MyCity » Ambulanta -> Arhiva Ambulante » Sistem koci

Sistem koci

Napisano na dan: 10.4.2015

Strana:
1
2

Sistem koci

Sledeća strana

Pagination

Odgovori

Strana:
1
2

vuksel Poslao: 10 Apr 2015 16:03 Idi na vrh
offline vuksel Građanin Pridružio: 18 Apr 2009 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Primetio sam da je sistem usporio.Prilikom surfovanja netom, treba mu vise vremena za otvaranje stranica, i desava mi se da me kursor ne slusa . Takodje mi se cini da je i otvaranje nekih programa sporije nego sto je bilo ranije.Problem sam probao da resim uz pomoc nod32. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 11.40.2 Run by SelenA at 15:37:56 on 2015-04-10 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2047.651 [GMT 2:00] . AV: ESET NOD32 Antivirus 8.0 Enabled/Updated {19259FAE-8396-A113-46DB-15B0E7DFA289} SP: Windows Defender Enabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: ESET NOD32 Antivirus 8.0 Enabled/Updated {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe C:\ProgramData\DatacardService\HWDeviceService.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Windows\system32\lxdxcoms.exe C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files\Telenor Internet\Telenor Internet.exe C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\ProgramData\Telenor Internet\OnlineUpdate\ouc.exe C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Program Files\3DSP\BluetoothWLAN_usb\Utilities\UsbCS.exe C:\Windows\system32\UI0Detect.exe C:\Program Files\3DSP\BluetoothWLAN_usb\Utilities\USBMa.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\System32\svchost.exe -k secsvcs . ============== Pseudo HJT Report =============== . BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - c:\program files\bitcomet\tools\BitCometBHO_1.5.4.11.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_40\bin\ssv.dll BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_40\bin\jp2ssv.dll uRun: [Viber] "c:\users\selena\appdata\local\viber\Viber.exe" StartMinimized uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun mRun: [NvBackend] "c:\program files\nvidia corporation\update core\NvBackend.exe" mRun: [ShadowPlay] c:\windows\system32\rundll32.exe c:\windows\system32\nvspcap.dll,ShadowPlayOnSystemStart mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [USBMaLoader.exe] c:\program files\3dsp\bluetoothwlan_usb\utilities\USBMaLoader.exe mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - c:\program files\bitcomet\tools\BitCometBHO_1.5.4.11.dll/206 TCP: Interfaces\{76B90091-229D-40A4-855A-62DDEB1F60D5} : NameServer = 217.65.192.101 217.65.192.102 TCP: Interfaces\{7A6CE973-9C7B-4DD7-999E-758511D6B87D} : NameServer = 217.65.192.101 217.65.192.102 TCP: Interfaces\{885484B4-9073-4A39-8494-B0D9C1C4AC13} : NameServer = 217.65.192.101 217.65.192.102 TCP: Interfaces\{9B6A29E5-40F3-40E0-94FF-602BABDDDF38} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{D9B679EE-49B7-411D-A028-78D3CB1BAE29} : NameServer = 217.65.192.101 217.65.192.102 TCP: Interfaces\{F6B3B155-C830-4D93-860B-4A639E27770B} : NameServer = 217.65.192.101 217.65.192.102 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - c:\users\selena\appdata\roaming\mozilla\firefox\profiles\ek8i7pbk.default\ FF - prefs.js: browser.startup.homepage - google.com FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre1.8.0_40\bin\dtplugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre1.8.0_40\bin\plugin2\npjp2.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_16_0_0_305.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . ============= SERVICES / DRIVERS =============== . R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2010-4-6 20104] R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2014-8-18 191928] R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\skype\toolbars\autoupdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\skype\toolbars\pnrsvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520] R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2014-10-1 1349576] R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2014-9-18 123424] R2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\nvidia corporation\geforce experience service\GfExperienceService.exe [2014-10-20 915600] R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\HWDeviceService.exe [2011-3-14 271712] R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?] R2 NvNetworkService;NVIDIA Network Service;c:\program files\nvidia corporation\netservice\NvNetworkService.exe [2014-10-19 1701520] R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe [2014-10-19 18186896] R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2014-10-20 11136] R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2014-10-20 89856] R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2014-10-20 73984] R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\drivers\ew_juextctrl.sys [2014-10-20 26624] R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\drivers\ew_juwwanecm.sys [2014-10-20 190976] R3 NvStreamKms;NvStreamKms;c:\program files\nvidia corporation\nvstreamsrv\NvStreamKms.sys [2014-10-19 18576] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2014-12-16 32912] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2014-10-19 716504] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2014\TuneUpUtilitiesDriver32.sys [2014-6-23 12320] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\bitcomet\tools\bitcometservice.exe -service --> c:\program files\bitcomet\tools\BitCometService.exe -service [?] S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2010-4-6 25864] S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2011-4-12 62464] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2014-10-20 102784] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-6-17 108032] S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2010-4-6 23048] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2014-6-17 14848] S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2011-4-12 77184] S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2014-6-17 24064] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2014-6-17 49152] S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2014-6-17 26880] S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2011-4-12 112640] . =============== Created Last 30 ================ . 2015-04-09 07:54:41 147968 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\lxdxdrpp.dll 2015-04-08 19:34:19 -------- d-----w- c:\program files\ZAR 2015-04-08 19:19:21 -------- d-----w- c:\program files\7-Data Card Recovery 2015-03-23 17:52:58 -------- d-----w- c:\users\selena\appdata\roaming\BitTorrent 2015-03-19 14:47:02 -------- d-----w- c:\programdata\Freemake 2015-03-19 14:46:43 -------- d-----w- c:\users\selena\appdata\roaming\RHEng 2015-03-19 14:46:43 -------- d-----w- c:\program files\Freemake 2015-03-17 11:11:27 -------- d-----w- c:\users\selena\appdata\roaming\BANDISOFT . ==================== Find3M ==================== . 2015-03-10 10:23:32 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2015-02-10 09:58:23 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2015-02-10 09:58:23 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2015-02-04 02:06:18 4388040 ----a-w- c:\windows\system32\nvcpl.dll 2015-02-04 02:06:17 3060936 ----a-w- c:\windows\system32\nvsvc.dll 2015-02-04 02:05:53 670536 ----a-w- c:\windows\system32\nvvsvc.exe 2015-02-04 02:05:52 61584 ----a-w- c:\windows\system32\nvshext.dll 2015-02-04 02:05:52 2553032 ----a-w- c:\windows\system32\nvsvcr.dll 2015-02-04 02:05:49 374928 ----a-w- c:\windows\system32\nvmctray.dll 2015-02-03 23:57:45 606920 ----a-w- c:\windows\system32\nvStreaming.exe 2015-02-03 16:18:33 4229086 ----a-w- c:\windows\system32\nvcoproc.bin . ============= FINISH: 15:38:52.12 =============== mycity.rs/must-login.png

Profil

Sass Drake Poslao: 10 Apr 2015 16:31 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Isprati uputstvo za otvaranje teme i psotavi FRST izvještaje, a ne DDS.

Profil

vuksel Poslao: 10 Apr 2015 16:32 Idi na vrh
offline vuksel Građanin Pridružio: 18 Apr 2009 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png sledeci korak odnosno " Options > Only non MS files" tu opciju nemam mycity.rs/must-login.png

Profil

Sass Drake Poslao: 10 Apr 2015 16:47 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html Postavi FRST izvještaje kako se traže u uputstvu.

Profil

vuksel Poslao: 10 Apr 2015 19:09 Idi na vrh
offline vuksel Građanin Pridružio: 18 Apr 2009 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 10 Apr 2015 16:54 Ok,postavicu nisam video.... Dopuna: 10 Apr 2015 19:09 Jos jednom izvinite na ne upucenosti,idemo iz pocetka.... Primetio sam da je sistem usporio.Prilikom surfovanja netom, treba mu vise vremena za otvaranje stranica, i desava mi se da me kursor ne slusa. Takodje mi se cini da je i otvaranje nekih programa sporije nego sto je bilo ranije.Problem je poceo da se pojavljuje od prilike pre nekih 10-15 dana,probao sam da ga resim uz pomoc nod32 antivirus 8. Konekcija je telenorov modem Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by SelenA (administrator) on SELENA-PC on 10-04-2015 19:04:42 Running from C:\Users\SelenA\Downloads Loaded Profiles: SelenA (Available profiles: SelenA) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\ProgramData\DatacardService\HWDeviceService.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe ( ) C:\Windows\System32\lxdxcoms.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\ProgramData\Telenor Internet\OnlineUpdate\ouc.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (3DSP corporation) C:\Program Files\3DSP\BluetoothWLAN_usb\Utilities\UsbCS.exe (3DSP corporation) C:\Program Files\3DSP\BluetoothWLAN_usb\Utilities\USBMa.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Program Files\Telenor Internet\Telenor Internet.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2000-01-01] (Realtek Semiconductor) HKLM\...\Run: [USBMaLoader.exe] => C:\Program Files\3DSP\BluetoothWLAN_usb\Utilities\USBMaLoader.exe [20480 2010-10-08] (3DSP corporation) HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [37888 2010-01-14] (Nullsoft, Inc.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456 2014-10-01] (ESET) HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\Run: [Viber] => C:\Users\SelenA\AppData\Local\Viber\Viber.exe [936656 2014-10-20] () HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.) HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {03e9b264-a7c0-11e4-9146-001167000000} - G:\LGAutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {2329aa06-98bc-11e4-a540-001167000000} - G:\LGAutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {6130e2d3-585a-11e4-b749-001167000000} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {6130e2de-585a-11e4-b749-001167000000} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {8dd203bb-5834-11e4-be71-0030671f90b0} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {8dd203c9-5834-11e4-be71-001167000000} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {8dd203d7-5834-11e4-be71-001167000000} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {ef63a8e9-c33e-11e4-8e02-001167000000} - E:\AutoRun.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-10] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-10] (Oracle Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Tcpip\..\Interfaces\{76B90091-229D-40A4-855A-62DDEB1F60D5}: [NameServer] 217.65.192.101 217.65.192.102 Tcpip\..\Interfaces\{7A6CE973-9C7B-4DD7-999E-758511D6B87D}: [NameServer] 217.65.192.101 217.65.192.102 Tcpip\..\Interfaces\{885484B4-9073-4A39-8494-B0D9C1C4AC13}: [NameServer] 217.65.192.101 217.65.192.102 Tcpip\..\Interfaces\{D9B679EE-49B7-411D-A028-78D3CB1BAE29}: [NameServer] 217.65.192.101 217.65.192.102 Tcpip\..\Interfaces\{F6B3B155-C830-4D93-860B-4A639E27770B}: [NameServer] 217.65.192.101 217.65.192.102 FireFox: ======== FF ProfilePath: C:\Users\SelenA\AppData\Roaming\Mozilla\Firefox\Profiles\ek8i7pbk.default FF Homepage: google.com FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-10] () FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-10] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-10] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF user.js: detected! => C:\Users\SelenA\AppData\Roaming\Mozilla\Firefox\Profiles\ek8i7pbk.default\user.js [2015-01-02] FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2010-01-14] (Nullsoft, Inc.) FF SearchPlugin: C:\Users\SelenA\AppData\Roaming\Mozilla\Firefox\Profiles\ek8i7pbk.default\searchplugins\podnapisinet.xml [2015-03-19] FF Extension: BitComet Video Downloader - C:\Users\SelenA\AppData\Roaming\Mozilla\Firefox\Profiles\ek8i7pbk.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2014-11-05] FF Extension: Topface. Meeting is easy - C:\Users\SelenA\AppData\Roaming\Mozilla\Firefox\Profiles\ek8i7pbk.default\Extensions\jid1-XsAruLV1bBBn9Q@jetpack.xpi [2015-04-03] FF Extension: Adblock Plus - C:\Users\SelenA\AppData\Roaming\Mozilla\Firefox\Profiles\ek8i7pbk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-27] FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-08] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576 2014-10-01] (ESET) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2014-12-13] (NVIDIA Corporation) R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] () R2 lxdx_device; C:\Windows\system32\lxdxcoms.exe [589824 2009-10-16] ( ) [File not signed] R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18186896 2014-12-13] (NVIDIA Corporation) S2 Telenor Internet. RunOuc; C:\Program Files\Telenor Internet\UpdateDog\ouc.exe [655712 2011-12-23] () R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1781048 2014-07-16] (TuneUp Software) R3 UsbCS; C:\Program Files\3DSP\BluetoothWLAN_usb\Utilities\UsbCS.exe [90112 2009-12-15] (3DSP corporation) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2014-06-17] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [20104 2010-04-06] (IVT Corporation.) S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [25864 2010-04-06] () R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-08-18] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-08-18] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [123424 2014-09-18] (ESET) R3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2011-09-09] (Huawei Technologies Co., Ltd.) R3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2011-09-09] (Huawei Technologies Co., Ltd.) R3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [190976 2011-12-02] (Huawei Technologies Co., Ltd.) S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [23048 2010-04-06] (IVT Corporation.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2014-12-13] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation) R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2014-06-23] (TuneUp Software) S3 BT; system32\DRIVERS\btnetdrv.sys [X] S3 BTCOM; system32\DRIVERS\btcomport.sys [X] S3 BTCOMBUS; System32\Drivers\btcombus.sys [X] S3 Btcsrusb; System32\Drivers\btcusb.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] U3 awdiqpow; \??\C:\Users\SelenA\AppData\Local\Temp\awdiqpow.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-10 19:04 - 2015-04-10 19:05 - 00013210 _____ () C:\Users\SelenA\Downloads\FRST.txt 2015-04-10 18:16 - 2015-04-10 18:16 - 00000000 ____D () C:\Users\SelenA\Desktop\ja komp 2015-04-10 18:14 - 2015-04-10 19:04 - 00000000 ____D () C:\FRST 2015-04-10 18:13 - 2015-04-10 18:13 - 01135104 _____ (Farbar) C:\Users\SelenA\Downloads\FRST.exe 2015-04-10 16:04 - 2015-04-10 16:04 - 00380416 _____ () C:\Users\SelenA\Downloads\gzu65me5.exe 2015-04-10 15:57 - 2015-04-10 15:57 - 217329506 _____ () C:\Windows\MEMORY.DMP 2015-04-10 15:57 - 2015-04-10 15:57 - 00160352 _____ () C:\Windows\Minidump\041015-17082-01.dmp 2015-04-10 15:37 - 2015-04-10 15:37 - 00464491 _____ () C:\Users\SelenA\Downloads\RootRepeal.zip 2015-04-10 15:37 - 2015-04-10 15:37 - 00380416 _____ () C:\Users\SelenA\Downloads\b7r70u4q.exe 2015-04-10 15:36 - 2015-04-10 15:37 - 00688992 ____R (Swearware) C:\Users\SelenA\Downloads\dds.scr 2015-04-08 21:36 - 2015-04-08 21:43 - 00000000 ____D () C:\Program Files\Recuva 2015-04-08 21:36 - 2015-04-08 21:36 - 00001799 _____ () C:\Users\Public\Desktop\Recuva.lnk 2015-04-08 21:36 - 2015-04-08 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2015-04-08 21:34 - 2015-04-08 21:34 - 00000897 _____ () C:\Users\SelenA\Desktop\Zero Assumption Recovery.lnk 2015-04-08 21:34 - 2015-04-08 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZAR 2015-04-08 21:34 - 2015-04-08 21:34 - 00000000 ____D () C:\Program Files\ZAR 2015-04-08 21:28 - 2015-04-08 21:28 - 00000078 _____ () C:\lxdx.log 2015-04-08 21:19 - 2015-04-08 21:21 - 00000000 ____D () C:\Program Files\7-Data Card Recovery 2015-04-08 20:46 - 2015-04-10 18:17 - 00000000 ____D () C:\Users\SelenA\Desktop\milica 2015-04-08 16:26 - 2015-04-08 16:26 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-03-29 10:27 - 2015-03-29 10:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2015-03-29 10:20 - 2015-03-29 10:21 - 00000000 ____D () C:\Users\SelenA\Documents\Bandicam 2015-03-28 17:55 - 2015-03-28 17:55 - 00000218 _____ () C:\Users\SelenA\AppData\Local\recently-used.xbel 2015-03-27 21:19 - 2015-03-27 21:19 - 00000000 ____D () C:\Users\SelenA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-03-23 19:52 - 2015-03-24 17:42 - 00000000 ____D () C:\Users\SelenA\AppData\Roaming\BitTorrent 2015-03-23 10:16 - 2015-04-05 20:26 - 00000000 ____D () C:\Users\SelenA\Desktop\vulefull 2015-03-19 16:51 - 2015-03-19 16:51 - 00000000 ____D () C:\Users\SelenA\AppData\Roaming\Lavasoft 2015-03-19 16:51 - 2015-03-19 16:51 - 00000000 ____D () C:\ProgramData\Lavasoft 2015-03-19 16:47 - 2015-03-19 16:48 - 00000000 ____D () C:\Users\SelenA\Documents\Freemake 2015-03-19 16:47 - 2015-03-19 16:48 - 00000000 ____D () C:\ProgramData\Freemake 2015-03-19 16:47 - 2015-03-19 16:47 - 00001282 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk 2015-03-19 16:47 - 2015-03-19 16:47 - 00000000 ____D () C:\Users\SelenA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2015-03-19 16:47 - 2015-03-19 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2015-03-19 16:46 - 2015-03-19 16:47 - 00000000 ____D () C:\Program Files\Freemake 2015-03-19 16:46 - 2015-03-19 16:46 - 00000000 ____D () C:\Users\SelenA\AppData\Roaming\RHEng 2015-03-19 16:29 - 2015-03-19 16:30 - 01270544 _____ (Ellora Assets Corporation ) C:\Users\SelenA\Downloads\FreemakeVideoConverterSetup.exe 2015-03-17 13:11 - 2015-03-17 13:11 - 00000000 ____D () C:\Users\SelenA\AppData\Roaming\BANDISOFT 2015-03-11 15:40 - 2015-03-11 15:44 - 00000000 ____D () C:\Users\SelenA\Desktop\iGO 2015-03-11 14:08 - 2015-02-04 01:57 - 00606920 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe 2015-03-11 14:06 - 2015-02-04 05:35 - 24199824 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll 2015-03-11 14:06 - 2015-02-04 05:35 - 15294096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-03-11 14:06 - 2015-02-04 05:35 - 11272048 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-03-11 14:06 - 2015-02-04 05:35 - 11209376 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-03-11 14:06 - 2015-02-04 05:35 - 10702664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-03-11 14:06 - 2015-02-04 05:35 - 03987784 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-03-11 14:06 - 2015-02-04 05:35 - 01060680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234144.dll 2015-03-11 14:06 - 2015-02-04 05:35 - 00911504 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234144.dll 2015-03-11 14:06 - 2015-02-04 05:35 - 00908432 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll 2015-03-11 14:06 - 2015-02-04 05:35 - 00870032 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-10 19:04 - 2015-02-09 21:08 - 00000000 ____D () C:\Users\SelenA\Desktop\vukisa 2015-04-10 18:58 - 2014-10-19 21:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-10 16:18 - 2014-10-19 16:48 - 01752050 _____ () C:\Windows\WindowsUpdate.log 2015-04-10 16:04 - 2009-07-14 06:34 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-04-10 16:04 - 2009-07-14 06:34 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-04-10 16:03 - 2010-11-20 23:01 - 00006166 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-10 15:58 - 2015-02-12 15:24 - 00000000 ____D () C:\Users\SelenA\AppData\Roaming\Skype 2015-04-10 15:58 - 2014-12-19 20:50 - 00000000 ____D () C:\Users\SelenA\AppData\Roaming\ViberPC 2015-04-10 15:58 - 2014-12-19 20:46 - 00000000 ____D () C:\Users\SelenA\AppData\Local\Viber 2015-04-10 15:57 - 2015-01-04 14:49 - 00065270 _____ () C:\Windows\setupact.log 2015-04-10 15:57 - 2014-11-06 20:06 - 00000000 ____D () C:\Windows\Minidump 2015-04-10 15:57 - 2014-10-19 21:25 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-04-10 15:57 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-10 12:02 - 2014-11-02 22:50 - 00000000 ____D () C:\Users\SelenA\Documents\Quick YouTube Downloader 2015-04-09 09:51 - 2015-01-11 18:37 - 00008756 _____ () C:\Windows\PFRO.log 2015-04-08 21:49 - 2014-10-19 07:54 - 00000000 ____D () C:\Users\SelenA 2015-04-08 21:29 - 2015-02-26 18:31 - 00003178 _____ () C:\Windows\system32\LexFiles.ulf 2015-04-08 20:58 - 2014-10-19 08:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-04-07 10:05 - 2014-10-20 12:37 - 00000000 ____D () C:\Users\SelenA\AppData\Roaming\.minecraft 2015-03-31 16:41 - 2014-10-20 10:36 - 00000000 ___RD () C:\Users\SelenA\Desktop\fotografije za novine 2015-03-29 10:27 - 2014-12-02 12:01 - 00000000 ____D () C:\Fraps 2015-03-28 18:24 - 2015-01-20 18:18 - 00000000 ____D () C:\Program Files\Google 2015-03-28 17:56 - 2014-12-08 14:27 - 00000000 ____D () C:\Users\SelenA\.gimp-2.8 2015-03-28 17:34 - 2014-10-19 21:36 - 00000032 _____ () C:\Windows\0 2015-03-27 22:34 - 2015-01-20 18:18 - 00000000 ____D () C:\Users\SelenA\AppData\Local\Google 2015-03-27 21:19 - 2014-11-06 10:43 - 00002130 _____ () C:\Users\SelenA\Desktop\Minecraft.lnk 2015-03-26 18:01 - 2014-10-20 10:37 - 00000000 ____D () C:\Users\SelenA\Desktop\Vuk 2015-03-23 20:12 - 2014-11-05 23:47 - 00000000 ____D () C:\Users\SelenA\AppData\Roaming\BitComet 2015-03-17 18:36 - 2014-10-19 21:01 - 00000000 ____D () C:\Users\SelenA\AppData\Local\Adobe 2015-03-17 18:36 - 2014-10-19 07:54 - 00000000 ____D () C:\Users\SelenA\AppData\Roaming\Adobe 2015-03-16 20:56 - 2014-12-02 12:03 - 00000000 ____D () C:\Users\SelenA\Documents\Vuk 2015-03-16 19:30 - 2009-07-14 06:53 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-03-14 16:53 - 2015-01-01 21:51 - 00000000 ____D () C:\Users\SelenA\AppData\Roaming\IHlpr 2015-03-12 14:41 - 2015-01-28 12:17 - 00000000 ____D () C:\Users\SelenA\Desktop\tribali 2015-03-11 14:09 - 2014-10-19 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation ==================== Files in the root of some directories ======= 2015-03-28 17:55 - 2015-03-28 17:55 - 0000218 _____ () C:\Users\SelenA\AppData\Local\recently-used.xbel 2014-10-29 22:44 - 2014-10-29 22:44 - 0007602 _____ () C:\Users\SelenA\AppData\Local\Resmon.ResmonCfg 2015-02-26 18:43 - 2015-02-26 18:43 - 0000252 _____ () C:\ProgramData\FastPics.log 2015-02-26 20:51 - 2015-02-26 20:51 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-07 20:54 ==================== End Of Log ============================ mycity.rs/must-login.png

Profil

Sass Drake Poslao: 10 Apr 2015 20:22 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe: Extended Update Takođe bih ti preporučio da deinstaliraš: TuneUp Utilities 2014 Korak 2 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {03e9b264-a7c0-11e4-9146-001167000000} - G:\LGAutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {2329aa06-98bc-11e4-a540-001167000000} - G:\LGAutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {6130e2d3-585a-11e4-b749-001167000000} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {6130e2de-585a-11e4-b749-001167000000} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {8dd203bb-5834-11e4-be71-0030671f90b0} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {8dd203c9-5834-11e4-be71-001167000000} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {8dd203d7-5834-11e4-be71-001167000000} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {ef63a8e9-c33e-11e4-8e02-001167000000} - E:\AutoRun.exe BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet) U3 awdiqpow; \??\C:\Users\SelenA\AppData\Local\Temp\awdiqpow.sys [X] Task: {F6F99271-40D1-4C8C-8326-7AFB8D25CFBD} - System32\Tasks\{21638B26-DC16-4CFF-B705-DBFE6EC05EE5} => C:\Users\SelenA\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe [2015-04-07] (TeamExtreme) EmptyTemp: U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Korak 3 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. u EULA prozoru klikni na I agree. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Cleaning i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl" Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

Profil

vuksel Poslao: 11 Apr 2015 10:27 Idi na vrh
offline vuksel Građanin Pridružio: 18 Apr 2009 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 11 Apr 2015 10:11 Deinstalirano: Extended update i Tune up Frst odradjen i evo sadrzaja: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015 Ran by SelenA at 2015-04-11 10:01:14 Run:1 Running from C:\Users\SelenA\Downloads Loaded Profiles: SelenA (Available profiles: SelenA) Boot Mode: Normal ============================================== Content of fixlist: *************** HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {03e9b264-a7c0-11e4-9146-001167000000} - G:\LGAutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {2329aa06-98bc-11e4-a540-001167000000} - G:\LGAutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {6130e2d3-585a-11e4-b749-001167000000} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {6130e2de-585a-11e4-b749-001167000000} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {8dd203bb-5834-11e4-be71-0030671f90b0} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {8dd203c9-5834-11e4-be71-001167000000} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {8dd203d7-5834-11e4-be71-001167000000} - E:\AutoRun.exe HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\...\MountPoints2: {ef63a8e9-c33e-11e4-8e02-001167000000} - E:\AutoRun.exe BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet) U3 awdiqpow; \??\C:\Users\SelenA\AppData\Local\Temp\awdiqpow.sys [X] Task: {F6F99271-40D1-4C8C-8326-7AFB8D25CFBD} - System32\Tasks\{21638B26-DC16-4CFF-B705-DBFE6EC05EE5} => C:\Users\SelenA\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe [2015-04-07] (TeamExtreme) EmptyTemp: *************** "HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03e9b264-a7c0-11e4-9146-001167000000}" => Key deleted successfully. HKCR\CLSID\{03e9b264-a7c0-11e4-9146-001167000000} => Key not found. "HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2329aa06-98bc-11e4-a540-001167000000}" => Key deleted successfully. HKCR\CLSID\{2329aa06-98bc-11e4-a540-001167000000} => Key not found. "HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6130e2d3-585a-11e4-b749-001167000000}" => Key deleted successfully. HKCR\CLSID\{6130e2d3-585a-11e4-b749-001167000000} => Key not found. "HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6130e2de-585a-11e4-b749-001167000000}" => Key deleted successfully. HKCR\CLSID\{6130e2de-585a-11e4-b749-001167000000} => Key not found. "HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8dd203bb-5834-11e4-be71-0030671f90b0}" => Key deleted successfully. HKCR\CLSID\{8dd203bb-5834-11e4-be71-0030671f90b0} => Key not found. "HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8dd203c9-5834-11e4-be71-001167000000}" => Key deleted successfully. HKCR\CLSID\{8dd203c9-5834-11e4-be71-001167000000} => Key not found. "HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8dd203d7-5834-11e4-be71-001167000000}" => Key deleted successfully. HKCR\CLSID\{8dd203d7-5834-11e4-be71-001167000000} => Key not found. "HKU\S-1-5-21-4083034163-1963661737-3383224876-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef63a8e9-c33e-11e4-8e02-001167000000}" => Key deleted successfully. HKCR\CLSID\{ef63a8e9-c33e-11e4-8e02-001167000000} => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}" => Key deleted successfully. "HKCR\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}" => Key deleted successfully. awdiqpow => Service not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F6F99271-40D1-4C8C-8326-7AFB8D25CFBD}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6F99271-40D1-4C8C-8326-7AFB8D25CFBD}" => Key deleted successfully. C:\Windows\System32\Tasks\{21638B26-DC16-4CFF-B705-DBFE6EC05EE5} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{21638B26-DC16-4CFF-B705-DBFE6EC05EE5}" => Key deleted successfully. EmptyTemp: => Removed 765 MB temporary data. The system needed a reboot. Dopuna: 11 Apr 2015 10:27 Evo ga i izvestaj od AdwCleanera mycity.rs/must-login.png

Profil

Sass Drake Poslao: 11 Apr 2015 10:58 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje?

Profil

vuksel Poslao: 11 Apr 2015 11:09 Idi na vrh
offline vuksel Građanin Pridružio: 18 Apr 2009 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mnogo bolje,programi se otvaraju brze kao i net. Hvala,najbolji ste.....

Profil

Sass Drake Poslao: 11 Apr 2015 11:11 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nismo još završili. Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Sistem koci

Ko je trenutno na forumu

Ukupno su 852 korisnika na forumu :: 5 registrovanih, 4 sakrivenih i 843 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Lazarus, mnn2, VJ, yrraf

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by