Provera zbog čudnog rada

Provera zbog čudnog rada

offline
  • Programer
  • Pridružio: 23 Maj 2012
  • Poruke: 4575

Napisano: 02 Nov 2013 16:57

Od juče mi se počelo dešavati da se explorer.exe proces sam isključi - dakle ostanu prozori otvoreni, a traka sa alatkama i ikonice nestanu. Tad se čuje zvuk poput onog kada palite Vindous 7. Par sekundi i opet isti zvuk, ali sada se status bar vrati i sve bude na svom mestu (samo sve se dosta sporo odvija, ikonice se same osvežavaju). I sada dosta sporo obavlja procese, npr. ja želim da folder od par MB prebacim u kantu on lepo počne proces recikliranja sporo, sporo i samo odjednom poput munje ga završi. Ne mogu da kažem ni da sistem dosta koči niti da je dosta brz, periodično varira između ta dva stanja. Uglavnom , evo izveštaja pa pogledajte, ako trebaju još neke informacije kažite Smile


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16506
Run by viki at 16:50:32 on 2013-11-02
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2038.390 [GMT 1:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\viki\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\msiexec.exe
C:\Windows\System32\sdclt.exe
C:\Windows\System32\wsqmcons.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.rs/
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [F.lux] "C:\Users\viki\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{B6AEA10B-697B-480E-8F36-C286EB775AF0} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Download keePer: {69252BD3-8AD4-0A92-056D-16BA2854D5E0} - C:\Program Files (x86)\Download keePer\xLSXzgSA.x64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-9-2 192824]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-9-2 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-8-20 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-8 31544]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-9-25 148792]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-9-2 241464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-9-2 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
.
=============== Created Last 30 ================
.
2013-11-02 15:45:17 -------- d-----w- C:\Windows\System32\appmgmt
2013-11-01 20:23:19 -------- d-----w- C:\ProgramData\69c950a8a054a9d4
2013-11-01 20:23:18 -------- d-----w- C:\Users\viki\AppData\Local\Packages
2013-11-01 20:23:18 -------- d-----w- C:\ProgramData\Download keePer
2013-11-01 20:23:15 -------- d-----w- C:\Program Files (x86)\Download keePer
2013-11-01 20:22:39 -------- d-----w- C:\ProgramData\InstallMate
2013-11-01 20:13:12 -------- d-----w- C:\Users\viki\AppData\Roaming\uTorrent
2013-11-01 09:30:15 163504 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2013-10-19 15:17:11 -------- d-----w- C:\Users\viki\AppData\Local\FluxSoftware
2013-10-04 17:35:10 -------- d-----w- C:\Windows\System32\MRT
2013-10-04 17:30:05 -------- d-----w- C:\Program Files (x86)\Arcanum Adatbázis
.
==================== Find3M ====================
.
2013-09-25 20:07:30 148792 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2013-09-08 20:11:42 31544 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-09-06 12:27:12 238352 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2013-09-06 12:25:40 146704 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys
2013-09-06 12:25:40 131856 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
2013-09-06 12:25:40 119056 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
2013-09-06 12:25:38 204048 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll
2013-09-02 08:59:14 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-09-02 08:29:18 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-09-02 08:26:50 192824 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-09-02 08:26:42 241464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-08-22 17:09:56 256088 ----a-w- C:\Windows\System32\unrar64.dll
2013-08-22 17:09:56 217176 ----a-w- C:\Windows\SysWow64\unrar.dll
2013-08-20 20:53:58 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
.
============= FINISH: 16:53:35.04 ===============


https://www.mycity.rs/must-login.png

Dopuna: 02 Nov 2013 18:47

Evo i GMER izveštaja.


Gmer1: https://www.mycity.rs/must-login.png
Gmer2: https://www.mycity.rs/must-login.png
Gmer3: https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Zašto nemaš instaliran SP1?


Preuzmi FRST - (Farbar Recovery Scan Tool) i sačuvaj ga na Desktop

Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom.
Tvoj WIndows je 64-bitni.


Dvoklikom pokreni FRST;
Kada se alat startuje, klikni Yes na disclaimer.
Klikni na dugme Scan;
Alat ce kreirati izvještaj (FRST.txt) u isti direktorijum gde je i FRST.exe sačuvan.
Iskopiraj sadržaj tog izvještaja u poruku.
Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvještaj (Addition.txt). Taj izvještaj okači u poruku koristeći opciju "Prikači file".

offline
  • Programer
  • Pridružio: 23 Maj 2012
  • Poruke: 4575

Napisano: 02 Nov 2013 21:17

Sass Drake ::Zašto nemaš instaliran SP1?

Ne znam, a pravo da ti kažem nisam ni obraćao pažnju na to. Sistem je instaliran sa CD-a koji sam dobio uz računar.

Dopuna: 02 Nov 2013 21:18

Evo fajla Addition, sad čekam da završi sa skeniranjem da okačim i drugi.

https://www.mycity.rs/must-login.png

Dopuna: 02 Nov 2013 21:19

Evo i FRST izveštaja.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by viki (administrator) on VIKI-PC on 02-11-2013 21:15:22
Running from C:\Users\viki\Downloads
Windows 7 Ultimate (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Flux Software LLC) C:\Users\viki\AppData\Local\FluxSoftware\Flux\flux.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10806816 2010-04-30] (Realtek Semiconductor)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [F.lux] - C:\Users\viki\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.rs/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Download keePer - {69252BD3-8AD4-0A92-056D-16BA2854D5E0} - C:\Program Files (x86)\Download keePer\xLSXzgSA.x64.dll ()
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2210608 2006-10-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR HomePage: https://www.google.com/
CHR RestoreOnStartup: "https://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Download keePer) - C:\Users\viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\illhkdcofgkbmpnddmddjnjmmclcjkoo\1.6
CHR Extension: (Google Wallet) - C:\Users\viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
U3 kxldypod; \??\C:\Users\viki\AppData\Local\Temp\kxldypod.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-02 21:15 - 2013-11-02 21:15 - 00000000 ____D C:\FRST
2013-11-02 21:15 - 2013-11-02 21:14 - 01957098 _____ (Farbar) C:\Users\viki\Desktop\FRST64.exe
2013-11-02 21:14 - 2013-11-02 21:14 - 01957098 _____ (Farbar) C:\Users\viki\Downloads\FRST64.exe
2013-11-02 17:07 - 2013-11-02 17:07 - 00377856 _____ C:\Users\viki\Downloads\kkecou5v.exe
2013-11-02 16:45 - 2013-11-02 16:45 - 00000000 ____D C:\Windows\system32\appmgmt
2013-11-01 23:09 - 2013-11-01 23:09 - 00109296 _____ C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-01 23:09 - 2013-11-01 23:09 - 00109296 _____ C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-01 23:09 - 2013-11-01 23:09 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-11-01 23:09 - 2013-11-01 23:09 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-11-01 23:00 - 2013-11-01 23:00 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-01 23:00 - 2013-11-01 23:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-11-01 21:23 - 2013-11-01 22:49 - 00000000 ____D C:\ProgramData\Download keePer
2013-11-01 21:23 - 2013-11-01 22:49 - 00000000 ____D C:\Program Files (x86)\Download keePer
2013-11-01 21:23 - 2013-11-01 21:23 - 00000000 ____D C:\Users\viki\AppData\Local\Packages
2013-11-01 21:23 - 2013-11-01 21:23 - 00000000 ____D C:\ProgramData\69c950a8a054a9d4
2013-11-01 21:22 - 2013-11-01 21:22 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-01 21:14 - 2013-11-01 21:14 - 00000792 _____ C:\Users\viki\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-11-01 21:13 - 2013-11-02 16:41 - 00000000 ____D C:\Users\viki\AppData\Roaming\uTorrent
2013-10-19 16:17 - 2013-10-19 16:17 - 00000000 ____D C:\Users\viki\AppData\Local\FluxSoftware
2013-10-04 22:13 - 2013-11-02 16:41 - 00000000 ____D C:\Users\viki\AppData\Roaming\Notepad++
2013-10-04 22:13 - 2013-10-04 22:14 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-10-04 22:13 - 2013-10-04 22:13 - 00000000 ____D C:\Users\viki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-10-04 18:35 - 2013-10-12 15:27 - 00000000 ____D C:\Windows\system32\MRT
2013-10-04 18:35 - 2013-10-12 15:22 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-04 18:30 - 2013-10-04 18:30 - 00000000 ____D C:\Program Files (x86)\Arcanum Adatbázis

==================== One Month Modified Files and Folders =======

2013-11-02 21:15 - 2013-11-02 21:15 - 00000000 ____D C:\FRST
2013-11-02 21:14 - 2013-11-02 21:15 - 01957098 _____ (Farbar) C:\Users\viki\Desktop\FRST64.exe
2013-11-02 21:14 - 2013-11-02 21:14 - 01957098 _____ (Farbar) C:\Users\viki\Downloads\FRST64.exe
2013-11-02 21:06 - 2013-09-24 11:03 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-02 21:02 - 2013-09-24 09:29 - 01711898 _____ C:\Windows\WindowsUpdate.log
2013-11-02 18:35 - 2013-09-24 11:09 - 00000000 ____D C:\ProgramData\MFAData
2013-11-02 18:06 - 2013-09-24 12:35 - 00000000 ____D C:\ProgramData\Skype
2013-11-02 17:58 - 2013-09-24 18:43 - 00000000 ____D C:\ProgramData\Adobe
2013-11-02 17:07 - 2013-11-02 17:07 - 00377856 _____ C:\Users\viki\Downloads\kkecou5v.exe
2013-11-02 17:02 - 2013-09-24 18:44 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-02 17:00 - 2013-09-24 18:47 - 00000000 ____D C:\Users\viki\AppData\Roaming\Adobe
2013-11-02 16:45 - 2013-11-02 16:45 - 00000000 ____D C:\Windows\system32\appmgmt
2013-11-02 16:45 - 2013-09-24 11:03 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-02 16:44 - 2009-07-14 06:13 - 00779724 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-02 16:44 - 2009-07-14 05:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-02 16:44 - 2009-07-14 05:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-02 16:41 - 2013-11-01 21:13 - 00000000 ____D C:\Users\viki\AppData\Roaming\uTorrent
2013-11-02 16:41 - 2013-10-04 22:13 - 00000000 ____D C:\Users\viki\AppData\Roaming\Notepad++
2013-11-02 16:40 - 2013-09-24 18:41 - 00000000 ____D C:\Users\viki\AppData\Local\Adobe
2013-11-02 16:40 - 2013-09-24 12:36 - 00000000 ____D C:\Users\viki\AppData\Roaming\Skype
2013-11-02 16:39 - 2013-09-24 11:03 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-02 16:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-01 23:11 - 2013-09-24 12:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-01 23:09 - 2013-11-01 23:09 - 00109296 _____ C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-01 23:09 - 2013-11-01 23:09 - 00109296 _____ C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-01 23:09 - 2013-11-01 23:09 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-11-01 23:09 - 2013-11-01 23:09 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-11-01 23:00 - 2013-11-01 23:00 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-01 23:00 - 2013-11-01 23:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-11-01 22:49 - 2013-11-01 21:23 - 00000000 ____D C:\ProgramData\Download keePer
2013-11-01 22:49 - 2013-11-01 21:23 - 00000000 ____D C:\Program Files (x86)\Download keePer
2013-11-01 21:26 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-11-01 21:23 - 2013-11-01 21:23 - 00000000 ____D C:\Users\viki\AppData\Local\Packages
2013-11-01 21:23 - 2013-11-01 21:23 - 00000000 ____D C:\ProgramData\69c950a8a054a9d4
2013-11-01 21:22 - 2013-11-01 21:22 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-01 21:14 - 2013-11-01 21:14 - 00000792 _____ C:\Users\viki\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-11-01 14:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-01 12:47 - 2013-09-24 18:23 - 00000000 ____D C:\Users\viki\Documents\Visual Studio 2010
2013-11-01 10:15 - 2013-09-24 11:04 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-01 09:01 - 2013-09-24 11:03 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-01 09:00 - 2013-09-24 11:03 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-19 16:17 - 2013-10-19 16:17 - 00000000 ____D C:\Users\viki\AppData\Local\FluxSoftware
2013-10-19 16:17 - 2013-09-24 18:03 - 00000000 ____D C:\Users\viki\AppData\Local\Apps\F.lux
2013-10-12 15:27 - 2013-10-04 18:35 - 00000000 ____D C:\Windows\system32\MRT
2013-10-12 15:22 - 2013-10-04 18:35 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-04 23:22 - 2013-09-28 17:16 - 00000000 ____D C:\Users\viki\.VirtualBox
2013-10-04 23:16 - 2013-09-28 17:19 - 00000000 ____D C:\Users\viki\VirtualBox VMs
2013-10-04 22:56 - 2013-09-27 21:44 - 00000000 ____D C:\Users\viki\Documents\Kopije registratora
2013-10-04 22:47 - 2013-09-24 19:23 - 00000000 ____D C:\Windows\Panther
2013-10-04 22:14 - 2013-10-04 22:13 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-10-04 22:13 - 2013-10-04 22:13 - 00000000 ____D C:\Users\viki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-10-04 18:30 - 2013-10-04 18:30 - 00000000 ____D C:\Program Files (x86)\Arcanum Adatbázis

Some content of TEMP:
====================
C:\Users\viki\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\viki\AppData\Local\Temp\down.4196.assistant_v3.exe
C:\Users\viki\AppData\Local\Temp\TsuE75136E4.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-01 14:18

==================== End Of Log ============================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ne vidim ništa maliciozno u postavljenim izvještajima.

Arrow

Obrisaćemo korišćene alate.

Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings


Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.

Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt
Taj izvještaj mi nije potreban.


Arrow

Preporučujem ti da instaliraš Service Pack 1 za tvoj Windows 7 operativni sistem.
Možeš ga preuzeti sa ovog linka:

Windows 7 SP1 x64

Nakon toga pokreni Windows Update.



Arrow

Ako problem ostane nakon Windows Update-a:
Problem koji imaš ili pravi Adobe Creative Cloud (pucanje explorer.exe) dok ovo sporo poput puža pa brzo poput munje vjerovatno pravi AV program.

Ko je trenutno na forumu
 

Ukupno su 1222 korisnika na forumu :: 39 registrovanih, 6 sakrivenih i 1177 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Bobrock1, Botovac, Brana01, CikaKURE, Dimitrije Paunovic, dragon986, dushan, Georgius, herrDule, ILGromovnik, Kubovac, kuntalo, Leonov, lord sir giga, Lošmi, Magistar78, Mcdado, mercedesamg, milenko crazy north, milutin134, mrvica78, nebkv, oldtimer, panonski mornar, Parker, raptorsi, srbijaiznadsvega, Srle993, ss10, Stoilkovic, Sumadija34, suton, tmanda323, vasa.93, vladulns, voja64, Volkhov-M, Zandar