Problem sa virusom

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 16 Maj 2014 23:51

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

I evo dok sam kacio ove Gmer fajlove, opet mi je prijavilo da je avast posla u chest 4 ta virusa.

Dopuna: 16 Maj 2014 23:54

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Huh,

idemo onda ovako.




Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

procces;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadržaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Jovan on Sat 05/17/2014 at 0:13:06.87.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jovan\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

5/17/2014 12:13:57 AM Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-05-16 11:49:06 9D7D29B362EA272DDF748D2CF3E9AEBF 221 ----a-w- C:\Windows\wininit.ini
2014-04-30 09:01:43 8B88EBBB05A0E56B7DCC708498C02B3E 2616320 ----a-w- C:\Windows\explorer.exe
2014-04-28 16:30:25 163A95975E1D8819E653AA3E961371CA 51200 ----a-w- C:\Windows\twain_32.dll
2014-04-28 16:30:21 DBD14D0DB0382DFE96D7B5007DDD5ABE 65024 ----a-w- C:\Windows\bfsvc.exe
2014-04-22 18:59:30 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\ativpsrm.bin
2014-04-22 10:29:13 0B5A0005C0BDF4A05174576AF80DEA04 43152 ----a-w- C:\Windows\avastSS.scr
====== C:\Users\Jovan\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2014-05-15 13:47:53 FB23C632BE3EECB4E1F59857EFAB857B 606208 ----a-w- C:\Windows\System32\HexUniRTFBox.ocx
2014-05-15 13:47:53 F8D176DB5B14AED7C9B25E0640226BD1 258352 ----a-w- C:\Windows\System32\unicows.dll
2014-05-15 13:47:53 F04ADF34F2D3C589D2E5635C68FA8B3D 454656 ----a-w- C:\Windows\System32\PaintX.dll
2014-05-15 13:47:53 EB5F811C1F78005B3C147599A0CCCF51 608448 ----a-w- C:\Windows\System32\comctl32.ocx
2014-05-15 13:47:53 D329085A88A9019ED5700C0F04B3176E 137000 ----a-w- C:\Windows\System32\msmapi32.ocx
2014-05-15 13:47:53 92B712DF390367BFA4252A48D9D71D51 118784 ----a-w- C:\Windows\System32\MSSTDFMT.DLL
2014-05-15 13:47:53 59609ED124D91AFE76B131615DFCB326 2029056 ----a-w- C:\Windows\System32\PDFDocScout.DLL
2014-05-15 13:47:53 1AA06C81A0621E277E755B965B5E4B5F 372736 ----a-w- C:\Windows\System32\ijl15.dll
2014-05-15 01:00:52 FBCF3F01177953EBF1E735643621CCF5 69632 ----a-w- C:\Windows\System32\mshtmled.dll
2014-05-15 01:00:49 EB5347F6149D3FF25F4D609A21A3BD67 17382912 ----a-w- C:\Windows\System32\mshtml.dll
2014-05-15 01:00:48 10D531ADC7B8FB36C7361D44AF6E8AB6 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-14 09:29:33 1DA49BFA5B76D128851C9474C1A69B21 369664 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-14 09:29:32 94CDF4D11590ABC56BD6EAD81A1017E9 302592 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-14 09:29:29 ED195AC76E10F17F6DD60C49666F2A83 259584 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-14 09:29:29 9DE19EA21DF99AF15BA5A947E5317F9E 550912 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-14 09:29:29 4D59F470985D08139E42D15842816C47 3969984 ----a-w- C:\Windows\System32\ntkrnlpa.exe
2014-05-14 09:29:29 4D50D7654EB38B8385FA9EF3DA14D4BE 1059840 ----a-w- C:\Windows\System32\lsasrv.dll
2014-05-14 09:29:29 31FA2485DFC773F1E718A4D19F443FA9 3914176 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-05-14 09:29:28 FD25B74DC1A18C56BF1A879BF086555A 293376 ----a-w- C:\Windows\System32\KernelBase.dll
2014-05-14 09:29:28 FBC78B5D12A4F5A62D9C91E0E0E46D46 49664 ----a-w- C:\Windows\System32\adprovider.dll
2014-05-14 09:29:28 995B39A08421C7725D1DF8DACEBBFC89 538112 ----a-w- C:\Windows\System32\objsel.dll
2014-05-14 09:29:28 834A859BB331B0B2CCAE25BB1986F80D 47616 ----a-w- C:\Windows\System32\dpapiprovider.dll
2014-05-14 09:29:28 828185688FDAAE6C7959B884ABED1766 247808 ----a-w- C:\Windows\System32\schannel.dll
2014-05-14 09:29:28 62C0798CC68EBF42F29C92E6CD6DC3D6 36864 ----a-w- C:\Windows\System32\dimsroam.dll
2014-05-14 09:29:28 541BB9B4C899ADCC5D3DB89208C1F409 65536 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-14 09:29:28 3A1ABE045A3E30799576E83A2D012B43 172032 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-14 09:29:28 38A30B8E4216BE24D30F766EF3BAC2C7 48128 ----a-w- C:\Windows\System32\capiprovider.dll
2014-05-14 09:29:28 335FA669FC952BC4888CEDBDB42607E2 51200 ----a-w- C:\Windows\System32\cngprovider.dll
2014-05-14 09:29:27 DD17E1573651293D4ED31053795B3471 22528 ----a-w- C:\Windows\System32\lsass.exe
2014-05-14 09:29:27 CAA3039FFA0CDF8C2A9845C1609CDE00 100352 ----a-w- C:\Windows\System32\sspicli.dll
2014-05-14 09:29:27 C94CE65AE7701E9FDBA889045543E27C 22016 ----a-w- C:\Windows\System32\secur32.dll
2014-05-14 09:29:27 61BC8ACDEC57469B22EC519B22FB3642 15872 ----a-w- C:\Windows\System32\sspisrv.dll
2014-05-14 09:29:27 5E11C55CC4D9330E55CCB22B1F20BB33 35328 ----a-w- C:\Windows\System32\wincredprovider.dll
2014-05-14 09:29:27 2A86C18CE6869C77FCEB62F3B47D4D5B 17408 ----a-w- C:\Windows\System32\credssp.dll
2014-05-14 09:29:10 E9D88493FBDB36D4B65C6F2F7F122C95 12874240 ----a-w- C:\Windows\System32\shell32.dll
2014-05-04 18:35:28 8CB1FFA6D44C6620E78A258D078230D9 622592 ----a-w- C:\Windows\System32\hpxp3800.dll
2014-05-04 18:35:27 34A1BADE4BF2B3B320A69C2C5AB6304F 438272 ----a-w- C:\Windows\System32\hp3800co.dll
2014-05-04 18:35:27 1E04C8060C17C60E1AB693BAE0E85F4D 888832 ----a-w- C:\Windows\System32\hpgt3800.dll
====== C:\Windows\system32\drivers =====
2014-05-16 13:28:43 18898A87CBA96DEA2074C19E140938A8 51416 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-16 13:28:43 0C6EA0109CFEDF441F06D031E9A8D1A9 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-16 13:12:15 661B911FA04E73FB073FF9B1C9BD2E05 107736 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-16 13:10:55 2BB23932978D623D3D395AEAB1825BF1 73432 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-16 11:45:38 00C161B3D20AE0F9C7C3C0EB53AB7155 243128 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2014-05-14 09:29:28 D3964885F0A11ACF51DA3AAA776973B2 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-05-14 09:29:27 4120DA10AA42A9996F4575DB9E3E6E6E 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-05-02 15:23:19 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-04-30 01:22:00 65375DF758CA1872AB7EBBBA457FD5E6 14848 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2014-04-30 01:19:59 C6A5FBD4977305E1FA23E02C042DB463 49152 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2014-04-29 11:43:57 FC6B21DB4B5B398AB93DBE59CBF11036 36352 ----a-w- C:\Windows\System32\drivers\usbscan.sys
2014-04-29 11:43:57 50ABE682EBE752EAF62B18790D6D491C 55808 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2014-04-29 11:43:56 F1B27299F547D452EDAEF01FC187CB91 25728 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2014-04-29 11:43:53 F81BB7E487EDCEAB630A7EE66CF23913 338944 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-04-29 11:43:48 ED80D303102A746D30C1684B387BCBF1 33280 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2014-04-29 11:43:48 8C9C922D71F1CD4DEF73F186416B7896 712048 ----a-w- C:\Windows\System32\drivers\ndis.sys
2014-04-29 11:41:55 85449EEBE8F8EBD6481EFBF0F352B4EB 369848 ----a-w- C:\Windows\System32\drivers\cng.sys
2014-04-29 11:41:23 E405328A0E38BF823E2361C413283F6D 218984 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2014-04-29 11:41:23 71BC35067CABC02C9453AEAA42B2E43E 729024 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-04-29 11:40:55 F1A449D762657230629D8BFC107ABC14 149440 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-04-29 11:40:55 EB34CE31FABD4DC4343FD2AD16D2CAF9 234432 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-04-29 11:40:55 5FB4F271032B6435F3B2252F577A4815 27072 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-04-29 11:40:50 3EEBD3BD93DA46A26E89893C7AB2FF3B 35328 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2014-04-29 11:40:30 C8DFF8D07755A66C7A4A738930F0FEAC 1212352 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-04-29 11:40:23 EB6137D696A9B4E9718AC6F8641CB4C9 177152 ----a-w- C:\Windows\System32\drivers\portcls.sys
2014-04-29 11:40:23 9842041E2F5ACE1E2F5FB4EF02053DC8 81408 ----a-w- C:\Windows\System32\drivers\drmk.sys
2014-04-29 11:39:58 21F4B24ACFC79A483515BD986DD9043F 115712 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2014-04-29 11:39:56 CA59F7C570AF70BC174F477CFE2D9EE3 1294272 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-04-29 11:39:56 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-04-29 11:39:55 DDCE686D76C2B4DB435A3AF5BD0E691D 133056 ----a-w- C:\Windows\System32\drivers\ataport.sys
2014-04-29 11:39:42 A1977C315BF5691DA99235AA4A6907AF 80896 ----a-w- C:\Windows\System32\drivers\USBAUDIO.sys
2014-04-29 11:39:42 2352AB5F9F8F097BF9D41D5A4718A041 86016 ----a-w- C:\Windows\System32\drivers\usbcir.sys
2014-04-29 11:39:02 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2014-04-29 11:39:00 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-04-29 11:39:00 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-04-29 11:38:59 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-04-29 11:38:59 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-04-29 11:38:59 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-04-29 11:38:59 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-04-29 11:38:59 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-04-29 11:38:47 B37B08F2E5EEB1A37E448E09BACE1101 31232 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2014-04-28 18:01:27 E36BD2E405B82C8CCD1CA7E857154A04 11164 ----a-w- C:\Windows\System32\drivers\nvphy.bin
2014-04-28 16:31:23 0C4E035C7F105F1299258C90886C64C5 14208 ----a-w- C:\Windows\System32\drivers\hwpolicy.sys
2014-04-28 16:31:04 F497F67932C6FA693D7DE2780631CFE7 245632 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2014-04-28 16:31:01 871917B07A141BFF43D76D8844D48106 513536 ----a-w- C:\Windows\System32\drivers\http.sys
2014-04-28 16:30:59 1B133875B8AA8AC48969BD3458AFE9F5 164864 ----a-w- C:\Windows\System32\drivers\1394ohci.sys
2014-04-28 16:30:57 D528BC58A489409BA40334EBF96A311B 242688 ----a-w- C:\Windows\System32\drivers\rdbss.sys
2014-04-28 16:30:57 55055F8AD8BE27A64C831322A780A228 116096 ----a-w- C:\Windows\System32\drivers\msdsm.sys
2014-04-28 16:30:55 673E55C3498EB970088E812EA820AA8F 153984 ----a-w- C:\Windows\System32\drivers\pci.sys
2014-04-28 16:30:53 04DBF4B01EA4BF25A9A3E84AFFAC9B20 53120 ----a-w- C:\Windows\System32\drivers\termdd.sys
2014-04-28 16:30:52 05D860DA1040F111503AC416CCEF2BCA 85376 ----a-w- C:\Windows\System32\drivers\sbp2port.sys
2014-04-28 16:30:50 5461686CCA2FDA57B024547733AB42E3 160128 ----a-w- C:\Windows\System32\drivers\vhdmp.sys
2014-04-28 16:30:50 012C5F4E9349E711E11E0F19A8589F0A 28032 ----a-w- C:\Windows\System32\drivers\msahci.sys
2014-04-28 16:30:48 CEA80C80BED809AA0DA6FEBC04733349 274304 ----a-w- C:\Windows\System32\drivers\acpi.sys
2014-04-28 16:30:47 EE43346C7E4B5E63E54F927BABBB32FF 246784 ----a-w- C:\Windows\System32\drivers\udfs.sys
2014-04-28 16:30:45 A67E5F9A400F3BD1BE3D80613B45F708 35968 ----a-w- C:\Windows\System32\drivers\winusb.sys
2014-04-28 16:30:45 4C63E00F2F4B5F86AB48A58CD990F212 53120 ----a-w- C:\Windows\System32\drivers\volmgr.sys
2014-04-28 16:30:45 280122DDCF04B378EDD1AD54D71C1E54 187904 ----a-w- C:\Windows\System32\drivers\netbt.sys
2014-04-28 16:30:41 FC8771F45ECCCFD89684E38842539B9B 78208 ----a-w- C:\Windows\System32\drivers\mountmgr.sys
2014-04-28 16:30:41 2D699FB6E89CE0D8DA14ECC03B3EDFE0 130432 ----a-w- C:\Windows\System32\drivers\mpio.sys
2014-04-28 16:30:40 099972E1FAF4950D3994FBAB9DD21253 140160 ----a-w- C:\Windows\System32\drivers\scsiport.sys
2014-04-28 16:30:38 518395321DC96FE2C9F0E96AC743B656 173440 ----a-w- C:\Windows\System32\drivers\rdyboost.sys
2014-04-28 16:30:35 5DCEF0C32BE0F33277326586FA503689 190976 ----a-w- C:\Windows\System32\drivers\ks.sys
2014-04-28 16:30:29 B459575348C20E8121D6039DA063C704 74752 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-04-28 16:30:26 A4BDC541E69674FBFF1A8FF00BE913F2 48640 ----a-w- C:\Windows\System32\drivers\ndproxy.sys
2014-04-28 16:30:19 906DCFC5EBF4EC0433F8D4FFFB0BA334 117760 ----a-w- C:\Windows\System32\drivers\rmcast.sys
2014-04-28 16:30:13 D8A65DAFB3EB41CBB622745676FCD072 46080 ----a-w- C:\Windows\System32\drivers\ndisuio.sys
2014-04-28 16:30:10 2F885864D5BC8A16C86BEE595969A48A 21504 ----a-w- C:\Windows\System32\drivers\tdi.sys
2014-04-28 16:30:09 CBE8C58A8579CFE5FCCF809E6F114E89 31232 ----a-w- C:\Windows\System32\drivers\CompositeBus.sys
2014-04-28 16:30:09 1A078C3FE1C1F9C8561CD600C69AD300 26112 ----a-w- C:\Windows\System32\drivers\usbrpm.sys
2014-04-28 16:30:08 BE167ED0FDB9C1FA1133953C18D5A6C9 108544 ----a-w- C:\Windows\System32\drivers\cdrom.sys
2014-04-28 16:30:07 F024449C97EC1E464AAFFDA18593DB88 78336 ----a-w- C:\Windows\System32\drivers\dfsc.sys
2014-04-28 16:30:07 B2FA25D9B17A68BB93D58B0556E8C90D 108544 ----a-w- C:\Windows\System32\drivers\tunnel.sys
2014-04-28 16:30:05 1EFBC664ABFF416D1D07DB115DCB264F 10240 ----a-w- C:\Windows\System32\drivers\acpipmi.sys
2014-04-28 16:30:04 38FBE267E7E6983311179230FACB1017 118784 ----a-w- C:\Windows\System32\drivers\ndiswan.sys
2014-04-28 16:30:03 AEA177F783E20150ACE5383EE368DA19 50176 ----a-w- C:\Windows\System32\drivers\appid.sys
2014-04-28 16:30:03 10C19F8290891AF023EAEC0832E1EB4D 24064 ----a-w- C:\Windows\System32\drivers\hidusb.sys
2014-04-28 16:30:02 FD82D2B38C465A55C527E339BA1201B1 25856 ----a-w- C:\Windows\System32\drivers\USBCAMD.sys
2014-04-28 16:30:02 4BD7134618C1D2A27466A099062547BF 65536 ----a-w- C:\Windows\System32\drivers\IPMIDrv.sys
2014-04-28 16:30:01 E071E5BE621FEC4590117C488A78AE32 25856 ----a-w- C:\Windows\System32\drivers\USBCAMD2.sys
2014-04-28 16:30:01 D295BED4B898F0FD999FCFA9B32B071B 39936 ----a-w- C:\Windows\System32\drivers\umbus.sys
2014-04-28 16:30:01 A5EF29D5315111C80A5C1ABAD14C8972 304128 ----a-w- C:\Windows\System32\drivers\HdAudio.sys
2014-04-28 16:30:01 9E3CED91863E6EE98C24794D05E27A71 28160 ----a-w- C:\Windows\System32\drivers\kbdhid.sys
2014-04-28 16:30:01 3C3C78515F5AB448B022BDF5B8FFDD2E 63488 ----a-w- C:\Windows\System32\drivers\wanarp.sys
2014-04-28 16:30:00 9036377B8A6C15DC2EEC53E489D159B5 108544 ----a-w- C:\Windows\System32\drivers\hdaudbus.sys
2014-04-28 16:30:00 6D4CCAEDC018F1CF52866BBBAA235982 12800 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys
2014-04-28 16:30:00 23DAE03F29D253AE74C44F99E515F9A1 6656 ----a-w- C:\Windows\System32\drivers\RDPCDD.sys
2014-04-28 16:30:00 0693B5EC673E34DC147E195779A4DCF6 26624 ----a-w- C:\Windows\System32\drivers\scfilter.sys
2014-04-24 10:06:05 B3E25EE28883877076E0E1FF877D02E0 117120 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2014-04-24 10:06:05 4380E59A170D88C4F1022EFF6719A8A4 143744 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2014-04-24 10:06:04 F991AB9CC6B908DB552166768176896A 76288 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS
2014-04-24 10:06:04 D320BF87125326F996D4904FE24300FC 80256 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2014-04-24 10:06:04 5CD5F9A5444E6CDCB0AC89BD62D8B76E 332160 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2014-04-24 10:06:04 46387FB17B086D16DEA267D5BE23A2F2 22400 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2014-04-23 13:27:51 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-04-23 13:27:48 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2014-04-23 13:26:39 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2014-04-23 13:26:39 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2014-04-23 13:26:36 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-04-23 13:24:57 7DAE5EBCC80E45D3253F4923DC424D05 19824 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2014-04-23 10:18:26 E4C2764065D66EA1D2D3EBC28FE99C46 311808 ----a-w- C:\Windows\System32\drivers\srv.sys
2014-04-23 10:18:26 BE6BD660CAA6F291AE06A718A4FA8ABC 114688 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2014-04-23 10:18:26 03F0545BD8D4C77FA0AE1CEEDFCC71AB 310272 ----a-w- C:\Windows\System32\drivers\srv2.sys
2014-04-23 10:18:07 FE8A57C8E04EDD3AA8ADD8F3C8F65297 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2014-04-23 10:17:13 E306A24D9694C724FA2491278BF50FDB 196328 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2014-04-23 10:16:00 F031683E6D1FEA157ABB2FF260B51E61 183808 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2014-04-23 10:14:43 B81F204D146000BE76651A50670A5E9E 96768 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2014-04-23 10:14:43 6D17A4791ACA19328C685D256349FEFC 223744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2014-04-23 10:14:43 5D16C921E3671636C0EBA3BBAAC5FD25 123904 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2014-04-23 10:10:53 AAB149EE616952BB84308C28E75ED20D 187752 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-04-23 10:08:04 3F34A1B4C5F6475F320C275E63AFCE9B 56176 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2014-04-23 10:07:32 8F2DA3028D5FCBD1A060A3DE64CD6506 69632 ----a-w- C:\Windows\System32\drivers\bowser.sys
2014-04-22 11:05:44 F8ADE2053957E8E5F2ED2A1203C79589 16064 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys
2014-04-22 10:50:09 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-04-22 10:29:18 B2D7EE52633CA8831DDAFCA81C2D46C3 180632 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-04-22 10:29:18 8B54399E3EC1150FA461837E60816812 68312 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-04-22 10:29:17 EBD3B15E2E01EE94BA5262FAFC691A8E 411552 ----a-w- C:\Windows\System32\drivers\aswsp.sys.1400151344788
2014-04-22 10:29:17 D1A68A33B082FA1C7087CE54A7923D90 411680 ----a-w- C:\Windows\System32\drivers\aswsp.sys
2014-04-22 10:29:17 D13182758BAC9B4996D592E7684C9267 777488 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-04-22 10:29:17 A148A36F871BFDBF80654D28D6B59FAE 776976 ----a-w- C:\Windows\System32\drivers\aswsnx.sys.1400151344788
2014-04-22 10:29:16 9A646294396BBCDF29CF1CB4B1B0D68B 81768 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-04-22 10:29:16 4D6C6E0505A8E5A0656DCB223497D37C 24184 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-04-22 10:29:16 24B3BDA01DB3A704E33A5266C7B52DAF 49944 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-04-22 10:29:16 1A2CC93BBD77C2D95A7567938D7D7239 67824 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-04-22 10:08:40 2C2C5AFE7EE4F620D69C23C0617651A8 24576 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2014-04-22 10:08:40 1CB91B2BD8F6DD367DFC2EF26FD751B2 18432 ----a-w- C:\Windows\System32\drivers\tdpipe.sys
====== C:\Windows\Tasks ======
2014-05-16 11:48:20 0276B6603502FECA66BC27EDCDF7505A 4048 ----a-w- C:\Windows\system32\Tasks\Installer_sense
2014-05-04 19:22:54 22FAC9CEE7D64D81B7EC64FA43B24FEC 3370 ----a-w- C:\Windows\system32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3589165167-3889465144-3675310142-1001
2014-05-04 17:38:46 E60D737DC1B15570418D2D16A45CD538 3350 ----a-w- C:\Windows\system32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3589165167-3889465144-3675310142-1001
2014-04-30 08:55:25 E2EA3B8C19E9AE11A4327B60B3141F04 3328 ----a-w- C:\Windows\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3589165167-3889465144-3675310142-1001
2014-04-22 11:08:31 B049407617D545F87370BF3FD49771A4 3250 ----a-w- C:\Windows\system32\Tasks\update-S-1-5-21-3589165167-3889465144-3675310142-1001
2014-04-22 11:08:31 4124401A756EE92A6F3991289381460E 376 ----a-w- C:\Windows\Tasks\update-sys.job
2014-04-22 11:08:31 37B35F067D18F5ED10E6B32DBC70ACC6 3272 ----a-w- C:\Windows\system32\Tasks\update-sys
2014-04-22 11:08:31 0254B262D465E960E98D1D386B87B558 376 ----a-w- C:\Windows\Tasks\update-S-1-5-21-3589165167-3889465144-3675310142-1001.job
2014-04-22 11:05:46 9256F16E2FF9E3799199940B420D7B9D 2960 ----a-w- C:\Windows\system32\Tasks\GU4SkipUAC
2014-04-22 11:05:45 B12D233D570F52788A8D38306834B328 2616 ----a-w- C:\Windows\system32\Tasks\GlaryInitialize 4
2014-04-22 11:05:45 70C7AD1D6B77A643825C589368C92A24 320 ----a-w- C:\Windows\Tasks\GlaryInitialize 4.job
2014-04-22 10:50:24 FACB53746C5615CFCD114EDA341F1024 830 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-22 10:50:24 277BA0FD3772D5F6EBC39539A63B71CB 3768 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player Updater
2014-04-22 10:29:26 DB6623CCE6188B9828D1C7C99C26BF57 4182 ----a-w- C:\Windows\system32\Tasks\avast! Emergency Update
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-05-16 11:45:32 -------- d-----w- C:\Program Files\DAEMON Tools Lite
2014-05-15 18:34:39 -------- d-----w- C:\Program Files\Browser Tab Search by Ask
2014-05-15 13:45:44 -------- d-----w- C:\Program Files\MyHeritage
2014-05-04 18:36:15 -------- d-----w- C:\Program Files\DIFX
2014-05-01 12:00:38 -------- d-----w- C:\Program Files\Common Files\Skype
2014-05-01 12:00:38 -------- d-----r- C:\Program Files\Skype
2014-04-30 01:40:13 -------- d-----w- C:\Program Files\RealNetworks
2014-04-30 01:39:40 -------- d-----w- C:\Program Files\Common Files\xing shared
2014-04-30 01:17:22 -------- d-----w- C:\Program Files\Microsoft.NET
2014-04-28 18:01:26 -------- d-----w- C:\Program Files\NVIDIA Corporation
2014-04-22 11:19:40 -------- d-----w- C:\Program Files\Opera
2014-04-22 11:16:09 -------- d-----w- C:\Program Files\Real
2014-04-22 11:12:14 -------- d-----w- C:\Program Files\Webteh
2014-04-22 11:08:30 -------- d-----w- C:\Program Files\Skillbrains
2014-04-22 11:08:09 -------- d-----w- C:\Program Files\Universal Extractor
2014-04-22 11:07:35 -------- d-----w- C:\Program Files\PhotoScape
2014-04-22 11:05:36 -------- d-----w- C:\Program Files\Glary Utilities 4
2014-04-22 10:55:52 -------- d-----w- C:\Program Files\Common Files\Adobe
2014-04-22 10:53:06 -------- d-----w- C:\Program Files\Adobe
2014-04-22 10:53:05 -------- d-----w- C:\Program Files\Common Files\Adobe AIR
2014-04-22 10:22:16 -------- d-----w- C:\Program Files\Mozilla Maintenance Service
======= C: =====
2014-04-22 19:56:59 BFA2B02950BEB5C794F4775DCA2B7D06 8192 --sha-r- C:\BOOTSECT.BAK
2014-04-22 19:56:58 259525CFB422E6AC8E87BC9777B1DF73 383786 --sha-r- C:\bootmgr
2014-04-22 10:15:15 95595B618CB644AA6E591490920C1FD3 429806 --sh--r- C:\WSUFD
====== C:\Users\Jovan\AppData\Roaming ======
2014-05-16 11:48:17 -------- d-----w- C:\Users\Jovan\AppData\Local\Installer
2014-05-16 11:45:35 -------- d-----w- C:\Users\Jovan\AppData\Roaming\DAEMON Tools Lite
2014-05-15 18:33:30 -------- d-----w- C:\Users\Jovan\AppData\Roaming\uTorrent
2014-05-15 13:48:52 -------- d-----w- C:\Users\Jovan\AppData\Roaming\MyHeritage
2014-05-15 13:47:57 -------- d-----w- C:\Users\Jovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2014-05-04 18:33:22 -------- d-----w- C:\Users\Jovan\AppData\Local\ElevatedDiagnostics
2014-05-01 12:00:55 -------- d-----w- C:\Users\Jovan\AppData\Local\Skype
2014-05-01 12:00:45 -------- d-----w- C:\Users\Jovan\AppData\Roaming\Skype
2014-04-30 01:40:50 -------- d-----w- C:\Users\Jovan\AppData\Roaming\RealNetworks
2014-04-28 16:04:18 -------- d-----w- C:\Users\Jovan\AppData\Roaming\PhotoScape
2014-04-26 14:01:19 -------- d-----w- C:\Users\Jovan\AppData\Roaming\Wargaming.net
2014-04-23 19:37:11 -------- d-----w- C:\Users\Jovan\AppData\Roaming\WinRAR
2014-04-23 10:16:07 -------- d-----w- C:\Users\Jovan\AppData\Locallow\Adobe
2014-04-22 12:50:44 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft
2014-04-22 11:19:44 -------- d-----w- C:\Users\Jovan\AppData\Roaming\Opera Software
2014-04-22 11:19:44 -------- d-----w- C:\Users\Jovan\AppData\Local\Opera Software
2014-04-22 11:15:28 -------- d-----w- C:\Users\Jovan\AppData\Roaming\Real
2014-04-22 11:13:34 -------- d-----w- C:\Users\Jovan\AppData\Roaming\rmi
2014-04-22 11:12:15 -------- d-----w- C:\Users\Jovan\AppData\Roaming\BSplayer Pro
2014-04-22 11:12:15 -------- d-----w- C:\Users\Jovan\AppData\Roaming\BSplayer
2014-04-22 11:08:31 6AD1B848F1E91D66D87B0C1C09DE41BD 441 ----a-w- C:\Users\Jovan\AppData\Local\UserProducts.xml
2014-04-22 11:08:28 -------- d-----w- C:\Users\Jovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-04-22 11:08:28 -------- d-----w- C:\Users\Jovan\AppData\Local\Skillbrains
2014-04-22 11:08:24 -------- d-----w- C:\Users\Jovan\AppData\Local\Programs
2014-04-22 11:05:45 -------- d-----w- C:\Users\Jovan\AppData\Roaming\GlarySoft
2014-04-22 11:05:44 -------- d-----w- C:\Users\Jovan\AppData\Roaming\DiskDefrag
2014-04-22 10:55:35 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft
2014-04-22 10:52:16 -------- d-----w- C:\Users\Jovan\AppData\Roaming\Adobe
2014-04-22 10:49:39 -------- d-----w- C:\Users\Jovan\AppData\Local\Adobe
2014-04-22 10:28:24 778304A75AD27DC45977765B65DBB82E 58016 ----a-w- C:\Users\Jovan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-22 10:19:17 -------- d-----w- C:\Users\Jovan\AppData\Roaming\Mozilla
2014-04-22 10:19:17 -------- d-----w- C:\Users\Jovan\AppData\Local\Mozilla
2014-04-22 10:08:14 -------- d-s---w- C:\Users\Jovan\AppData\Locallow\Microsoft
2014-04-22 10:07:07 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2014-04-22 10:05:20 -------- d-----r- C:\Users\Jovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-22 10:05:20 -------- d-----r- C:\Users\Jovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-22 10:05:04 -------- d-----w- C:\Users\Jovan\AppData\Roaming\Identities
2014-04-22 10:04:56 -------- d-----w- C:\Users\Jovan\AppData\Local\VirtualStore
2014-04-22 10:04:55 -------- d-s---w- C:\Users\Jovan\AppData\Roaming\Microsoft
2014-04-22 10:04:55 -------- d-----w- C:\Users\Jovan\AppData\Roaming\Media Center Programs
2014-04-22 10:04:55 -------- d-----w- C:\Users\Jovan\AppData\Local\Temp
2014-04-22 10:04:55 -------- d-----w- C:\Users\Jovan\AppData\Local\Microsoft
2014-04-22 10:04:55 -------- d-----r- C:\Users\Jovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-22 10:04:55 -------- d-----r- C:\Users\Jovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-22 10:04:32 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
====== C:\Users\Jovan ======
2014-05-16 20:58:11 9A8336796A7C71E9F33DE848B8320ED3 380416 ----a-w- C:\Users\Jovan\Desktop\8t6kf9qv.exe
2014-05-16 20:12:17 788FCDDD88240A85039F7F561093B118 448512 ----a-w- C:\Users\Jovan\Desktop\TFC.exe
2014-05-16 19:19:06 9C038759E5993C0B3BFD8F2192C12747 1325827 ----a-w- C:\Users\Jovan\Desktop\AdwCleaner.exe
2014-05-16 17:54:39 7A37458541AEE4F97E1CFFE77842876C 1056768 ----a-w- C:\Users\Jovan\Desktop\FRST.exe
2014-05-16 11:48:23 -------- d---a-w- C:\ProgramData\TEMP
2014-05-16 11:46:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-05-16 11:45:11 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2014-05-15 13:48:52 -------- d-----w- C:\ProgramData\MyHeritage
2014-05-02 19:30:01 -------- d-----r- C:\Windows\system32\config\systemprofile\Searches
2014-05-01 12:00:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-01 12:00:34 -------- d-----w- C:\ProgramData\Skype
2014-04-30 01:40:13 -------- d-----w- C:\ProgramData\RealNetworks
2014-04-25 19:09:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2014-04-25 16:24:47 -------- d-----w- C:\ProgramData\GlarySoft
2014-04-25 16:23:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-04-22 11:16:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-04-22 11:16:10 -------- d-----w- C:\ProgramData\Real
2014-04-22 11:13:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2014-04-22 11:08:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Extractor
2014-04-22 11:07:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2014-04-22 11:05:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4
2014-04-22 10:53:09 -------- d-----w- C:\ProgramData\Adobe
2014-04-22 10:29:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-22 10:19:08 -------- d-----w- C:\ProgramData\Mozilla
2014-04-22 10:05:20 -------- d-----r- C:\Users\Jovan\Searches
2014-04-22 10:05:03 -------- d-----r- C:\Users\Jovan\Contacts
2014-04-22 10:04:55 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Jovan\ntuser.ini
2014-04-22 10:04:55 -------- d--h--w- C:\Users\Jovan\AppData
2014-04-22 10:04:55 -------- d-----r- C:\Users\Jovan\Videos
2014-04-22 10:04:55 -------- d-----r- C:\Users\Jovan\Saved Games
2014-04-22 10:04:55 -------- d-----r- C:\Users\Jovan\Pictures
2014-04-22 10:04:55 -------- d-----r- C:\Users\Jovan\Music
2014-04-22 10:04:55 -------- d-----r- C:\Users\Jovan\Links
2014-04-22 10:04:55 -------- d-----r- C:\Users\Jovan\Favorites
2014-04-22 10:04:55 -------- d-----r- C:\Users\Jovan\Downloads
2014-04-22 10:04:55 -------- d-----r- C:\Users\Jovan\Documents
2014-04-22 10:04:55 -------- d-----r- C:\Users\Jovan\Desktop

====== C: exe-files ==
2014-05-16 20:58:11 9A8336796A7C71E9F33DE848B8320ED3 380416 ----a-w- C:\Users\Jovan\Desktop\8t6kf9qv.exe
2014-05-16 20:12:17 788FCDDD88240A85039F7F561093B118 448512 ----a-w- C:\Users\Jovan\Desktop\TFC.exe
2014-05-16 19:19:06 9C038759E5993C0B3BFD8F2192C12747 1325827 ----a-w- C:\Users\Jovan\Desktop\AdwCleaner.exe
2014-05-16 17:54:39 7A37458541AEE4F97E1CFFE77842876C 1056768 ----a-w- C:\Users\Jovan\Desktop\FRST.exe
2014-05-16 11:56:22 2C2CA612A5EFEEA16B095053962A4EE3 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3589165167-3889465144-3675310142-1001\$I9KKURG.exe
2014-05-16 11:48:17 D6DF4A5F97C990240AD33C2ED67C99C3 961424 ----a-w- C:\Users\Jovan\AppData\Local\Installer\Install_23821\ytaib.exe
2014-05-15 18:34:52 6F33F93D6624A35078BC0E11E0C4ED92 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3589165167-3889465144-3675310142-1001\$IO0SYP1.exe
2014-05-15 18:34:41 F9B579C16C0DDCA7E575179C8DB7464C 3544072 ----a-w- C:\Program Files\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe
2014-05-15 18:34:41 21D95F48F34324EB0B815FE70BA9CA44 3582472 ----a-w- C:\Program Files\Browser Tab Search by Ask\SafetyNut\safetynut.exe
2014-05-15 18:34:40 CCB72FBB7EDCF03DD4FE87BE22112655 1168904 ----a-w- C:\Program Files\Browser Tab Search by Ask\SafetyNut\Internet Explorer Settings.exe
2014-05-15 18:34:02 B9E960E7BB60DD5918202785275FECA1 1272400 ----a-w- C:\Users\Jovan\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
2014-05-15 18:33:56 B9E960E7BB60DD5918202785275FECA1 1272400 ----a-w- C:\Users\Jovan\AppData\Roaming\uTorrent\uTorrent.exe
2014-05-15 14:56:41 6FE62048573BD7EE2C649008CE3AFD15 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3589165167-3889465144-3675310142-1001\$I3IS9UJ.exe
2014-05-15 13:50:45 C149DD780BB8366B2D1F7120FE289C87 110592 ----a-w- C:\Users\Jovan\AppData\Roaming\MyHeritage\Bin\Convert\gbtest.exe
2014-05-15 13:50:45 51A16B76C74EAAC460A5FCB6CB19B3C6 47120 ----a-w- C:\Users\Jovan\AppData\Roaming\MyHeritage\Bin\Convert\depcheck.exe
2014-05-15 13:50:44 D3ADCCC4D35365FD877412DE960A3457 113696 ----a-w- C:\Users\Jovan\AppData\Roaming\MyHeritage\Bin\Convert\Convertor.exe
2014-05-15 13:50:44 8DC40AD6E3154EF028E86161D29EA3A9 58896 ----a-w- C:\Users\Jovan\AppData\Roaming\MyHeritage\Bin\Detect\Detect.exe
2014-05-15 13:50:44 6502AA437EE5AE206E23E9DD23AD9761 113696 ----a-w- C:\Users\Jovan\AppData\Roaming\MyHeritage\Bin\Convert\ConvertorFDB.exe
2014-05-15 13:47:53 FA2C0F549EA9898421D421110DCFCDB9 714526 ----a-w- C:\Program Files\MyHeritage\Bin\TCGR\unins000.exe
2014-05-14 09:29:33 53FF04461F9362482E0874EC80B8E357 135584 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe
2014-05-14 09:29:29 4D59F470985D08139E42D15842816C47 3969984 ----a-w- C:\Windows\System32\ntkrnlpa.exe
2014-05-14 09:29:29 31FA2485DFC773F1E718A4D19F443FA9 3914176 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-05-14 09:29:27 DD17E1573651293D4ED31053795B3471 22528 ----a-w- C:\Windows\System32\lsass.exe
=== C: other files ==
2014-05-16 13:28:43 18898A87CBA96DEA2074C19E140938A8 51416 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-16 13:28:43 0C6EA0109CFEDF441F06D031E9A8D1A9 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-16 13:12:15 661B911FA04E73FB073FF9B1C9BD2E05 107736 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-16 13:10:55 2BB23932978D623D3D395AEAB1825BF1 73432 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-16 11:45:38 00C161B3D20AE0F9C7C3C0EB53AB7155 243128 ----a-w- C:\Windows\System32\DriverStore\FileRepository\dtsoftbus01.inf_x86_neutral_63a6513bfa2da825\dtsoftbus01.sys
2014-05-16 11:45:38 00C161B3D20AE0F9C7C3C0EB53AB7155 243128 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2014-05-16 11:45:38 00C161B3D20AE0F9C7C3C0EB53AB7155 243128 ----a-w- C:\Program Files\DAEMON Tools Lite\dtsoftbus01.sys
2014-05-15 16:08:10 784F60AB1BC3C52F26AC144E77C6A082 14153 ----a-w- C:\Users\Jovan\Documents\MyHeritage\jl\Backup\jl - 2014-05-15 18-08-10.zip
2014-05-15 15:59:24 A70B73344CAB34DD97CCEEF420C64F52 13339 ----a-w- C:\Users\Jovan\Documents\MyHeritage\jl\Backup\jl - 2014-05-15 17-59-24.zip
2014-05-15 15:52:40 DD4D5C879858CCA1A63613A4B500255B 12382 ----a-w- C:\Users\Jovan\Documents\MyHeritage\jl\Backup\jl - 2014-05-15 17-52-40.zip
2014-05-15 15:45:13 863FF581315DE5C1619C28F52149EC70 10571 ----a-w- C:\Users\Jovan\Documents\MyHeritage\jl\Backup\jl - 2014-05-15 17-45-13.zip
2014-05-15 15:35:13 1065EC3A39ECBD2A026839D232AAA1BB 9223 ----a-w- C:\Users\Jovan\Documents\MyHeritage\jl\Backup\jl - 2014-05-15 17-35-13.zip
2014-05-15 14:59:15 EF1C4CDA5FC9E02ADC04D9A055588ED6 9124 ----a-w- C:\Users\Jovan\Documents\MyHeritage\jl\Backup\jl - 2014-05-15 16-59-15.zip
2014-05-15 14:53:58 BEBCFC1D75720348402834DF15BA544A 3067 ----a-w- C:\Users\Jovan\Documents\MyHeritage\Tisma Stojan\Backup\Tisma Stojan - 2014-05-15 16-53-58.zip
2014-05-15 14:27:21 2DEE66D18E0FE4BCF938CF239ECD89D8 3064 ----a-w- C:\Users\Jovan\Documents\MyHeritage\Tisma Stojan\Backup\Tisma Stojan - 2014-05-15 16-27-21.zip
2014-05-15 14:27:19 3799CD316DCC1E89BC87C8049DA884AC 937 ----a-w- C:\Users\Jovan\Documents\MyHeritage\Tisma Stojan\Backup\Tisma Stojan - 2014-05-15 16-27-19.zip
2014-05-15 13:49:02 48EE1D8E3F92CEC3612E4689C62CD512 49487609 ----a-w- C:\Users\Jovan\AppData\Roaming\MyHeritage\Temp\family_tree_builder_7137_aux.zip
2014-05-14 09:29:28 D3964885F0A11ACF51DA3AAA776973B2 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-05-14 09:29:27 4120DA10AA42A9996F4575DB9E3E6E6E 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3589165167-3889465144-3675310142-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"LightShot"="C:\Users\Jovan\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe -osboot"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightShot"="C:\Users\Jovan\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [05/13/2014 09:37 PM]
C:\Windows\tasks\GlaryInitialize 4.job --a------ C:\Program Files\Glary Utilities 4\Initialize.exe [04/14/2014 10:01 AM]
C:\Windows\tasks\update-S-1-5-21-3589165167-3889465144-3675310142-1001.job --a------ [Undetermined Task]
C:\Windows\tasks\update-sys.job --a------ C:\Program Files\Skillbrains\Updater\Updater.exe [03/25/2014 02:28 PM]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\GlaryInitialize 4" [C:\Program Files\Glary Utilities 4\Initialize.exe]
"C:\Windows\system32\tasks\GU4SkipUAC" [C:\Program Files\Glary Utilities 4\Integrator.exe]
"C:\Windows\system32\tasks\Installer_sense" [C:\Users\Jovan\AppData\Local\Installer\Install_23821\ytaib.exe]
"C:\Windows\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3589165167-3889465144-3675310142-1001" [C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe]
"C:\Windows\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3589165167-3889465144-3675310142-1001" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3589165167-3889465144-3675310142-1001" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3589165167-3889465144-3675310142-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3589165167-3889465144-3675310142-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\update-S-1-5-21-3589165167-3889465144-3675310142-1001" [C:\Program Files\Skillbrains\Updater\Updater.exe]
"C:\Windows\system32\tasks\update-sys" [C:\Program Files\Skillbrains\Updater\Updater.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [04/30/2014 03:40 AM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Jovan\AppData\Roaming\Mozilla\Firefox\Profiles\a9h1bye5.default
- RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
- Lightshot - %ProfilePath%\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Jovan\AppData\Roaming\Mozilla\Firefox\Profiles\a9h1bye5.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
568364197F5B3AF0365E5A43E4F073C7 - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
5D5276CD22625471E50CE683B1020E0F - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin
D07B1DECF0C8470931BE8DB5BCB4A58C - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealPlayer Video Downloader for PepperFlash (32-bit)
C7FBA5EF6BA0E7A4A07C67D6D2148743 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealPlayer Video Downloader (32-bit)
52B1D4487618728103E0C9FE24E35D68 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealPlayer Video Downloader for HTML5 (32-bit)


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[04/06/2014 11:04 PM]

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Sat 05/17/2014 at 0:16:33.01 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

C:\Program Files\Browser Tab Search by Ask;fs
C:\Users\Jovan\AppData\Local\Installer\Install_23821;fs
C:\Program Files\Browser Tab Search by Ask;fs
C:\Windows\tasks\update-S-1-5-21-3589165167-3889465144-3675310142-1001.job;f
C:\Windows\system32\tasks\Installer_sense;f
emptyalltemp;
emptyclsid;
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadržaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Jovan on Sat 05/17/2014 at 0:39:40.54.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jovan\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-16-221633.log 41944 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\Browser Tab Search by Ask deleted
C:\Users\Jovan\AppData\Local\Installer\Install_23821 deleted
C:\PROGRA~2\Malwarebytes' Anti-Malware (portable) deleted
C:\Windows\wininit.ini deleted
C:\Users\Jovan\AppData\Roaming\Mozilla\Firefox\Profiles\a9h1bye5.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} deleted
"C:\Windows\tasks\update-S-1-5-21-3589165167-3889465144-3675310142-1001.job" deleted
"C:\Windows\system32\tasks\Installer_sense" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [04/30/2014 03:40 AM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Jovan\AppData\Roaming\Mozilla\Firefox\Profiles\a9h1bye5.default
- RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Jovan\AppData\Roaming\Mozilla\Firefox\Profiles\a9h1bye5.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
568364197F5B3AF0365E5A43E4F073C7 - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
5D5276CD22625471E50CE683B1020E0F - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin
D07B1DECF0C8470931BE8DB5BCB4A58C - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealPlayer Video Downloader for PepperFlash (32-bit)
C7FBA5EF6BA0E7A4A07C67D6D2148743 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealPlayer Video Downloader (32-bit)
52B1D4487618728103E0C9FE24E35D68 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealPlayer Video Downloader for HTML5 (32-bit)


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[04/06/2014 11:04 PM]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 deleted successfully

==== Empty IE Cache ======================

C:\Users\Jovan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Jovan\AppData\Local\Mozilla\Firefox\Profiles\a9h1bye5.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=60 folders=37 18159952 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jovan\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Jovan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on Sat 05/17/2014 at 0:49:50.03 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da li Avast još detektuje i briše fajlove?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Trenutno ne prijavljuje i ne brise nista.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Vidim da je Zoekuklonio MBAM-ov folder (koji iz nekog razloga ima "portable" u imenu). ODradićemo još jednu provjeru sa MBAM-om za svaki slučaj:


Preuzmi instalaciju za Malwarebytes Anti-Malware (MBAM) ver.2.0 i instaliraj aplikaciju.
Dvoklik na mbam-setup.exe i prati uputstva za instalaciju. Instalacija je klasicna, "Next > I Agree . . > Next > Install" princip. Po zavrsenoj instalaciji, klikni Finish.
Napomena: 14 dana besplatna trail verzija je pre-selektovana. Mozes decekirati ovu opciju ako zelis.

- Po prvom pokretanju, MBAM ce zapoceti "Update" u nameri da preuzme najsvezije definicije.
Ili ... klik na 'Update Now >>' link ili dugme radi preuzimanja svezih definicija.

• Konfigurisati skener; Na 'Settings' tabu, Detection and Protection podesiti sledece opcije:
1. pod-tab Detection Options, cekirati kucicu za 'Scan for rootkits';
2. pod-tab Non-Malware Protection, za 'PUP detections', prostarati se da je selektovana 'Threat detections as malware' opcija.



• Izvrsiti 'Threat Scan';
Klik na Scan tab, zatim na 'Scan Now >>' da bi izvrsio skeniranje.
Ukoliko MBAM prijavi da je 'update' dostupan, klik na 'Update Now' a potom nastaviti do skeniranja.
Obavestenje: kod nekih teskih infekcija, moguce je dobiti sledecu poruku "Could not load DDA driver". U tom slucaju, klik Yes na tu poruku, dopustiti ucitavanje drajvera po restartu racunara, dozvoliti restart.
Potom, nastaviti sa ostatkom instrukcija.

• Po zavrsenom skeniranju, klik na Apply Action dugme ukoliko je pretnja detektovana. Sacekati da program zatrazi restart!
- Klik na Yes na poruku koja govori da ce se sistem restartovati.



• Postaviti izvestaj (export-ovati logfile) na uvid;
Ponovo pokrenuti MBAM, klik na History tab > Application Logs. Dvoklik na 'Scan Log' koji pokazuje vreme i datum upravo izvrsenog skeniranja.
1. U novom prozoru klik na 'Export' dugme, pa izabrati 'Text file (*.txt)';
2. Kada se pojavi Save File dialog, izabrati da se log sacuva na Desktop.
U tom istom prozoru, dole pod File name: upisi 'mbam' kao naziv izvestaja i klikni dugme Save.

- Po dobijenoj poruci ("Your file has been successfully exported") izvestaj koji si nazvao kao 'mbam' bice sacuvan na Desktop.



Okaci mbam.txt uz poruku koristeci opciju Prikači fajl.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

[Link mogu videti samo ulogovani korisnici]

• 2Ovo se svidja korisnicima: proka89, duxhm
  
  Registruj se da bi pohvalio/la poruku!

Sada bi trebalo da si čist. Ostaje ti još da uradiš sljedeće.




• Sledeća procedura će implementirati završno čišćenje.

Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
Taj izvještaj mi nije potreban.

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.





Preporučujem da za zaštitu USB memorijskih uređaja koristiš MCShield.
Nema nikakve veze sa antivirus-om tj. neće ometati njegov rad, a pokazao se kao jedan od najboljih vida zaštite od malware-a koji se prenosi putem USB mem. uređaja.


Home Page MCShield-a: [Link mogu videti samo ulogovani korisnici]
Više o MCShield-u možeš saznati u ovoj temi: [Link mogu videti samo ulogovani korisnici]
Facebook stranica MCShield-a: [Link mogu videti samo ulogovani korisnici]






Preporučujem ti da pročitaš sljedeće teme kako bi ubuduće izbjegao instalaciju potencijalno neželjenog softvera.

[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]