Name -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> No File
Tcpip\..\Interfaces\{ED341EAC-8774-4622-98A4-67599A2F4F42}: [NameServer] 79.143.101.225 79.143.101.229

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR CustomProfile: C:\Users\SaVo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\SaVo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-22]
CHR Extension: (Google Drive) - C:\Users\SaVo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\SaVo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-22]
CHR Extension: (YouTube) - C:\Users\SaVo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-22]
CHR Extension: (Google Search) - C:\Users\SaVo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-22]
CHR Extension: (Google Wallet) - C:\Users\SaVo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-22]
CHR Extension: (Gmail) - C:\Users\SaVo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-22]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\SaVo\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-09-22]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-22] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-22] (globalUpdate) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-22] (Cherished Technololgy LIMITED)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-09-23] ()
R2 Telenor_Montenegro Lighter Modem Device Helper; C:\Program Files\Telenor Internet\BackgroundService\ServiceManager.exe [58192 2013-01-14] ()
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-22] (Fuyu LIMITED) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AlcatelOTnet; C:\Windows\System32\DRIVERS\AlcatelOTUsbnet.sys [118272 2013-01-11] (TCT International Mobile Ltd)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-09-22] (Disc Soft Ltd)
R3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [106112 2013-01-11] (TCT International Mobile Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R3 SrvHsfPCI; C:\Windows\System32\DRIVERS\VSTBS23.SYS [266752 2009-07-14] (Conexant Systems, Inc.)
S1 MpKslcc7974ab; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{32C30C28-F7B4-4388-8B60-03A04BAD56F7}\MpKslcc7974ab.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-26 16:13 - 2014-09-26 16:13 - 00010246 _____ () C:\Users\SaVo\Downloads\FRST.txt
2014-09-26 16:12 - 2014-09-26 16:13 - 00000000 ____D () C:\FRST
2014-09-26 16:09 - 2014-09-26 16:10 - 01100288 _____ (Farbar) C:\Users\SaVo\Downloads\FRST.exe
2014-09-26 14:00 - 2014-09-26 15:59 - 00000000 ____D () C:\Users\SaVo\Downloads\FIFA 14
2014-09-26 13:33 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-09-26 13:33 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-09-26 13:33 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-09-23 17:24 - 2014-09-23 18:44 - 00000000 ____D () C:\Users\SaVo\AppData\Roaming\Origin
2014-09-23 17:20 - 2014-09-23 23:00 - 00000000 ____D () C:\ProgramData\Origin
2014-09-23 15:59 - 2014-09-25 21:50 - 00000000 ____D () C:\Users\SaVo\Documents\MOHW
2014-09-23 15:59 - 2014-09-25 21:46 - 00280600 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-09-23 15:59 - 2014-09-23 15:59 - 00000000 ____D () C:\Users\SaVo\AppData\Local\PunkBuster
2014-09-23 14:56 - 2014-09-25 21:47 - 00139128 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-09-23 14:56 - 2014-09-23 14:56 - 00138904 _____ () C:\Users\SaVo\AppData\Roaming\PnkBstrK.sys
2014-09-23 14:55 - 2014-09-25 21:46 - 00280600 _____ () C:\Windows\system32\PnkBstrB.exe
2014-09-23 14:55 - 2014-09-25 21:14 - 00280600 _____ () C:\Windows\system32\PnkBstrB.ex0
2014-09-23 14:55 - 2014-09-23 14:55 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2014-09-23 14:55 - 2014-09-23 00:04 - 02643352 _____ () C:\Windows\system32\pb.exe
2014-09-23 12:57 - 2014-09-25 21:50 - 00000000 ____D () C:\Program Files\R.G. Mechanics
2014-09-23 02:32 - 2014-09-22 19:05 - 00000000 ____D () C:\Windows\Panther
2014-09-23 01:35 - 2014-09-26 13:17 - 02004410 _____ () C:\Windows\WindowsUpdate.log
2014-09-23 01:35 - 2014-09-23 01:35 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-09-23 01:35 - 2014-09-23 01:35 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-22 20:00 - 2014-09-22 20:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-09-22 19:35 - 2014-09-26 12:56 - 00001042 _____ () C:\Windows\setupact.log
2014-09-22 19:35 - 2014-09-24 17:45 - 00006180 _____ () C:\Windows\PFRO.log
2014-09-22 19:35 - 2014-09-22 19:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 18:11 - 2014-09-22 18:12 - 00000000 ____D () C:\Users\SaVo\Documents\GTA San Andreas User Files
2014-09-22 18:11 - 2014-09-22 18:11 - 00000000 ____D () C:\Users\SaVo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-22 17:51 - 2014-09-26 12:57 - 00002746 _____ () C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5_user.job
2014-09-22 17:51 - 2014-09-26 12:57 - 00002746 _____ () C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5.job
2014-09-22 17:51 - 2014-09-26 12:57 - 00002402 _____ () C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-2.job
2014-09-22 17:50 - 2014-09-26 15:50 - 00003770 _____ () C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-6.job
2014-09-22 17:50 - 2014-09-26 12:57 - 00003770 _____ () C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-4.job
2014-09-22 17:50 - 2014-09-26 12:57 - 00003426 _____ () C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-7.job
2014-09-22 17:50 - 2014-09-26 12:57 - 00003056 _____ () C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-1.job
2014-09-22 17:49 - 2014-09-26 12:57 - 00004452 _____ () C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-11.job
2014-09-22 17:49 - 2014-09-26 12:57 - 00003090 _____ () C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-3.job
2014-09-22 17:48 - 2014-09-22 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P9 Technologies
2014-09-22 17:46 - 2014-09-22 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\steelseries cs 1.6 by PoLe
2014-09-22 17:42 - 2014-09-22 17:48 - 00000000 ____D () C:\Program Files\Grand Theft Auto San Andreas
2014-09-22 17:36 - 2014-09-22 17:36 - 00000000 ____D () C:\Users\SaVo\AppData\Roaming\ATI
2014-09-22 17:36 - 2014-09-22 17:36 - 00000000 ____D () C:\Users\SaVo\AppData\Local\ATI
2014-09-22 17:36 - 2014-09-22 17:36 - 00000000 ____D () C:\ProgramData\ATI
2014-09-22 17:35 - 2014-09-22 17:35 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-09-22 17:30 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-09-22 17:30 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-09-22 17:30 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-09-22 17:30 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-09-22 17:30 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-09-22 17:30 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-09-22 17:30 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-09-22 17:30 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-09-22 17:30 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-09-22 17:30 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-09-22 17:30 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-09-22 17:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-09-22 17:30 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-09-22 17:30 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-09-22 17:30 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-09-22 17:30 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-09-22 17:30 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-09-22 17:30 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-09-22 17:30 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-09-22 17:30 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-09-22 17:30 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-09-22 17:30 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-09-22 17:30 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-09-22 17:30 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-09-22 17:30 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-09-22 17:30 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-09-22 17:30 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-09-22 17:30 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-09-22 17:30 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-09-22 17:30 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-09-22 17:30 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-09-22 17:30 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-09-22 17:30 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-09-22 17:30 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-09-22 17:30 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-09-22 17:30 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-09-22 17:30 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-09-22 17:30 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-09-22 17:30 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-09-22 17:30 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-09-22 17:30 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-09-22 17:30 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-09-22 17:30 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-09-22 17:30 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-09-22 17:30 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-09-22 17:30 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-09-22 17:30 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-09-22 17:30 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-09-22 17:30 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-09-22 17:30 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-09-22 17:30 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-09-22 17:30 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-09-22 17:30 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-09-22 17:30 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-09-22 17:30 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-09-22 17:30 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-09-22 17:30 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-09-22 17:30 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-09-22 17:30 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-09-22 17:30 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-09-22 17:30 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-09-22 17:30 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-09-22 17:30 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-09-22 17:30 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-09-22 17:30 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-09-22 17:30 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-09-22 17:30 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-09-22 17:30 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-09-22 17:30 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-09-22 17:30 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-09-22 17:30 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-09-22 17:30 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-09-22 17:30 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-09-22 17:30 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-09-22 17:30 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-09-22 17:30 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-09-22 17:29 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-09-22 17:29 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-09-22 17:29 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-09-22 17:29 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-09-22 17:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-09-22 17:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-09-22 17:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-09-22 17:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-09-22 17:29 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-09-22 17:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-09-22 17:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-09-22 17:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-09-22 17:25 - 2014-09-22 17:30 - 00000000 ____D () C:\Windows\system32\directx
2014-09-22 17:25 - 2014-09-22 17:29 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-09-22 17:21 - 2014-09-22 17:21 - 00059287 _____ () C:\Windows\system32\CCCInstall_201409221721105906.log
2014-09-22 17:21 - 2014-09-22 17:21 - 00000000 ____D () C:\ProgramData\AMD
2014-09-22 17:21 - 2014-09-22 17:21 - 00000000 ____D () C:\Program Files\AMD AVT
2014-09-22 17:20 - 2014-09-22 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-09-22 17:17 - 2014-09-22 17:17 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-09-22 17:17 - 2014-09-22 17:17 - 00000000 ____D () C:\Program Files\AMD
2014-09-22 17:12 - 2014-09-26 12:57 - 00001330 _____ () C:\Windows\Tasks\IXXI.job
2014-09-22 17:12 - 2014-09-26 12:57 - 00000938 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-09-22 17:12 - 2014-09-25 17:54 - 00000942 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-09-22 17:12 - 2014-09-22 17:49 - 01901464 _____ (Object Browser) C:\Users\SaVo\AppData\Roaming\IXXI.exe
2014-09-22 17:12 - 2014-09-22 17:12 - 00000000 ____D () C:\Users\SaVo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-22 17:12 - 2014-09-22 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-22 17:12 - 2014-09-22 17:12 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-22 17:11 - 2014-09-22 17:11 - 00000000 ____D () C:\Users\SaVo\AppData\Local\globalUpdate
2014-09-22 17:11 - 2014-09-22 17:11 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-09-22 17:11 - 2014-09-22 17:11 - 00000000 ____D () C:\Program Files\globalUpdate
2014-09-22 17:10 - 2014-09-22 17:10 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-22 17:10 - 2014-09-22 17:10 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-09-22 17:09 - 2014-09-22 17:10 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-22 17:09 - 2014-09-22 17:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-22 17:08 - 2014-09-22 17:20 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-22 17:08 - 2014-09-22 17:08 - 00000000 ____D () C:\Program Files\ATI
2014-09-22 17:07 - 2014-09-22 17:07 - 00000000 ____D () C:\AMD
2014-09-22 17:02 - 2014-09-22 17:02 - 00001132 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-22 17:02 - 2014-09-22 17:02 - 00000000 ____D () C:\Program Files\TeamViewer
2014-09-22 16:59 - 2014-09-22 17:01 - 00000000 ____D () C:\Users\SaVo\AppData\Roaming\Skype
2014-09-22 16:59 - 2014-09-22 16:59 - 00000000 ___RD () C:\Program Files\Skype
2014-09-22 16:59 - 2014-09-22 16:59 - 00000000 ____D () C:\Users\SaVo\AppData\Local\Skype
2014-09-22 16:59 - 2014-09-22 16:59 - 00000000 ____D () C:\ProgramData\Skype
2014-09-22 16:59 - 2014-09-22 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-22 16:59 - 2014-09-22 16:59 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-22 16:57 - 2014-09-22 16:57 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-22 16:57 - 2014-09-22 16:57 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-22 16:57 - 2014-09-22 08:41 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-22 16:56 - 2014-09-22 17:21 - 00000000 ____D () C:\Users\SaVo\AppData\Roaming\istartsurf
2014-09-22 16:55 - 2014-09-22 17:33 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-09-22 16:55 - 2014-09-22 17:33 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-22 16:55 - 2014-09-22 16:55 - 00000000 ____D () C:\Users\SaVo\AppData\Local\CrashRpt
2014-09-22 16:55 - 2014-09-22 16:55 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-09-22 16:55 - 2014-09-22 16:55 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-09-22 16:54 - 2014-09-26 13:38 - 00000000 ____D () C:\Users\SaVo\AppData\Roaming\DAEMON Tools Lite
2014-09-22 16:54 - 2014-09-26 13:13 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-09-22 16:54 - 2014-09-22 17:36 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-09-22 16:54 - 2014-09-22 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-09-22 16:54 - 2014-09-22 16:54 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-09-22 16:53 - 2014-09-22 16:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-22 16:52 - 2014-09-26 16:13 - 00000000 ____D () C:\Users\SaVo\AppData\Roaming\BitTorrent
2014-09-22 16:52 - 2014-09-22 16:52 - 00000812 _____ () C:\Users\SaVo\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-09-22 16:48 - 2014-09-22 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-22 16:46 - 2014-09-26 15:51 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-22 16:46 - 2014-09-26 12:57 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-22 16:46 - 2014-09-22 16:48 - 00000000 ____D () C:\Users\SaVo\AppData\Local\Google
2014-09-22 16:46 - 2014-09-22 16:47 - 00000000 ____D () C:\Program Files\Google
2014-09-22 16:45 - 2014-09-22 16:46 - 00000000 ____D () C:\Users\SaVo\AppData\Local\Deployment
2014-09-22 16:45 - 2014-09-22 16:45 - 00000000 ____D () C:\Users\SaVo\AppData\Local\Apps\2.0
2014-09-22 16:45 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-22 16:45 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-22 16:45 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-22 16:45 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-22 16:45 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-22 16:45 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-22 16:45 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-22 16:45 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-22 16:45 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-22 16:42 - 2014-09-22 17:10 - 00057560 _____ () C:\Users\SaVo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-22 16:42 - 2014-09-22 16:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-09-22 16:42 - 2014-09-22 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telenor Internet
2014-09-22 16:42 - 2014-09-22 16:42 - 00000000 ____D () C:\Program Files\Telenor Internet
2014-09-22 16:42 - 2013-01-11 09:25 - 00118272 _____ (TCT International Mobile Ltd) C:\Windows\system32\Drivers\AlcatelOTUsbnet.sys
2014-09-22 16:42 - 2013-01-11 09:25 - 00106112 _____ (TCT International Mobile Ltd) C:\Windows\system32\Drivers\jrdusbser.sys
2014-09-22 16:41 - 2014-09-22 16:56 - 00001619 _____ () C:\Users\SaVo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-22 16:40 - 2014-09-26 13:35 - 00000000 ____D () C:\Users\SaVo\AppData\Local\VirtualStore
2014-09-22 16:40 - 2014-09-22 16:41 - 00000000 ____D () C:\Users\SaVo
2014-09-22 16:40 - 2014-09-22 16:40 - 00000020 ___SH () C:\Users\SaVo\ntuser.ini
2014-09-22 16:40 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\SaVo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-22 16:40 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\SaVo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-22 16:38 - 2014-09-22 16:38 - 00000000 __SHD () C:\Recovery
2014-09-22 15:45 - 2014-09-22 16:51 - 00000000 ____D () C:\Users\SaVo\Desktop\SaVo
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\SaVo\AppData\Roaming\IXXI

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-26 13:33 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-26 13:01 - 2010-11-20 23:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-26 12:56 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-24 23:01 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-09-23 16:38 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-09-23 02:31 - 2009-07-14 06:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-09-23 02:31 - 2009-07-14 06:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-09-23 01:35 - 2009-07-14 04:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-23 01:33 - 2010-11-21 02:46 - 00000000 ____D () C:\Windows\CSC
2014-09-22 22:02 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-22 19:14 - 2009-07-14 06:34 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-22 19:14 - 2009-07-14 06:34 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-22 17:36 - 2009-07-14 06:33 - 00267496 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-22 17:32 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-22 17:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-22 16:39 - 2010-11-20 23:29 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-22 16:39 - 2010-11-20 23:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-09-22 16:39 - 2010-11-20 23:29 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-09-22 16:39 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\restore

Some content of TEMP:
====================
C:\Users\SaVo\AppData\Local\Temp\bitool.dll
C:\Users\SaVo\AppData\Local\Temp\cabex.dll
C:\Users\SaVo\AppData\Local\Temp\PartnerInstaller_smtyc.exe
C:\Users\SaVo\AppData\Local\Temp\smt_istartsurf.exe
C:\Users\SaVo\AppData\Local\Temp\tu17p84.exe
C:\Users\SaVo\AppData\Local\Temp\unelevate.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-23 15:56

==================== End Of Log ============================
mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav,


Arrow Iz Control Panel > Programs and Features probaj da deinstaliras sledece:
WindowsMangerProtect20.0.0.722
Restartuj racunar. U svakom slucaju, isprati sledece:




********************




Arrow 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
CloseProcesses:
Task: {0A80D7B2-D120-4EE6-8FDE-FBD7F17EF111} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5_user => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5.exe <==== ATTENTION
Task: {0C9DD246-3946-4671-BB1B-41CBF87CA728} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5 => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5.exe <==== ATTENTION
Task: {100ABB85-A77A-4B17-B1D5-92222E028DBF} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-1 => C:\Program Files\Senses\Senses-codedownloader.exe <==== ATTENTION
Task: {29E5F911-7F85-458C-9491-517CF406F8FE} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-3 => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-3.exe <==== ATTENTION
Task: {46F7A803-0EFC-44C3-87D1-E466261C3DC8} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-09-22] (globalUpdate) <==== ATTENTION
Task: {71594FF2-E40E-44BB-AACB-3B37E96E8112} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-6 => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-6.exe <==== ATTENTION
Task: {B3670B89-F389-4097-A992-C89E309B0448} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-7 => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-7.exe <==== ATTENTION
Task: {CC429DA7-81CE-45EB-AB0E-68EC6E9E7EBF} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-2 => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-2.exe <==== ATTENTION
Task: {D9CD4626-B403-42F2-9995-8EFF3F0035B6} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-4 => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-4.exe <==== ATTENTION
Task: {DAF34F56-8074-47D5-AD41-76062B84F95D} - System32\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-11 => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-11.exe <==== ATTENTION
Task: {F6397235-06FD-45FB-BCB5-BBD358CB9379} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-09-22] (globalUpdate) <==== ATTENTION
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-1.job => C:\Program Files\Senses\Senses-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-11.job => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-2.job => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-3.job => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-4.job => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5.job => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5_user.job => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-6.job => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-7.job => C:\Program Files\Senses\eb1d300f-ab15-4910-bfc8-74bd8d84d566-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\IXXI.job => C:\Users\SaVo\AppData\Roaming\IXXI.exe
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
Hosts:
HKU\S-1-5-21-1509278285-1037933664-276767201-1000\...\MountPoints2: {0dd54d9f-426e-11e4-b3c6-00a0c6000000} - G:\I_am_Alive_Setup.exe
HKU\S-1-5-21-1509278285-1037933664-276767201-1000\...\MountPoints2: {6371993c-4266-11e4-8359-001d7d35b28a} - H:\autorun.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1411397792&f.....XX6RY4FMST
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1411397792&f.....XX6RY4FMST
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=14113977.....RY4FMST&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1411397792&f.....XX6RY4FMST
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1411397792&f.....XX6RY4FMST
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=14113977.....RY4FMST&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1411397792&f.....XX6RY4FMST
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=14113977.....RY4FMST&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=14113977.....RY4FMST&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=14113977.....RY4FMST&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=14113977.....RY4FMST&q={searchTerms}
BHO: Senses -> {11111111-1111-1111-1111-110611191115} -> C:\Program Files\Senses\Senses-bho.dll No File
BHO: No Name -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> No File
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\SaVo\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-09-22]
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-22] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-22] (globalUpdate) [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-22] (Fuyu LIMITED) [File not signed]
EmptyTemp:
C:\Users\SaVo\AppData\Roaming\IXXI.exe
C:\Users\SaVo\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
C:\Program Files\globalUpdate
C:\ProgramData\WindowsMangerProtect
C:\Program Files\Senses
C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5_user.job
C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-5.job
C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-2.job
C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-6.job
C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-4.job
C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-7.job
C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-1.job
C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-11.job
C:\Windows\Tasks\eb1d300f-ab15-4910-bfc8-74bd8d84d566-3.job
End


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.






********************






Arrow Preuzmi smeenk-ov zoek () sa ovog linka i sačuvaj ga na Desktop.
Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


Klikni na More Options dugme i stikliraj polje ispred sledece opcije:
Auto Clean
Napomena: Stikliraj samo navedenu opciju, ostale opcije ne dirati ! !


Klikni na dugme i pričekaj da se skeniranje završi.
zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)

Arrow Kopiraj sadrzaj tog loga u poruku.

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Kako napredujes?

offline
  • Pridružio: 30 Avg 2014
  • Poruke: 314
  • Gde živiš: Montenegro

To mi je drug ...rekao mi je da ga je uklonio iz kompjutera taj program ,ali odradicemo ovaj vas postupak da bude siguran Smile

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Mislis, uklonio je WindowsMangerProtect?

Ok.

offline
  • Pridružio: 30 Avg 2014
  • Poruke: 314
  • Gde živiš: Montenegro

Jeste ....kako je uspio nzm ali je rekao da je uklonio program Smile

Ko je trenutno na forumu
 

Ukupno su 641 korisnika na forumu :: 11 registrovanih, 2 sakrivenih i 628 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Dorcolac, esx66, havoc995, hooraay, milenko crazy north, minmatar34957, pacika, suton, uruk, voja64, zziko