Provera laptopa

Provera laptopa

offline
  • Mare Ivanović
  • Sam svoj majstor
  • Pridružio: 30 Maj 2013
  • Poruke: 423
  • Gde živiš: U kući

Pozdrav, zeleo bih da testiram laptop koji sam kupio, da li je zarazen malwareom i sl.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-07-2016
Ran by sasa (administrator) on HOME (06-07-2016 18:29:22)
Running from C:\Documents and Settings\sasa\Desktop
Loaded Profiles: sasa (Available Profiles: sasa)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINDOWS\System32\WgaTray.exe
() C:\WINDOWS\VistaDriveIcon\VistaDrv.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\JUSCHED.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\FIREFOX.EXE
(Microsoft Corporation) C:\WINDOWS\System32\WSCNTFY.EXE
(Microsoft Corporation) C:\WINDOWS\System32\WUAUCLT.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VDrive] => C:\WINDOWS\VistaDriveIcon\VistaDrv.exe [132096 2008-01-02] ()
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [573440 2007-10-12] (Motorola Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-21-1177238915-764733703-842925246-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6775512 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-1177238915-764733703-842925246-1003\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-21-1177238915-764733703-842925246-1003\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoSMHelp] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{83D13663-9052-4FAA-A77E-EF400E8780CF}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1177238915-764733703-842925246-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-07-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-07-04] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1177238915-764733703-842925246-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

FireFox:
========
FF ProfilePath: C:\Documents and Settings\sasa\Application Data\Mozilla\Firefox\Profiles\9ow6ke72.default
FF Homepage: www.google.rs
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-07-05] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-04] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-04] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Documents and Settings\sasa\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\sasa\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-04]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [58368 2009-11-20] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\WINDOWS\system32\msdtc.exe [30720 2009-11-19] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [116736 2009-11-20] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AgereSoftModem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [1202560 2008-02-29] (Agere Systems) [File not signed]
R3 DKbFltr; C:\WINDOWS\System32\DRIVERS\DKbFltr.sys [16896 2004-12-07] (Dritek System Inc.) [File not signed]
R3 ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [737874 2004-08-20] (Intel Corporation) [File not signed]
S3 M3AD; C:\WINDOWS\System32\drivers\m3aux.sys [136832 2007-10-12] (Motorola Inc) [File not signed]
R3 mnich; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 smserial; C:\WINDOWS\System32\DRIVERS\smserial.sys [980608 2007-10-12] (Motorola Inc.) [File not signed]
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2216064 2008-01-07] (Intel® Corporation)
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 18:29 - 2016-07-06 18:29 - 00007459 _____ C:\Documents and Settings\sasa\Desktop\FRST.txt
2016-07-06 18:29 - 2016-07-06 18:29 - 00000000 ____D C:\FRST
2016-07-06 18:28 - 2016-07-06 18:29 - 01740288 _____ (Farbar) C:\Documents and Settings\sasa\Desktop\FRST.exe
2016-07-06 14:37 - 2016-07-06 14:37 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2016-07-05 21:12 - 2016-07-05 21:12 - 00000000 __SHD C:\FOUND.002
2016-07-05 19:38 - 2016-07-05 19:35 - 00001494 _____ C:\Documents and Settings\sasa\Desktop\Disk Cleaner.lnk
2016-07-05 19:35 - 2016-07-05 19:35 - 00000000 ____D C:\Program Files\Disk Cleaner
2016-07-05 19:35 - 2016-07-05 19:35 - 00000000 ____D C:\Documents and Settings\sasa\Application Data\Disk Cleaner
2016-07-05 19:35 - 2016-07-05 19:35 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Disk Cleaner
2016-07-05 19:30 - 2016-07-05 19:30 - 00000045 _____ C:\WINDOWS\system32\initdebug.nfo
2016-07-05 19:27 - 2016-07-05 19:27 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\McAfee
2016-07-05 19:18 - 2016-07-05 19:18 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-07-05 19:18 - 2016-07-05 19:18 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-07-05 19:18 - 2016-07-05 19:18 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\McAfee
2016-07-04 18:19 - 2016-07-04 18:19 - 00153088 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2016-07-04 18:19 - 2016-07-04 18:19 - 00095808 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-07-04 18:19 - 2016-07-04 18:19 - 00000000 ____D C:\Program Files\Common Files\Java
2016-07-04 18:19 - 2016-07-04 18:19 - 00000000 ____D C:\Documents and Settings\sasa\Local Settings\Application Data\Sun
2016-07-04 18:19 - 2016-07-04 18:19 - 00000000 ____D C:\Documents and Settings\sasa\Application Data\Sun
2016-07-04 18:19 - 2016-07-04 18:19 - 00000000 ____D C:\Documents and Settings\sasa\.oracle_jre_usage
2016-07-04 18:19 - 2016-07-04 18:19 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2016-07-04 18:18 - 2016-07-04 18:18 - 00000000 ____D C:\Program Files\Java
2016-07-04 18:18 - 2016-07-04 18:18 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Oracle
2016-07-04 18:15 - 2016-07-04 18:15 - 00000000 ____D C:\Documents and Settings\sasa\Application Data\Oracle
2016-07-04 18:05 - 2016-07-04 18:05 - 00000634 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-04 18:05 - 2016-07-04 18:05 - 00000628 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2016-07-04 18:05 - 2016-07-04 18:05 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-07-04 18:05 - 2016-07-04 18:05 - 00000000 ____D C:\Documents and Settings\sasa\Local Settings\Application Data\Mozilla
2016-07-04 18:05 - 2016-07-04 18:05 - 00000000 ____D C:\Documents and Settings\sasa\Application Data\Mozilla
2016-07-04 18:04 - 2016-07-04 18:04 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-07-04 17:20 - 2016-07-04 17:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-04 17:16 - 2016-07-04 17:16 - 00000000 ____D C:\WINDOWS\ERUNT
2016-07-04 17:14 - 2016-07-04 17:14 - 00000586 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2016-07-04 17:14 - 2016-07-04 17:14 - 00000000 ____D C:\Program Files\CCleaner
2016-07-04 14:23 - 2016-07-04 14:23 - 00000000 ___RD C:\Documents and Settings\sasa\My Documents\My Videos
2016-07-04 14:23 - 2016-07-04 14:23 - 00000000 ___RD C:\Documents and Settings\sasa\My Documents\My Pictures
2016-07-04 14:23 - 2016-07-04 14:23 - 00000000 ___RD C:\Documents and Settings\sasa\My Documents\My Music
2016-06-27 22:01 - 2016-06-27 22:01 - 00000000 __SHD C:\Documents and Settings\NetworkService\IETldCache
2016-06-27 20:14 - 2016-06-27 21:11 - 00065536 _____ C:\WINDOWS\system32\config\ACS.evt
2016-06-27 20:14 - 2016-06-27 20:14 - 00000000 __RHD C:\Documents and Settings\All Users\Application Data\Atheros
2016-06-27 20:14 - 2016-06-27 20:14 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-06-27 20:13 - 2016-06-27 20:13 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TP-LINK
2016-06-21 13:33 - 2008-04-13 17:15 - 00010368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-06-21 13:33 - 2008-04-13 17:15 - 00010368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidusb.sys
2016-06-21 13:33 - 2001-08-17 06:48 - 00012160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2016-06-21 13:33 - 2001-08-17 06:48 - 00012160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mouhid.sys
2016-06-18 23:03 - 2016-06-18 23:03 - 00000000 __SHD C:\Recycled
2016-06-18 17:03 - 2016-06-18 17:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2834886$
2016-06-18 17:03 - 2016-06-18 17:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2506212$
2016-06-18 17:03 - 2016-06-18 17:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2479943$
2016-06-18 15:13 - 2016-06-18 15:13 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2922229$
2016-06-18 15:13 - 2016-06-18 15:13 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2868626$
2016-06-18 15:13 - 2016-06-18 15:13 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2712808$
2016-06-18 15:13 - 2016-06-18 15:13 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2387149$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB970430$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2916036$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2659262$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2585542$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2564958$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2544893-v2$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2536276-v2$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2478971$
2016-06-18 15:12 - 2016-06-18 15:12 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2345886$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB975558_WM8$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB955759$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2900986$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2847311$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2691442$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2631813$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2296011$
2016-06-18 15:11 - 2016-06-18 15:11 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2115168$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB974318$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2898715$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2802968$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2655992$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2443105$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2378111_WM9$
2016-06-18 15:10 - 2016-06-18 15:10 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2229593$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB982132$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB975713$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2929961$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2862335$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2686509$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2598479$
2016-06-18 15:09 - 2016-06-18 15:09 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2485663$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB978338$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB972270$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2904266$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2780091$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2507938$
2016-06-18 15:08 - 2016-06-18 15:08 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2347290$
2016-06-18 15:07 - 2016-06-18 15:07 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB979687$
2016-06-18 15:07 - 2016-06-18 15:07 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2930275$
2016-06-18 15:07 - 2016-06-18 15:07 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2876217$
2016-06-18 15:07 - 2016-06-18 15:07 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2864063$
2016-06-18 15:07 - 2016-06-18 15:07 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2483185$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB977816$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB975560$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2876331$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2862152$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2850869$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2770660$
2016-06-18 15:06 - 2016-06-18 15:06 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2719985$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB974392$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2893294$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2859537$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2820917$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2757638$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2508429$
2016-06-18 15:05 - 2016-06-18 15:05 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2419632$
2016-06-18 15:04 - 2016-06-18 15:04 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB977914$
2016-06-18 15:04 - 2016-06-18 15:04 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB971029$
2016-06-18 15:04 - 2016-06-18 15:04 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2892075$
2016-06-18 15:04 - 2016-06-18 15:04 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2749655$
2016-06-18 15:04 - 2016-06-18 15:04 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2619339$
2016-06-18 15:03 - 2016-06-18 15:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB979482$
2016-06-18 15:03 - 2016-06-18 15:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB978706$
2016-06-18 15:03 - 2016-06-18 15:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB978542$
2016-06-18 15:03 - 2016-06-18 15:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2705219-v2$
2016-06-18 15:03 - 2016-06-18 15:03 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2509553$
2016-06-18 15:02 - 2016-06-18 15:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB982665$
2016-06-18 15:02 - 2016-06-18 15:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2676562$
2016-06-18 15:02 - 2016-06-18 15:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2478960$
2016-06-17 03:14 - 2010-11-18 11:12 - 00081920 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isign32.dll
2016-06-17 03:13 - 2013-08-08 18:56 - 00386560 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\themeui.dll
2016-06-17 03:13 - 2009-12-08 02:23 - 00474112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shlwapi.dll
2016-06-17 03:12 - 2013-08-05 06:30 - 01289728 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ole32.dll
2016-06-17 03:12 - 2011-01-21 07:44 - 00439296 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shimgvw.dll
2016-06-17 03:12 - 2010-07-12 05:55 - 00218112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wordpad.exe
2016-06-17 03:11 - 2013-12-05 04:26 - 01172992 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml3.dll
2016-06-17 03:11 - 2013-01-01 23:49 - 01292288 ____N C:\WINDOWS\system32\dllcache\quartz.dll
2016-06-17 03:11 - 2009-11-27 10:11 - 00017920 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msyuv.dll
2016-06-17 03:10 - 2013-03-08 01:36 - 00293376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winsrv.dll
2016-06-17 03:10 - 2012-06-08 07:26 - 08462848 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shell32.dll
2016-06-17 03:09 - 2009-12-16 11:43 - 00343040 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mspaint.exe
2016-06-17 03:09 - 2009-11-27 09:28 - 00048128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iyuv_32.dll
2016-06-17 03:09 - 2009-11-27 09:28 - 00008704 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsbyuv.dll
2016-06-17 03:08 - 2011-07-15 06:29 - 00457856 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mrxsmb.sys
2016-06-17 03:07 - 2010-08-23 09:12 - 00617472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comctl32.dll
2016-06-17 03:07 - 2009-10-20 09:20 - 00265728 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\http.sys
2016-06-17 03:04 - 2013-07-02 19:12 - 00025088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2016-06-17 03:04 - 2013-07-02 18:59 - 00014976 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB978695_WM9$
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB973904$
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2807986$
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2603381$
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2592799$
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2570947$
2016-06-17 03:02 - 2016-06-17 03:02 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2535512$
2016-06-17 03:01 - 2016-06-17 03:01 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB981997$
2016-06-17 03:01 - 2016-06-17 03:01 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB979309$
2016-06-17 03:01 - 2016-06-17 03:01 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2862330$
2016-06-17 03:01 - 2016-06-17 03:01 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2723135-v2$
2016-06-17 03:01 - 2016-06-17 03:01 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2698365$
2016-06-17 03:01 - 2016-06-17 03:01 - 00000000 ____D C:\WINDOWS\ie8updates
2016-06-17 03:00 - 2016-06-17 03:01 - 00000000 ____D C:\Program Files\MSXML 4.0
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2914368$
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2661637$
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2620712$
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2584146$
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2566454$
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2423089$
2016-06-17 03:00 - 2016-06-17 03:00 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2393802$
2016-06-17 02:57 - 2013-02-11 17:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys
2016-06-17 02:57 - 2011-11-18 05:35 - 00060416 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\packager.exe
2016-06-17 02:56 - 2013-09-23 11:33 - 11113472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 06017536 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 02006016 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2016-06-17 02:56 - 2013-09-23 11:33 - 01215488 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00920064 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00743424 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00630272 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00522240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00247808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00206848 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00184320 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00105984 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00055296 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2016-06-17 02:56 - 2013-09-23 11:33 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2016-06-17 02:56 - 2012-05-28 05:25 - 00081920 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado28.tlb
2016-06-17 02:55 - 2013-08-08 17:55 - 00144128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2016-06-17 02:55 - 2013-08-08 17:55 - 00032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2016-06-17 02:55 - 2013-08-08 17:55 - 00005376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2016-06-17 02:55 - 2009-03-18 04:02 - 00030336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2016-06-17 02:54 - 2013-07-03 20:03 - 02149888 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2016-06-17 02:54 - 2013-07-03 19:59 - 02193536 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2016-06-17 02:54 - 2013-07-03 19:08 - 02028544 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2016-06-17 02:54 - 2012-01-11 12:06 - 00003072 ____N C:\WINDOWS\system32\iacenc.dll
2016-06-17 02:54 - 2012-01-11 12:06 - 00003072 ____N C:\WINDOWS\system32\dllcache\iacenc.dll
2016-06-17 02:54 - 2010-10-11 07:59 - 00045568 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe
2016-06-17 02:54 - 2010-01-13 07:01 - 00086016 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cabview.dll
2016-06-10 16:09 - 2016-06-10 16:09 - 00000000 __SHD C:\FOUND.001
2016-06-06 14:25 - 2016-06-06 14:25 - 00000000 __SHD C:\FOUND.000

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 18:12 - 2016-06-04 18:56 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-06 18:12 - 2016-06-04 17:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-06 18:12 - 2009-11-20 00:45 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-07-06 16:44 - 2016-06-04 18:34 - 00000178 ___SH C:\Documents and Settings\sasa\ntuser.ini
2016-07-06 16:44 - 2016-06-04 17:54 - 00032428 _____ C:\WINDOWS\SchedLgU.Txt
2016-07-05 20:06 - 2016-06-04 18:56 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-04 17:20 - 2016-06-04 17:33 - 139785240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-04 14:23 - 2016-06-04 18:34 - 00000692 _____ C:\Documents and Settings\sasa\Start Menu\Programs\Windows Media Player.lnk
2016-07-02 01:07 - 2016-06-04 17:29 - 00001474 _____ C:\Documents and Settings\All Users\Start Menu\Microsoft Update.lnk
2016-07-02 01:05 - 2016-06-04 18:53 - 00002315 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2016-07-02 01:02 - 2016-06-04 18:34 - 00001503 _____ C:\Documents and Settings\sasa\Start Menu\Programs\Remote Assistance.lnk
2016-07-02 01:02 - 2016-06-04 17:33 - 00001511 _____ C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2016-06-30 17:05 - 2016-06-04 17:21 - 00095072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-18 15:57 - 2016-06-04 17:22 - 00351662 _____ C:\WINDOWS\system32\PerfStringBackup.INI

Some files in TEMP:
====================
C:\Documents and Settings\sasa\Local Settings\Temp\sfamcc00001.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2009-11-20 00:45] - [2009-11-20 00:45] - 1552384 ____A (Microsoft Corporation) F8540FC5FDAD3C3A2E668ACB0BACCE59

C:\WINDOWS\system32\winlogon.exe
[2009-11-19 17:45] - [2009-11-20 00:45] - 0557056 ____A (Microsoft Corporation) 6AE82FE2B77E79E2CD2819599CD75CFB

C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll
[2009-11-19 17:45] - [2009-11-20 00:45] - 0637440 ____A (Microsoft Corporation) E7A939813423DCF45BAAA8FAC9BA744D

C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Sistem je čist što se malwarea tiče.

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Ko je trenutno na forumu
 

Ukupno su 1054 korisnika na forumu :: 52 registrovanih, 5 sakrivenih i 997 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., arsa, babaroga, bojanM84, BORUTUS, BraneS, brundo65, Dannyboy, djboj, Djokislav, doklevise, DonRumataEstorski, doom83, Dorcolac, dragoljub11987, DragoslavS, gorval, ikan, Istman, ivan979, jukeboxer, Klecaviks, kokodakalo, kovinacc, Kubovac, kunktator, kybonacci, ljuba, LUDI, Lukaaa, mercedesamg, milenko crazy north, Misirac, mkukoleca, nemkea71, oldtimer, opt1, raptorsi, raykan, repac, sap, savaskytec, slonic_tonic, Stoilkovic, VJ, Vlad000, voja64, wolverined4, Wrangler, zixmix, zlaya011, 79693