MyCity » Ambulanta -> Arhiva Ambulante » PC usporio

PC usporio

Napisano na dan: 4.10.2014

Strana:
1
2

PC usporio

Sledeća strana

Pagination

Odgovori

Strana:
1
2

canke Poslao: 04 Okt 2014 08:52 Idi na vrh
offline canke Građanin Pridružio: 06 Maj 2008 Poruke: 90	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: U zadnje vreme racunar mi sve sporije radi, AV nista ne prijavljuje to je prvi problem i drugi problem je sto kada kliknem na neku stranicu istovremeno se otvara i po jedan mozilin prozor a ponekad i vise uzastopno... Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-10-2014 Ran by Administrator (administrator) on PC-CB2AAFBC1073 on 04-10-2014 08:17:56 Running from C:\Documents and Settings\Administrator\Desktop Loaded Profile: Administrator (Available profiles: Administrator) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe (Corel Corporation) C:\Corel\Graphics8\Programs\MFIndexer.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation) HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1404928 2004-10-14] (Analog Devices, Inc.) HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [616632 2014-01-28] (Nico Mak Computing) HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-842925246-1614895754-1644491937-500\...\Run: [LiveSupport] => "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log HKU\S-1-5-21-842925246-1614895754-1644491937-500\...\Run: [ChicaPasswordManager] => "C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned HKU\S-1-5-21-842925246-1614895754-1644491937-500\...\Run: [BitComet] => "C:\Program Files\BitComet\BitComet.exe" /tray HKU\S-1-5-21-842925246-1614895754-1644491937-500\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Corel MEDIA FOLDERS INDEXER 8.LNK ShortcutTarget: Corel MEDIA FOLDERS INDEXER 8.LNK -> C:\Corel\Graphics8\Programs\MFIndexer.exe (Corel Corporation) HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5A855322C834CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] URLSearchHook: HKLM - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} SearchScopes: HKLM - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&pid=724&r=2014/03/26&hid=12971120069827067540&lg=EN&cc=RS SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&pid=724&r=2014/03/26&hid=12971120069827067540&lg=EN&cc=RS SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&babsrc=SP_ss&mntrId=A84C000BDB7E3674&affID=128403&tsp=5242 SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&pid=724&r=2014/03/26&hid=12971120069827067540&lg=EN&cc=RS BHO: Qualys BrowserCheck IE Helper -> {7D2FB79E-E58C-4DB5-A36F-AC1C73967FA5} -> C:\WINDOWS\Downloaded Program Files\qbc_bho.dll (Qualys, Inc.) DPF: {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [Link mogu videti samo ulogovani korisnici] DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Link mogu videti samo ulogovani korisnici] ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ] Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default FF DefaultSearchEngine: YouTube FF SelectedSearchEngine: YouTube FF Homepage: [Link mogu videti samo ulogovani korisnici] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF user.js: detected! => C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\user.js FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\buenosearch.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\conduit-search.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\default-search.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\google-.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\googlemaps.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\torrents-search.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\WebSearch.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\youtube.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml FF Extension: DiscOuntExtensi - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\9uueadjhspi@ueeuu-.com [2014-04-10] FF Extension: YoutubeAdblocker - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\a-tra@qqaeiey.com [2014-03-25] FF Extension: SSearCh-NewTab - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\dvyugop@wtfq.net [2014-03-25] FF Extension: saafeweB - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\f7iiua@aeuoxbx-.net [2014-03-25] FF Extension: safEwebb - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\hkc_yo@hf-uos.com [2014-03-26] FF Extension: Search-NewTab - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\i14qd@y-oknujpy.net [2014-03-25] FF Extension: SNT - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\igooiua@yfk-rs.edu [2014-03-26] FF Extension: Safewebu - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\iyyismwt@sfra.co.uk [2014-03-26] FF Extension: safueweb - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\oqbmsb@ioayxltr.org [2014-03-26] FF Extension: saaffewEb - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\q5g-bbv4wwua@x-eyuuuo-.net [2014-03-25] FF Extension: SoearcHH-NeWeTabo - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\root-e@lfltuiy-.net [2014-03-26] FF Extension: safeeweb - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\s9augs@watie-ccq.edu [2014-03-26] FF Extension: Site Matcher - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\sitematcher@sitematcher.com [2014-05-09] FF Extension: Search-NewTaB - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\tegozd@zouuy.com [2014-03-26] FF Extension: Qualys BrowserCheck - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2014-03-26] FF Extension: uTorrentControl_v6 - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} [2014-03-25] FF Extension: BitTorrentControl_v12 - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} [2014-09-29] FF Extension: GoPhotoIt - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\gophoto@gophoto.it.xpi [2013-08-08] FF Extension: Adblock Plus - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-14] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-03-26] Chrome: ======= CHR HomePage: Default -> [Link mogu videti samo ulogovani korisnici] CHR StartupUrls: Default -> "hxxp://search.conduit.com/?gd=&ctid=CT3319597&octid=EB_ORIGINAL_CTID&ISID=M4A59A383-073E-46ED-845C-F26707F7C3BC&SearchSource=55&CUI=&UM=5&UP=SP73A40756-FA2B-42BA-94BD-50401DF23610&SSPV=" CHR DefaultSearchKeyword: Default -> conduit.search CHR DefaultSearchProvider: Default -> Conduit Search CHR DefaultSearchURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}&SSPV= CHR DefaultSuggestURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms} CHR CustomProfile: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (DiscOuntExtensi) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gjhopfkebnbgbmafhfcchmecpnijfkjm [2014-04-10] CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26] CHR Extension: (GoPhoto.it) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2014-09-29] CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit16.crx [2013-08-08] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-12] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG) S2 Update PacFunction; "C:\Program Files\PacFunction\updatePacFunction.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [97648 2014-07-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2014-02-25] (Avira Operations GmbH & Co. KG) R3 E1000; C:\WINDOWS\System32\DRIVERS\e1000325.sys [171152 2008-08-21] (Intel Corporation) R3 ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [1302332 2005-09-20] (Intel Corporation) [File not signed] R3 Mach3; C:\WINDOWS\System32\Drivers\Mach3.sys [106240 2007-12-19] (Your Corporation) [File not signed] S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation) R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2014-02-25] (Avira GmbH) R1 {19854aff-7c07-4859-9831-cd028ac55dd0}Gt; C:\WINDOWS\System32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gt.sys [55232 2014-04-24] (StdLib) S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-04 08:17 - 2014-10-04 08:18 - 00017908 _____ () C:\Documents and Settings\Administrator\Desktop\FRST.txt 2014-10-04 08:17 - 2014-10-04 08:18 - 00000000 ____D () C:\FRST 2014-10-04 08:13 - 2014-10-04 08:10 - 01100800 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe 2014-09-28 10:34 - 2014-09-28 10:37 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe 2014-09-24 22:40 - 2014-09-24 22:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-04 08:18 - 2014-03-28 02:03 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp 2014-10-04 08:08 - 2014-03-25 21:33 - 00000438 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{D4C18C98-6721-47AE-B24A-094D7CF22337}.job 2014-10-04 07:51 - 2014-03-26 07:46 - 00000900 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-04 07:28 - 2012-02-01 00:54 - 01082736 _____ () C:\WINDOWS\WindowsUpdate.log 2014-10-04 07:23 - 2012-01-31 16:49 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-10-04 07:23 - 2012-01-31 16:49 - 00000049 _____ () C:\WINDOWS\wiaservc.log 2014-10-04 07:22 - 2014-03-26 11:26 - 00000608 ____H () C:\WINDOWS\Tasks\SW-Booster-S-144357078.job 2014-10-04 07:22 - 2014-03-26 07:46 - 00000896 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-04 07:22 - 2014-03-25 22:16 - 00000282 _____ () C:\WINDOWS\Tasks\GoforFilesUpdate.job 2014-10-04 07:22 - 2012-02-01 01:06 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-10-04 00:29 - 2012-02-01 01:06 - 00032560 _____ () C:\WINDOWS\SchedLgU.Txt 2014-10-04 00:28 - 2012-02-01 01:06 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-10-04 00:28 - 2012-02-01 01:06 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-10-04 00:21 - 2014-03-01 19:49 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-10-03 14:48 - 2014-03-12 07:21 - 00000296 _____ () C:\WINDOWS\hpbafd.ini 2014-10-02 12:17 - 2001-08-23 15:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-09-26 10:35 - 2014-03-26 15:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-09-22 08:52 - 2014-05-13 08:36 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\PONUDA 2014-09-12 09:46 - 2014-04-11 23:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache 2014-09-11 23:40 - 2014-04-17 11:52 - 00141702 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-842925246-1614895754-1644491937-500-0.dat 2014-09-11 11:20 - 2014-04-11 23:51 - 00000000 ____D () C:\Program Files\Avira 2014-09-11 11:20 - 2014-04-11 23:51 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avira 2014-09-10 16:21 - 2014-03-01 19:49 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-09-10 16:21 - 2014-03-01 19:49 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl Some content of TEMP: ==================== C:\Documents and Settings\Administrator\Local Settings\temp\avgnt.exe C:\Documents and Settings\Administrator\Local Settings\temp\bassmod.dll C:\Documents and Settings\Administrator\Local Settings\temp\DseShExt-x86.dll C:\Documents and Settings\Administrator\Local Settings\temp\nsf2B.exe C:\Documents and Settings\Administrator\Local Settings\temp\nsgE.exe C:\Documents and Settings\Administrator\Local Settings\temp\nsi2E.exe C:\Documents and Settings\Administrator\Local Settings\temp\nsp31.exe C:\Documents and Settings\Administrator\Local Settings\temp\nsp3A.exe C:\Documents and Settings\Administrator\Local Settings\temp\nsw37.exe C:\Documents and Settings\Administrator\Local Settings\temp\nsw3D.exe C:\Documents and Settings\Administrator\Local Settings\temp\SDShelEx-win32.dll C:\Documents and Settings\Administrator\Local Settings\temp\SettingsManagerSetup.exe C:\Documents and Settings\Administrator\Local Settings\temp\SimBundD.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ [Link mogu videti samo ulogovani korisnici]

Profil

TwinHeadedEagle Poslao: 04 Okt 2014 09:10 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 04 Oct 2014 9:04 Pozdrav, Odgovoricu cim pregledam izvestaje. Dopuna: 04 Oct 2014 9:10 Koristis modifikovanu, a samim tim i nelegalnu verziju sistema. Ne mogu da garantujem nista da li ce racunar raditi kako valja nakon sto pokusamo da resimo problem. Prvo treba da obrises neke nezeljene programe: - Assistant - DealiExpRess - SW-Sustainer 1.80 Zatim: 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: closeprocesses: emptytemp: Task: C:\WINDOWS\Tasks\GoforFilesUpdate.job => C:\Program Files\GoforFiles\GFFUpdater.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\SW-Booster-S-144357078.job => c:\documents and settings\all users\application data\puresafe\sw-booster\SW-Booster.exe <==== ATTENTION HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe C:\Program Files\Mobogenie HKU\S-1-5-21-842925246-1614895754-1644491937-500\...\Run: [LiveSupport] => "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log C:\Program Files\LiveSupport IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll c:\program files\settings manager HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?gd=&ctid=CT3319597&.....&SSPV= HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5A855322C834CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchsun.info/?pid=724&r=201.....&cc=RS URLSearchHook: HKLM - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} SearchScopes: HKLM - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchsun.info/?l=1&q={searchTerms}&pid=724&r=2014/03/26&hid=12971120069827067540&lg=EN&cc=RS SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&a.....=ds&p={searchTerms} SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchsun.info/?l=1&q={searchTerms}&pid=724&r=2014/03/26&hid=12971120069827067540&lg=EN&cc=RS SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A84C000BDB7E3674&affID=128403&tsp=5242 SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&a.....=ds&p={searchTerms} SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchsun.info/?l=1&q={searchTerms}&pid=724&r=2014/03/26&hid=12971120069827067540&lg=EN&cc=RS ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ] FF user.js: detected! => C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\user.js FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\buenosearch.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\conduit-search.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\default-search.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\google-.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\googlemaps.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\torrents-search.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\WebSearch.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\youtube.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml FF Extension: DiscOuntExtensi - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\9uueadjhspi@ueeuu-.com [2014-04-10] FF Extension: YoutubeAdblocker - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\a-tra@qqaeiey.com [2014-03-25] FF Extension: SSearCh-NewTab - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\dvyugop@wtfq.net [2014-03-25] FF Extension: saafeweB - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\f7iiua@aeuoxbx-.net [2014-03-25] FF Extension: safEwebb - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\hkc_yo@hf-uos.com [2014-03-26] FF Extension: Search-NewTab - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\i14qd@y-oknujpy.net [2014-03-25] FF Extension: SNT - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\igooiua@yfk-rs.edu [2014-03-26] FF Extension: Safewebu - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\iyyismwt@sfra.co.uk [2014-03-26] FF Extension: safueweb - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\oqbmsb@ioayxltr.org [2014-03-26] FF Extension: saaffewEb - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\q5g-bbv4wwua@x-eyuuuo-.net [2014-03-25] FF Extension: SoearcHH-NeWeTabo - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\root-e@lfltuiy-.net [2014-03-26] FF Extension: safeeweb - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\s9augs@watie-ccq.edu [2014-03-26] FF Extension: Site Matcher - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\sitematcher@sitematcher.com [2014-05-09] FF Extension: Search-NewTaB - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\tegozd@zouuy.com [2014-03-26] FF Extension: Qualys BrowserCheck - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2014-03-26] FF Extension: uTorrentControl_v6 - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} [2014-03-25] FF Extension: BitTorrentControl_v12 - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} [2014-09-29] FF Extension: GoPhotoIt - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\gophoto@gophoto.it.xpi [2013-08-08] CHR HomePage: Default -> hxxp://search.conduit.com/?gd=&ctid=CT3319597&octid=EB_ORIGINAL_CTID&ISID=M4A59A383-073E-46ED-845C-F26707F7C3BC&SearchSource=55&CUI=&UM=5&UP=SP73A40756-FA2B-42BA-94BD-50401DF23610&SSPV= CHR StartupUrls: Default -> "hxxp://search.conduit.com/?gd=&ctid=CT3319597&octid=EB_ORIGINAL_CTID&ISID=M4A59A383-073E-46ED-845C-F26707F7C3BC&SearchSource=55&CUI=&UM=5&UP=SP73A40756-FA2B-42BA-94BD-50401DF23610&SSPV=" CHR DefaultSearchKeyword: Default -> conduit.search CHR DefaultSearchProvider: Default -> Conduit Search CHR DefaultSearchURL: Default -> http://search.conduit.com/Results.aspx?gd=&cti.....610&q={searchTerms}&SSPV= CHR DefaultSuggestURL: Default -> http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences CHR Extension: (DiscOuntExtensi) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gjhopfkebnbgbmafhfcchmecpnijfkjm [2014-04-10] CHR Extension: (GoPhoto.it) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2014-09-29] CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit16.crx [2013-08-08] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION C:\Program Files\Gophoto.it S2 Update PacFunction; "C:\Program Files\PacFunction\updatePacFunction.exe" [X] R1 {19854aff-7c07-4859-9831-cd028ac55dd0}Gt; C:\WINDOWS\System32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gt.sys [55232 2014-04-24] (StdLib) S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X] C:\WINDOWS\System32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gt.sys 2014-10-04 07:22 - 2014-03-26 11:26 - 00000608 ____H () C:\WINDOWS\Tasks\SW-Booster-S-144357078.job 2014-10-04 07:22 - 2014-03-26 07:46 - 00000896 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-04 07:22 - 2014-03-25 22:16 - 00000282 _____ () C:\WINDOWS\Tasks\GoforFilesUpdate.job 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt

Profil

canke Poslao: 04 Okt 2014 10:04 Idi na vrh
offline canke Građanin Pridružio: 06 Maj 2008 Poruke: 90	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! DealiExpRess sam obriso u control panelu, Assistant i SW-Sustainer 1.80 nemogu, sta da radim?

Profil

TwinHeadedEagle Poslao: 04 Okt 2014 10:33 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nista, nastavi dalje.

Profil

canke Poslao: 04 Okt 2014 10:57 Idi na vrh
offline canke Građanin Pridružio: 06 Maj 2008 Poruke: 90	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 04-10-2014 Ran by Administrator at 2014-10-04 10:11:04 Run:1 Running from C:\Documents and Settings\Administrator\Desktop Loaded Profile: Administrator (Available profiles: Administrator) Boot Mode: Normal ============================================== Content of fixlist: *************** closeprocesses: emptytemp: Task: C:\WINDOWS\Tasks\GoforFilesUpdate.job => C:\Program Files\GoforFiles\GFFUpdater.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\SW-Booster-S-144357078.job => c:\documents and settings\all users\application data\puresafe\sw-booster\SW-Booster.exe <==== ATTENTION HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe C:\Program Files\Mobogenie HKU\S-1-5-21-842925246-1614895754-1644491937-500\...\Run: [LiveSupport] => "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log C:\Program Files\LiveSupport IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll c:\program files\settings manager HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5A855322C834CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] URLSearchHook: HKLM - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} SearchScopes: HKLM - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&pid=724&r=2014/03/26&hid=12971120069827067540&lg=EN&cc=RS SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&pid=724&r=2014/03/26&hid=12971120069827067540&lg=EN&cc=RS SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&babsrc=SP_ss&mntrId=A84C000BDB7E3674&affID=128403&tsp=5242 SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&pid=724&r=2014/03/26&hid=12971120069827067540&lg=EN&cc=RS ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ] FF user.js: detected! => C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\user.js FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\buenosearch.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\conduit-search.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\default-search.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\google-.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\googlemaps.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\torrents-search.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\WebSearch.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\youtube.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml FF Extension: DiscOuntExtensi - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\9uueadjhspi@ueeuu-.com [2014-04-10] FF Extension: YoutubeAdblocker - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\a-tra@qqaeiey.com [2014-03-25] FF Extension: SSearCh-NewTab - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\dvyugop@wtfq.net [2014-03-25] FF Extension: saafeweB - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\f7iiua@aeuoxbx-.net [2014-03-25] FF Extension: safEwebb - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\hkc_yo@hf-uos.com [2014-03-26] FF Extension: Search-NewTab - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\i14qd@y-oknujpy.net [2014-03-25] FF Extension: SNT - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\igooiua@yfk-rs.edu [2014-03-26] FF Extension: Safewebu - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\iyyismwt@sfra.co.uk [2014-03-26] FF Extension: safueweb - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\oqbmsb@ioayxltr.org [2014-03-26] FF Extension: saaffewEb - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\q5g-bbv4wwua@x-eyuuuo-.net [2014-03-25] FF Extension: SoearcHH-NeWeTabo - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\root-e@lfltuiy-.net [2014-03-26] FF Extension: safeeweb - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\s9augs@watie-ccq.edu [2014-03-26] FF Extension: Site Matcher - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\sitematcher@sitematcher.com [2014-05-09] FF Extension: Search-NewTaB - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\tegozd@zouuy.com [2014-03-26] FF Extension: Qualys BrowserCheck - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2014-03-26] FF Extension: uTorrentControl_v6 - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} [2014-03-25] FF Extension: BitTorrentControl_v12 - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} [2014-09-29] FF Extension: GoPhotoIt - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\gophoto@gophoto.it.xpi [2013-08-08] CHR HomePage: Default -> [Link mogu videti samo ulogovani korisnici] CHR StartupUrls: Default -> "hxxp://search.conduit.com/?gd=&ctid=CT3319597&octid=EB_ORIGINAL_CTID&ISID=M4A59A383-073E-46ED-845C-F26707F7C3BC&SearchSource=55&CUI=&UM=5&UP=SP73A40756-FA2B-42BA-94BD-50401DF23610&SSPV=" CHR DefaultSearchKeyword: Default -> conduit.search CHR DefaultSearchProvider: Default -> Conduit Search CHR DefaultSearchURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}&SSPV= CHR DefaultSuggestURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms} C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences CHR Extension: (DiscOuntExtensi) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gjhopfkebnbgbmafhfcchmecpnijfkjm [2014-04-10] CHR Extension: (GoPhoto.it) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2014-09-29] CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit16.crx [2013-08-08] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION C:\Program Files\Gophoto.it S2 Update PacFunction; "C:\Program Files\PacFunction\updatePacFunction.exe" [X] R1 {19854aff-7c07-4859-9831-cd028ac55dd0}Gt; C:\WINDOWS\System32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gt.sys [55232 2014-04-24] (StdLib) S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X] C:\WINDOWS\System32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gt.sys 2014-10-04 07:22 - 2014-03-26 11:26 - 00000608 ____H () C:\WINDOWS\Tasks\SW-Booster-S-144357078.job 2014-10-04 07:22 - 2014-03-26 07:46 - 00000896 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-04 07:22 - 2014-03-25 22:16 - 00000282 _____ () C:\WINDOWS\Tasks\GoforFilesUpdate.job ************* Processes closed successfully. C:\WINDOWS\Tasks\GoforFilesUpdate.job => Moved successfully. C:\WINDOWS\Tasks\SW-Booster-S-144357078.job => Moved successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon => value deleted successfully. "C:\Program Files\Mobogenie" => File/Directory not found. HKU\S-1-5-21-842925246-1614895754-1644491937-500\Software\Microsoft\Windows\CurrentVersion\Run\\LiveSupport => value deleted successfully. "C:\Program Files\LiveSupport" => File/Directory not found. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe" => Key deleted successfully. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe" => Key deleted successfully. HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => value deleted successfully. "c:\program files\settings manager" => File/Directory not found. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs => value deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key deleted successfully. "HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key not found. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" => Key deleted successfully. "HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully. "HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key deleted successfully. "HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" => Key deleted successfully. "HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" => Key not found. HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => value deleted successfully. "HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}" => Key not found. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\user.js => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\buenosearch.xml => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\conduit-search.xml => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\default-search.xml => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\google-.xml => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\googlemaps.xml => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\torrents-search.xml => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\WebSearch.xml => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\searchplugins\youtube.xml => Moved successfully. C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\9uueadjhspi@ueeuu-.com => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\a-tra@qqaeiey.com => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\dvyugop@wtfq.net => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\f7iiua@aeuoxbx-.net => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\hkc_yo@hf-uos.com => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\i14qd@y-oknujpy.net => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\igooiua@yfk-rs.edu => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\iyyismwt@sfra.co.uk => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\oqbmsb@ioayxltr.org => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\q5g-bbv4wwua@x-eyuuuo-.net => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\root-e@lfltuiy-.net => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\s9augs@watie-ccq.edu => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\sitematcher@sitematcher.com => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\tegozd@zouuy.com => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Moved successfully. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\gophoto@gophoto.it.xpi => Moved successfully. Chrome HomePage deleted successfully. Chrome StartupUrls deleted successfully. Chrome DefaultSearchKeyword deleted successfully. CHR DefaultSearchProvider: Default -> Conduit Search ==> The Chrome "Settings" can be used to fix the entry. Chrome DefaultSearchURL deleted successfully. Chrome DefaultSuggestURL deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences => Moved successfully. C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gjhopfkebnbgbmafhfcchmecpnijfkjm => Moved successfully. C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk => Moved successfully. "HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk" => Key deleted successfully. C:\Program Files\Gophoto.it\gophotoit16.crx => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. C:\Program Files\Gophoto.it => Moved successfully. Update PacFunction => Service deleted successfully. {19854aff-7c07-4859-9831-cd028ac55dd0}Gt => Unable to stop service {19854aff-7c07-4859-9831-cd028ac55dd0}Gt => Service deleted successfully. catchme => Service deleted successfully. C:\WINDOWS\System32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gt.sys => Moved successfully. "C:\WINDOWS\Tasks\SW-Booster-S-144357078.job" => File/Directory not found. C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully. "C:\WINDOWS\Tasks\GoforFilesUpdate.job" => File/Directory not found. EmptyTemp: => Removed 1.4 GB temporary data. The system needed a reboot. ==== End of Fixlog ==== [Link mogu videti samo ulogovani korisnici]**

Profil

TwinHeadedEagle Poslao: 04 Okt 2014 11:05 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odlicno. Kazi mi kakvo je sada stanje?

Profil

canke Poslao: 04 Okt 2014 11:34 Idi na vrh
offline canke Građanin Pridružio: 06 Maj 2008 Poruke: 90	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 04 Okt 2014 11:28 Bolje je u odnosu na prethodno stanje, ali bas i nije kao sto je bilo ranije Dopuna: 04 Okt 2014 11:34 samo da dodam, iskacucih prozora nema...

Profil

TwinHeadedEagle Poslao: 04 Okt 2014 13:44 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kako mislis, nije kao sto je bilo ranije? Pokreni ponovo FRST, cekiraj Addition.txt opciju, klikni na scan i dostavi mi oba izvestaja.

Profil

canke Poslao: 04 Okt 2014 14:40 Idi na vrh
offline canke Građanin Pridružio: 06 Maj 2008 Poruke: 90	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Mislim na ranije dok je bilo sve uredu, pre ovog usporavanja. Hteo sam da pitam sa cim da obrisem ona dva nezeljena programa sto mi jutros nije poslo za rukom? Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-10-2014 Ran by Administrator (administrator) on PC-CB2AAFBC1073 on 04-10-2014 14:02:13 Running from C:\Documents and Settings\Administrator\Desktop Loaded Profile: Administrator (Available profiles: Administrator) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (Corel Corporation) C:\Corel\Graphics8\Programs\MFIndexer.exe (Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation) HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1404928 2004-10-14] (Analog Devices, Inc.) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [616632 2014-01-28] (Nico Mak Computing) HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-842925246-1614895754-1644491937-500\...\Run: [ChicaPasswordManager] => "C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned HKU\S-1-5-21-842925246-1614895754-1644491937-500\...\Run: [BitComet] => "C:\Program Files\BitComet\BitComet.exe" /tray HKU\S-1-5-21-842925246-1614895754-1644491937-500\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Corel MEDIA FOLDERS INDEXER 8.LNK ShortcutTarget: Corel MEDIA FOLDERS INDEXER 8.LNK -> C:\Corel\Graphics8\Programs\MFIndexer.exe (Corel Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) BHO: Qualys BrowserCheck IE Helper -> {7D2FB79E-E58C-4DB5-A36F-AC1C73967FA5} -> C:\WINDOWS\Downloaded Program Files\qbc_bho.dll (Qualys, Inc.) DPF: {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [Link mogu videti samo ulogovani korisnici] DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Link mogu videti samo ulogovani korisnici] Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default FF DefaultSearchEngine: YouTube FF SelectedSearchEngine: YouTube FF Homepage: [Link mogu videti samo ulogovani korisnici] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5vuxt5jn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-14] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-03-26] Chrome: ======= CHR CustomProfile: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-12] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [97648 2014-07-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2014-02-25] (Avira Operations GmbH & Co. KG) R3 E1000; C:\WINDOWS\System32\DRIVERS\e1000325.sys [171152 2008-08-21] (Intel Corporation) R3 ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [1302332 2005-09-20] (Intel Corporation) [File not signed] R3 Mach3; C:\WINDOWS\System32\Drivers\Mach3.sys [106240 2007-12-19] (Your Corporation) [File not signed] S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation) R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2014-02-25] (Avira GmbH) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-04 14:02 - 2014-10-04 14:03 - 00008068 _____ () C:\Documents and Settings\Administrator\Desktop\FRST.txt 2014-10-04 10:37 - 2014-10-04 10:42 - 00000000 ____D () C:\AdwCleaner 2014-10-04 10:36 - 2014-10-04 10:35 - 01375089 _____ () C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.311.exe 2014-10-04 10:24 - 2014-10-04 10:44 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-04 08:17 - 2014-10-04 14:02 - 00000000 ____D () C:\FRST 2014-10-04 08:13 - 2014-10-04 08:10 - 01100800 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe 2014-09-28 10:34 - 2014-09-28 10:37 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe 2014-09-24 22:40 - 2014-09-24 22:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-04 14:03 - 2014-03-28 02:03 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp 2014-10-04 13:54 - 2014-03-25 21:33 - 00000438 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{D4C18C98-6721-47AE-B24A-094D7CF22337}.job 2014-10-04 13:29 - 2014-03-26 07:46 - 00000900 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-04 13:21 - 2014-03-01 19:49 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-10-04 13:18 - 2012-02-01 00:54 - 01123239 _____ () C:\WINDOWS\WindowsUpdate.log 2014-10-04 10:44 - 2012-01-31 16:49 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-10-04 10:44 - 2012-01-31 16:49 - 00000049 _____ () C:\WINDOWS\wiaservc.log 2014-10-04 10:43 - 2012-02-01 01:06 - 00032560 _____ () C:\WINDOWS\SchedLgU.Txt 2014-10-04 10:43 - 2012-02-01 01:06 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-10-04 10:42 - 2012-02-01 01:06 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-10-04 10:20 - 2012-02-01 01:06 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-10-03 14:48 - 2014-03-12 07:21 - 00000296 _____ () C:\WINDOWS\hpbafd.ini 2014-10-02 12:17 - 2001-08-23 15:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-09-26 10:35 - 2014-03-26 15:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-09-22 08:52 - 2014-05-13 08:36 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\PONUDA 2014-09-12 09:46 - 2014-04-11 23:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache 2014-09-11 23:40 - 2014-04-17 11:52 - 00141702 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-842925246-1614895754-1644491937-500-0.dat 2014-09-11 11:20 - 2014-04-11 23:51 - 00000000 ____D () C:\Program Files\Avira 2014-09-11 11:20 - 2014-04-11 23:51 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avira 2014-09-10 16:21 - 2014-03-01 19:49 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-09-10 16:21 - 2014-03-01 19:49 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl Some content of TEMP: ==================== C:\Documents and Settings\Administrator\Local Settings\temp\avgnt.exe C:\Documents and Settings\Administrator\Local Settings\temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ [Link mogu videti samo ulogovani korisnici]

Profil

TwinHeadedEagle Poslao: 04 Okt 2014 14:59 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da li si u Adwcleaner-u kliknuo na Clean?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » PC usporio

Ko je trenutno na forumu

Ukupno su 861 korisnika na forumu :: 43 registrovanih, 6 sakrivenih i 812 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Ares12356, bojanM84, Bojcca, bokicacar, CikaKURE, cuvarkuca, dejan1972, Despot Đurađ, Dežurni pod palubom, eighty-one, Electron, EVIDENTICAR, fijufijukrozkapiju55, Giskard, Hitri, kirucar, kybonacci, Lazarus, lucianovercetti, madza, Manjane, Marija88, miki69, mikoyan21, MiljanXD, nebkv, nenad81, novator, orah, pein, perpetubile, Robin, ruma, samo_srpski, Silvertooth, Sonic, Srki98, sspp, Vanderx, yip314, |_MeD_|, 79693

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by