MyCity » Ambulanta -> Arhiva Ambulante » Proveravanje kompjutera

Proveravanje kompjutera

Napisano na dan: 8.2.2014

Strana:
1
2

Proveravanje kompjutera

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Mare Ivanović Poslao: 08 Feb 2014 12:05 Idi na vrh
offline Mare Ivanović Ugledni građanin Marko Pridružio: 30 Maj 2013 Poruke: 425 Gde živiš: U kući	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pošto sam primetio da mi kompjuter u poslednje vreme koči po malo, hteo sam da ga proverim, tj. da li ima virusa i ostalo. Koči i buffering na netu ali za sada hoću samo da proverim komp, pa ćemo videti za ostalo Evo izveštaja: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.51.2 Run by Home at 12:03:12 on 2014-02-08 Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.3545.1232 [GMT 1:00] . AV: AVG AntiVirus Free Edition 2013 Enabled/Updated {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Spybot - Search and Destroy Enabled/Outdated {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: AVG AntiVirus Free Edition 2013 Enabled/Updated {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2013\avgrsa.exe C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\AVG\AVG2013\avgemca.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uProxyServer = :0 mWinlogon: Userinit = userinit.exe BHO: Groove GFS Browser Helper: {4DB74D06-491C-440D-305E-012400990F3E} - C:\Windows\SysWOW64\d3dd10_1core.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{A2EEAB71-9E59-4F0A-A90F-D432E29D2661} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Notify: SDWinLogon - SDWinLogon.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\System32\wpdshserviceobj.dll x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\h9nfdhc8.default\ FF - prefs.js: browser.startup.homepage - www.google.rs FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Users\Home\AppData\Roaming\Mozilla\plugins\np-mswmp.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480] R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-10-23 45880] R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-10-19 283064] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-1 235520] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136] R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-1-16 3921880] R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-1-16 1042272] R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-1-16 171416] R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2013-4-1 110744] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680] S3 3xHybr64;3xHybrid service;C:\Windows\System32\drivers\3xHybr64.sys [2007-4-20 873216] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992] S3 RTL2832U_IRHID;HID Infrared Remote Receiver;C:\Windows\System32\drivers\RTL2832U_IRHID.sys [2013-5-30 44320] S3 RTL2832UBDA;REALTEK 2832U BDA Driver;C:\Windows\System32\drivers\RTL2832UBDA.sys [2013-5-30 117152] S3 RTL2832UUSB;REALTEK 2832U USB Driver;C:\Windows\System32\drivers\RTL2832UUSB.sys [2013-5-30 38944] S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 WatAdminSvc;Usluga tehnologije aktivacije operativnog sistema Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-1 1255736] SUnknown tsusbhub;tsusbhub; [x] . =============== Created Last 30 ================ . 2014-02-07 19:46:02 -------- d-----w- C:\Users\Home\AppData\Local\Babylon 2014-02-07 19:46:00 -------- d-----w- C:\Users\Home\AppData\Roaming\Babylon 2014-02-07 19:46:00 -------- d-----w- C:\ProgramData\Babylon 2014-02-07 19:44:31 79360 ----a-w- C:\Windows\SysWow64\ff_vfw.dll 2014-02-07 19:43:47 -------- d-----w- C:\Users\Home\AppData\Roaming\speedtest127 2014-02-07 19:43:32 -------- d-----w- C:\Users\Home\AppData\Roaming\PerformerSoft 2014-02-07 19:43:31 19456 ----a-w- C:\Windows\System32\roboot64.exe 2014-02-07 19:43:10 -------- d-----w- C:\Users\Home\AppData\Roaming\freegames111 2014-02-07 19:43:07 -------- d-----w- C:\Program Files (x86)\Free Games 111 2014-02-07 18:01:26 -------- d-----w- C:\AdwCleaner 2014-02-07 16:48:31 272496 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll 2014-01-16 16:25:53 21040 ----a-w- C:\Windows\System32\sdnclean64.exe 2014-01-16 16:25:48 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-01-16 16:14:54 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2014-01-15 15:50:17 266293 ----a-w- C:\Windows\SysWow64\temp.003 2014-01-15 15:49:17 266293 ----a-w- C:\Windows\SysWow64\temp.002 . ==================== Find3M ==================== . 2014-02-05 16:06:27 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-02-05 16:06:27 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-11-25 00:48:36 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys . ============= FINISH: 12:03:37,74 =============== https://www.mycity.rs/must-login.png

Profil

magna86 Poslao: 08 Feb 2014 12:28 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	1Ovo se svidja korisniku: TwinHeadedEagle Registruj se da bi pohvalio/la poruku! Pozdrav, Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: `Uninstall-List; QuickScan;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

Mare Ivanović Poslao: 08 Feb 2014 16:35 Idi na vrh
offline Mare Ivanović Ugledni građanin Marko Pridružio: 30 Maj 2013 Poruke: 425 Gde živiš: U kući	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 08 Feb 2014 12:39 Zoek.exe v5.0.0.0 Updated 07-February-2014 Tool run by Home on sub 08.02.2014 at 12:35:52,58. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Home\Downloads\zoek\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-02-06-162215.log 112 bytes ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-01-15 15:49:11 C8ABFA5C4FE5C86CCCCE685805831F7B 600 ----a-w- C:\Windows\Rtcw.INI ====== C:\Users\Home\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-02-07 19:44:31 A88218883D4693F856B016FA842CF549 79360 ----a-w- C:\Windows\SysWOW64\ff_vfw.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-02-07 19:43:31 5F9F3B0534551815C07F73C03FF84C5F 19456 ----a-w- C:\Windows\Sysnative\roboot64.exe ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2014-01-26 09:20:05 271BE4BBC4AC425FF561D0D6123B67DC 4364 ----a-w- C:\Windows\Sysnative\Tasks\Apps Hat-updater 2014-01-26 09:20:05 16EAF319F20A7A3E2432A36944B350F1 1334 ----a-w- C:\Windows\Tasks\Apps Hat-updater.job 2014-01-26 09:20:01 B0CDFCE3333A02CB3A42C5B9A83752E5 4188 ----a-w- C:\Windows\Sysnative\Tasks\Apps Hat-enabler 2014-01-26 09:20:01 371319EC99DAF5BE0B493DEE99ED8F46 1158 ----a-w- C:\Windows\Tasks\Apps Hat-enabler.job 2014-01-26 09:19:57 C97D29EAA7F8925884A206A354812E08 4316 ----a-w- C:\Windows\Sysnative\Tasks\Apps Hat-codedownloader 2014-01-26 09:19:57 6FDC86972ADC275ACFEB78D5DF293268 1286 ----a-w- C:\Windows\Tasks\Apps Hat-codedownloader.job 2014-01-26 09:19:48 A45325E604C94C0A44061436F6E555FA 5462 ----a-w- C:\Windows\Sysnative\Tasks\Apps Hat-firefoxinstaller 2014-01-26 09:19:48 74826FE3C84EF6DE1F50FC465D981FC1 2432 ----a-w- C:\Windows\Tasks\Apps Hat-firefoxinstaller.job 2014-01-26 09:19:43 EA44C2D7C79B139DFD2BA0012DEF2836 5026 ----a-w- C:\Windows\Sysnative\Tasks\Apps Hat-chromeinstaller 2014-01-26 09:19:42 306682294516C376A0F20C3107C649A9 1996 ----a-w- C:\Windows\Tasks\Apps Hat-chromeinstaller.job 2014-01-12 16:34:54 64BDF48BBE495506D60A0C5C8982A77A 5178 ----a-w- C:\Windows\Sysnative\Tasks\FTdownloader V7.0-chromeinstaller-dev 2014-01-12 16:34:53 CE95CB33419DDB0EE4843C2ACDA0A071 2148 ----a-w- C:\Windows\Tasks\FTdownloader V7.0-chromeinstaller-dev.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-02-07 19:43:07 -------- d-----w- C:\PROGRA~2\Free Games 111 2014-01-14 14:23:51 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service ======= C: ===== ====== C:\Users\Home\AppData\Roaming ====== 2014-02-07 19:46:16 -------- d-----w- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2014-02-07 19:46:02 -------- d-----w- C:\Users\Home\AppData\Local\Babylon 2014-02-07 19:46:00 -------- d-----w- C:\Users\Home\AppData\Roaming\Babylon 2014-02-07 19:43:47 -------- d-----w- C:\Users\Home\AppData\Roaming\speedtest127 2014-02-07 19:43:32 -------- d-----w- C:\Users\Home\AppData\Roaming\PerformerSoft 2014-02-07 19:43:10 -------- d-----w- C:\Users\Home\AppData\Roaming\freegames111 ====== C:\Users\Home ====== 2014-02-07 19:46:00 -------- d-----w- C:\ProgramData\Babylon 2014-02-07 19:44:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2014-02-07 19:44:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow 2014-01-16 16:14:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-01-15 15:51:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein ====== C: exe-files == 2014-02-07 19:44:30 CF3CF034CFABA8AC68B6B502A1044F59 1175371 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\unins000.exe 2014-02-07 19:43:31 5F9F3B0534551815C07F73C03FF84C5F 19456 ----a-w- C:\Windows\System32\roboot64.exe 2014-02-04 14:42:59 BA7524A2D91F895CE7502C78B6A4CBAF 732888 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.107\32.0.1700.107_32.0.1700.102_chrome_updater.exe === C: other files == 2014-02-08 11:35:51 4524C021C920B3BF616BBE37EFD8BC56 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3145937626-3286986765-835811450-1000\$I268IMK.zip 2014-02-08 11:34:49 4FB4C86CEE9DBA2C4DE271C4893BE240 4088082 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3145937626-3286986765-835811450-1000\$R268IMK.zip 2014-02-07 19:43:47 C4DC48D7253B7FF54FCCC0000C8120BA 157251 ----a-w- C:\Users\Home\AppData\Roaming\speedtest127\speedtest127.xpi 2014-02-07 19:43:13 8F2EB906B97A9A64326CADF16DADCE6E 3556953 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\de5afb6a-8637-47d2-a95c-e1ccefac356f.zip 2014-02-07 19:43:10 F8D5240253B6C113728DDECA360B7B2A 82771 ----a-w- C:\Users\Home\AppData\Roaming\freegames111\freegames111.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3145937626-3286986765-835811450-1000\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="D:\DAEMON Tools Lite\DTLite.exe -autorun" "RESTART_STICKY_NOTES"="C:\Windows\system32\StikyNot.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="D:\DAEMON Tools Lite\DTLite.exe -autorun" "RESTART_STICKY_NOTES"="C:\Windows\system32\StikyNot.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MCShield Monitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MCShield Monitor" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\MCShield\\MCShieldRTM.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WinampAgent" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Winamp\\winampa.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05.02.2014 17:06] C:\Windows\tasks\Apps Hat-chromeinstaller.job --a------ C:\Program Files (x86)\Apps Hat\Apps Hat-C:hromeinstaller.exe [] C:\Windows\tasks\Apps Hat-codedownloader.job --a------ C:\Program Files (x86)\Apps Hat\Apps Hat-C:odedownloader.exe [] C:\Windows\tasks\Apps Hat-enabler.job --a------ C:\Program Files (x86)\Apps Hat\Apps Hat-enabler.exe [] C:\Windows\tasks\Apps Hat-firefoxinstaller.job --a------ C:\Program Files (x86)\Apps Hat\Apps Hat-firefoxinstaller.exe [] C:\Windows\tasks\Apps Hat-updater.job --a------ C:\Program Files (x86)\Apps Hat\Apps Hat-updater.exe [] C:\Windows\tasks\At1.job --a------ C:\Windows\SysWOW64\logagennt.exe [] C:\Windows\tasks\FTdownloader V7.0-chromeinstaller-dev.job --a------ C:\Program Files (x86)\FTdownloader V7.0\FTdownloader V7.0-chromeinstaller.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30.09.2013 08:25] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30.09.2013 08:25] C:\Windows\tasks\schedule\Undetermined Task.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Apps Hat-chromeinstaller" [C:\Program Files (x86)\Apps Hat\Apps Hat-chromeinstaller.exe] "C:\Windows\SysNative\tasks\Apps Hat-codedownloader" [C:\Program Files (x86)\Apps Hat\Apps Hat-codedownloader.exe] "C:\Windows\SysNative\tasks\Apps Hat-enabler" [C:\Program Files (x86)\Apps Hat\Apps Hat-enabler.exe] "C:\Windows\SysNative\tasks\Apps Hat-firefoxinstaller" [C:\Program Files (x86)\Apps Hat\Apps Hat-firefoxinstaller.exe] "C:\Windows\SysNative\tasks\Apps Hat-updater" [C:\Program Files (x86)\Apps Hat\Apps Hat-updater.exe] "C:\Windows\SysNative\tasks\At1" [C:\Windows\SysWOW64\logagennt.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\FTdownloader V7.0-chromeinstaller-dev" [C:\Program Files (x86)\FTdownloader V7.0\FTdownloader V7.0-chromeinstaller.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{03931C47-A283-49B0-B3E2-10AA6C0E0338}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe"] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "57ffxtbr@MarineAquarium3Free_57.com"="C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\h9nfdhc8.default - Apps Hat - %ProfilePath%\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com - Qualys BrowserCheck - %ProfilePath%\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} - Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\h9nfdhc8.default FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash F3B0E300AFC94E1A775A2D935A7D384F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll - Shockwave for Director / Shockwave for Director 99F97C9FE748C37528C338A423577FCB - C:\Users\Home\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin ==== Chrome Look ====================== Google Wallet - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Apps Hat - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbffpbffjfiigoledmkcibcbadpbenec DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc ==== Uninstall List x64 ====================== ®Pro Evolution Soccer 2013Ż 1.4.0.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Pro Evolution Soccer 2013_is1] Adobe Flash Player 12 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin] Adobe Shockwave Player 12.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player] Ashampoo Burning Studio 2012 CBE v.11.0.4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ashampoo Burning Studio 2012 CBE_is1] AVG 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83BA166C-B593-4FFE-8AC1-4521C0217D97}] AVG 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB3AFCA5-A2BB-4F31-8FEC-0295DB7BF928}] AVG 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] DAEMON Tools Lite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Lite] GOM Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GOM Player] Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Earth [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] Java 7 Update 51 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217045FF}] Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] K-Lite Codec Pack 9.7.5 (Full) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KLiteCodecPack_is1] Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}] Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033] Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F2508213-9989-4E85-A078-72BE483917EF}] Microsoft Games for Windows Marketplace [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}] Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.PROPLUS] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{071c9b48-7c32-4621-a0ac-3f809523288f}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Minecraft1.6.4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Minecraft1.6.4] Mozilla Firefox 27.0 (x86 sr) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 27.0 (x86 sr)] Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService] PhotoScape [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PhotoScape] REALTEK DTV USB DEVICE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] Skypet 6.11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}] Spybot - Search & Destroy [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1] swMSM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}] TuneUp Utilities 2014 (en-US) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{14C8CE46-C68C-461B-BCA9-E276A85851C6}] Unlocker 1.9.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Unlocker] uTorrent [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] Visual C++ 2008 x86 Runtime - (v9.0.30729) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F333A33D-125C-32A2-8DCE-5C5D14231E27}] Visual C++ 2008 x86 Runtime - v9.0.30729.01 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01] Visual Studio 2010 x64 Redistributables [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{21B133D6-5979-47F0-BE1C-F6A6B304693F}] Winamp [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winamp] Winamp Detector Plug-in [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Detect] Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9B48B0AC-C813-4174-9042-476A887592C7}] WinRAR 5.00 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on sub 08.02.2014 at 12:38:17,87 ====================== Dopuna: 08 Feb 2014 16:35 Šta sad da radim?

Profil

magna86 Poslao: 08 Feb 2014 17:05 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo pokreni Zoek kao i malopre sto si no ovaj put preko ove skripte ... U beli okvir prozora iskopiraj sledeći tekst: `EmptyFoldersCheck;Delete EmptyCLSID; C:\Users\Home\AppData\Local\Babylon;FS C:\Users\Home\AppData\Roaming\Babylon;FS C:\ProgramData\Babylon;FS C:\Users\Home\AppData\Roaming\PerformerSoft;FS C:\Windows\Sysnative\roboot64.exe;F AutoClean; Reboot;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

Mare Ivanović Poslao: 08 Feb 2014 17:43 Idi na vrh
offline Mare Ivanović Ugledni građanin Marko Pridružio: 30 Maj 2013 Poruke: 425 Gde živiš: U kući	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3145937626-3286986765-835811450-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C45EC9F0-8333-465D-9728-074BD41985C9} deleted successfully HKEY_USERS\S-1-5-21-3145937626-3286986765-835811450-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\57ffxtbr@MarineAquarium3Free_57.com deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\h9nfdhc8.default user.js not found ---- Lines speedtestanalysis removed from prefs.js ---- user_pref("extensions.speedtestanalysis@SpeedAnalysis.com.id", "\"ab34e28b-f844-1e92-ad44-4b04649b1fa6\""); user_pref("extensions.speedtestanalysis@SpeedAnalysis.com.mzID", "69"); ---- Lines a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559 removed from prefs.js ---- user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.active", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.addressbar", "NA"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.addressbarenhanced", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb.was_copied", "true"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb_dbWasSet", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb_dbWasSet_FF25_FIX", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb.was_copied", "true"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb_dbWasSet", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb_dbWasSet_FF25_FIX", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.backgroundver", 16); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.certdomaininstaller", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.changeprevious", false); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallationTime.expiration", "Fri Feb 01 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallationTime.value", "%221390727980%2 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallerParams.expiration", "Fri Feb 01 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallerParams.value", "%7B%22source_id% user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.description", "Apps Hat is the cool new Android user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.domain", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.enablesearch", false); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.homepage", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.iframe", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.InstallationThankYouPage", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.InstallationTime", 1390727980); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.__defualt_browser__.expiration", "Fri user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.__defualt_browser__.value", "%22ff%22 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.installer.expiration", "Fri Feb 01 20 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.installer.value", "%7B%22InstallerIde user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerIdentifiers.expiration", "Fr user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerIdentifiers.value", "%7B%22i user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParams.expiration", "Fri Feb user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParams.value", "%7B%22source user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParamsCache.expiration", "Fr user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParamsCache.value", "%7B%22s user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerUserIdentifiersCache.expirat user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerUserIdentifiersCache.value", user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_last_executable_r user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_last_executable_r user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_appVer.expiration", "Fri Fe user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_appVer.value", "30"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_lastVersion.expiration", "F user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_lastVersion.value", "5"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_meta.expiration", "Fri Feb user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_nextCheck.expiration", "Sun user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_nextCheck.value", "true"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_queue.expiration", "Fri Feb user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_queue.value", "%7B%7D"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.expiration" user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.value", "%2 user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.lastDailyReport", "1390728077038"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.lastUpdate", "1390728074510"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.manifesturl", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.name", "Apps Hat"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.newtab", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.opensearch", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plu user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.pluginsversion", 7); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.publisher", "Nero"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.searchstatus", 0); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.setnewtab", false); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.thankyou", ""); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.updateinterval", 360); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.ver", 30); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.apps", "48559"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.bic", "143cdda52d52485ccadc5617708a7c56"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.cid", 48559); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.firstrun", false); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.hadappinstalled", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.installationdate", 1390728074); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.modetype", "production"); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.reportInstall", true); user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.statsDailyCounter", 1); ---- FireFox user.js and prefs.js backups ---- prefs_08.02.2014_1731_.backup ==== Deleting Files \ Folders ====================== C:\ProgramData\Babylon not found C:\Users\Home\AppData\Roaming\PerformerSoft not found C:\Users\Home\AppData\Local\Babylon deleted C:\Users\Home\AppData\Roaming\Babylon deleted C:\Users\Home\AppData\Roaming\freegames111 deleted C:\Users\Home\AppData\Roaming\speedtest127 deleted C:\Users\Home\AppData\Roaming\SpeedTestAnalysis deleted C:\Users\Home\AppData\Local\cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSafe savvee deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ssaFe! save deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSearchh-NeWWTab deleted C:\Windows\SysNative\roboot64.exe deleted C:\Windows\wininit.ini deleted C:\windows\SysNative\Tasks\FTdownloader V7.0-chromeinstaller-dev deleted C:\Windows\Tasks\FTdownloader V7.0-chromeinstaller-dev.job deleted C:\Windows\tasks\At1.job deleted C:\Windows\tasks\Apps Hat-chromeinstaller.job deleted C:\Windows\tasks\Apps Hat-codedownloader.job deleted C:\Windows\tasks\Apps Hat-enabler.job deleted C:\Windows\tasks\Apps Hat-firefoxinstaller.job deleted C:\Windows\tasks\Apps Hat-updater.job deleted C:\windows\SysNative\tasks\Apps Hat-chromeinstaller deleted C:\windows\SysNative\tasks\Apps Hat-codedownloader deleted C:\windows\SysNative\tasks\Apps Hat-enabler deleted C:\windows\SysNative\tasks\Apps Hat-firefoxinstaller deleted C:\windows\SysNative\tasks\Apps Hat-updater deleted C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\h9nfdhc8.default\searchplugins\improvedsearch.xml deleted C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\h9nfdhc8.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\h9nfdhc8.default - Qualys BrowserCheck - %ProfilePath%\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} - Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\h9nfdhc8.default FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash F3B0E300AFC94E1A775A2D935A7D384F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll - Shockwave for Director / Shockwave for Director 99F97C9FE748C37528C338A423577FCB - C:\Users\Home\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin ==== Chrome Look ====================== Apps Hat - Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbffpbffjfiigoledmkcibcbadpbenec DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc ==== Chrome Fix ====================== C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbffpbffjfiigoledmkcibcbadpbenec deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{22B88B49-09B0-E37D-FA0E-44986DE9C648} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A64357B-C510-4E89-029B-CCEC8B6BB5DC} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{669A8809-FB12-1090-3835-A906FFED2FEE} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A8F7757E-9204-51E1-1DE1-AD4698B64B98} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCShield Monitor deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Home\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Home\AppData\Local\Mozilla\Firefox\Profiles\h9nfdhc8.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=239 folders=61 3521210 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Home\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot

Profil

magna86 Poslao: 08 Feb 2014 18:37 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok Marko, sistem bi vec sad posle Zoek-a trebao da ti radi mnogo bolje i stabilnije. Idemo sad na dodatnu proveru na nekom drugom nivou. Ovaj put koristicemo ComboFix. Kada CF zavrsi rad, dostavi mi njegov logfile i reci mi kako ti sad radi racunar. Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku; Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata; Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata; Ako nakon restarta dobijaš grešku prilikom startovanja pojedinih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to ce rešiti problem. Reci mi, ima li poboljsanja?

Profil

Mare Ivanović Poslao: 08 Feb 2014 19:47 Idi na vrh
offline Mare Ivanović Ugledni građanin Marko Pridružio: 30 Maj 2013 Poruke: 425 Gde živiš: U kući	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 08 Feb 2014 19:09 Evo počeo sam da radim, i prošlo je oko 30 minuta, a ono i dalje skenira. Nisam imao strpljenja više, pa sam došao da te obavestim, i ako može nešto da se uradi da završi to brže? :/ Dopuna: 08 Feb 2014 19:19 Evo po drugi put je uspelo: ComboFix 14-02-05.02 - Home 08.02.2014 19:12:05.2.2 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.3545.2320 [GMT 1:00] Running from: c:\users\Home\Desktop\ComboFix.exe AV: AVG AntiVirus Free Edition 2013 Enabled/Updated {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: AVG AntiVirus Free Edition 2013 Enabled/Updated {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Spybot - Search and Destroy Enabled/Updated {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . c:\windows\SysWOW64\d3DD10_1core.dll D:\Uninstall.exe D:\WinRAR.exe . . ((((((((((((((((((((((((( Files Created from 2014-01-08 to 2014-02-08 ))))))))))))))))))))))))))))))) . . 2014-02-08 18:15 . 2014-02-08 18:15 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-02-08 16:40 . 2014-02-08 16:40 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS 2014-02-08 16:40 . 2014-02-08 16:40 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS 2014-02-08 16:40 . 2014-02-08 16:40 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS 2014-02-08 16:40 . 2014-02-08 16:40 20719 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS 2014-02-08 16:34 . 2014-02-08 18:15 -------- d-----w- c:\users\Home\AppData\Local\Temp 2014-02-08 16:30 . 2014-02-08 16:34 -------- d-----w- C:\zoek 2014-02-07 19:44 . 2012-04-08 23:40 79360 ----a-w- c:\windows\SysWow64\ff_vfw.dll 2014-02-07 19:43 . 2014-02-07 19:43 -------- d-----w- c:\program files (x86)\Free Games 111 2014-02-07 16:48 . 2014-01-28 06:55 272496 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll 2014-01-16 16:25 . 2013-09-20 09:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe 2014-01-16 16:25 . 2014-02-08 16:34 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2 2014-01-16 16:14 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2014-01-15 15:50 . 2001-06-19 16:53 266293 ----a-w- c:\windows\SysWow64\temp.003 2014-01-15 15:49 . 2001-06-19 16:53 266293 ----a-w- c:\windows\SysWow64\temp.002 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-02-05 16:06 . 2013-04-01 15:00 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-02-05 16:06 . 2013-04-01 15:00 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-11-25 00:48 . 2013-11-25 00:48 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="d:\daemon tools lite\DTLite.exe" [2013-08-01 3673696] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-11-20 4411952] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 3xHybr64;3xHybrid service;c:\windows\system32\DRIVERS\3xHybr64.sys;c:\windows\SYSNATIVE\DRIVERS\3xHybr64.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys;c:\windows\SYSNATIVE\DRIVERS\RTL2832U_IRHID.sys [x] R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys;c:\windows\SYSNATIVE\drivers\RTL2832UBDA.sys [x] R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys;c:\windows\SYSNATIVE\Drivers\RTL2832UUSB.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;tsusbhub [x] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x] S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x] S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x] S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x] S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-02-04 14:43 1211720 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2014-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-01 16:06] . 2014-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-30 07:25] . 2014-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-30 07:25] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-10-29 6843024] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\h9nfdhc8.default\ FF - prefs.js: browser.startup.homepage - www.google.rs FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . BHO-{4DB74D06-491C-440D-305E-012400990F3E} - (no file) Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe Notify-SDWinLogon - SDWinLogon.dll . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2014-02-08 19:17:35 ComboFix-quarantined-files.txt 2014-02-08 18:17 . Pre-Run: 39.634.612.224 bytes free Post-Run: 39.506.444.288 bytes free . - - End Of File - - 603474B88923F66E569284879A462247 A36C5E4F47E84449FF07ED3517B43A31 Dopuna: 08 Feb 2014 19:47 Je l' treba još nešto?

Profil

magna86 Poslao: 08 Feb 2014 21:31 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Marko Ivanović 2 ::Nisam imao strpljenja više, pa sam došao da te obavestim, i ako može nešto da se uradi da završi to brže? :/ Da l' to znaci da bi i ja sledeci put s' tobom trebao imati manje strpljenja? Knp. pre pokretanja CF, AV real time zastita nije bila iskljucena, zoek nije pokrenut sa Desktop-a kao sto se navodi, pa zaglavlje drugog zoek loga je izostavljena ... Btw, ne moze brze, CF mora da izvrsi sve svoje staze ... Marko Ivanović 2 :: Je l' treba još nešto? Samo jos da mi odgovoris na pitanja. magna86 ::Ok Marko, sistem bi vec sad posle Zoek-a trebao da ti radi mnogo bolje i stabilnije. Idemo sad na dodatnu proveru na nekom drugom nivou. Ovaj put koristicemo ComboFix. Kada CF zavrsi rad, dostavi mi njegov logfile i reci mi kako ti sad radi racunar. [ . . . ] Reci mi, ima li poboljsanja?

Profil

Mare Ivanović Poslao: 08 Feb 2014 21:57 Idi na vrh
offline Mare Ivanović Ugledni građanin Marko Pridružio: 30 Maj 2013 Poruke: 425 Gde živiš: U kući	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mhhhm, da, pogrešio sam dok sam radio sa zoek, tek sad vidim, komp je u boljem stanju, brži je. Hvala na pomoći!

Profil

magna86 Poslao: 08 Feb 2014 22:04 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Znaci nemas vise problema? Ako je tako ... vreme je da uklonimo nase alata. • Sledeća procedura će implementirati završno čišćenje. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Proveravanje kompjutera

Ko je trenutno na forumu

Ukupno su 793 korisnika na forumu :: 18 registrovanih, 1 sakriven i 774 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: darkangel, goxin, havoc995, ILGromovnik, ivica976, KOV, Krvava Devetka, Kubovac, ljubacv, mikrimaus, milenko crazy north, RJ, royst33, sabros, saputnik plavetnila, strela, wizzardone, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by