MyCity » Ambulanta -> Arhiva Ambulante » Plavi ekran

Plavi ekran

Napisano na dan: 17.7.2015

Strana:
1
2

Plavi ekran

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Danka Borojevic Poslao: 17 Jul 2015 18:30 Idi na vrh
offline Danka Borojevic Građanin Pridružio: 02 Avg 2012 Poruke: 31	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Cao. Problem je takav da sa vremena na vrijeme laptop se ugasi i pojavi mi se plavi ekran. Nakon toga ga restartujem, radi neko vrijeme normalno i zatim isti problem. Internet mi je brzine 10 mb/s , wi-fi. Evo slika Ne znam o cemu se radi. Imala sam Panda antivirus i nije mi dobro radio pa sam ga deinstalirala. Jos jedno da napomenem, u browseru Mozzila Firefox mi uopste vise ne reaguje Adblock i ne mogu sprijeciti Pop up prozorcice.Kako to rijesiti? Hvala unaprijed. mycity.rs/must-login.png mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015 Ran by Danka (administrator) on DANKA-PC on 17-07-2015 18:17:37 Running from C:\Users\Danka\Downloads Loaded Profiles: Danka (Available Profiles: Danka) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (SpeedyPC Software) C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe () C:\Program Files (x86)\SourceApp\updateSourceApp.exe () C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe (Microsoft Corporation) C:\Users\Danka\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe () C:\Program Files (x86)\TK8 StickyNotes\TK8StickyNotes.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Program Files (x86)\SourceApp\bin\SourceApp.expext.exe () C:\Program Files (x86)\SourceApp\bin\SourceApp.PurBrowse64.exe () C:\Program Files (x86)\SourceApp\bin\SourceApp.BrowserAdapter.exe () C:\Program Files (x86)\SourceApp\bin\SourceApp.BrowserAdapter64.exe (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-10] (Advanced Micro Devices, Inc.) HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, HKLM\...\Policies\Explorer: [NoViewOnDrive] 0 HKLM\...\Policies\Explorer: [LoginPrompt] 9B98878C898483DB898C83868C HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1 HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21437568 2014-05-08] (Skype Technologies S.A.) HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\Run: [TK8 StickyNotes] => C:\Program Files (x86)\TK8 StickyNotes\TK8StickyNotes.exe [10103808 2013-11-05] () HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd) HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\CurrentVersion\Windows: [Load] C:\ProgramData\msuomzfb.exe <===== ATTENTION HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\Policies\Explorer: [NoViewOnDrive] 0 GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\Software\Microsoft\Internet Explorer\Main,Start Page = search.yahoo.com/?fr=hp-ddc-bd&type=pr__alt__ddc_dsssyc_bd_com HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp SearchScopes: HKU\S-1-5-21-2176275773-2264376577-2624193879-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = q.search-simple.com/?affID=pr_7d405fe9-ebdd-4585-9f6e-1d3be626de30&q={searchTerms} SearchScopes: HKU\S-1-5-21-2176275773-2264376577-2624193879-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = q.search-simple.com/?affID=pr_7d405fe9-ebdd-4585-9f6e-1d3be626de30&q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-25] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-25] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-24] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-24] (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 79.143.160.20 62.68.96.8 79.143.168.8 Tcpip\..\Interfaces\{443CC806-594A-49C9-8125-529C41C3C1E4}: [DhcpNameServer] 79.143.160.20 62.68.96.8 79.143.168.8 FireFox: ======== FF ProfilePath: C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=70_pr__alt__ddc_dsssyctab_bd_com FF DefaultSearchEngine: Yahoo! Search FF SelectedSearchEngine: Yahoo! Search FF Homepage: hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=70_pr__alt__ddc_dsssyc_bd_com FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=70_pr__alt__ddc_dss_bd_com&p= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] () FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-25] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-06-25] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll [2014-05-30] (Adobe Systems, Inc.) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-24] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF user.js: detected! => C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\user.js [2014-12-01] FF SearchPlugin: C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\searchplugins\dsrlte.xml [2015-01-09] FF SearchPlugin: C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\searchplugins\search-simple.xml [2015-03-19] FF Extension: Adblock Plus Pop-up Addon - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-27] FF Extension: AdBlock Lite - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\jid1-dwtFBkQjb3SIQp@jetpack.xpi [2015-06-23] FF Extension: SourceApp 1.0.1 - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}.xpi [2014-12-01] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Update SourceApp; C:\Program Files (x86)\SourceApp\updateSourceApp.exe [471280 2015-07-17] () R2 Util SourceApp; C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe [471280 2015-07-17] () R2 VSSS; C:\Users\Danka\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [103434944 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION S2 NanoServiceMain; "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe" [X] S2 PSUAService; "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 {0263559b-b988-4803-b082-70c1d2b89830}Gw64; C:\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys [48784 2014-12-05] (StdLib) R1 {0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64; C:\Windows\System32\drivers\{0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64.sys [48784 2015-02-20] (StdLib) R1 {167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64; C:\Windows\System32\drivers\{167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64.sys [48784 2015-02-28] (StdLib) R1 {21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64; C:\Windows\System32\drivers\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64.sys [48784 2014-12-02] (StdLib) R1 {4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64; C:\Windows\System32\drivers\{4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64.sys [48784 2015-01-21] (StdLib) R1 {44219168-7340-43df-bbc2-89f0b26c112f}Gw64; C:\Windows\System32\drivers\{44219168-7340-43df-bbc2-89f0b26c112f}Gw64.sys [48784 2015-01-18] (StdLib) R1 {46b9091e-deda-48d8-b979-0464193d69d5}Gw64; C:\Windows\System32\drivers\{46b9091e-deda-48d8-b979-0464193d69d5}Gw64.sys [48784 2014-12-09] (StdLib) R1 {4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64; C:\Windows\System32\drivers\{4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64.sys [48784 2015-02-14] (StdLib) R1 {4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64; C:\Windows\System32\drivers\{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64.sys [48784 2015-01-31] (StdLib) R1 {72074a89-563a-4402-894b-cfea7ec6858b}Gw64; C:\Windows\System32\drivers\{72074a89-563a-4402-894b-cfea7ec6858b}Gw64.sys [48784 2015-02-08] (StdLib) R1 {7668d866-cc70-408f-b874-d683473d0f40}Gw64; C:\Windows\System32\drivers\{7668d866-cc70-408f-b874-d683473d0f40}Gw64.sys [48784 2014-12-18] (StdLib) R1 {88dab020-0802-4f33-9294-5fccbb774bac}Gw64; C:\Windows\System32\drivers\{88dab020-0802-4f33-9294-5fccbb774bac}Gw64.sys [48784 2015-03-05] (StdLib) R1 {8dc666b5-f370-4f22-8558-6a137d48eead}Gw64; C:\Windows\System32\drivers\{8dc666b5-f370-4f22-8558-6a137d48eead}Gw64.sys [48784 2015-01-27] (StdLib) R1 {8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64; C:\Windows\System32\drivers\{8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64.sys [48784 2014-12-06] (StdLib) R1 {9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64; C:\Windows\System32\drivers\{9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64.sys [48784 2015-01-25] (StdLib) R1 {9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64; C:\Windows\System32\drivers\{9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64.sys [48784 2015-02-25] (StdLib) R1 {9e225977-4791-4356-911d-90b292281075}Gw64; C:\Windows\System32\drivers\{9e225977-4791-4356-911d-90b292281075}Gw64.sys [48784 2015-02-06] (StdLib) R1 {a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64; C:\Windows\System32\drivers\{a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64.sys [48784 2014-12-12] (StdLib) R1 {b40efc75-ad36-4607-9465-eb41963e9c42}Gw64; C:\Windows\System32\drivers\{b40efc75-ad36-4607-9465-eb41963e9c42}Gw64.sys [48784 2015-03-13] (StdLib) R1 {b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64; C:\Windows\System32\drivers\{b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64.sys [48784 2015-02-03] (StdLib) R1 {baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64; C:\Windows\System32\drivers\{baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64.sys [48784 2015-02-12] (StdLib) R1 {cad8ac99-1831-4a75-b758-e4235c95af75}Gw64; C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys [48784 2015-01-15] (StdLib) R1 {d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64; C:\Windows\System32\drivers\{d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64.sys [48784 2015-03-10] (StdLib) R1 {e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64; C:\Windows\System32\drivers\{e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64.sys [48784 2015-02-19] (StdLib) R1 {fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64; C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys [48784 2015-01-07] (StdLib) R1 {fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64; C:\Windows\System32\drivers\{fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64.sys [48784 2015-03-02] (StdLib) R3 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X] S0 PsBoot; system32\Drivers\PsBoot.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S1 {02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64; system32\drivers\{02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64.sys [X] S1 {073f2b9a-2357-4614-b174-3fc1afffe941}Gw64; system32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys [X] S1 {122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64; system32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys [X] S1 {549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64; system32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys [X] S1 {59399874-7437-4b6e-9c62-82162c4f6112}Gw64; system32\drivers\{59399874-7437-4b6e-9c62-82162c4f6112}Gw64.sys [X] S1 {71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64; system32\drivers\{71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64.sys [X] S1 {95282a5e-d707-43c0-b998-d6a934a963a8}Gw64; system32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys [X] S1 {abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64; system32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-17 18:17 - 2015-07-17 18:18 - 00014565 _____ C:\Users\Danka\Downloads\FRST.txt 2015-07-17 18:17 - 2015-07-17 18:17 - 00000000 ____D C:\FRST 2015-07-17 18:16 - 2015-07-17 18:17 - 02133504 _____ (Farbar) C:\Users\Danka\Downloads\FRST64.exe 2015-07-17 18:09 - 2015-07-17 18:09 - 00370520 _____ C:\Windows\Minidump\071715-19234-01.dmp 2015-07-16 23:37 - 2015-07-17 18:09 - 00000224 _____ C:\Windows\setupact.log 2015-07-16 23:37 - 2015-07-16 23:37 - 00119472 _____ C:\Windows\PFRO.log 2015-07-16 23:37 - 2015-07-16 23:37 - 00000000 _____ C:\Windows\setuperr.log 2015-07-16 23:06 - 2015-07-16 23:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-07-16 22:35 - 2015-07-16 22:35 - 00000000 ____D C:\Users\Danka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2015-07-16 22:24 - 2015-07-16 22:24 - 00000000 ____D C:\ProgramData\VIPRE 2015-07-16 22:24 - 2015-07-16 22:24 - 00000000 ____D C:\Program Files\Common Files\AV 2015-07-16 22:10 - 2015-07-17 18:00 - 00000492 _____ C:\Windows\Tasks\SpeedyPC Registration3.job 2015-07-16 22:10 - 2015-07-16 22:10 - 00003156 _____ C:\Windows\System32\Tasks\SpeedyPC Registration3 2015-07-16 22:09 - 2015-07-17 18:09 - 00000466 _____ C:\Windows\Tasks\SpeedyPC Pro Startup.job 2015-07-16 22:09 - 2015-07-16 23:37 - 00000571 _____ C:\Windows\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248.job 2015-07-16 22:09 - 2015-07-16 23:37 - 00000464 _____ C:\Windows\Tasks\SpeedyPC Update Version3_triggeronce.job 2015-07-16 22:09 - 2015-07-16 23:37 - 00000464 _____ C:\Windows\Tasks\SpeedyPC Update Version3.job 2015-07-16 22:09 - 2015-07-16 22:09 - 00004004 _____ C:\Windows\System32\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248 2015-07-16 22:09 - 2015-07-16 22:09 - 00003276 _____ C:\Windows\System32\Tasks\SpeedyPC Update Version3 2015-07-16 22:09 - 2015-07-16 22:09 - 00002942 _____ C:\Windows\System32\Tasks\SpeedyPC Update Version3_triggeronce 2015-07-16 22:09 - 2015-07-16 22:09 - 00002618 _____ C:\Windows\System32\Tasks\SpeedyPC Pro Startup 2015-07-16 22:09 - 2015-07-16 22:09 - 00001205 _____ C:\Users\Danka\Desktop\SpeedyPC Pro.lnk 2015-07-16 22:09 - 2015-07-16 22:09 - 00000000 ____D C:\Users\Danka\AppData\Roaming\SpeedyPC Software 2015-07-16 22:09 - 2015-07-16 22:09 - 00000000 ____D C:\Users\Danka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedyPC Software 2015-07-16 22:09 - 2015-07-16 22:09 - 00000000 ____D C:\ProgramData\SpeedyPC Software 2015-07-16 22:09 - 2015-07-16 22:09 - 00000000 ____D C:\Program Files (x86)\SpeedyPC Software 2015-07-16 22:07 - 2015-07-16 22:07 - 06646080 _____ (SpeedyPC Software) C:\Users\Danka\Downloads\SpeedyPC Pro Installer_402D7427-6306-4298-A02B-6C6CC848E60D_.exe 2015-07-16 21:12 - 2015-07-16 21:12 - 01415680 _____ (wj32) C:\Program Files\FN8TC7YJ.exe 2015-07-16 21:04 - 2015-07-16 21:04 - 01415680 _____ (wj32) C:\Program Files\3L3L3HFB.exe 2015-07-16 21:03 - 2015-07-16 21:03 - 01415680 _____ (wj32) C:\Program Files\7P7P7ZRA.exe 2015-07-16 20:57 - 2015-07-16 20:57 - 01415680 _____ (wj32) C:\Program Files\R9RCUNO5.exe 2015-07-16 20:57 - 2015-07-16 20:57 - 01415680 _____ (wj32) C:\Program Files\P4TESJ97.exe 2015-07-02 13:25 - 2015-07-02 13:25 - 01415680 _____ (wj32) C:\Program Files\K8K8K2FD.exe 2015-07-01 09:56 - 2015-07-01 09:56 - 01415680 _____ (wj32) C:\Program Files\YI0I0VKL.exe 2015-06-29 10:14 - 2015-06-29 10:14 - 01415680 _____ (wj32) C:\Program Files\N6K9TN0Z.exe 2015-06-29 10:14 - 2015-06-29 10:14 - 01415680 _____ (wj32) C:\Program Files\CYK7RONT.exe 2015-06-28 21:28 - 2015-06-28 21:28 - 01415680 _____ (wj32) C:\Program Files\UCUCU6HH.exe 2015-06-28 21:28 - 2015-06-28 21:28 - 01415680 _____ (wj32) C:\Program Files\0J2M53ZD.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 01415680 _____ (wj32) C:\Program Files\YH1K5GBS.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 01415680 _____ (wj32) C:\Program Files\O6P8SLGU.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 01415680 _____ (wj32) C:\Program Files\F0IWJE4D.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 01415680 _____ (wj32) C:\Program Files\5N5N5YTA.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 01415680 _____ (wj32) C:\Program Files\WG1M73HH.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 01415680 _____ (wj32) C:\Program Files\UR9R9FV6.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 01415680 _____ (wj32) C:\Program Files\RBUBZGFF.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 01415680 _____ (wj32) C:\Program Files\GZJ2N6K5.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 01415680 _____ (wj32) C:\Program Files\7VH0LJDI.exe 2015-06-28 08:35 - 2015-06-28 08:35 - 01415680 _____ (wj32) C:\Program Files\P9UF0UK9.exe 2015-06-27 23:17 - 2015-06-27 23:17 - 01415680 _____ (wj32) C:\Program Files\KG6VANEM.exe 2015-06-27 23:17 - 2015-06-27 23:17 - 01415680 _____ (wj32) C:\Program Files\3N6P7PA5.exe 2015-06-27 23:17 - 2015-06-27 23:17 - 01415680 _____ (wj32) C:\Program Files\2M5O6K9O.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\YOE4TVX8.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\WRNLXKZ2.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\UCUCWPKY.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\DYIUETGX.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\3J3LSBO7.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\2UNF80Z9.exe 2015-06-26 10:19 - 2015-06-26 10:19 - 01415680 _____ (wj32) C:\Program Files\JGPZHJ5I.exe 2015-06-26 10:19 - 2015-06-26 10:19 - 01415680 _____ (wj32) C:\Program Files\7OOVAUOX.exe 2015-06-25 14:48 - 2015-06-25 14:48 - 01415680 _____ (wj32) C:\Program Files\WPCA0ZXD.exe 2015-06-25 14:47 - 2015-06-25 14:47 - 01415680 _____ (wj32) C:\Program Files\L3L3LD5J.exe 2015-06-25 14:47 - 2015-06-25 14:47 - 01415680 _____ (wj32) C:\Program Files\ASASALYT.exe 2015-06-25 14:47 - 2015-06-25 14:47 - 01415680 _____ (wj32) C:\Program Files\1L4TIHFB.exe 2015-06-23 14:41 - 2015-06-23 14:41 - 01415680 _____ (wj32) C:\Program Files\5RF5ROKN.exe 2015-06-22 00:35 - 2015-06-22 00:35 - 00000000 ____D C:\ProgramData\Ad Muncher 2015-06-22 00:35 - 2015-06-22 00:35 - 00000000 ____D C:\Program Files (x86)\Ad Muncher 2015-06-22 00:28 - 2015-06-22 00:28 - 00560760 _____ (Murray Hurps Software Pty Ltd) C:\Users\Danka\Downloads\AM-Install.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-17 18:14 - 2015-04-11 09:19 - 01262981 _____ C:\Windows\WindowsUpdate.log 2015-07-17 18:11 - 2015-05-18 10:36 - 00000102 _____ C:\Windows\win.ini 2015-07-17 18:11 - 2014-12-01 18:09 - 00000000 ____D C:\Program Files (x86)\SourceApp 2015-07-17 18:09 - 2014-11-10 18:55 - 00000000 ____D C:\Windows\Minidump 2015-07-17 18:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-17 18:04 - 2014-06-25 16:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-17 17:57 - 2014-08-12 17:56 - 00000374 _____ C:\Windows\Tasks\WpsNotifyTask_Danka.job 2015-07-17 17:54 - 2014-08-12 17:56 - 00000374 _____ C:\Windows\Tasks\WpsUpdateTask_Danka.job 2015-07-17 17:39 - 2014-11-13 14:27 - 00000000 ____D C:\ProgramData\MCShield 2015-07-17 10:50 - 2014-06-25 16:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-07-16 23:37 - 2009-07-14 06:45 - 00269128 _____ C:\Windows\system32\FNTCACHE.DAT 2015-07-16 22:54 - 2015-05-19 16:39 - 00000000 ____D C:\Users\Danka\AppData\Roaming\uTorrent 2015-07-16 22:54 - 2014-08-15 11:51 - 00000000 ____D C:\Users\Danka\Documents\Add-in Express 2015-07-16 22:54 - 2014-06-26 00:58 - 00000000 ____D C:\Windows\Panther 2015-07-16 22:54 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default 2015-07-16 22:52 - 2015-04-29 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recipe Cookbook 2015-07-16 22:37 - 2015-01-28 11:28 - 00000000 ____D C:\Users\Danka\AppData\Local\Popcorn-Time 2015-07-16 22:35 - 2015-01-28 11:27 - 00000000 ____D C:\Users\Danka\AppData\Local\Popcorn Time 2015-07-16 22:18 - 2014-11-13 13:52 - 00000000 ____D C:\Program Files (x86)\Panda Security 2015-07-16 22:18 - 2014-11-13 13:47 - 00000000 ____D C:\ProgramData\Panda Security 2015-07-16 22:18 - 2014-06-25 17:37 - 00058504 _____ C:\Users\Danka\AppData\Local\GDIPFONTCACHEV1.DAT 2015-07-16 22:17 - 2014-11-13 13:53 - 00000000 ____D C:\Users\Danka\AppData\Roaming\Panda Security 2015-07-16 21:29 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-16 21:29 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-16 21:25 - 2014-08-12 14:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-07-16 21:24 - 2014-12-24 00:18 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-16 11:04 - 2014-06-25 16:45 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-16 11:04 - 2014-06-25 16:45 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-16 11:04 - 2014-06-25 16:45 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-16 10:04 - 2014-06-25 16:49 - 00000000 ____D C:\Users\Danka\AppData\Roaming\Skype 2015-07-13 21:14 - 2009-07-14 07:13 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-03 22:56 - 2015-01-08 19:35 - 00000000 ____D C:\Users\Danka\AppData\Roaming\vlc 2015-06-29 00:33 - 2015-04-21 19:51 - 00000000 ____D C:\Users\Danka\Desktop\zelenkovac 2015-06-28 10:00 - 2014-12-24 00:57 - 00000394 ____H C:\Windows\Tasks\{81C0F64C-B6FD-4D85-BE0D-DA5B4DCD8C0B}.job ==================== Files in the root of some directories ======= 2015-06-28 21:28 - 2015-06-28 21:28 - 1415680 _____ (wj32) C:\Program Files\0J2M53ZD.exe 2015-06-25 14:47 - 2015-06-25 14:47 - 1415680 _____ (wj32) C:\Program Files\1L4TIHFB.exe 2015-06-27 23:17 - 2015-06-27 23:17 - 1415680 _____ (wj32) C:\Program Files\2M5O6K9O.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\2UNF80Z9.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\3J3LSBO7.exe 2015-07-16 21:04 - 2015-07-16 21:04 - 1415680 _____ (wj32) C:\Program Files\3L3L3HFB.exe 2015-06-27 23:17 - 2015-06-27 23:17 - 1415680 _____ (wj32) C:\Program Files\3N6P7PA5.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 1415680 _____ (wj32) C:\Program Files\5N5N5YTA.exe 2015-06-23 14:41 - 2015-06-23 14:41 - 1415680 _____ (wj32) C:\Program Files\5RF5ROKN.exe 2015-06-26 10:19 - 2015-06-26 10:19 - 1415680 _____ (wj32) C:\Program Files\7OOVAUOX.exe 2015-07-16 21:03 - 2015-07-16 21:03 - 1415680 _____ (wj32) C:\Program Files\7P7P7ZRA.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 1415680 _____ (wj32) C:\Program Files\7VH0LJDI.exe 2015-06-25 14:47 - 2015-06-25 14:47 - 1415680 _____ (wj32) C:\Program Files\ASASALYT.exe 2015-06-29 10:14 - 2015-06-29 10:14 - 1415680 _____ (wj32) C:\Program Files\CYK7RONT.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\DYIUETGX.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 1415680 _____ (wj32) C:\Program Files\F0IWJE4D.exe 2015-07-16 21:12 - 2015-07-16 21:12 - 1415680 _____ (wj32) C:\Program Files\FN8TC7YJ.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 1415680 _____ (wj32) C:\Program Files\GZJ2N6K5.exe 2015-06-26 10:19 - 2015-06-26 10:19 - 1415680 _____ (wj32) C:\Program Files\JGPZHJ5I.exe 2015-07-02 13:25 - 2015-07-02 13:25 - 1415680 _____ (wj32) C:\Program Files\K8K8K2FD.exe 2015-06-27 23:17 - 2015-06-27 23:17 - 1415680 _____ (wj32) C:\Program Files\KG6VANEM.exe 2015-06-25 14:47 - 2015-06-25 14:47 - 1415680 _____ (wj32) C:\Program Files\L3L3LD5J.exe 2015-06-29 10:14 - 2015-06-29 10:14 - 1415680 _____ (wj32) C:\Program Files\N6K9TN0Z.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 1415680 _____ (wj32) C:\Program Files\O6P8SLGU.exe 2015-07-16 20:57 - 2015-07-16 20:57 - 1415680 _____ (wj32) C:\Program Files\P4TESJ97.exe 2015-06-28 08:35 - 2015-06-28 08:35 - 1415680 _____ (wj32) C:\Program Files\P9UF0UK9.exe 2015-07-16 20:57 - 2015-07-16 20:57 - 1415680 _____ (wj32) C:\Program Files\R9RCUNO5.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 1415680 _____ (wj32) C:\Program Files\RBUBZGFF.exe 2015-06-28 21:28 - 2015-06-28 21:28 - 1415680 _____ (wj32) C:\Program Files\UCUCU6HH.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\UCUCWPKY.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 1415680 _____ (wj32) C:\Program Files\UR9R9FV6.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 1415680 _____ (wj32) C:\Program Files\WG1M73HH.exe 2015-06-25 14:48 - 2015-06-25 14:48 - 1415680 _____ (wj32) C:\Program Files\WPCA0ZXD.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\WRNLXKZ2.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 1415680 _____ (wj32) C:\Program Files\YH1K5GBS.exe 2015-07-01 09:56 - 2015-07-01 09:56 - 1415680 _____ (wj32) C:\Program Files\YI0I0VKL.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\YOE4TVX8.exe 2015-07-16 22:09 - 2015-07-17 18:11 - 0000053 _____ () C:\Users\Danka\AppData\Roaming\LogFile.txt 2014-11-10 23:17 - 2014-11-10 23:17 - 0028796 _____ () C:\Users\Danka\AppData\Local\Bron.tok.A14.em.bin 2014-12-01 18:31 - 2014-12-01 18:32 - 0003584 _____ () C:\Users\Danka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-11-03 00:29 - 2014-11-03 00:29 - 0000051 _____ () C:\Users\Danka\AppData\Local\Kosong.Bron.Tok.txt 2014-06-25 15:08 - 2009-07-14 01:01 - 0000230 ____N () C:\Users\Danka\AppData\Local\NetMailTmp.bin 2010-11-21 05:24 - 2010-11-21 05:24 - 85823488 ___SH (Cvision Technologies) C:\ProgramData\msuomzfb.exe Files to move or delete: ==================== C:\ProgramData\msuomzfb.exe C:\Windows\Tasks\{81C0F64C-B6FD-4D85-BE0D-DA5B4DCD8C0B}.job Some files in TEMP: ==================== C:\Users\Danka\AppData\Local\Temp\cdo3037373340.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-25 22:57 ==================== End of log ============================

Profil

magna86 Poslao: 17 Jul 2015 18:55 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav Danka Borojevic, Hajde prvo deinstaliraj SourceApp i SpeedyPC Pro maliciozne programe. Kada to uradis, postavi mi svez FRST.txt izvestaj da uporedim rezultate.

Profil

Danka Borojevic Poslao: 18 Jul 2015 16:41 Idi na vrh
offline Danka Borojevic Građanin Pridružio: 02 Avg 2012 Poruke: 31	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Hvala na brzom odgovoru. Uradila sam to sto ste rekli. Evo izvjestaja. mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-07-2015 01 Ran by Danka (administrator) on DANKA-PC on 18-07-2015 16:37:30 Running from C:\Users\Danka\Downloads Loaded Profiles: Danka (Available Profiles: Danka) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe () C:\Program Files (x86)\TK8 StickyNotes\TK8StickyNotes.exe (Microsoft Corporation) C:\Users\Danka\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-10] (Advanced Micro Devices, Inc.) HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, HKLM\...\Policies\Explorer: [NoViewOnDrive] 0 HKLM\...\Policies\Explorer: [LoginPrompt] 9B98878C898483DB898C83868C HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1 HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21437568 2014-05-08] (Skype Technologies S.A.) HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\Run: [TK8 StickyNotes] => C:\Program Files (x86)\TK8 StickyNotes\TK8StickyNotes.exe [10103808 2013-11-05] () HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\Software\Microsoft\Internet Explorer\Main,Start Page = search.yahoo.com/?fr=hp-ddc-bd&type=pr__alt__ddc_dsssyc_bd_com HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp SearchScopes: HKU\S-1-5-21-2176275773-2264376577-2624193879-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = q.search-simple.com/?affID=pr_7d405fe9-ebdd-4585-9f6e-1d3be626de30&q={searchTerms} SearchScopes: HKU\S-1-5-21-2176275773-2264376577-2624193879-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = q.search-simple.com/?affID=pr_7d405fe9-ebdd-4585-9f6e-1d3be626de30&q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-25] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-25] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-24] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-24] (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 79.143.160.20 62.68.96.8 79.143.168.8 Tcpip\..\Interfaces\{443CC806-594A-49C9-8125-529C41C3C1E4}: [DhcpNameServer] 79.143.160.20 62.68.96.8 79.143.168.8 FireFox: ======== FF ProfilePath: C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=70_pr__alt__ddc_dsssyctab_bd_com FF DefaultSearchEngine: Yahoo! Search FF SelectedSearchEngine: Yahoo! Search FF Homepage: hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=70_pr__alt__ddc_dsssyc_bd_com FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=70_pr__alt__ddc_dss_bd_com&p= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] () FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-25] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-06-25] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll [2014-05-30] (Adobe Systems, Inc.) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-24] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF user.js: detected! => C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\user.js [2014-12-01] FF SearchPlugin: C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\searchplugins\dsrlte.xml [2015-01-09] FF SearchPlugin: C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\searchplugins\search-simple.xml [2015-03-19] FF Extension: Adblock Plus Pop-up Addon - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-27] FF Extension: AdBlock Lite - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\jid1-dwtFBkQjb3SIQp@jetpack.xpi [2015-06-23] FF Extension: No Name - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\extensions\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}.xpi [not found] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 VSSS; C:\Users\Danka\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [103434944 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION S2 NanoServiceMain; "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe" [X] S2 PSUAService; "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 {0263559b-b988-4803-b082-70c1d2b89830}Gw64; C:\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys [48784 2014-12-05] (StdLib) R1 {0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64; C:\Windows\System32\drivers\{0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64.sys [48784 2015-02-20] (StdLib) R1 {167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64; C:\Windows\System32\drivers\{167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64.sys [48784 2015-02-28] (StdLib) R1 {21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64; C:\Windows\System32\drivers\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64.sys [48784 2014-12-02] (StdLib) R1 {4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64; C:\Windows\System32\drivers\{4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64.sys [48784 2015-01-21] (StdLib) R1 {44219168-7340-43df-bbc2-89f0b26c112f}Gw64; C:\Windows\System32\drivers\{44219168-7340-43df-bbc2-89f0b26c112f}Gw64.sys [48784 2015-01-18] (StdLib) R1 {46b9091e-deda-48d8-b979-0464193d69d5}Gw64; C:\Windows\System32\drivers\{46b9091e-deda-48d8-b979-0464193d69d5}Gw64.sys [48784 2014-12-09] (StdLib) R1 {4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64; C:\Windows\System32\drivers\{4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64.sys [48784 2015-02-14] (StdLib) R1 {4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64; C:\Windows\System32\drivers\{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64.sys [48784 2015-01-31] (StdLib) R1 {72074a89-563a-4402-894b-cfea7ec6858b}Gw64; C:\Windows\System32\drivers\{72074a89-563a-4402-894b-cfea7ec6858b}Gw64.sys [48784 2015-02-08] (StdLib) R1 {7668d866-cc70-408f-b874-d683473d0f40}Gw64; C:\Windows\System32\drivers\{7668d866-cc70-408f-b874-d683473d0f40}Gw64.sys [48784 2014-12-18] (StdLib) R1 {88dab020-0802-4f33-9294-5fccbb774bac}Gw64; C:\Windows\System32\drivers\{88dab020-0802-4f33-9294-5fccbb774bac}Gw64.sys [48784 2015-03-05] (StdLib) R1 {8dc666b5-f370-4f22-8558-6a137d48eead}Gw64; C:\Windows\System32\drivers\{8dc666b5-f370-4f22-8558-6a137d48eead}Gw64.sys [48784 2015-01-27] (StdLib) R1 {8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64; C:\Windows\System32\drivers\{8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64.sys [48784 2014-12-06] (StdLib) R1 {9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64; C:\Windows\System32\drivers\{9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64.sys [48784 2015-01-25] (StdLib) R1 {9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64; C:\Windows\System32\drivers\{9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64.sys [48784 2015-02-25] (StdLib) R1 {9e225977-4791-4356-911d-90b292281075}Gw64; C:\Windows\System32\drivers\{9e225977-4791-4356-911d-90b292281075}Gw64.sys [48784 2015-02-06] (StdLib) R1 {a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64; C:\Windows\System32\drivers\{a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64.sys [48784 2014-12-12] (StdLib) R1 {b40efc75-ad36-4607-9465-eb41963e9c42}Gw64; C:\Windows\System32\drivers\{b40efc75-ad36-4607-9465-eb41963e9c42}Gw64.sys [48784 2015-03-13] (StdLib) R1 {b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64; C:\Windows\System32\drivers\{b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64.sys [48784 2015-02-03] (StdLib) R1 {baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64; C:\Windows\System32\drivers\{baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64.sys [48784 2015-02-12] (StdLib) R1 {cad8ac99-1831-4a75-b758-e4235c95af75}Gw64; C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys [48784 2015-01-15] (StdLib) R1 {d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64; C:\Windows\System32\drivers\{d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64.sys [48784 2015-03-10] (StdLib) R1 {e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64; C:\Windows\System32\drivers\{e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64.sys [48784 2015-02-19] (StdLib) R1 {fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64; C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys [48784 2015-01-07] (StdLib) R1 {fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64; C:\Windows\System32\drivers\{fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64.sys [48784 2015-03-02] (StdLib) R3 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X] S0 PsBoot; system32\Drivers\PsBoot.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S1 {02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64; system32\drivers\{02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64.sys [X] S1 {073f2b9a-2357-4614-b174-3fc1afffe941}Gw64; system32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys [X] S1 {122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64; system32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys [X] S1 {549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64; system32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys [X] S1 {59399874-7437-4b6e-9c62-82162c4f6112}Gw64; system32\drivers\{59399874-7437-4b6e-9c62-82162c4f6112}Gw64.sys [X] S1 {71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64; system32\drivers\{71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64.sys [X] S1 {95282a5e-d707-43c0-b998-d6a934a963a8}Gw64; system32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys [X] S1 {abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64; system32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-18 16:37 - 2015-07-18 16:37 - 00000000 ____D C:\Users\Danka\Downloads\FRST-OlderVersion 2015-07-17 22:03 - 2015-07-17 22:03 - 00000000 ____D C:\1e8c18af94939a06bf1d830885db2a 2015-07-17 18:18 - 2015-07-17 18:18 - 00033736 _____ C:\Users\Danka\Downloads\Addition.txt 2015-07-17 18:17 - 2015-07-18 16:37 - 00013688 _____ C:\Users\Danka\Downloads\FRST.txt 2015-07-17 18:17 - 2015-07-18 16:37 - 00000000 ____D C:\FRST 2015-07-17 18:16 - 2015-07-18 16:37 - 02134528 _____ (Farbar) C:\Users\Danka\Downloads\FRST64.exe 2015-07-17 18:09 - 2015-07-17 18:09 - 00370520 _____ C:\Windows\Minidump\071715-19234-01.dmp 2015-07-17 17:44 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-07-17 17:44 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-07-16 23:37 - 2015-07-18 16:31 - 00000336 _____ C:\Windows\setupact.log 2015-07-16 23:37 - 2015-07-16 23:37 - 00119472 _____ C:\Windows\PFRO.log 2015-07-16 23:37 - 2015-07-16 23:37 - 00000000 _____ C:\Windows\setuperr.log 2015-07-16 23:06 - 2015-07-16 23:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-07-16 22:35 - 2015-07-16 22:35 - 00000000 ____D C:\Users\Danka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2015-07-16 22:24 - 2015-07-16 22:24 - 00000000 ____D C:\ProgramData\VIPRE 2015-07-16 22:24 - 2015-07-16 22:24 - 00000000 ____D C:\Program Files\Common Files\AV 2015-07-16 22:09 - 2015-07-18 16:36 - 00000000 ____D C:\ProgramData\SpeedyPC Software 2015-07-16 22:09 - 2015-07-16 22:09 - 00000000 ____D C:\Users\Danka\AppData\Roaming\SpeedyPC Software 2015-07-16 22:07 - 2015-07-16 22:07 - 06646080 _____ (SpeedyPC Software) C:\Users\Danka\Downloads\SpeedyPC Pro Installer_402D7427-6306-4298-A02B-6C6CC848E60D_.exe 2015-07-16 21:12 - 2015-07-16 21:12 - 01415680 _____ (wj32) C:\Program Files\FN8TC7YJ.exe 2015-07-16 21:04 - 2015-07-16 21:04 - 01415680 _____ (wj32) C:\Program Files\3L3L3HFB.exe 2015-07-16 21:03 - 2015-07-16 21:03 - 01415680 _____ (wj32) C:\Program Files\7P7P7ZRA.exe 2015-07-16 20:57 - 2015-07-16 20:57 - 01415680 _____ (wj32) C:\Program Files\R9RCUNO5.exe 2015-07-16 20:57 - 2015-07-16 20:57 - 01415680 _____ (wj32) C:\Program Files\P4TESJ97.exe 2015-07-02 13:25 - 2015-07-02 13:25 - 01415680 _____ (wj32) C:\Program Files\K8K8K2FD.exe 2015-07-01 09:56 - 2015-07-01 09:56 - 01415680 _____ (wj32) C:\Program Files\YI0I0VKL.exe 2015-06-29 10:14 - 2015-06-29 10:14 - 01415680 _____ (wj32) C:\Program Files\N6K9TN0Z.exe 2015-06-29 10:14 - 2015-06-29 10:14 - 01415680 _____ (wj32) C:\Program Files\CYK7RONT.exe 2015-06-28 21:28 - 2015-06-28 21:28 - 01415680 _____ (wj32) C:\Program Files\UCUCU6HH.exe 2015-06-28 21:28 - 2015-06-28 21:28 - 01415680 _____ (wj32) C:\Program Files\0J2M53ZD.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 01415680 _____ (wj32) C:\Program Files\YH1K5GBS.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 01415680 _____ (wj32) C:\Program Files\O6P8SLGU.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 01415680 _____ (wj32) C:\Program Files\F0IWJE4D.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 01415680 _____ (wj32) C:\Program Files\5N5N5YTA.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 01415680 _____ (wj32) C:\Program Files\WG1M73HH.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 01415680 _____ (wj32) C:\Program Files\UR9R9FV6.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 01415680 _____ (wj32) C:\Program Files\RBUBZGFF.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 01415680 _____ (wj32) C:\Program Files\GZJ2N6K5.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 01415680 _____ (wj32) C:\Program Files\7VH0LJDI.exe 2015-06-28 08:35 - 2015-06-28 08:35 - 01415680 _____ (wj32) C:\Program Files\P9UF0UK9.exe 2015-06-27 23:17 - 2015-06-27 23:17 - 01415680 _____ (wj32) C:\Program Files\KG6VANEM.exe 2015-06-27 23:17 - 2015-06-27 23:17 - 01415680 _____ (wj32) C:\Program Files\3N6P7PA5.exe 2015-06-27 23:17 - 2015-06-27 23:17 - 01415680 _____ (wj32) C:\Program Files\2M5O6K9O.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\YOE4TVX8.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\WRNLXKZ2.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\UCUCWPKY.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\DYIUETGX.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\3J3LSBO7.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\2UNF80Z9.exe 2015-06-26 10:19 - 2015-06-26 10:19 - 01415680 _____ (wj32) C:\Program Files\JGPZHJ5I.exe 2015-06-26 10:19 - 2015-06-26 10:19 - 01415680 _____ (wj32) C:\Program Files\7OOVAUOX.exe 2015-06-25 14:48 - 2015-06-25 14:48 - 01415680 _____ (wj32) C:\Program Files\WPCA0ZXD.exe 2015-06-25 14:47 - 2015-06-25 14:47 - 01415680 _____ (wj32) C:\Program Files\L3L3LD5J.exe 2015-06-25 14:47 - 2015-06-25 14:47 - 01415680 _____ (wj32) C:\Program Files\ASASALYT.exe 2015-06-25 14:47 - 2015-06-25 14:47 - 01415680 _____ (wj32) C:\Program Files\1L4TIHFB.exe 2015-06-23 14:41 - 2015-06-23 14:41 - 01415680 _____ (wj32) C:\Program Files\5RF5ROKN.exe 2015-06-22 00:35 - 2015-06-22 00:35 - 00000000 ____D C:\ProgramData\Ad Muncher 2015-06-22 00:35 - 2015-06-22 00:35 - 00000000 ____D C:\Program Files (x86)\Ad Muncher 2015-06-22 00:28 - 2015-06-22 00:28 - 00560760 _____ (Murray Hurps Software Pty Ltd) C:\Users\Danka\Downloads\AM-Install.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-18 16:35 - 2015-04-11 09:19 - 01358026 _____ C:\Windows\WindowsUpdate.log 2015-07-18 16:35 - 2015-03-04 21:35 - 130333168 _____ C:\Windows\system32\MRT.exe 2015-07-18 16:33 - 2015-05-18 10:36 - 00000102 _____ C:\Windows\win.ini 2015-07-18 16:32 - 2014-06-25 16:49 - 00000000 ____D C:\Users\Danka\AppData\Roaming\Skype 2015-07-18 16:31 - 2014-11-13 14:27 - 00000000 ____D C:\ProgramData\MCShield 2015-07-18 16:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-17 21:57 - 2014-08-12 17:56 - 00000374 _____ C:\Windows\Tasks\WpsNotifyTask_Danka.job 2015-07-17 21:54 - 2014-08-12 17:56 - 00000374 _____ C:\Windows\Tasks\WpsUpdateTask_Danka.job 2015-07-17 21:29 - 2014-06-25 16:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-17 18:09 - 2014-11-10 18:55 - 00000000 ____D C:\Windows\Minidump 2015-07-17 10:50 - 2014-06-25 16:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-07-16 23:37 - 2009-07-14 06:45 - 00269128 _____ C:\Windows\system32\FNTCACHE.DAT 2015-07-16 22:54 - 2015-05-19 16:39 - 00000000 ____D C:\Users\Danka\AppData\Roaming\uTorrent 2015-07-16 22:54 - 2014-08-15 11:51 - 00000000 ____D C:\Users\Danka\Documents\Add-in Express 2015-07-16 22:54 - 2014-06-26 00:58 - 00000000 ____D C:\Windows\Panther 2015-07-16 22:54 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default 2015-07-16 22:52 - 2015-04-29 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recipe Cookbook 2015-07-16 22:37 - 2015-01-28 11:28 - 00000000 ____D C:\Users\Danka\AppData\Local\Popcorn-Time 2015-07-16 22:35 - 2015-01-28 11:27 - 00000000 ____D C:\Users\Danka\AppData\Local\Popcorn Time 2015-07-16 22:18 - 2014-11-13 13:52 - 00000000 ____D C:\Program Files (x86)\Panda Security 2015-07-16 22:18 - 2014-11-13 13:47 - 00000000 ____D C:\ProgramData\Panda Security 2015-07-16 22:18 - 2014-06-25 17:37 - 00058504 _____ C:\Users\Danka\AppData\Local\GDIPFONTCACHEV1.DAT 2015-07-16 22:17 - 2014-11-13 13:53 - 00000000 ____D C:\Users\Danka\AppData\Roaming\Panda Security 2015-07-16 21:29 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-16 21:29 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-16 21:25 - 2014-08-12 14:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-07-16 21:24 - 2014-12-24 00:18 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-16 11:04 - 2014-06-25 16:45 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-16 11:04 - 2014-06-25 16:45 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-16 11:04 - 2014-06-25 16:45 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-13 21:14 - 2009-07-14 07:13 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-03 22:56 - 2015-01-08 19:35 - 00000000 ____D C:\Users\Danka\AppData\Roaming\vlc 2015-06-29 00:33 - 2015-04-21 19:51 - 00000000 ____D C:\Users\Danka\Desktop\zelenkovac 2015-06-28 10:00 - 2014-12-24 00:57 - 00000394 ____H C:\Windows\Tasks\{81C0F64C-B6FD-4D85-BE0D-DA5B4DCD8C0B}.job ==================== Files in the root of some directories ======= 2015-06-28 21:28 - 2015-06-28 21:28 - 1415680 _____ (wj32) C:\Program Files\0J2M53ZD.exe 2015-06-25 14:47 - 2015-06-25 14:47 - 1415680 _____ (wj32) C:\Program Files\1L4TIHFB.exe 2015-06-27 23:17 - 2015-06-27 23:17 - 1415680 _____ (wj32) C:\Program Files\2M5O6K9O.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\2UNF80Z9.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\3J3LSBO7.exe 2015-07-16 21:04 - 2015-07-16 21:04 - 1415680 _____ (wj32) C:\Program Files\3L3L3HFB.exe 2015-06-27 23:17 - 2015-06-27 23:17 - 1415680 _____ (wj32) C:\Program Files\3N6P7PA5.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 1415680 _____ (wj32) C:\Program Files\5N5N5YTA.exe 2015-06-23 14:41 - 2015-06-23 14:41 - 1415680 _____ (wj32) C:\Program Files\5RF5ROKN.exe 2015-06-26 10:19 - 2015-06-26 10:19 - 1415680 _____ (wj32) C:\Program Files\7OOVAUOX.exe 2015-07-16 21:03 - 2015-07-16 21:03 - 1415680 _____ (wj32) C:\Program Files\7P7P7ZRA.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 1415680 _____ (wj32) C:\Program Files\7VH0LJDI.exe 2015-06-25 14:47 - 2015-06-25 14:47 - 1415680 _____ (wj32) C:\Program Files\ASASALYT.exe 2015-06-29 10:14 - 2015-06-29 10:14 - 1415680 _____ (wj32) C:\Program Files\CYK7RONT.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\DYIUETGX.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 1415680 _____ (wj32) C:\Program Files\F0IWJE4D.exe 2015-07-16 21:12 - 2015-07-16 21:12 - 1415680 _____ (wj32) C:\Program Files\FN8TC7YJ.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 1415680 _____ (wj32) C:\Program Files\GZJ2N6K5.exe 2015-06-26 10:19 - 2015-06-26 10:19 - 1415680 _____ (wj32) C:\Program Files\JGPZHJ5I.exe 2015-07-02 13:25 - 2015-07-02 13:25 - 1415680 _____ (wj32) C:\Program Files\K8K8K2FD.exe 2015-06-27 23:17 - 2015-06-27 23:17 - 1415680 _____ (wj32) C:\Program Files\KG6VANEM.exe 2015-06-25 14:47 - 2015-06-25 14:47 - 1415680 _____ (wj32) C:\Program Files\L3L3LD5J.exe 2015-06-29 10:14 - 2015-06-29 10:14 - 1415680 _____ (wj32) C:\Program Files\N6K9TN0Z.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 1415680 _____ (wj32) C:\Program Files\O6P8SLGU.exe 2015-07-16 20:57 - 2015-07-16 20:57 - 1415680 _____ (wj32) C:\Program Files\P4TESJ97.exe 2015-06-28 08:35 - 2015-06-28 08:35 - 1415680 _____ (wj32) C:\Program Files\P9UF0UK9.exe 2015-07-16 20:57 - 2015-07-16 20:57 - 1415680 _____ (wj32) C:\Program Files\R9RCUNO5.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 1415680 _____ (wj32) C:\Program Files\RBUBZGFF.exe 2015-06-28 21:28 - 2015-06-28 21:28 - 1415680 _____ (wj32) C:\Program Files\UCUCU6HH.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\UCUCWPKY.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 1415680 _____ (wj32) C:\Program Files\UR9R9FV6.exe 2015-06-28 08:36 - 2015-06-28 08:36 - 1415680 _____ (wj32) C:\Program Files\WG1M73HH.exe 2015-06-25 14:48 - 2015-06-25 14:48 - 1415680 _____ (wj32) C:\Program Files\WPCA0ZXD.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\WRNLXKZ2.exe 2015-06-28 08:37 - 2015-06-28 08:37 - 1415680 _____ (wj32) C:\Program Files\YH1K5GBS.exe 2015-07-01 09:56 - 2015-07-01 09:56 - 1415680 _____ (wj32) C:\Program Files\YI0I0VKL.exe 2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\YOE4TVX8.exe 2015-07-16 22:09 - 2015-07-18 16:34 - 0000115 _____ () C:\Users\Danka\AppData\Roaming\LogFile.txt 2014-11-10 23:17 - 2014-11-10 23:17 - 0028796 _____ () C:\Users\Danka\AppData\Local\Bron.tok.A14.em.bin 2014-12-01 18:31 - 2014-12-01 18:32 - 0003584 _____ () C:\Users\Danka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-11-03 00:29 - 2014-11-03 00:29 - 0000051 _____ () C:\Users\Danka\AppData\Local\Kosong.Bron.Tok.txt 2014-06-25 15:08 - 2009-07-14 01:01 - 0000230 ____N () C:\Users\Danka\AppData\Local\NetMailTmp.bin 2010-11-21 05:24 - 2010-11-21 05:24 - 85823488 ___SH (Cvision Technologies) C:\ProgramData\msuomzfb.exe Files to move or delete: ==================== C:\ProgramData\msuomzfb.exe C:\Windows\Tasks\{81C0F64C-B6FD-4D85-BE0D-DA5B4DCD8C0B}.job Some files in TEMP: ==================== C:\Users\Danka\AppData\Local\Temp\cdo1561205282.dll C:\Users\Danka\AppData\Local\Temp\cdo3037373340.dll C:\Users\Danka\AppData\Local\Temp\SourceAppUntemp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-25 22:57 ==================== End of log ============================

Profil

magna86 Poslao: 18 Jul 2015 16:56 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu, idemo dalje. Sledeca skripta ce reci nasem alatu da se ponasa veoma agresivno, pa hajde da pocnemo. 1. Privremeno deaktiviraj AntiVirus program, u većini slučajeva preko desnog klika na ikonu programa u system tray, da se ne mesa u rad naseg alata. Ukoliko nisi siguran kako to da uradiš, isprati ovo uputstvo. 2. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: START CreateRestorePoint: Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SourceApp" /f Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{604CD5A1-4520-4844-B064-A3D884B77E91}" /f Unlock: C:\ProgramData\msuomzfb.exe Unlock: C:\Users\Danka\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe Unlock: C:\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys Unlock: C:\Windows\System32\drivers\{0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64.sys Unlock: C:\Windows\System32\drivers\{167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64.sys Unlock: C:\Windows\System32\drivers\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64.sys Unlock: C:\Windows\System32\drivers\{4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64.sys Unlock: C:\Windows\System32\drivers\{44219168-7340-43df-bbc2-89f0b26c112f}Gw64.sys Unlock: C:\Windows\System32\drivers\{46b9091e-deda-48d8-b979-0464193d69d5}Gw64.sys Unlock: C:\Windows\System32\drivers\{4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64.sys Unlock: C:\Windows\System32\drivers\{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64.sys Unlock: C:\Windows\System32\drivers\{72074a89-563a-4402-894b-cfea7ec6858b}Gw64.sys Unlock: C:\Windows\System32\drivers\{7668d866-cc70-408f-b874-d683473d0f40}Gw64.sys Unlock: C:\Windows\System32\drivers\{88dab020-0802-4f33-9294-5fccbb774bac}Gw64.sys Unlock: C:\Windows\System32\drivers\{8dc666b5-f370-4f22-8558-6a137d48eead}Gw64.sys Unlock: C:\Windows\System32\drivers\{8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64.sys Unlock: C:\Windows\System32\drivers\{9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64.sys Unlock: C:\Windows\System32\drivers\{9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64.sys Unlock: C:\Windows\System32\drivers\{9e225977-4791-4356-911d-90b292281075}Gw64.sys Unlock: C:\Windows\System32\drivers\{a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64.sys Unlock: C:\Windows\System32\drivers\{b40efc75-ad36-4607-9465-eb41963e9c42}Gw64.sys Unlock: C:\Windows\System32\drivers\{b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64.sys Unlock: C:\Windows\System32\drivers\{baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64.sys Unlock: C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys Unlock: C:\Windows\System32\drivers\{d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64.sys Unlock: C:\Windows\System32\drivers\{e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64.sys Unlock: C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys Unlock: C:\Windows\System32\drivers\{fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64.sys Unlock: C:\Windows\system32\drivers\{02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64.sys Unlock: C:\Windows\system32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys Unlock: C:\Windows\system32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys Unlock: C:\Windows\ystem32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys Unlock: C:\Windows\system32\drivers\{59399874-7437-4b6e-9c62-82162c4f6112}Gw64.sys Unlock: C:\Windows\system32\drivers\{71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64.sys Unlock: C:\Windows\system32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys Unlock: C:\Windows\system32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys Reboot: C:\ProgramData\msuomzfb.exe C:\Users\Danka\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe C:\Program Files\kprocesshacker.sys C:\Users\Danka\AppData\Local\Temp\.dll C:\Users\Danka\AppData\Local\Temp\.exe C:\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys C:\Windows\System32\drivers\{0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64.sys C:\Windows\System32\drivers\{167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64.sys C:\Windows\System32\drivers\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64.sys C:\Windows\System32\drivers\{4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64.sys C:\Windows\System32\drivers\{44219168-7340-43df-bbc2-89f0b26c112f}Gw64.sys C:\Windows\System32\drivers\{46b9091e-deda-48d8-b979-0464193d69d5}Gw64.sys C:\Windows\System32\drivers\{4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64.sys C:\Windows\System32\drivers\{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64.sys C:\Windows\System32\drivers\{72074a89-563a-4402-894b-cfea7ec6858b}Gw64.sys C:\Windows\System32\drivers\{7668d866-cc70-408f-b874-d683473d0f40}Gw64.sys C:\Windows\System32\drivers\{88dab020-0802-4f33-9294-5fccbb774bac}Gw64.sys C:\Windows\System32\drivers\{8dc666b5-f370-4f22-8558-6a137d48eead}Gw64.sys C:\Windows\System32\drivers\{8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64.sys C:\Windows\System32\drivers\{9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64.sys C:\Windows\System32\drivers\{9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64.sys C:\Windows\System32\drivers\{9e225977-4791-4356-911d-90b292281075}Gw64.sys C:\Windows\System32\drivers\{a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64.sys C:\Windows\System32\drivers\{b40efc75-ad36-4607-9465-eb41963e9c42}Gw64.sys C:\Windows\System32\drivers\{b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64.sys C:\Windows\System32\drivers\{baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64.sys C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys C:\Windows\System32\drivers\{d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64.sys C:\Windows\System32\drivers\{e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64.sys C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys C:\Windows\System32\drivers\{fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64.sys C:\Windows\system32\drivers\{02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64.sys C:\Windows\system32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys C:\Windows\system32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys C:\Windows\ystem32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys C:\Windows\system32\drivers\{59399874-7437-4b6e-9c62-82162c4f6112}Gw64.sys C:\Windows\system32\drivers\{71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64.sys C:\Windows\system32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys C:\Windows\system32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys C:\Windows\Tasks\{81C0F64C-B6FD-4D85-BE0D-DA5B4DCD8C0B}.job C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}.xpi C:\Program Files\FN8TC7YJ.exe C:\Program Files\3L3L3HFB.exe C:\Program Files\7P7P7ZRA.exe C:\Program Files\R9RCUNO5.exe C:\Program Files\P4TESJ97.exe C:\Program Files\K8K8K2FD.exe C:\Program Files\YI0I0VKL.exe C:\Program Files\N6K9TN0Z.exe C:\Program Files\CYK7RONT.exe C:\Program Files\UCUCU6HH.exe C:\Program Files\0J2M53ZD.exe C:\Program Files\YH1K5GBS.exe C:\Program Files\O6P8SLGU.exe C:\Program Files\F0IWJE4D.exe C:\Program Files\5N5N5YTA.exe C:\Program Files\WG1M73HH.exe C:\Program Files\UR9R9FV6.exe C:\Program Files\RBUBZGFF.exe C:\Program Files\GZJ2N6K5.exe C:\Program Files\7VH0LJDI.exe C:\Program Files\P9UF0UK9.exe C:\Program Files\KG6VANEM.exe C:\Program Files\3N6P7PA5.exe C:\Program Files\2M5O6K9O.exe C:\Program Files\YOE4TVX8.exe C:\Program Files\WRNLXKZ2.exe C:\Program Files\UCUCWPKY.exe C:\Program Files\DYIUETGX.exe C:\Program Files\3J3LSBO7.exe C:\Program Files\2UNF80Z9.exe C:\Program Files\JGPZHJ5I.exe C:\Program Files\7OOVAUOX.exe C:\Program Files\WPCA0ZXD.exe C:\Program Files\L3L3LD5J.exe C:\Program Files\ASASALYT.exe C:\Program Files\1L4TIHFB.exe C:\Program Files\5RF5ROKN.exe C:\Program Files\0J2M53ZD.exe C:\Program Files\1L4TIHFB.exe C:\Program Files\2M5O6K9O.exe C:\Program Files\2UNF80Z9.exe C:\Program Files\3J3LSBO7.exe C:\Program Files\3L3L3HFB.exe C:\Program Files\3N6P7PA5.exe C:\Program Files\5N5N5YTA.exe C:\Program Files\5RF5ROKN.exe C:\Program Files\7OOVAUOX.exe C:\Program Files\7P7P7ZRA.exe C:\Program Files\7VH0LJDI.exe C:\Program Files\ASASALYT.exe C:\Program Files\CYK7RONT.exe C:\Program Files\DYIUETGX.exe C:\Program Files\F0IWJE4D.exe C:\Program Files\FN8TC7YJ.exe C:\Program Files\GZJ2N6K5.exe C:\Program Files\JGPZHJ5I.exe C:\Program Files\K8K8K2FD.exe C:\Program Files\KG6VANEM.exe C:\Program Files\L3L3LD5J.exe C:\Program Files\N6K9TN0Z.exe C:\Program Files\O6P8SLGU.exe C:\Program Files\P4TESJ97.exe C:\Program Files\P9UF0UK9.exe C:\Program Files\R9RCUNO5.exe C:\Program Files\RBUBZGFF.exe C:\Program Files\UCUCU6HH.exe C:\Program Files\UCUCWPKY.exe C:\Program Files\UR9R9FV6.exe C:\Program Files\WG1M73HH.exe C:\Program Files\WPCA0ZXD.exe C:\Program Files\WRNLXKZ2.exe C:\Program Files\YH1K5GBS.exe C:\Program Files\YI0I0VKL.exe C:\Program Files\YOE4TVX8.exe C:\Users\Danka\Downloads\SpeedyPC Pro Installer_402D7427-6306-4298-A02B-6C6CC848E60D_.exe C:\Windows\Tasks\SpeedyPC Pro Startup.job C:\Windows\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248.job C:\Windows\Tasks\SpeedyPC Update Version3_triggeronce.job C:\Windows\Tasks\SpeedyPC Update Version3.job C:\Users\Danka\Desktop\SpeedyPC Pro.lnk Hosts: c:\program files (x86)\common files\speedypc software C:\Program Files (x86)\SpeedyPC Software C:\Program Files (x86)\SourceApp C:\Windows\Tasks\SpeedyPC Registration3.job C:\Windows\System32\Tasks\SpeedyPC Registration3 C:\Windows\System32\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248 C:\Windows\System32\Tasks\SpeedyPC Update Version3 C:\Windows\System32\Tasks\SpeedyPC Update Version3_triggeronce C:\Windows\System32\Tasks\SpeedyPC Pro Startup C:\Users\Danka\AppData\Roaming\SpeedyPC Software C:\Users\Danka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedyPC Software C:\ProgramData\SpeedyPC Software C:\Program Files (x86)\SpeedyPC Software CloseProcesses: R2 VSSS; C:\Users\Danka\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [103434944 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION R3 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X] R2 Update SourceApp; C:\Program Files (x86)\SourceApp\updateSourceApp.exe [471280 2015-07-17] () R2 Util SourceApp; C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe [471280 2015-07-17] () R1 {0263559b-b988-4803-b082-70c1d2b89830}Gw64; C:\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys [48784 2014-12-05] (StdLib) R1 {0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64; C:\Windows\System32\drivers\{0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64.sys [48784 2015-02-20] (StdLib) R1 {167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64; C:\Windows\System32\drivers\{167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64.sys [48784 2015-02-28] (StdLib) R1 {21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64; C:\Windows\System32\drivers\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64.sys [48784 2014-12-02] (StdLib) R1 {4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64; C:\Windows\System32\drivers\{4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64.sys [48784 2015-01-21] (StdLib) R1 {44219168-7340-43df-bbc2-89f0b26c112f}Gw64; C:\Windows\System32\drivers\{44219168-7340-43df-bbc2-89f0b26c112f}Gw64.sys [48784 2015-01-18] (StdLib) R1 {46b9091e-deda-48d8-b979-0464193d69d5}Gw64; C:\Windows\System32\drivers\{46b9091e-deda-48d8-b979-0464193d69d5}Gw64.sys [48784 2014-12-09] (StdLib) R1 {4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64; C:\Windows\System32\drivers\{4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64.sys [48784 2015-02-14] (StdLib) R1 {4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64; C:\Windows\System32\drivers\{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64.sys [48784 2015-01-31] (StdLib) R1 {72074a89-563a-4402-894b-cfea7ec6858b}Gw64; C:\Windows\System32\drivers\{72074a89-563a-4402-894b-cfea7ec6858b}Gw64.sys [48784 2015-02-08] (StdLib) R1 {7668d866-cc70-408f-b874-d683473d0f40}Gw64; C:\Windows\System32\drivers\{7668d866-cc70-408f-b874-d683473d0f40}Gw64.sys [48784 2014-12-18] (StdLib) R1 {88dab020-0802-4f33-9294-5fccbb774bac}Gw64; C:\Windows\System32\drivers\{88dab020-0802-4f33-9294-5fccbb774bac}Gw64.sys [48784 2015-03-05] (StdLib) R1 {8dc666b5-f370-4f22-8558-6a137d48eead}Gw64; C:\Windows\System32\drivers\{8dc666b5-f370-4f22-8558-6a137d48eead}Gw64.sys [48784 2015-01-27] (StdLib) R1 {8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64; C:\Windows\System32\drivers\{8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64.sys [48784 2014-12-06] (StdLib) R1 {9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64; C:\Windows\System32\drivers\{9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64.sys [48784 2015-01-25] (StdLib) R1 {9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64; C:\Windows\System32\drivers\{9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64.sys [48784 2015-02-25] (StdLib) R1 {9e225977-4791-4356-911d-90b292281075}Gw64; C:\Windows\System32\drivers\{9e225977-4791-4356-911d-90b292281075}Gw64.sys [48784 2015-02-06] (StdLib) R1 {a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64; C:\Windows\System32\drivers\{a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64.sys [48784 2014-12-12] (StdLib) R1 {b40efc75-ad36-4607-9465-eb41963e9c42}Gw64; C:\Windows\System32\drivers\{b40efc75-ad36-4607-9465-eb41963e9c42}Gw64.sys [48784 2015-03-13] (StdLib) R1 {b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64; C:\Windows\System32\drivers\{b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64.sys [48784 2015-02-03] (StdLib) R1 {baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64; C:\Windows\System32\drivers\{baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64.sys [48784 2015-02-12] (StdLib) R1 {cad8ac99-1831-4a75-b758-e4235c95af75}Gw64; C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys [48784 2015-01-15] (StdLib) R1 {d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64; C:\Windows\System32\drivers\{d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64.sys [48784 2015-03-10] (StdLib) R1 {e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64; C:\Windows\System32\drivers\{e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64.sys [48784 2015-02-19] (StdLib) R1 {fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64; C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys [48784 2015-01-07] (StdLib) R1 {fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64; C:\Windows\System32\drivers\{fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64.sys [48784 2015-03-02] (StdLib) S1 {02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64; system32\drivers\{02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64.sys [X] S1 {073f2b9a-2357-4614-b174-3fc1afffe941}Gw64; system32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys [X] S1 {122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64; system32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys [X] S1 {549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64; system32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys [X] S1 {59399874-7437-4b6e-9c62-82162c4f6112}Gw64; system32\drivers\{59399874-7437-4b6e-9c62-82162c4f6112}Gw64.sys [X] S1 {71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64; system32\drivers\{71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64.sys [X] S1 {95282a5e-d707-43c0-b998-d6a934a963a8}Gw64; system32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys [X] S1 {abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64; system32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys [X] RemoveProxy: HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\CurrentVersion\Windows: [Load] C:\ProgramData\msuomzfb.exe <===== ATTENTION GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION SearchScopes: HKU\S-1-5-21-2176275773-2264376577-2624193879-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=pr_7d405fe9-ebdd-4585-9f6e-1d3be626de30&q={searchTerms} SearchScopes: HKU\S-1-5-21-2176275773-2264376577-2624193879-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=pr_7d405fe9-ebdd-4585-9f6e-1d3be626de30&q={searchTerms} FF Extension: SourceApp 1.0.1 - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}.xpi [2014-12-01] Task: {21FDAB56-EDE4-4847-8A81-3F7853025BC9} - System32\Tasks\SpeedyPC Update Version3_triggeronce => c:\program files (x86)\common files\speedypc software\uus3\SpeedyPC_Update3.exe [2014-12-19] (SpeedyPC Software) <==== ATTENTION Task: {36C4D12A-7F10-4AC8-ACBF-F00F18C527BD} - System32\Tasks\SpeedyPC Update Version3 => c:\program files (x86)\common files\speedypc software\uus3\SpeedyPC_Update3.exe [2014-12-19] (SpeedyPC Software) <==== ATTENTION Task: {372F46AF-E6A7-405B-92A4-5259AEFA7712} - System32\Tasks\SpeedyPC Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\UUS3.dll" RunUns <==== ATTENTION Task: {65423791-DFD1-44CC-A3ED-5A2F05EEA1C7} - System32\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248 => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2014-12-19] (SpeedyPC Software) <==== ATTENTION Task: {DFEBBC24-D3AA-4405-9052-FBA15D6D58B5} - System32\Tasks\SpeedyPC Pro Startup => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2014-12-19] (SpeedyPC Software) <==== ATTENTION Task: C:\Windows\Tasks\SpeedyPC Pro Startup.job => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe <==== ATTENTION Task: C:\Windows\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248.job => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe <==== ATTENTION Task: C:\Windows\Tasks\SpeedyPC Registration3.job => C:\Windows\system32\rundll32.exeMC:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\UUS3.dll <==== ATTENTION Task: C:\Windows\Tasks\SpeedyPC Update Version3.job => c:\program files (x86)\common files\speedypc software\uus3\SpeedyPC_Update3.exe <==== ATTENTION Task: C:\Windows\Tasks\SpeedyPC Update Version3_triggeronce.job => c:\program files (x86)\common files\speedypc software\uus3\SpeedyPC_Update3.exe <==== ATTENTION END 3. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 4. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. 5. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

Danka Borojevic Poslao: 18 Jul 2015 17:42 Idi na vrh
offline Danka Borojevic Građanin Pridružio: 02 Avg 2012 Poruke: 31	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png Fix result of Farbar Recovery Scan Tool (x64) Version:18-07-2015 01 Ran by Danka at 2015-07-18 17:32:30 Run:1 Running from C:\Users\Danka\Downloads Loaded Profiles: Danka (Available Profiles: Danka) Boot Mode: Normal ============================================== fixlist content: ***************** START CreateRestorePoint: Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SourceApp" /f Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{604CD5A1-4520-4844-B064-A3D884B77E91}" /f Unlock: C:\ProgramData\msuomzfb.exe Unlock: C:\Users\Danka\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe Unlock: C:\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys Unlock: C:\Windows\System32\drivers\{0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64.sys Unlock: C:\Windows\System32\drivers\{167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64.sys Unlock: C:\Windows\System32\drivers\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64.sys Unlock: C:\Windows\System32\drivers\{4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64.sys Unlock: C:\Windows\System32\drivers\{44219168-7340-43df-bbc2-89f0b26c112f}Gw64.sys Unlock: C:\Windows\System32\drivers\{46b9091e-deda-48d8-b979-0464193d69d5}Gw64.sys Unlock: C:\Windows\System32\drivers\{4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64.sys Unlock: C:\Windows\System32\drivers\{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64.sys Unlock: C:\Windows\System32\drivers\{72074a89-563a-4402-894b-cfea7ec6858b}Gw64.sys Unlock: C:\Windows\System32\drivers\{7668d866-cc70-408f-b874-d683473d0f40}Gw64.sys Unlock: C:\Windows\System32\drivers\{88dab020-0802-4f33-9294-5fccbb774bac}Gw64.sys Unlock: C:\Windows\System32\drivers\{8dc666b5-f370-4f22-8558-6a137d48eead}Gw64.sys Unlock: C:\Windows\System32\drivers\{8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64.sys Unlock: C:\Windows\System32\drivers\{9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64.sys Unlock: C:\Windows\System32\drivers\{9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64.sys Unlock: C:\Windows\System32\drivers\{9e225977-4791-4356-911d-90b292281075}Gw64.sys Unlock: C:\Windows\System32\drivers\{a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64.sys Unlock: C:\Windows\System32\drivers\{b40efc75-ad36-4607-9465-eb41963e9c42}Gw64.sys Unlock: C:\Windows\System32\drivers\{b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64.sys Unlock: C:\Windows\System32\drivers\{baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64.sys Unlock: C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys Unlock: C:\Windows\System32\drivers\{d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64.sys Unlock: C:\Windows\System32\drivers\{e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64.sys Unlock: C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys Unlock: C:\Windows\System32\drivers\{fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64.sys Unlock: C:\Windows\system32\drivers\{02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64.sys Unlock: C:\Windows\system32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys Unlock: C:\Windows\system32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys Unlock: C:\Windows\ystem32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys Unlock: C:\Windows\system32\drivers\{59399874-7437-4b6e-9c62-82162c4f6112}Gw64.sys Unlock: C:\Windows\system32\drivers\{71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64.sys Unlock: C:\Windows\system32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys Unlock: C:\Windows\system32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys Reboot: C:\ProgramData\msuomzfb.exe C:\Users\Danka\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe C:\Program Files\kprocesshacker.sys C:\Users\Danka\AppData\Local\Temp\.dll C:\Users\Danka\AppData\Local\Temp\.exe C:\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys C:\Windows\System32\drivers\{0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64.sys C:\Windows\System32\drivers\{167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64.sys C:\Windows\System32\drivers\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64.sys C:\Windows\System32\drivers\{4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64.sys C:\Windows\System32\drivers\{44219168-7340-43df-bbc2-89f0b26c112f}Gw64.sys C:\Windows\System32\drivers\{46b9091e-deda-48d8-b979-0464193d69d5}Gw64.sys C:\Windows\System32\drivers\{4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64.sys C:\Windows\System32\drivers\{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64.sys C:\Windows\System32\drivers\{72074a89-563a-4402-894b-cfea7ec6858b}Gw64.sys C:\Windows\System32\drivers\{7668d866-cc70-408f-b874-d683473d0f40}Gw64.sys C:\Windows\System32\drivers\{88dab020-0802-4f33-9294-5fccbb774bac}Gw64.sys C:\Windows\System32\drivers\{8dc666b5-f370-4f22-8558-6a137d48eead}Gw64.sys C:\Windows\System32\drivers\{8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64.sys C:\Windows\System32\drivers\{9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64.sys C:\Windows\System32\drivers\{9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64.sys C:\Windows\System32\drivers\{9e225977-4791-4356-911d-90b292281075}Gw64.sys C:\Windows\System32\drivers\{a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64.sys C:\Windows\System32\drivers\{b40efc75-ad36-4607-9465-eb41963e9c42}Gw64.sys C:\Windows\System32\drivers\{b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64.sys C:\Windows\System32\drivers\{baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64.sys C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys C:\Windows\System32\drivers\{d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64.sys C:\Windows\System32\drivers\{e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64.sys C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys C:\Windows\System32\drivers\{fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64.sys C:\Windows\system32\drivers\{02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64.sys C:\Windows\system32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys C:\Windows\system32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys C:\Windows\ystem32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys C:\Windows\system32\drivers\{59399874-7437-4b6e-9c62-82162c4f6112}Gw64.sys C:\Windows\system32\drivers\{71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64.sys C:\Windows\system32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys C:\Windows\system32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys C:\Windows\Tasks\{81C0F64C-B6FD-4D85-BE0D-DA5B4DCD8C0B}.job C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}.xpi C:\Program Files\FN8TC7YJ.exe C:\Program Files\3L3L3HFB.exe C:\Program Files\7P7P7ZRA.exe C:\Program Files\R9RCUNO5.exe C:\Program Files\P4TESJ97.exe C:\Program Files\K8K8K2FD.exe C:\Program Files\YI0I0VKL.exe C:\Program Files\N6K9TN0Z.exe C:\Program Files\CYK7RONT.exe C:\Program Files\UCUCU6HH.exe C:\Program Files\0J2M53ZD.exe C:\Program Files\YH1K5GBS.exe C:\Program Files\O6P8SLGU.exe C:\Program Files\F0IWJE4D.exe C:\Program Files\5N5N5YTA.exe C:\Program Files\WG1M73HH.exe C:\Program Files\UR9R9FV6.exe C:\Program Files\RBUBZGFF.exe C:\Program Files\GZJ2N6K5.exe C:\Program Files\7VH0LJDI.exe C:\Program Files\P9UF0UK9.exe C:\Program Files\KG6VANEM.exe C:\Program Files\3N6P7PA5.exe C:\Program Files\2M5O6K9O.exe C:\Program Files\YOE4TVX8.exe C:\Program Files\WRNLXKZ2.exe C:\Program Files\UCUCWPKY.exe C:\Program Files\DYIUETGX.exe C:\Program Files\3J3LSBO7.exe C:\Program Files\2UNF80Z9.exe C:\Program Files\JGPZHJ5I.exe C:\Program Files\7OOVAUOX.exe C:\Program Files\WPCA0ZXD.exe C:\Program Files\L3L3LD5J.exe C:\Program Files\ASASALYT.exe C:\Program Files\1L4TIHFB.exe C:\Program Files\5RF5ROKN.exe C:\Program Files\0J2M53ZD.exe C:\Program Files\1L4TIHFB.exe C:\Program Files\2M5O6K9O.exe C:\Program Files\2UNF80Z9.exe C:\Program Files\3J3LSBO7.exe C:\Program Files\3L3L3HFB.exe C:\Program Files\3N6P7PA5.exe C:\Program Files\5N5N5YTA.exe C:\Program Files\5RF5ROKN.exe C:\Program Files\7OOVAUOX.exe C:\Program Files\7P7P7ZRA.exe C:\Program Files\7VH0LJDI.exe C:\Program Files\ASASALYT.exe C:\Program Files\CYK7RONT.exe C:\Program Files\DYIUETGX.exe C:\Program Files\F0IWJE4D.exe C:\Program Files\FN8TC7YJ.exe C:\Program Files\GZJ2N6K5.exe C:\Program Files\JGPZHJ5I.exe C:\Program Files\K8K8K2FD.exe C:\Program Files\KG6VANEM.exe C:\Program Files\L3L3LD5J.exe C:\Program Files\N6K9TN0Z.exe C:\Program Files\O6P8SLGU.exe C:\Program Files\P4TESJ97.exe C:\Program Files\P9UF0UK9.exe C:\Program Files\R9RCUNO5.exe C:\Program Files\RBUBZGFF.exe C:\Program Files\UCUCU6HH.exe C:\Program Files\UCUCWPKY.exe C:\Program Files\UR9R9FV6.exe C:\Program Files\WG1M73HH.exe C:\Program Files\WPCA0ZXD.exe C:\Program Files\WRNLXKZ2.exe C:\Program Files\YH1K5GBS.exe C:\Program Files\YI0I0VKL.exe C:\Program Files\YOE4TVX8.exe C:\Users\Danka\Downloads\SpeedyPC Pro Installer_402D7427-6306-4298-A02B-6C6CC848E60D_.exe C:\Windows\Tasks\SpeedyPC Pro Startup.job C:\Windows\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248.job C:\Windows\Tasks\SpeedyPC Update Version3_triggeronce.job C:\Windows\Tasks\SpeedyPC Update Version3.job C:\Users\Danka\Desktop\SpeedyPC Pro.lnk Hosts: c:\program files (x86)\common files\speedypc software C:\Program Files (x86)\SpeedyPC Software C:\Program Files (x86)\SourceApp C:\Windows\Tasks\SpeedyPC Registration3.job C:\Windows\System32\Tasks\SpeedyPC Registration3 C:\Windows\System32\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248 C:\Windows\System32\Tasks\SpeedyPC Update Version3 C:\Windows\System32\Tasks\SpeedyPC Update Version3_triggeronce C:\Windows\System32\Tasks\SpeedyPC Pro Startup C:\Users\Danka\AppData\Roaming\SpeedyPC Software C:\Users\Danka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedyPC Software C:\ProgramData\SpeedyPC Software C:\Program Files (x86)\SpeedyPC Software CloseProcesses: R2 VSSS; C:\Users\Danka\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [103434944 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION R3 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X] R2 Update SourceApp; C:\Program Files (x86)\SourceApp\updateSourceApp.exe [471280 2015-07-17] () R2 Util SourceApp; C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe [471280 2015-07-17] () R1 {0263559b-b988-4803-b082-70c1d2b89830}Gw64; C:\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys [48784 2014-12-05] (StdLib) R1 {0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64; C:\Windows\System32\drivers\{0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64.sys [48784 2015-02-20] (StdLib) R1 {167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64; C:\Windows\System32\drivers\{167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64.sys [48784 2015-02-28] (StdLib) R1 {21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64; C:\Windows\System32\drivers\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64.sys [48784 2014-12-02] (StdLib) R1 {4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64; C:\Windows\System32\drivers\{4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64.sys [48784 2015-01-21] (StdLib) R1 {44219168-7340-43df-bbc2-89f0b26c112f}Gw64; C:\Windows\System32\drivers\{44219168-7340-43df-bbc2-89f0b26c112f}Gw64.sys [48784 2015-01-18] (StdLib) R1 {46b9091e-deda-48d8-b979-0464193d69d5}Gw64; C:\Windows\System32\drivers\{46b9091e-deda-48d8-b979-0464193d69d5}Gw64.sys [48784 2014-12-09] (StdLib) R1 {4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64; C:\Windows\System32\drivers\{4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64.sys [48784 2015-02-14] (StdLib) R1 {4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64; C:\Windows\System32\drivers\{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64.sys [48784 2015-01-31] (StdLib) R1 {72074a89-563a-4402-894b-cfea7ec6858b}Gw64; C:\Windows\System32\drivers\{72074a89-563a-4402-894b-cfea7ec6858b}Gw64.sys [48784 2015-02-08] (StdLib) R1 {7668d866-cc70-408f-b874-d683473d0f40}Gw64; C:\Windows\System32\drivers\{7668d866-cc70-408f-b874-d683473d0f40}Gw64.sys [48784 2014-12-18] (StdLib) R1 {88dab020-0802-4f33-9294-5fccbb774bac}Gw64; C:\Windows\System32\drivers\{88dab020-0802-4f33-9294-5fccbb774bac}Gw64.sys [48784 2015-03-05] (StdLib) R1 {8dc666b5-f370-4f22-8558-6a137d48eead}Gw64; C:\Windows\System32\drivers\{8dc666b5-f370-4f22-8558-6a137d48eead}Gw64.sys [48784 2015-01-27] (StdLib) R1 {8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64; C:\Windows\System32\drivers\{8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64.sys [48784 2014-12-06] (StdLib) R1 {9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64; C:\Windows\System32\drivers\{9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64.sys [48784 2015-01-25] (StdLib) R1 {9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64; C:\Windows\System32\drivers\{9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64.sys [48784 2015-02-25] (StdLib) R1 {9e225977-4791-4356-911d-90b292281075}Gw64; C:\Windows\System32\drivers\{9e225977-4791-4356-911d-90b292281075}Gw64.sys [48784 2015-02-06] (StdLib) R1 {a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64; C:\Windows\System32\drivers\{a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64.sys [48784 2014-12-12] (StdLib) R1 {b40efc75-ad36-4607-9465-eb41963e9c42}Gw64; C:\Windows\System32\drivers\{b40efc75-ad36-4607-9465-eb41963e9c42}Gw64.sys [48784 2015-03-13] (StdLib) R1 {b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64; C:\Windows\System32\drivers\{b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64.sys [48784 2015-02-03] (StdLib) R1 {baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64; C:\Windows\System32\drivers\{baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64.sys [48784 2015-02-12] (StdLib) R1 {cad8ac99-1831-4a75-b758-e4235c95af75}Gw64; C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys [48784 2015-01-15] (StdLib) R1 {d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64; C:\Windows\System32\drivers\{d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64.sys [48784 2015-03-10] (StdLib) R1 {e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64; C:\Windows\System32\drivers\{e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64.sys [48784 2015-02-19] (StdLib) R1 {fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64; C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys [48784 2015-01-07] (StdLib) R1 {fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64; C:\Windows\System32\drivers\{fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64.sys [48784 2015-03-02] (StdLib) S1 {02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64; system32\drivers\{02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64.sys [X] S1 {073f2b9a-2357-4614-b174-3fc1afffe941}Gw64; system32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys [X] S1 {122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64; system32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys [X] S1 {549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64; system32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys [X] S1 {59399874-7437-4b6e-9c62-82162c4f6112}Gw64; system32\drivers\{59399874-7437-4b6e-9c62-82162c4f6112}Gw64.sys [X] S1 {71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64; system32\drivers\{71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64.sys [X] S1 {95282a5e-d707-43c0-b998-d6a934a963a8}Gw64; system32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys [X] S1 {abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64; system32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys [X] RemoveProxy: HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\CurrentVersion\Windows: [Load] C:\ProgramData\msuomzfb.exe <===== ATTENTION GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION SearchScopes: HKU\S-1-5-21-2176275773-2264376577-2624193879-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = q.search-simple.com/?affID=pr_7d405fe9-ebdd-4585-9f6e-1d3be626de30&q={searchTerms} SearchScopes: HKU\S-1-5-21-2176275773-2264376577-2624193879-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = q.search-simple.com/?affID=pr_7d405fe9-ebdd-4585-9f6e-1d3be626de30&q={searchTerms} FF Extension: SourceApp 1.0.1 - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}.xpi [2014-12-01] Task: {21FDAB56-EDE4-4847-8A81-3F7853025BC9} - System32\Tasks\SpeedyPC Update Version3_triggeronce => c:\program files (x86)\common files\speedypc software\uus3\SpeedyPC_Update3.exe [2014-12-19] (SpeedyPC Software) <==== ATTENTION Task: {36C4D12A-7F10-4AC8-ACBF-F00F18C527BD} - System32\Tasks\SpeedyPC Update Version3 => c:\program files (x86)\common files\speedypc software\uus3\SpeedyPC_Update3.exe [2014-12-19] (SpeedyPC Software) <==== ATTENTION Task: {372F46AF-E6A7-405B-92A4-5259AEFA7712} - System32\Tasks\SpeedyPC Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\UUS3.dll" RunUns <==== ATTENTION Task: {65423791-DFD1-44CC-A3ED-5A2F05EEA1C7} - System32\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248 => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2014-12-19] (SpeedyPC Software) <==== ATTENTION Task: {DFEBBC24-D3AA-4405-9052-FBA15D6D58B5} - System32\Tasks\SpeedyPC Pro Startup => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2014-12-19] (SpeedyPC Software) <==== ATTENTION Task: C:\Windows\Tasks\SpeedyPC Pro Startup.job => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe <==== ATTENTION Task: C:\Windows\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248.job => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe <==== ATTENTION Task: C:\Windows\Tasks\SpeedyPC Registration3.job => C:\Windows\system32\rundll32.exeMC:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\UUS3.dll <==== ATTENTION Task: C:\Windows\Tasks\SpeedyPC Update Version3.job => c:\program files (x86)\common files\speedypc software\uus3\SpeedyPC_Update3.exe <==== ATTENTION Task: C:\Windows\Tasks\SpeedyPC Update Version3_triggeronce.job => c:\program files (x86)\common files\speedypc software\uus3\SpeedyPC_Update3.exe <==== ATTENTION END ***************** Error: (0) Failed to create a restore point. ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SourceApp" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{604CD5A1-4520-4844-B064-A3D884B77E91}" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= "C:\ProgramData\msuomzfb.exe" => File/Folder was unlocked "C:\Users\Danka\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe" => File/Folder was unlocked "C:\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{44219168-7340-43df-bbc2-89f0b26c112f}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{46b9091e-deda-48d8-b979-0464193d69d5}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{72074a89-563a-4402-894b-cfea7ec6858b}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{7668d866-cc70-408f-b874-d683473d0f40}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{88dab020-0802-4f33-9294-5fccbb774bac}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{8dc666b5-f370-4f22-8558-6a137d48eead}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{9e225977-4791-4356-911d-90b292281075}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{b40efc75-ad36-4607-9465-eb41963e9c42}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys" => File/Folder was unlocked "C:\Windows\System32\drivers\{fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64.sys" => File/Folder was unlocked "C:\Windows\system32\drivers\{02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64.sys" => not found. "C:\Windows\system32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys" => not found. "C:\Windows\system32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys" => not found. "C:\Windows\ystem32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys" => not found. "C:\Windows\system32\drivers\{59399874-7437-4b6e-9c62-82162c4f6112}Gw64.sys" => not found. "C:\Windows\system32\drivers\{71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64.sys" => not found. "C:\Windows\system32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys" => not found. "C:\Windows\system32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys" => not found. Could not move "C:\ProgramData\msuomzfb.exe" => Scheduled to move on reboot. C:\Users\Danka\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe => moved successfully. "C:\Program Files\kprocesshacker.sys" => File/Folder not found. C:\Users\Danka\AppData\Local\Temp\.dll => moved successfully. C:\Users\Danka\AppData\Local\Temp\.exe => moved successfully. C:\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{44219168-7340-43df-bbc2-89f0b26c112f}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{46b9091e-deda-48d8-b979-0464193d69d5}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{72074a89-563a-4402-894b-cfea7ec6858b}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{7668d866-cc70-408f-b874-d683473d0f40}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{88dab020-0802-4f33-9294-5fccbb774bac}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{8dc666b5-f370-4f22-8558-6a137d48eead}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{9e225977-4791-4356-911d-90b292281075}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{b40efc75-ad36-4607-9465-eb41963e9c42}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys => moved successfully. C:\Windows\System32\drivers\{fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64.sys => moved successfully. "C:\Windows\system32\drivers\{02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64.sys" => File/Folder not found. "C:\Windows\system32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys" => File/Folder not found. "C:\Windows\system32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys" => File/Folder not found. "C:\Windows\ystem32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys" => File/Folder not found. "C:\Windows\system32\drivers\{59399874-7437-4b6e-9c62-82162c4f6112}Gw64.sys" => File/Folder not found. "C:\Windows\system32\drivers\{71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64.sys" => File/Folder not found. "C:\Windows\system32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys" => File/Folder not found. "C:\Windows\system32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys" => File/Folder not found. C:\Windows\Tasks\{81C0F64C-B6FD-4D85-BE0D-DA5B4DCD8C0B}.job => moved successfully. "C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}.xpi" => File/Folder not found. C:\Program Files\FN8TC7YJ.exe => moved successfully. C:\Program Files\3L3L3HFB.exe => moved successfully. C:\Program Files\7P7P7ZRA.exe => moved successfully. C:\Program Files\R9RCUNO5.exe => moved successfully. C:\Program Files\P4TESJ97.exe => moved successfully. C:\Program Files\K8K8K2FD.exe => moved successfully. C:\Program Files\YI0I0VKL.exe => moved successfully. C:\Program Files\N6K9TN0Z.exe => moved successfully. C:\Program Files\CYK7RONT.exe => moved successfully. C:\Program Files\UCUCU6HH.exe => moved successfully. C:\Program Files\0J2M53ZD.exe => moved successfully. C:\Program Files\YH1K5GBS.exe => moved successfully. C:\Program Files\O6P8SLGU.exe => moved successfully. C:\Program Files\F0IWJE4D.exe => moved successfully. C:\Program Files\5N5N5YTA.exe => moved successfully. C:\Program Files\WG1M73HH.exe => moved successfully. C:\Program Files\UR9R9FV6.exe => moved successfully. C:\Program Files\RBUBZGFF.exe => moved successfully. C:\Program Files\GZJ2N6K5.exe => moved successfully. C:\Program Files\7VH0LJDI.exe => moved successfully. C:\Program Files\P9UF0UK9.exe => moved successfully. C:\Program Files\KG6VANEM.exe => moved successfully. C:\Program Files\3N6P7PA5.exe => moved successfully. C:\Program Files\2M5O6K9O.exe => moved successfully. C:\Program Files\YOE4TVX8.exe => moved successfully. C:\Program Files\WRNLXKZ2.exe => moved successfully. C:\Program Files\UCUCWPKY.exe => moved successfully. C:\Program Files\DYIUETGX.exe => moved successfully. C:\Program Files\3J3LSBO7.exe => moved successfully. C:\Program Files\2UNF80Z9.exe => moved successfully. C:\Program Files\JGPZHJ5I.exe => moved successfully. C:\Program Files\7OOVAUOX.exe => moved successfully. C:\Program Files\WPCA0ZXD.exe => moved successfully. C:\Program Files\L3L3LD5J.exe => moved successfully. C:\Program Files\ASASALYT.exe => moved successfully. C:\Program Files\1L4TIHFB.exe => moved successfully. C:\Program Files\5RF5ROKN.exe => moved successfully. "C:\Program Files\0J2M53ZD.exe" => File/Folder not found. "C:\Program Files\1L4TIHFB.exe" => File/Folder not found. "C:\Program Files\2M5O6K9O.exe" => File/Folder not found. "C:\Program Files\2UNF80Z9.exe" => File/Folder not found. "C:\Program Files\3J3LSBO7.exe" => File/Folder not found. "C:\Program Files\3L3L3HFB.exe" => File/Folder not found. "C:\Program Files\3N6P7PA5.exe" => File/Folder not found. "C:\Program Files\5N5N5YTA.exe" => File/Folder not found. "C:\Program Files\5RF5ROKN.exe" => File/Folder not found. "C:\Program Files\7OOVAUOX.exe" => File/Folder not found. "C:\Program Files\7P7P7ZRA.exe" => File/Folder not found. "C:\Program Files\7VH0LJDI.exe" => File/Folder not found. "C:\Program Files\ASASALYT.exe" => File/Folder not found. "C:\Program Files\CYK7RONT.exe" => File/Folder not found. "C:\Program Files\DYIUETGX.exe" => File/Folder not found. "C:\Program Files\F0IWJE4D.exe" => File/Folder not found. "C:\Program Files\FN8TC7YJ.exe" => File/Folder not found. "C:\Program Files\GZJ2N6K5.exe" => File/Folder not found. "C:\Program Files\JGPZHJ5I.exe" => File/Folder not found. "C:\Program Files\K8K8K2FD.exe" => File/Folder not found. "C:\Program Files\KG6VANEM.exe" => File/Folder not found. "C:\Program Files\L3L3LD5J.exe" => File/Folder not found. "C:\Program Files\N6K9TN0Z.exe" => File/Folder not found. "C:\Program Files\O6P8SLGU.exe" => File/Folder not found. "C:\Program Files\P4TESJ97.exe" => File/Folder not found. "C:\Program Files\P9UF0UK9.exe" => File/Folder not found. "C:\Program Files\R9RCUNO5.exe" => File/Folder not found. "C:\Program Files\RBUBZGFF.exe" => File/Folder not found. "C:\Program Files\UCUCU6HH.exe" => File/Folder not found. "C:\Program Files\UCUCWPKY.exe" => File/Folder not found. "C:\Program Files\UR9R9FV6.exe" => File/Folder not found. "C:\Program Files\WG1M73HH.exe" => File/Folder not found. "C:\Program Files\WPCA0ZXD.exe" => File/Folder not found. "C:\Program Files\WRNLXKZ2.exe" => File/Folder not found. "C:\Program Files\YH1K5GBS.exe" => File/Folder not found. "C:\Program Files\YI0I0VKL.exe" => File/Folder not found. "C:\Program Files\YOE4TVX8.exe" => File/Folder not found. C:\Users\Danka\Downloads\SpeedyPC Pro Installer_402D7427-6306-4298-A02B-6C6CC848E60D_.exe => moved successfully. "C:\Windows\Tasks\SpeedyPC Pro Startup.job" => File/Folder not found. "C:\Windows\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248.job" => File/Folder not found. "C:\Windows\Tasks\SpeedyPC Update Version3_triggeronce.job" => File/Folder not found. "C:\Windows\Tasks\SpeedyPC Update Version3.job" => File/Folder not found. "C:\Users\Danka\Desktop\SpeedyPC Pro.lnk" => File/Folder not found. C:\Windows\System32\Drivers\etc\hosts => moved successfully. Hosts restored successfully. "c:\program files (x86)\common files\speedypc software" => File/Folder not found. "C:\Program Files (x86)\SpeedyPC Software" => File/Folder not found. "C:\Program Files (x86)\SourceApp" => File/Folder not found. "C:\Windows\Tasks\SpeedyPC Registration3.job" => File/Folder not found. "C:\Windows\System32\Tasks\SpeedyPC Registration3" => File/Folder not found. "C:\Windows\System32\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248" => File/Folder not found. "C:\Windows\System32\Tasks\SpeedyPC Update Version3" => File/Folder not found. "C:\Windows\System32\Tasks\SpeedyPC Update Version3_triggeronce" => File/Folder not found. "C:\Windows\System32\Tasks\SpeedyPC Pro Startup" => File/Folder not found. C:\Users\Danka\AppData\Roaming\SpeedyPC Software => moved successfully. "C:\Users\Danka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedyPC Software" => File/Folder not found. C:\ProgramData\SpeedyPC Software => moved successfully. "C:\Program Files (x86)\SpeedyPC Software" => File/Folder not found. Processes closed successfully. VSSS => Service stopped successfully. VSSS => Service removed successfully KProcessHacker2 => Service stopped successfully. KProcessHacker2 => Service removed successfully Update SourceApp => Service not found. Util SourceApp => Service not found. {0263559b-b988-4803-b082-70c1d2b89830}Gw64 => Service stopped successfully. {0263559b-b988-4803-b082-70c1d2b89830}Gw64 => Service removed successfully {0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64 => Service stopped successfully. {0fd1a45b-4ab9-492d-a4ec-94b4363a6dde}Gw64 => Service removed successfully {167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64 => Service stopped successfully. {167ce4ee-11d0-42b8-9745-63dd8d0684e3}Gw64 => Service removed successfully {21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64 => Service stopped successfully. {21b5abe9-a6e9-4a3b-ae74-84488fe21796}Gw64 => Service removed successfully {4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64 => Service stopped successfully. {4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64 => Service removed successfully {44219168-7340-43df-bbc2-89f0b26c112f}Gw64 => Service stopped successfully. {44219168-7340-43df-bbc2-89f0b26c112f}Gw64 => Service removed successfully {46b9091e-deda-48d8-b979-0464193d69d5}Gw64 => Service stopped successfully. {46b9091e-deda-48d8-b979-0464193d69d5}Gw64 => Service removed successfully {4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64 => Service stopped successfully. {4b92b7b5-c723-48bb-89a7-6647fe734df9}Gw64 => Service removed successfully {4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64 => Service stopped successfully. {4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64 => Service removed successfully {72074a89-563a-4402-894b-cfea7ec6858b}Gw64 => Service stopped successfully. {72074a89-563a-4402-894b-cfea7ec6858b}Gw64 => Service removed successfully {7668d866-cc70-408f-b874-d683473d0f40}Gw64 => Service stopped successfully. {7668d866-cc70-408f-b874-d683473d0f40}Gw64 => Service removed successfully {88dab020-0802-4f33-9294-5fccbb774bac}Gw64 => Service stopped successfully. {88dab020-0802-4f33-9294-5fccbb774bac}Gw64 => Service removed successfully {8dc666b5-f370-4f22-8558-6a137d48eead}Gw64 => Service stopped successfully. {8dc666b5-f370-4f22-8558-6a137d48eead}Gw64 => Service removed successfully {8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64 => Service stopped successfully. {8ebaa931-88d7-49c0-80c5-891f3623134f}Gw64 => Service removed successfully {9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64 => Service stopped successfully. {9a6c78f1-af36-4e4d-ba83-e044b750db48}Gw64 => Service removed successfully {9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64 => Service stopped successfully. {9cea9dfd-6bad-4c3a-a43b-aaaff26c8d62}Gw64 => Service removed successfully {9e225977-4791-4356-911d-90b292281075}Gw64 => Service stopped successfully. {9e225977-4791-4356-911d-90b292281075}Gw64 => Service removed successfully {a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64 => Service stopped successfully. {a41197ef-0b95-4642-a2a8-7ab88e13264c}Gw64 => Service removed successfully {b40efc75-ad36-4607-9465-eb41963e9c42}Gw64 => Service stopped successfully. {b40efc75-ad36-4607-9465-eb41963e9c42}Gw64 => Service removed successfully {b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64 => Service stopped successfully. {b84422ed-9d09-458b-b9c8-bb808a96177d}Gw64 => Service removed successfully {baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64 => Service stopped successfully. {baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64 => Service removed successfully {cad8ac99-1831-4a75-b758-e4235c95af75}Gw64 => Service stopped successfully. {cad8ac99-1831-4a75-b758-e4235c95af75}Gw64 => Service removed successfully {d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64 => Service stopped successfully. {d9a4216a-aae1-4d14-ba35-ff234b3b627f}Gw64 => Service removed successfully {e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64 => Service stopped successfully. {e9052879-c4b3-4ba3-adc5-316825a190f8}Gw64 => Service removed successfully {fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64 => Service stopped successfully. {fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64 => Service removed successfully {fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64 => Service stopped successfully. {fd3f661e-765a-4fd3-bc9d-fa7f9541babe}Gw64 => Service removed successfully {02fbc4ae-66cc-4219-94c9-1ee6e15d3402}Gw64 => Service removed successfully {073f2b9a-2357-4614-b174-3fc1afffe941}Gw64 => Service removed successfully {122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64 => Service removed successfully {549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64 => Service removed successfully {59399874-7437-4b6e-9c62-82162c4f6112}Gw64 => Service removed successfully {71066d58-1f99-4a2c-b52e-9880d384e03a}Gw64 => Service removed successfully {95282a5e-d707-43c0-b998-d6a934a963a8}Gw64 => Service removed successfully {abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64 => Service removed successfully ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully ========= End of RemoveProxy: ========= HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => value restored successfully C:\Windows\system32\GroupPolicy\Machine => moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully. "HKLM\SOFTWARE\Policies\Google" => key removed successfully HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully "HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\{21b5abe9-a6e9-4a3b-ae74-84488fe21796}.xpi not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21FDAB56-EDE4-4847-8A81-3F7853025BC9} => key not found. C:\Windows\System32\Tasks\SpeedyPC Update Version3_triggeronce not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedyPC Update Version3_triggeronce => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36C4D12A-7F10-4AC8-ACBF-F00F18C527BD} => key not found. C:\Windows\System32\Tasks\SpeedyPC Update Version3 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedyPC Update Version3 => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{372F46AF-E6A7-405B-92A4-5259AEFA7712} => key not found. C:\Windows\System32\Tasks\SpeedyPC Registration3 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedyPC Registration3 => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65423791-DFD1-44CC-A3ED-5A2F05EEA1C7} => key not found. C:\Windows\System32\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248 => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFEBBC24-D3AA-4405-9052-FBA15D6D58B5} => key not found. C:\Windows\System32\Tasks\SpeedyPC Pro Startup not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedyPC Pro Startup => key not found. C:\Windows\Tasks\SpeedyPC Pro Startup.job not found. C:\Windows\Tasks\SpeedyPC Pro_sch_9AC0BE9A-2BF6-11E5-AAAF-B23466EF4248.job not found. C:\Windows\Tasks\SpeedyPC Registration3.job not found. C:\Windows\Tasks\SpeedyPC Update Version3.job not found. C:\Windows\Tasks\SpeedyPC Update Version3_triggeronce.job not found. Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-18 17:39:38)<= C:\ProgramData\msuomzfb.exe => Is moved successfully ==== End of Fixlog 17:39:39 ====

Profil

magna86 Poslao: 18 Jul 2015 17:59 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Odlicno je proslo. Idemo na jos jednu proveru da se postaramo da nema nekog zaostalog dela malware-a u sistemu. PS: vidi da budes online do veceras da zavrsimo slucaj jer ja sutra necu biti slobodan. Preuzmi 'Nicolas Coolman'-ov ZHPDiag i sacuvaj instalaciju na Desktop; Privremeno deaktiviraj AntiVirus program, u većini slučajeva preko desnog klika na ikonu programa u system tray. Oni mogu ometati alat tokom rada. Ukoliko nisi siguran kako to da uradiš, isprati ovo uputstvo. 1. Instalacija ZHPDiag alata - dvoklikom pokreni zhpdiag.exe da bi zapoceo instalaciju; - klikni vise puta na dugme Suivant u toku instalacionog procesa; - klik Installer kada to bude pitao i Terminer kada se instalacioni proces zavrsi' 2. Dijagnostika ZHPDiag alatom - dvoklik na precicu (ikonicu) programa ZHP Diag na Desktopu; - GUI (korisnicki interface alata) ce se otvoriti, klikni na Configureren - ako defaultni jezik alata nije Engleski, klik na donji desni cosak programa na Sélectionner une langue a potom Anglais - sledece, klik na [img:ba4a051975]https://www.mycity.rs/must-login.png ikonicu da donjem levo uglu i izaberi Diagnostic Options Sada bi alat trebalo da skenira racunar. Sacekaj dok se dijagnostika ne zavrsi. + Klikni za sliku 3. ZHPDiag.txt logfile Kada alat zavrsi rad, log pod nazivom ZHPDiag.txt ce biti formiran na desktopu. Prikaci sadrzaj tog loga u poruku

Profil

Danka Borojevic Poslao: 18 Jul 2015 18:10 Idi na vrh
offline Danka Borojevic Građanin Pridružio: 02 Avg 2012 Poruke: 31	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png Ej voljela bi da zavrsimo to veceras, ali ja radim, tacnije idem na posao za nekih 35 minuta. Sta uspijemo do tad, odlicno. Nema veze ako ovo predje na pocedeljak. Hvala ti.

Profil

magna86 Poslao: 18 Jul 2015 18:16 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl:

Profil

Danka Borojevic Poslao: 18 Jul 2015 18:31 Idi na vrh
offline Danka Borojevic Građanin Pridružio: 02 Avg 2012 Poruke: 31	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png

Profil

magna86 Poslao: 18 Jul 2015 18:35 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odlicno, idi sada sa mirom, a odradi ovu ARK (AntiRootKit) proveru kada stignes, nije vise hitno ali je obavezna. Napisi i kakvo je sada stanje posle svih ovih popravki. Neko od kolega ce pregledati MBAR izvestaje i ako je sve u redu, proslediti ti finalne instrukcije kako da uklonis ove koriscene alate jer ja necu moci ni u Ponedeljak a nema jos mnogo posla. Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Plavi ekran

Ko je trenutno na forumu

Ukupno su 752 korisnika na forumu :: 25 registrovanih, 3 sakrivenih i 724 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., antonije64, cuculo, draganca, helen1, Herman Terrance Aubrey, janbo, krkalon, Kubovac, laki_bb, Mi lao shu, MiroslavD, Mlav, naki011, panzerwaffe, Pohovani_00, rodoljub, S2M, Srki94, Srle993, stegonosa, vathra, vladetije, vlajkox, |_MeD_|

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by