MyCity » Ambulanta -> Arhiva Ambulante » Provjera kompjutera od virus-a ako moze ?

Provjera kompjutera od virus-a ako moze ?

Napisano na dan: 22.9.2013

Strana:
1
2

Provjera kompjutera od virus-a ako moze ?

Pagination

Prethodna strana

Odgovori

Strana:
1
2

neco1993 Poslao: 23 Sep 2013 15:55 Idi na vrh
offline neco1993 Novi MyCity građanin Pridružio: 05 Dec 2012 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 23 Sep 2013 14:10 ComboFix 13-09-22.01 - Mr GooD 23.09.2013 13:55:47.2.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.3072.1512 [GMT 2:00] Running from: c:\users\Mr GooD\Desktop\ComboFix.exe Command switches used :: c:\users\Mr GooD\Desktop\CFScript.txt SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Common Files\Spigot c:\program files\Common Files\Spigot\GC\ErrorHelper_1.3.crx . . ((((((((((((((((((((((((( Files Created from 2013-08-23 to 2013-09-23 ))))))))))))))))))))))))))))))) . . 2013-09-23 12:02 . 2013-09-23 12:02 -------- d-----w- c:\users\Mr GooD\AppData\Local\temp 2013-09-23 12:02 . 2013-09-23 12:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-09-23 01:37 . 2013-09-23 02:30 -------- d-----w- c:\users\Mr GooD\AppData\Roaming\Airytec 2013-09-23 01:37 . 2013-09-23 02:30 -------- d-----w- c:\program files\Airytec 2013-09-22 20:41 . 2013-09-22 20:41 -------- d-----w- C:\TDSSKiller_Quarantine 2013-09-22 13:48 . 2013-09-22 13:48 -------- d-----w- c:\programdata\NexonEU 2013-09-22 13:10 . 2013-09-22 13:10 -------- d-----w- c:\programdata\NexonUS 2013-09-20 19:46 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-09-20 11:21 . 2013-09-15 22:50 7328304 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FD16A56-23CD-4754-8499-E43AECAFA307}\mpengine.dll 2013-09-11 11:52 . 2013-09-11 11:52 -------- d-----w- c:\users\Mr GooD\AppData\Roaming\.mono 2013-09-07 16:05 . 2013-09-07 16:07 -------- d-----w- c:\program files\Google 2013-09-02 22:27 . 2013-09-04 18:15 -------- d-----w- c:\users\Mr GooD\AppData\Roaming\Awesomium 2013-09-01 10:19 . 2013-09-01 10:54 283032 ----a-w- c:\windows\system32\PnkBstrB.xtr 2013-09-01 10:19 . 2013-09-01 10:19 -------- d-----w- c:\users\Mr GooD\AppData\Local\PunkBuster 2013-09-01 10:02 . 2013-09-01 10:02 138056 ----a-w- c:\users\Mr GooD\AppData\Roaming\PnkBstrK.sys 2013-08-31 17:51 . 2013-08-31 17:51 -------- d-----w- c:\programdata\PWD 2013-08-30 22:26 . 2013-08-30 22:26 -------- d-----w- c:\program files\Common Files\Steam . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-09-22 20:45 . 2009-07-13 23:11 21584 ----a-w- c:\windows\system32\drivers\atapi.sys 2013-09-11 12:55 . 2012-12-09 21:12 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-09-11 12:55 . 2012-12-09 21:12 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-09-01 10:31 . 2012-12-29 07:22 283032 ----a-w- c:\windows\system32\PnkBstrB.ex0 2013-08-07 02:22 . 2012-12-09 17:53 238872 ------w- c:\windows\system32\MpSigStub.exe . . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . . --- c:\windows\system32\drivers\atapi.sys --- Company: Microsoft Corporation File Description: ATAPI IDE Miniport Driver File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: atapi.sys File size: 21584 Created time: 2009-07-13 23:11 Modified time: 2013-09-22 20:45 MD5: 338C86357871C167A96AB976519BF59E SHA1: E99E20970139FB1E67BBC54FA8A61C18A4FCE36E . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "DAEMON Tools Lite"="d:\program files\Programi\deamon tols\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640] "CCleaner"="d:\program files\cclener\ccleaner.exe" [2013-08-21 3676952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk * . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2013-03-14 08:23 3672640 ----a-w- d:\program files\Programi\deamon tols\DAEMON Tools Lite\DTLite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 14:40 155648 ----a-w- c:\windows\System32\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] 2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2013-06-21 08:18 19875944 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2013-03-12 05:32 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . R2 gupdate1ceabe4a758859;Google Update Service (gupdate1ceabe4a758859);c:\program files\Google\Update\GoogleUpdate.exe [2013-09-07 116648] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408] R3 gupdatem1ceabe4b15048c;Google Update Service (gupdatem1ceabe4b15048c);c:\program files\Google\Update\GoogleUpdate.exe [2013-09-07 116648] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-14 242240] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-08 176128] S2 MBAMScheduler;MBAMScheduler;d:\program files\Programi\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] S2 MBAMService;MBAMService;d:\program files\Programi\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] S2 TeamViewer8;TeamViewer 8;d:\program files\Programi\Version8\TeamViewer_Service.exe [2013-09-12 5071712] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776] . . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-09-19 22:13 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-09 12:55] . 2013-09-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1650746548-3130309986-2507687739-1000Core.job - c:\users\Mr GooD\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-30 14:17] . 2013-09-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1650746548-3130309986-2507687739-1000UA.job - c:\users\Mr GooD\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-30 14:17] . 2013-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-09-07 16:05] . 2013-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-09-07 16:05] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uDefault_Search_URL = [Link mogu videti samo ulogovani korisnici] uInternet Settings,ProxyOverride = <local> uSearchAssistant = [Link mogu videti samo ulogovani korisnici] uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] TCP: DhcpNameServer = 192.168.0.2 FF - ProfilePath - c:\users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\ . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-09-23 14:06:28 ComboFix-quarantined-files.txt 2013-09-23 12:06 ComboFix2.txt 2013-09-22 21:15 . Pre-Run: 11.090.817.024 bytes free Post-Run: 10.911.490.048 bytes free . - - End Of File - - 335AA5EE50D85A9806FFA896D74FB28C A36C5E4F47E84449FF07ED3517B43A31 Dopuna: 23 Sep 2013 15:55 brt ti odg. i ne zakljucavajte temu necu biti tu par dana ... pa cemo nastaviti ako moze ? :=) hvala <3

Profil

TwinHeadedEagle Poslao: 23 Sep 2013 21:08 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok, nema problema Stanje izgleda ok, ali da odradimo jos jednu kratkotrajnu proveru da budemo sigurni da je sve u redu. Preuzmi Farbar Recovery Scan Tool i sacuvaj ga na Desktop Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom. Tvoj Windows je 32bitna verzija. Dvoklikom pokreni FRST; Kada se alat startuje, klikni Yes na disclaimer. Klikni na dugme Scan; Alat ce kreirati izvestaj (FRST.txt) u isti direktorijum gde je i FRST.exe sacuvan. Iskopiraj sadrzaj tog loga u poruku. Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvestaj (Addition.txt). Taj izvestaj okaci u poruku koristeci opciju "Prikaci file".

Profil

neco1993 Poslao: 25 Sep 2013 10:29 Idi na vrh
offline neco1993 Novi MyCity građanin Pridružio: 05 Dec 2012 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 25 Sep 2013 10:29 Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2013 Ran by Mr GooD (administrator) on NECO-PC on 25-09-2013 10:16:30 Running from D:\Downloads Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Malwarebytes Corporation) D:\Program files\Programi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) D:\Program files\Programi\Malwarebytes' Anti-Malware\mbamservice.exe (Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Malwarebytes Corporation) D:\Program files\Programi\Malwarebytes' Anti-Malware\mbamgui.exe (TeamViewer GmbH) D:\Program files\Programi\Version8\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKCU\...\Run: [DAEMON Tools Lite] - D:\Program files\Programi\deamon tols\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKCU\...\Run: [CCleaner] - D:\Program files\cclener\ccleaner.exe [3676952 2013-08-21] (Piriform Ltd) BootExecute: autocheck autochk * ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA3894739CEF8CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-Latn-ME SearchScopes: HKCU - DefaultScope {24F1D864-576E-4A2A-9B7F-EF498925700E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&affID=119776&tt=120613_ndc&babsrc=SP_ss&mntrId=3E25001FD001F30A SearchScopes: HKCU - {24F1D864-576E-4A2A-9B7F-EF498925700E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Link mogu videti samo ulogovani korisnici]{sear SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&loc=IB_DS&a=6PQWOGodBX&i=26 SearchScopes: HKCU - {E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program files\Programi\JAVA\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program files\Programi\JAVA\bin\jp2ssv.dll (Oracle Corporation) DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.2 FireFox: ======== FF ProfilePath: C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default FF user.js: detected! => C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\user.js FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - D:\Program files\Programi\JAVA\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon) FF Plugin: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Mr GooD\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Mr GooD\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\babylon.xml FF SearchPlugin: C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml FF Extension: torntv2 - C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF StartMenuInternet: FIREFOX.EXE - D:\Program files\Programi\mozila\firefox.exe Chrome: ======= CHR RestoreOnStartup: "hxxp://www.google.rs/" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Mr GooD\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U25) - D:\Program files\Programi\JAVA\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Extension: (Google Docs) - C:\Users\MRGOOD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\MRGOOD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (Video DL Extension) - C:\Users\MRGOOD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bccffeekghipibbonegajpcandhapegl\5.5.2_0 CHR Extension: (YouTube) - C:\Users\MRGOOD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\MRGOOD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (AdBlock) - C:\Users\MRGOOD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\MRGOOD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\MRGOOD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM\...\Chrome\Extension: [oemdgpalcpaincbfbabgcemjmgdkibho] - C:\Program Files\Common Files\Spigot\GC\ErrorHelper_1.3.crx ========================== Services (Whitelisted) ================= S2 gupdate1ceabe4a758859; C:\Program Files\Google\Update\GoogleUpdate.exe [116648 2013-09-07] (Google Inc.) S3 gupdatem1ceabe4b15048c; C:\Program Files\Google\Update\GoogleUpdate.exe [116648 2013-09-07] (Google Inc.) R2 MBAMScheduler; D:\Program files\Programi\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; D:\Program files\Programi\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 TeamViewer8; D:\Program files\Programi\Version8\TeamViewer_Service.exe [5071712 2013-09-12] (TeamViewer GmbH) ==================== Drivers (Whitelisted) ==================== R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-06-15] (DT Soft Ltd) S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-14] (VIA Technologies, Inc. ) S3 gdrv; C:\Windows\gdrv.sys [16608 2012-12-09] (Windows (R) 2000 DDK provider) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) R2 SecDrv; C:\Windows\system32\drivers\SECDRV.SYS [11376 2002-10-08] () S3 catchme; \??\C:\Users\MRGOOD~1\AppData\Local\Temp\catchme.sys [x] S3 ProcObsrv; \??\D:\Program files\Glary Utilities 3\ProcObsrv.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-25 10:16 - 2013-09-25 10:16 - 00000000 ____D C:\FRST 2013-09-24 22:24 - 2013-09-25 03:24 - 00016306 _____ C:\Windows\WindowsUpdate.log 2013-09-23 16:47 - 2013-09-23 16:47 - 00000841 _____ C:\Users\Mr GooD\Desktop\CS 1.6 FULL v42.lnk 2013-09-23 13:53 - 2013-09-22 23:06 - 05129542 ____R (Swearware) C:\Users\Mr GooD\Desktop\ComboFix.exe 2013-09-23 03:37 - 2013-09-23 04:30 - 00000000 ____D C:\Users\Mr GooD\AppData\Roaming\Airytec 2013-09-23 03:37 - 2013-09-23 04:30 - 00000000 ____D C:\Program Files\Airytec 2013-09-22 23:07 - 2013-09-23 14:06 - 00000000 ____D C:\Qoobox 2013-09-22 23:07 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2013-09-22 23:07 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2013-09-22 23:07 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-09-22 23:07 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-09-22 23:07 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-09-22 23:07 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2013-09-22 23:07 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2013-09-22 23:07 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2013-09-22 23:06 - 2013-09-22 23:14 - 00000000 ____D C:\Windows\erdnt 2013-09-22 22:41 - 2013-09-22 22:41 - 00000000 ____D C:\TDSSKiller_Quarantine 2013-09-22 15:48 - 2013-09-22 15:48 - 00000000 ____D C:\ProgramData\NexonEU 2013-09-22 15:10 - 2013-09-22 15:10 - 00000000 ____D C:\ProgramData\NexonUS 2013-09-20 21:46 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-20 19:41 - 2013-09-20 19:41 - 00000020 ___SH C:\Users\Mr GooD\ntuser.ini 2013-09-16 23:31 - 2013-09-16 23:31 - 00000800 _____ C:\Users\Mr GooD\Desktop\DeadZone.lnk 2013-09-16 23:31 - 2013-09-16 23:31 - 00000000 ____D C:\Users\Mr GooD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MADFINGER Games 2013-09-11 13:52 - 2013-09-11 13:52 - 00000000 ____D C:\Users\Mr GooD\AppData\Roaming\.mono 2013-09-07 18:07 - 2013-09-20 00:18 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-07 18:05 - 2013-09-07 18:07 - 00000000 ____D C:\Program Files\Google 2013-09-03 00:27 - 2013-09-04 20:15 - 00000000 ____D C:\Users\Mr GooD\AppData\Roaming\Awesomium 2013-09-01 12:42 - 2013-09-01 12:42 - 00000000 ____D C:\Users\Mr GooD\Documents\WB Games 2013-09-01 12:19 - 2013-09-01 12:54 - 00283032 _____ C:\Windows\system32\PnkBstrB.xtr 2013-09-01 12:19 - 2013-09-01 12:19 - 00000000 ____D C:\Users\Mr GooD\AppData\Local\PunkBuster 2013-09-01 12:02 - 2013-09-01 12:02 - 00138056 _____ C:\Users\Mr GooD\AppData\Roaming\PnkBstrK.sys 2013-08-31 19:51 - 2013-08-31 19:51 - 00000000 ____D C:\ProgramData\PWD 2013-08-31 00:26 - 2013-08-31 00:26 - 00000000 ____D C:\Program Files\Common Files\Steam 2013-08-30 21:02 - 2013-09-03 00:26 - 00000000 ____D C:\Users\Mr GooD\Documents\My Games ==================== One Month Modified Files and Folders ======= 2013-09-25 10:16 - 2013-09-25 10:16 - 00000000 ____D C:\FRST 2013-09-25 10:10 - 2013-04-01 11:20 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-25 09:55 - 2012-12-09 23:12 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-25 07:22 - 2013-06-30 16:17 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1650746548-3130309986-2507687739-1000UA.job 2013-09-25 03:24 - 2013-09-24 22:24 - 00016306 _____ C:\Windows\WindowsUpdate.log 2013-09-24 22:29 - 2009-07-14 06:34 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-24 22:29 - 2009-07-14 06:34 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-24 22:27 - 2012-12-09 19:28 - 00778150 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-24 22:22 - 2013-04-01 11:20 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-24 22:22 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-24 16:22 - 2013-06-30 16:17 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1650746548-3130309986-2507687739-1000Core.job 2013-09-23 18:00 - 2013-04-03 18:58 - 00000000 ____D C:\Users\Mr GooD\AppData\Roaming\Winamp 2013-09-23 18:00 - 2013-04-01 11:31 - 00000000 ____D C:\Users\Mr GooD\AppData\Roaming\BitTorrent 2013-09-23 17:57 - 2012-12-09 19:45 - 00000000 ____D C:\Users\Mr GooD\AppData\Roaming\Skype 2013-09-23 16:47 - 2013-09-23 16:47 - 00000841 _____ C:\Users\Mr GooD\Desktop\CS 1.6 FULL v42.lnk 2013-09-23 14:06 - 2013-09-22 23:07 - 00000000 ____D C:\Qoobox 2013-09-23 14:02 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini 2013-09-23 04:30 - 2013-09-23 03:37 - 00000000 ____D C:\Users\Mr GooD\AppData\Roaming\Airytec 2013-09-23 04:30 - 2013-09-23 03:37 - 00000000 ____D C:\Program Files\Airytec 2013-09-23 01:36 - 2013-01-21 17:10 - 00002052 _____ C:\Windows\epplauncher.mif 2013-09-22 23:15 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default 2013-09-22 23:15 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public 2013-09-22 23:14 - 2013-09-22 23:06 - 00000000 ____D C:\Windows\erdnt 2013-09-22 23:06 - 2013-09-23 13:53 - 05129542 ____R (Swearware) C:\Users\Mr GooD\Desktop\ComboFix.exe 2013-09-22 22:45 - 2009-07-14 01:11 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys 2013-09-22 22:41 - 2013-09-22 22:41 - 00000000 ____D C:\TDSSKiller_Quarantine 2013-09-22 15:48 - 2013-09-22 15:48 - 00000000 ____D C:\ProgramData\NexonEU 2013-09-22 15:10 - 2013-09-22 15:10 - 00000000 ____D C:\ProgramData\NexonUS 2013-09-21 19:28 - 2013-02-16 14:41 - 00000000 ____D C:\Users\Mr GooD\AppData\Local\Deployment 2013-09-20 19:41 - 2013-09-20 19:41 - 00000020 ___SH C:\Users\Mr GooD\ntuser.ini 2013-09-20 19:41 - 2012-12-09 19:22 - 00000000 ____D C:\Users\Mr GooD 2013-09-20 19:24 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp 2013-09-20 19:23 - 2013-07-03 02:19 - 00000000 ____D C:\ProgramData\ESET 2013-09-20 19:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration 2013-09-20 01:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\security 2013-09-20 00:18 - 2013-09-07 18:07 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-16 23:31 - 2013-09-16 23:31 - 00000800 _____ C:\Users\Mr GooD\Desktop\DeadZone.lnk 2013-09-16 23:31 - 2013-09-16 23:31 - 00000000 ____D C:\Users\Mr GooD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MADFINGER Games 2013-09-11 14:55 - 2012-12-09 23:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-09-11 14:55 - 2012-12-09 23:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-09-11 13:52 - 2013-09-11 13:52 - 00000000 ____D C:\Users\Mr GooD\AppData\Roaming\.mono 2013-09-11 13:50 - 2013-01-07 09:55 - 00000000 ____D C:\Users\Mr GooD\AppData\Local\Unity 2013-09-07 18:07 - 2013-09-07 18:05 - 00000000 ____D C:\Program Files\Google 2013-09-07 18:07 - 2012-12-09 19:40 - 00000000 ____D C:\Users\Mr GooD\AppData\Local\Google 2013-09-06 17:12 - 2012-12-09 20:05 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-09-04 20:15 - 2013-09-03 00:27 - 00000000 ____D C:\Users\Mr GooD\AppData\Roaming\Awesomium 2013-09-03 00:26 - 2013-08-30 21:02 - 00000000 ____D C:\Users\Mr GooD\Documents\My Games 2013-09-03 00:26 - 2012-12-31 19:29 - 00000000 ____D C:\Windows\system32\directx 2013-09-02 23:34 - 2013-01-25 16:19 - 00000000 ____D C:\Users\Mr GooD\AppData\Roaming\DAEMON Tools Lite 2013-09-01 12:54 - 2013-09-01 12:19 - 00283032 _____ C:\Windows\system32\PnkBstrB.xtr 2013-09-01 12:42 - 2013-09-01 12:42 - 00000000 ____D C:\Users\Mr GooD\Documents\WB Games 2013-09-01 12:31 - 2012-12-29 09:22 - 00283032 _____ C:\Windows\system32\PnkBstrB.ex0 2013-09-01 12:19 - 2013-09-01 12:19 - 00000000 ____D C:\Users\Mr GooD\AppData\Local\PunkBuster 2013-09-01 12:13 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET 2013-09-01 12:02 - 2013-09-01 12:02 - 00138056 _____ C:\Users\Mr GooD\AppData\Roaming\PnkBstrK.sys 2013-08-31 19:51 - 2013-08-31 19:51 - 00000000 ____D C:\ProgramData\PWD 2013-08-31 00:26 - 2013-08-31 00:26 - 00000000 ____D C:\Program Files\Common Files\Steam 2013-08-30 21:00 - 2013-06-24 14:29 - 00000000 ____D C:\Users\Mr GooD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-22 04:14 ==================== End Of Log ============================ Dopuna: 25 Sep 2013 10:29 Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-09-2013 Ran by Mr GooD at 2013-09-25 10:17:35 Running from D:\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Flash Player 11 Plugin (Version: 11.8.800.168) Adobe Shockwave Player 12.0 (Version: 12.0.2.122) Ashampoo Burning Studio 6 FREE v.6.83 (Version: 6.8.3) BitTorrent (Version: 7.8.0.29626) CCleaner (Version: 4.05) Corel Graphics - Windows Shell Extension (Version: 15.0.0.487) Corel Graphics - Windows Shell Extension (Version: 15.0.487) CorelDRAW Graphics Suite X5 - Capture (Version: 15.0) CorelDRAW Graphics Suite X5 - Common (Version: 15.0) CorelDRAW Graphics Suite X5 - Connect (Version: 15.0) CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.0) CorelDRAW Graphics Suite X5 - Draw (Version: 15.0) CorelDRAW Graphics Suite X5 - EN (Version: 15.0) CorelDRAW Graphics Suite X5 - Filters (Version: 15.0) CorelDRAW Graphics Suite X5 - FontNav (Version: 15.0) CorelDRAW Graphics Suite X5 - IPM (Version: 15.0) CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.0) CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.0) CorelDRAW Graphics Suite X5 - Redist (Version: 15.0) CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.0) CorelDRAW Graphics Suite X5 - VBA (Version: 15.0) CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.0) CorelDRAW Graphics Suite X5 - VSTA (Version: 15.0) CorelDRAW Graphics Suite X5 - WT (Version: 15.0) CorelDRAW Graphics Suite X5 (Version: 15.0) CorelDRAW(R) Graphics Suite X5 (Version: 15.0.0.486) Counter Strike 1.6 FULL v42 DAEMON Tools Lite (Version: 4.47.1.0333) Facebook Video Calling 1.2.0.287 (Version: 1.2.287) GOM Player (Version: 2.1.50.5145) Google Chrome (Version: 29.0.1547.76) Google Earth Plug-in (Version: 7.1.1.1888) Google Update Helper (Version: 1.3.21.153) iLivid (Version: 4.0.0.3054) Java 7 Update 25 (Version: 7.0.250) Java Auto Updater (Version: 2.1.9.5) K-Lite Mega Codec Pack 6.5.0 (Version: 6.5.0) Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.30729) Microsoft Visual Studio Tools for Applications 2.0 Runtime (Version: 9.0.30729) Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MSXML4 Parser (Version: 1.0.0) neroxml (Version: 1.0.0) Shadowgun: DeadZone (Version: 2.0.1) Skype™ 6.6 (Version: 6.6.106) swMSM (Version: 12.0.0.1) TeamViewer 8 (Version: 8.0.20935) Unity Web Player (HKCU Version: ) Visual Basic for Applications (R) Core - English (Version: 6.4.99.69) Visual Basic for Applications (R) Core (Version: 6.4.99.69) Winamp (Version: 5.63 ) WinRAR 4.00 (32-bit) (Version: 4.00.0) ==================== Restore Points ========================= 25-09-2013 01:24:36 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:04 - 2013-09-23 14:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {3F7376F5-F9C3-4B96-9C08-6F98C193AF1E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated) Task: {4A89C83C-99EE-411C-9CEE-9C0F4446CF14} - System32\Tasks\GoforFilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe Task: {5F90D263-6AD8-4048-BE74-C77749BA3061} - System32\Tasks\{07916E01-7BB9-4373-A7B7-7564A13094C5} => C:\Program Files\Skype\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.) Task: {60D1568C-4CF3-45AF-942D-6F9A83F0AE80} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1650746548-3130309986-2507687739-1000UA => C:\Users\Mr GooD\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-30] (Facebook Inc.) Task: {871E385E-3999-4B31-8960-00968BD865DC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1650746548-3130309986-2507687739-1000Core => C:\Users\Mr GooD\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-30] (Facebook Inc.) Task: {AE79441D-FC8C-4166-A57D-4591305ADB36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-07] (Google Inc.) Task: {B3036319-3A89-46BE-94AB-B6E798399007} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-07] (Google Inc.) Task: {B406C272-F15F-4CEE-A31F-B11DE892ACE3} - System32\Tasks\CCleanerSkipUAC => D:\Program files\cclener\CCleaner.exe [2013-08-21] (Piriform Ltd) Task: {E1AA8300-25A6-4100-8EC9-176C648E0711} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1650746548-3130309986-2507687739-1000Core.job => C:\Users\Mr GooD\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1650746548-3130309986-2507687739-1000UA.job => C:\Users\Mr GooD\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-20 00:18 - 2013-09-17 05:20 - 00709584 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.76\libglesv2.dll 2013-09-20 00:18 - 2013-09-17 05:20 - 00099792 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.76\libegl.dll 2013-09-20 00:18 - 2013-09-17 05:21 - 04053456 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll 2013-09-20 00:18 - 2013-09-17 05:21 - 00410576 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll 2013-09-20 00:18 - 2013-09-17 05:20 - 01604560 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= Name: D-Link DFE-530TX PCI Fast Ethernet Adapter (rev.A) Description: D-Link DFE-530TX PCI Fast Ethernet Adapter (rev.A) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: D-Link Service: FETNDIS Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (09/23/2013 03:56:33 AM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {e089145f-c9dd-4dc5-b6dc-0b9f6982cda0} Error: (09/23/2013 01:36:23 AM) (Source: Microsoft Security Client Setup) (User: NECO-PC) Description: HRESULT:0x8004FF0A Description:Microsoft Security Essentials installation was canceled. You canceled the Security Essentials installation on your computer. Error code:0x8004FF0A. Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service) (User: ) Description: The index cannot be initialized. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service) (User: ) Description: The application cannot be initialized. Context: Windows Application Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service) (User: ) Description: The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service) (User: ) Description: The plug-in in <Search.TripoliIndexer> cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: Element not found. (HRESULT : 0x80070490) (0x80070490) Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service) (User: ) Description: The plug-in in <Search.JetPropStore> cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service) (User: ) Description: The Windows Search Service cannot load the property store information. Context: Windows Application, SystemIndex Catalog Details: The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800) Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service) (User: ) Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service) (User: ) Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) System errors: ============= Error: (09/24/2013 06:46:55 PM) (Source: DCOM) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (09/24/2013 02:52:13 AM) (Source: DCOM) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (09/23/2013 08:36:52 PM) (Source: DCOM) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (09/23/2013 05:58:35 PM) (Source: DCOM) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (09/23/2013 04:52:40 PM) (Source: Service Control Manager) (User: ) Description: The AMD External Events Utility service terminated unexpectedly. It has done this 1 time(s). Error: (09/23/2013 02:02:25 PM) (Source: Service Control Manager) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (09/23/2013 01:58:30 PM) (Source: Service Control Manager) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (09/23/2013 01:55:11 PM) (Source: Service Control Manager) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (09/23/2013 06:46:04 AM) (Source: DCOM) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (09/23/2013 04:31:16 AM) (Source: DCOM) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Microsoft Office Sessions: ========================= Error: (09/23/2013 03:56:33 AM) (Source: VSS)(User: ) Description: 0x80070005, Access is denied. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {e089145f-c9dd-4dc5-b6dc-0b9f6982cda0} Error: (09/23/2013 01:36:23 AM) (Source: Microsoft Security Client Setup)(User: NECO-PC) Description: HRESULT:0x8004FF0A Description:Microsoft Security Essentials installation was canceled. You canceled the Security Essentials installation on your computer. Error code:0x8004FF0A. Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service)(User: ) Description: Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service)(User: ) Description: Context: Windows Application Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service)(User: ) Description: Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service)(User: ) Description: Context: Windows Application, SystemIndex Catalog Details: Element not found. (HRESULT : 0x80070490) (0x80070490) Search.TripoliIndexer Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service)(User: ) Description: Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Search.JetPropStore Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service)(User: ) Description: Context: Windows Application, SystemIndex Catalog Details: The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800) Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service)(User: ) Description: Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) The catalog is corrupt Error: (09/22/2013 10:46:10 PM) (Source: Windows Search Service)(User: ) Description: Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) 4700 CodeIntegrity Errors: =================================== Date: 2013-09-22 19:22:57.428 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-22 19:22:57.319 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-22 18:53:45.880 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-22 18:53:45.775 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-22 18:34:13.653 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-22 18:34:13.559 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-22 17:28:49.763 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-22 17:28:49.648 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-22 15:35:10.892 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-22 15:35:10.768 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 36% Total physical RAM: 3071.55 MB Available physical RAM: 1954.16 MB Total Pagefile: 6141.39 MB Available Pagefile: 4710.01 MB Total Virtual: 2047.88 MB Available Virtual: 1898.38 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:29.9 GB) (Free:9.98 GB) NTFS Drive d: () (Fixed) (Total:119.05 GB) (Free:105.48 GB) NTFS Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: FFF1FFF1) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=30 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=119 GB) - (Type=07 NTFS) ==================== End Of Log ============================

Profil

TwinHeadedEagle Poslao: 25 Sep 2013 17:02 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1. U uputstvu je pisalo da FRST sacuvas na Desktop. Preuzmi novi i uradi tako... Otvori Notepad i iskopiraj sledeci tekst koji se nalazi unutar osencenog prostora. SearchScopes: HKCU - DefaultScope {24F1D864-576E-4A2A-9B7F-EF498925700E} URL = http://search.yahoo.com/search?fr=chr-greentree_ie.....=183666&p={searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=119776&tt=120613_ndc&babsrc=SP_ss&mntrId=3E25001FD001F30A SearchScopes: HKCU - {24F1D864-576E-4A2A-9B7F-EF498925700E} URL = http://search.yahoo.com/search?fr=chr-greentree_ie.....=183666&p={searchTerms} SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6PQWOGodBX&i=26 SearchScopes: HKCU - {E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} URL = http://t3-3.search.com/search?q={searchTerms} FF SearchPlugin: C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\babylon.xml FF SearchPlugin: C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml FF Extension: torntv2 - C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi CHR HKLM\...\Chrome\Extension: [oemdgpalcpaincbfbabgcemjmgdkibho] - C:\Program Files\Common Files\Spigot\GC\ErrorHelper_1.3.crx C:\Program Files\Common Files\Spigot U okviru Notepad-a klikni na File --> Save As Fajl nazovi fixlist.txt i sacuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sacekaj dok program ne završi Ukoliko program zatraži restart racunara, omoguci mu da to nesmetano obavi. Nakon završetka rada, otvorice se Notepad, sa sadržajem koji treba da kopiraš u temu. Takode, na Desktop-u ce se nalaziti fixlog.txt. Korak 2. Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt Korak 3. Zasto nemas antivirus? Koja je svrha traziti proveru na viruse, a nemas instaliranu zastitu?

Profil

neco1993 Poslao: 25 Sep 2013 17:40 Idi na vrh
offline neco1993 Novi MyCity građanin Pridružio: 05 Dec 2012 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 25 Sep 2013 17:08 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-09-2013 Ran by Mr GooD at 2013-09-25 17:07:05 Run:1 Running from C:\Users\Mr GooD\Desktop Boot Mode: Normal ============================================== Content of fixlist: *************** SearchScopes: HKCU - DefaultScope {24F1D864-576E-4A2A-9B7F-EF498925700E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&affID=119776&tt=120613_ndc&babsrc=SP_ss&mntrId=3E25001FD001F30A SearchScopes: HKCU - {24F1D864-576E-4A2A-9B7F-EF498925700E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&loc=IB_DS&a=6PQWOGodBX&i=26 SearchScopes: HKCU - {E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} FF SearchPlugin: C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\babylon.xml FF SearchPlugin: C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml FF Extension: torntv2 - C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi CHR HKLM\...\Chrome\Extension: [oemdgpalcpaincbfbabgcemjmgdkibho] - C:\Program Files\Common Files\Spigot\GC\ErrorHelper_1.3.crx C:\Program Files\Common Files\Spigot ************* HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{24F1D864-576E-4A2A-9B7F-EF498925700E} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{24F1D864-576E-4A2A-9B7F-EF498925700E} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} => Key not found. C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\babylon.xml => Moved successfully. C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml => Moved successfully. C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi => Moved successfully. "C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml " => File/Directory not found. "C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml " => File/Directory not found. "C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi " => File/Directory not found. HKLM\SOFTWARE\Google\Chrome\Extensions\oemdgpalcpaincbfbabgcemjmgdkibho => Key deleted successfully. "C:\Program Files\Common Files\Spigot\GC\ErrorHelper_1.3.crx " => File/Directory not found. "C:\Program Files\Common Files\Spigot" => File/Directory not found. ==== End of Fixlog ==== Dopuna: 25 Sep 2013 17:09 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-09-2013 Ran by Mr GooD at 2013-09-25 17:07:05 Run:1 Running from C:\Users\Mr GooD\Desktop Boot Mode: Normal ============================================== Content of fixlist: ************* SearchScopes: HKCU - DefaultScope {24F1D864-576E-4A2A-9B7F-EF498925700E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&affID=119776&tt=120613_ndc&babsrc=SP_ss&mntrId=3E25001FD001F30A SearchScopes: HKCU - {24F1D864-576E-4A2A-9B7F-EF498925700E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&loc=IB_DS&a=6PQWOGodBX&i=26 SearchScopes: HKCU - {E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} FF SearchPlugin: C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\babylon.xml FF SearchPlugin: C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml FF Extension: torntv2 - C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi CHR HKLM\...\Chrome\Extension: [oemdgpalcpaincbfbabgcemjmgdkibho] - C:\Program Files\Common Files\Spigot\GC\ErrorHelper_1.3.crx C:\Program Files\Common Files\Spigot ************* HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{24F1D864-576E-4A2A-9B7F-EF498925700E} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{24F1D864-576E-4A2A-9B7F-EF498925700E} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} => Key not found. C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\babylon.xml => Moved successfully. C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml => Moved successfully. C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi => Moved successfully. "C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml " => File/Directory not found. "C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml " => File/Directory not found. "C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi " => File/Directory not found. HKLM\SOFTWARE\Google\Chrome\Extensions\oemdgpalcpaincbfbabgcemjmgdkibho => Key deleted successfully. "C:\Program Files\Common Files\Spigot\GC\ErrorHelper_1.3.crx " => File/Directory not found. "C:\Program Files\Common Files\Spigot" => File/Directory not found. ==== End of Fixlog ==== Dopuna: 25 Sep 2013 17:15 # AdwCleaner v3.005 - Report created 25/09/2013 at 17:10:43 # Updated 22/09/2013 by Xplode # Operating System : Windows 7 Ultimate Service Pack 1 (32 bits) # Username : Mr GooD - NECO-PC # Running from : C:\Users\Mr GooD\Desktop\adwcleaner.exe # Option : Clean * [ Services ] * * [ Files / Folders ] * Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Trymedia Folder Deleted : C:\Program Files\MyPC Backup Folder Deleted : C:\Users\Mr GooD\AppData\Local\Ilivid Folder Deleted : C:\Users\Mr GooD\AppData\Roaming\PerformerSoft Folder Deleted : C:\Users\Mr GooD\AppData\Roaming\Systweak Folder Deleted : C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\jetpack File Deleted : C:\Users\Mr GooD\Desktop\iLivid.lnk File Deleted : C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\\invalidprefs.js File Deleted : C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\user.js * [ Shortcuts ] * * [ Registry ] * Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS Key Deleted : HKCU\Software\5853dcdce135e548 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_avs-audio-converter_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_avs-audio-converter_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909} Key Deleted : HKCU\Software\filescout Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\IB Updater Key Deleted : HKLM\Software\systweak Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid * [ Browsers ] * -\\ Internet Explorer v10.0.9200.16521 -\\ Mozilla Firefox v20.0.1 (en-US) [ File : C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\prefs.js ] -\\ Google Chrome v29.0.1547.76 [ File : C:\Users\Mr GooD\AppData\Local\Google\Chrome\User Data\Default\preferences ] ********************* AdwCleaner[R0].txt - [3736 octets] - [25/09/2013 17:09:46] AdwCleaner[S0].txt - [3712 octets] - [25/09/2013 17:10:43] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3772 octets] ########## Dopuna: 25 Sep 2013 17:16 A antivirus sam imao nego sam prije nego sto sam se vama obratio ..obrisao .. jer sam mislio ubacim not ... s pirate bay ..medjutim necemo o tome posto je zabranjena takva tema .... microsoft security essential ovaj sam imao da ga instal o5 ? Dopuna: 25 Sep 2013 17:17 nod tacnije ne not Dopuna: 25 Sep 2013 17:38 [quote="neco1993"]Napisano: 25 Sep 2013 17:08 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-09-2013 Ran by Mr GooD at 2013-09-25 17:07:05 Run:1 Running from C:\Users\Mr GooD\Desktop Boot Mode: Normal ============================================== Content of fixlist: ************* SearchScopes: HKCU - DefaultScope {24F1D864-576E-4A2A-9B7F-EF498925700E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&affID=119776&tt=120613_ndc&babsrc=SP_ss&mntrId=3E25001FD001F30A SearchScopes: HKCU - {24F1D864-576E-4A2A-9B7F-EF498925700E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&loc=IB_DS&a=6PQWOGodBX&i=26 SearchScopes: HKCU - {E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} FF SearchPlugin: C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\babylon.xml FF SearchPlugin: C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml FF Extension: torntv2 - C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi CHR HKLM\...\Chrome\Extension: [oemdgpalcpaincbfbabgcemjmgdkibho] - C:\Program Files\Common Files\Spigot\GC\ErrorHelper_1.3.crx C:\Program Files\Common Files\Spigot ************* HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{24F1D864-576E-4A2A-9B7F-EF498925700E} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{24F1D864-576E-4A2A-9B7F-EF498925700E} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} => Key not found. C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\babylon.xml => Moved successfully. C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml => Moved successfully. C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi => Moved successfully. "C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml " => File/Directory not found. "C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml " => File/Directory not found. "C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi " => File/Directory not found. HKLM\SOFTWARE\Google\Chrome\Extensions\oemdgpalcpaincbfbabgcemjmgdkibho => Key deleted successfully. "C:\Program Files\Common Files\Spigot\GC\ErrorHelper_1.3.crx " => File/Directory not found. "C:\Program Files\Common Files\Spigot" => File/Directory not found. ==== End of Fixlog ==== Dopuna: 25 Sep 2013 17:09 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-09-2013 Ran by Mr GooD at 2013-09-25 17:07:05 Run:1 Running from C:\Users\Mr GooD\Desktop Boot Mode: Normal ============================================== Content of fixlist: ************* SearchScopes: HKCU - DefaultScope {24F1D864-576E-4A2A-9B7F-EF498925700E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&affID=119776&tt=120613_ndc&babsrc=SP_ss&mntrId=3E25001FD001F30A SearchScopes: HKCU - {24F1D864-576E-4A2A-9B7F-EF498925700E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&loc=IB_DS&a=6PQWOGodBX&i=26 SearchScopes: HKCU - {E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} FF SearchPlugin: C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\babylon.xml FF SearchPlugin: C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml FF Extension: torntv2 - C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi CHR HKLM\...\Chrome\Extension: [oemdgpalcpaincbfbabgcemjmgdkibho] - C:\Program Files\Common Files\Spigot\GC\ErrorHelper_1.3.crx C:\Program Files\Common Files\Spigot ************* HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{24F1D864-576E-4A2A-9B7F-EF498925700E} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{24F1D864-576E-4A2A-9B7F-EF498925700E} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{E915F3CA-90A1-4CC7-9B3C-14C1F2BBF724} => Key not found. C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\babylon.xml => Moved successfully. C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml => Moved successfully. C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi => Moved successfully. "C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml " => File/Directory not found. "C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\searchplugins\delta.xml " => File/Directory not found. "C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\Extensions\torntv2@torntv.com.xpi " => File/Directory not found. HKLM\SOFTWARE\Google\Chrome\Extensions\oemdgpalcpaincbfbabgcemjmgdkibho => Key deleted successfully. "C:\Program Files\Common Files\Spigot\GC\ErrorHelper_1.3.crx " => File/Directory not found. "C:\Program Files\Common Files\Spigot" => File/Directory not found. ==== End of Fixlog ==== Dopuna: 25 Sep 2013 17:15 # AdwCleaner v3.005 - Report created 25/09/2013 at 17:10:43 # Updated 22/09/2013 by Xplode # Operating System : Windows 7 Ultimate Service Pack 1 (32 bits) # Username : Mr GooD - NECO-PC # Running from : C:\Users\Mr GooD\Desktop\adwcleaner.exe # Option : Clean * [ Services ] * * [ Files / Folders ] * Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Trymedia Folder Deleted : C:\Program Files\MyPC Backup Folder Deleted : C:\Users\Mr GooD\AppData\Local\Ilivid Folder Deleted : C:\Users\Mr GooD\AppData\Roaming\PerformerSoft Folder Deleted : C:\Users\Mr GooD\AppData\Roaming\Systweak Folder Deleted : C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\jetpack File Deleted : C:\Users\Mr GooD\Desktop\iLivid.lnk File Deleted : C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\\invalidprefs.js File Deleted : C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\user.js * [ Shortcuts ] * * [ Registry ] * Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS Key Deleted : HKCU\Software\5853dcdce135e548 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_avs-audio-converter_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_avs-audio-converter_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909} Key Deleted : HKCU\Software\filescout Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\IB Updater Key Deleted : HKLM\Software\systweak Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid * [ Browsers ] * -\\ Internet Explorer v10.0.9200.16521 -\\ Mozilla Firefox v20.0.1 (en-US) [ File : C:\Users\Mr GooD\AppData\Roaming\Mozilla\Firefox\Profiles\rrkrp3ku.default\prefs.js ] -\\ Google Chrome v29.0.1547.76 [ File : C:\Users\Mr GooD\AppData\Local\Google\Chrome\User Data\Default\preferences ] *********************** AdwCleaner[R0].txt - [3736 octets] - [25/09/2013 17:09:46] AdwCleaner[S0].txt - [3712 octets] - [25/09/2013 17:10:43] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3772 octets] ########## Dopuna: 25 Sep 2013 17:16 A antivirus sam imao nego sam prije nego sto sam se vama obratio ..obrisao .. jer sam mislio ubacim "nod" ... s pirate bay ..medjutim necemo o tome posto je zabranjena takva tema .... microsoft security essential sam imao instaliracu ga o5 , preporucujes neki drugi ? Dopuna: 25 Sep 2013 17:17 Dopuna: 25 Sep 2013 17:40 sta ovo uradih 2x isto stavih xD

Profil

TwinHeadedEagle Poslao: 25 Sep 2013 17:45 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To bi bilo to, racunar je sada cist. Imao si TDL3 rootkit u sistemu, tako da instaliraj antivirus obavezno. Postoji mnogo dobrih besplatnih varijanti, tako da nemoj koristiti piratske verzije. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti i 7 koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sljedeće: ComboFix /Uninstall Primjeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Ponovo pokreni Adwcleaner, klikni na Uninstall i sacekaj dok program ne zavrsi. Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop Dvoklikom pokreni program. Štikliraj sledeće opcije: Remove disinfection tools Purge System Restore Reset system settings Klikni na dugme "Run" i pričekaj da program završi rad. Kada alat završi, otvoriće izvestaj u notepadu. Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt. Ne treba da dostavljas ovaj izvestaj. Preporučujem da za zaštitu USB memorijskih uredjaja koristiš MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad, a pokazao se kao jedan od najboljih vidova zaštite od malware-a koji se prenosi putem USB mem. uređaja. Skineš, instaliraš, ubodeš USB mem. uređaj, izvrši se skeniranje nakon čega dobiješ obaveštenje da je uređaj čist (ukoliko je stvarno tako); ili dobiješ log u kome vidiš informacije o malware-u koji je nađen i obrisan. Home Page MCShield-a ::Anti-Malware Tool:: v2: [Link mogu videti samo ulogovani korisnici] Više o MCShield-u možeš saznati u ovim temama: v1: [Link mogu videti samo ulogovani korisnici] v2: [Link mogu videti samo ulogovani korisnici] Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj. Link do teme je: [Link mogu videti samo ulogovani korisnici] Ne bi bilo lose i da bacis pogled na ovu temu, kako bi sam naucio kako da budes siguran na internetu --> [Link mogu videti samo ulogovani korisnici] Takode, isprati i temu "Kako izbeci i ukloniti toolbar-ove" , procitaj i isprati korake u njoj. Link do teme je: [Link mogu videti samo ulogovani korisnici] TwinHeadedEagle (AMF Tim)

Profil

neco1993 Poslao: 25 Sep 2013 19:57 Idi na vrh
offline neco1993 Novi MyCity građanin Pridružio: 05 Dec 2012 Poruke: 15	1Ovo se svidja korisniku: TwinHeadedEagle Registruj se da bi pohvalio/la poruku! hvala , na vremenu izdvojenom za pregled mog kompa ..i pozz :-) <3

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provjera kompjutera od virus-a ako moze ?

Ko je trenutno na forumu

Ukupno su 1304 korisnika na forumu :: 58 registrovanih, 3 sakrivenih i 1243 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 10x10.9, aleksandar11332, Asteker, Bane san, bokisha253, Boris BM, bpvl, Brankojle, coaaco, d29, dejno, dule10savic, dunavzed, glados, HrcAk47, igorpet, ikan, Jeremiah, Jester, Kalem, Khaless, kihot, Komentator, Kriglord, Kruger, Leonov, leopard83, MadMike, Marko Marković, mat, Mcdado, metallac777, mile.ilic75, milenko crazy north, Miler88, mrm, N.e.m.a.nj.a., Nik_sasa, Nikolajevic, Oscar2, Ray1973, RileHerc, royst33, Sgmpk, sistem22, skok, Skywhaler, steksi, Stoilkovic, stokssone, Tribal, VekiJ, Velizar Laro, vjetar, vuksa72, vzd1389, Zandar, zlatkoa987

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by