Provera racunara

Provera racunara

offline
  • Mare Ivanović
  • Bokser
  • Pridružio: 30 Maj 2013
  • Poruke: 423
  • Gde živiš: U kući

Pozdrav, posto nisam dugo proveravao racunar, evo izvestaja pa da ga sredimo, ako ima virusa itd. Skenirao AVG-om ne detektuje ništa, radi super samo hocu da uradim test radi sigurnosti Very Happy
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
Ran by Home (administrator) on HOME-PC (05-12-2015 13:17:28)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: engleski (SAD)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sandboxie Holdings, LLC) D:\Game\GTA-SanAndreas\SbieSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NlsSrv32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Torch Media, Inc) C:\Users\Home\Desktop\TorchSetup-r0-n-bf.exe
(Torch Media, Inc) C:\Users\Home\Desktop\TorchSetup-r0-n-bf.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3780008 2015-10-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-3145937626-3286986765-835811450-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 mpa.one.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A2EEAB71-9E59-4F0A-A90F-D432E29D2661}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3145937626-3286986765-835811450-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={4BE98B8D-014D-474D-AFE1-596325DA144D}&mid=071a1cc38db447d39433e1ccefac356f-bacaf10902b0c99645e4e6d549939f161787c654&lang=sr&ds=AVG&coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-02-26 15:44:40&v=4.1.0.411&pid=wtu&sg=&sap=hp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-19] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-19] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\qu0bovtz.default-1434458251051
FF NewTab: www.google.rs
FF Homepage: www.google.rs
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-09] (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Home\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
FF Extension: FlashGot - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\qu0bovtz.default-1434458251051\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-07-24]
FF Extension: Price Rocket - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\qu0bovtz.default-1434458251051\Extensions\support@pricerocket.net.xpi [2015-11-01]

Chrome:
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google новчаник) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-15]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3642280 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-10-30] (AVG Technologies CZ, s.r.o.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174624 2014-10-14] (EasyAntiCheat Ltd)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2004488 2015-07-22] (Electronic Arts)
R2 SbieSvc; D:\Game\GTA-SanAndreas\SbieSvc.exe [177800 2015-10-22] (Sandboxie Holdings, LLC)
R2 TorchCrashHandler; C:\Users\Home\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2015-11-03] (TorchMedia Inc.) <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1195920 2015-07-10] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 3xHybr64; C:\Windows\System32\DRIVERS\3xHybr64.sys [873216 2007-04-20] (Philips Semiconductors GmbH)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-10-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [300464 2015-08-04] (AVG Technologies CZ, s.r.o.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-19] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
R3 SbieDrv; D:\Game\GTA-SanAndreas\SbieDrv.sys [192648 2015-10-22] (Sandboxie Holdings, LLC)
U5 UnlockerDriver5; D:\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-05 13:20 - 2015-12-05 13:20 - 00001393 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2015-12-05 13:20 - 2015-12-05 13:20 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2015-12-05 13:17 - 2015-12-05 13:27 - 00012951 _____ C:\Users\Home\Desktop\FRST.txt
2015-12-05 13:17 - 2015-12-05 13:17 - 00000000 ____D C:\FRST
2015-12-05 13:12 - 2015-12-05 13:16 - 02369024 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe
2015-12-05 13:03 - 2015-12-05 13:20 - 00000000 ____D C:\Users\Home\AppData\Local\Torch
2015-12-05 13:03 - 2015-12-05 13:03 - 01666704 _____ (Torch Media, Inc) C:\Users\Home\Desktop\TorchSetup-r0-n-bf.exe
2015-11-30 16:53 - 2015-12-02 17:20 - 00000000 ____D C:\Users\Home\AppData\LocalLow\uTorrent
2015-11-24 15:18 - 2015-11-24 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-11-09 18:50 - 2015-11-09 18:50 - 00002547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\trakaxPC.lnk
2015-11-09 18:50 - 2015-11-09 18:50 - 00000000 ____D C:\Users\Home\Documents\HighAndes
2015-11-09 18:50 - 2015-11-09 18:50 - 00000000 ____D C:\Users\Home\AppData\Local\HighAndes
2015-11-09 18:50 - 2015-11-09 18:50 - 00000000 ____D C:\ProgramData\HighAndes
2015-11-09 18:50 - 2013-09-25 02:34 - 00070768 _____ (Nalpeiron Ltd.) C:\Windows\SysWOW64\NlsSrv32.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-05 13:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-05 13:06 - 2013-06-29 12:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-05 12:58 - 2013-09-30 08:25 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-05 12:52 - 2013-09-30 08:25 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-05 12:51 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-05 11:36 - 2013-07-30 18:46 - 00000000 ____D C:\Users\Home\AppData\Roaming\Disk Cleaner
2015-12-05 11:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-05 11:35 - 2014-03-27 20:00 - 00000000 ____D C:\Users\Home\Desktop\Skice
2015-12-05 10:23 - 2013-04-02 16:56 - 00000000 ____D C:\ProgramData\MFAData
2015-12-04 15:53 - 2013-09-30 08:25 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 15:53 - 2013-09-30 08:25 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 15:43 - 2014-02-17 14:03 - 00000000 ____D C:\Users\Home\AppData\Roaming\TS3Client
2015-12-03 20:32 - 2014-06-10 19:15 - 00000000 ____D C:\Users\Home\AppData\Roaming\uTorrent
2015-12-03 20:32 - 2013-04-02 18:06 - 00000000 ____D C:\Users\Home\AppData\Roaming\Winamp
2015-12-01 18:12 - 2009-07-14 05:45 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-01 18:12 - 2009-07-14 05:45 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-01 16:53 - 2009-07-14 06:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-30 18:50 - 2014-09-08 07:52 - 00000000 ____D C:\Users\Home\Documents\Bandicam
2015-11-29 12:37 - 2013-06-21 20:43 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-11-29 12:35 - 2015-10-09 16:27 - 00000459 _____ C:\DelFix.txt
2015-11-28 18:13 - 2015-08-28 07:00 - 00001658 _____ C:\Windows\Sandboxie.ini
2015-11-26 20:46 - 2015-10-25 14:21 - 00000000 ____D C:\Users\Home\AppData\Local\AvgSetupLog
2015-11-19 20:08 - 2015-02-11 19:32 - 00000000 ____D C:\Users\Home\AppData\Roaming\SpinTires
2015-11-19 17:04 - 2013-06-21 13:45 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-19 17:03 - 2015-08-31 09:25 - 00000000 ____D C:\Users\Home\.oracle_jre_usage
2015-11-19 17:03 - 2014-10-22 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-19 17:02 - 2014-10-22 13:42 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-17 15:45 - 2014-11-18 16:11 - 00000000 ____D C:\Users\Home\Documents\Euro Truck Simulator 2
2015-11-13 17:55 - 2013-07-14 12:46 - 00007168 ____H C:\Users\Home\Desktop\photothumb.db
2015-11-13 15:06 - 2013-06-29 12:14 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-13 15:06 - 2013-04-01 16:00 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-13 15:06 - 2013-04-01 16:00 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-12 18:41 - 2013-04-01 14:10 - 00000000 ____D C:\Users\Home\AppData\Local\VirtualStore
2015-11-11 11:55 - 2014-11-20 16:59 - 00000937 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-11-11 11:55 - 2014-11-20 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-11-09 18:47 - 2015-06-22 13:34 - 00001310 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
2015-11-05 15:11 - 2015-11-04 17:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-05 15:11 - 2015-07-27 11:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2015-04-22 20:43 - 2015-04-22 20:44 - 0027136 ___SH () C:\Users\Home\AppData\Roaming\Thumbs.db
2014-11-22 21:03 - 2014-11-22 21:03 - 0018363 _____ () C:\Users\Home\AppData\Roaming\UserTile.png
2014-08-26 18:05 - 2014-08-26 18:05 - 0004608 _____ () C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-30 18:32 - 2013-07-30 18:32 - 0000017 _____ () C:\Users\Home\AppData\Local\resmon.resmoncfg
2014-08-17 15:35 - 2014-08-17 15:35 - 0000003 _____ () C:\Users\Home\AppData\Local\updater.log
2014-08-17 15:35 - 2015-04-23 16:43 - 0000424 _____ () C:\Users\Home\AppData\Local\UserProducts.xml
2015-02-22 19:06 - 2015-02-22 19:06 - 0000111 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2015-02-17 10:38] - [2010-11-21 04:24] - 2389504 ____A (Microsoft Corporation) 257A5F4029EEA31AE58F5A4E92ED076D

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Da li si ti lično instalirao Torch browser?

offline
  • Mare Ivanović
  • Bokser
  • Pridružio: 30 Maj 2013
  • Poruke: 423
  • Gde živiš: U kući

Jesam, ali sam ga deinstalirao jer mi nije nista koristio, to sam zbog filmova skinuo Very Happy

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Izvještaji ne pokazuju tragove infekcije, ali imaš patchovan explorer.exe.


Arrow

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.





Arrow


Idi u Start -> Accessories i nađi Command Prompt.
Klikni desnim tasterom miša na Command Prompt i idi na Run as Administrator
kucaj
sfc /SCANNOW
i pritisni Enter
Sačekaj da završi.

Ko je trenutno na forumu
 

Ukupno su 756 korisnika na forumu :: 36 registrovanih, 1 sakriven i 719 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Petar, _Sale, A.R.Chafee.Jr., aleksmajstor, amaterSRB, Bane san, Cirkon, dac, dankisha, Dorcolac, Drug pukovnik, Duh sa sekirom, ILGromovnik, kripo, Lieutenant, mercedesamg, Milan A. Nikolic, milos.cbr, Mlav, nemkea71, nenad81, oddsock, ostoja, Polemarchoi, Regrut Boskica, sakota79, Sirius, Srki94, Steeeefan, Toni, Toper, vasa.93, Vlada1389, vlahale, zljubomir, Živković