Sistem se podize tek posle restarta na dugme

Sistem se podize tek posle restarta na dugme

offline
  • Pridružio: 12 Feb 2007
  • Poruke: 1221

Prijateljev PC prilikom ukljucivanja racunara Win XP se podigne dok ne prikaze pozadinu koja stoji na desktopu i tu stane, ne pojavljuju se ikonice ni taskbar sa start menijem. tek posle restarta na dugme se podigne normalno.

Na racunaru su bili instalirani krekovani antivirusni i antimalware programi kao i razni tulbarovi i ostali nepotrebni programi. Obrisao skoro sam sve to pa bih voleo da proverimo da li je taj PC zarazen i dalje ili je potrebna reinstalacija.

Pored toga stranice ovde na mycity se dugo otvaraju u Firefoxu, a instaliran je samo video downloader helper add-on.

DDS izvestaj:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Irena at 14:54:35 on 2014-01-18
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3564.3164 [GMT 1:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\MSI\Super-Charger\ChargeService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k NetworkService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/ncr
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1373202106921
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{BEB1A58A-16A4-42E0-8FE3-D4A3EFC59E74} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
AppInit_DLLs=
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\32.0.1700.41\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\irena\application data\mozilla\firefox\profiles\adfdl2s4.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1207148.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_43.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-10-18 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-10-18 180248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-18 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2013-10-18 410528]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-18 67824]
R2 MSI_SuperCharger;MSI_SuperCharger;c:\program files\msi\super-charger\ChargeService.exe [2013-7-6 136704]
R3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2013-7-6 55104]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files\msi\super-charger\NTIOLib.sys [2013-7-6 7680]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-10-18 50344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-7-6 1691480]
S3 MSICDSetup;MSICDSetup;\??\d:\cdriver.sys --> d:\CDriver.sys [?]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C;\??\d:\ntiolib.sys --> d:\NTIOLib.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== Created Last 30 ================
.
2014-01-18 13:43:04 -------- d-----w- c:\program files\VS Revo Group
2014-01-18 12:58:29 -------- d-----w- c:\windows\system32\MRT
2014-01-09 23:11:20 -------- d-----w- c:\program files\MSXML 4.0
2014-01-09 05:02:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-09 05:02:27 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-01-09 04:38:01 -------- d-----w- c:\documents and settings\irena\local settings\application data\Mozilla
2014-01-09 00:28:17 -------- d-----w- c:\documents and settings\irena\application data\uTorrent
2014-01-08 19:29:34 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2014-01-08 19:28:49 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2014-01-08 19:28:35 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2014-01-08 19:26:57 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2014-01-08 19:20:53 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2014-01-08 19:20:52 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2014-01-08 19:20:08 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2014-01-08 19:20:08 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2014-01-08 19:19:56 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2014-01-08 19:19:42 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2014-01-08 19:19:35 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2014-01-08 19:19:34 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2014-01-08 19:19:34 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2014-01-08 19:19:34 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2014-01-08 19:19:34 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2014-01-08 19:19:34 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2014-01-08 19:19:34 110592 -c----w- c:\windows\system32\dllcache\services.exe
2014-01-08 19:15:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2014-01-08 19:14:55 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2014-01-08 19:14:41 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2014-01-08 19:14:41 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2014-01-08 19:13:01 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2014-01-08 19:12:58 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys
2014-01-08 19:12:58 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2014-01-08 19:12:58 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2014-01-08 19:09:54 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2014-01-08 19:08:28 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2014-01-08 19:08:28 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
2014-01-08 19:08:28 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2014-01-08 19:08:28 144128 -c----w- c:\windows\system32\dllcache\usbport.sys
2014-01-08 19:06:31 -------- d-sh--w- c:\documents and settings\irena\IECompatCache
2014-01-08 19:05:42 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2014-01-08 19:04:33 536576 -c----w- c:\windows\system32\dllcache\msado15.dll
2014-01-08 19:04:19 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2014-01-08 19:00:53 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
2014-01-08 19:00:51 2149888 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2014-01-08 19:00:50 2193536 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2014-01-08 19:00:49 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2014-01-08 19:00:48 2070144 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2014-01-08 19:00:39 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2014-01-08 19:00:39 3072 ------w- c:\windows\system32\iacenc.dll
2014-01-08 19:00:36 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2014-01-08 19:00:14 86016 -c----w- c:\windows\system32\dllcache\cabview.dll
2014-01-08 18:49:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2014-01-08 18:49:36 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2014-01-08 18:49:20 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2014-01-08 18:49:11 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-07 17:35:14 -------- d-----w- c:\documents and settings\irena\local settings\application data\PCHealth
2014-01-04 17:08:48 -------- d-----w- c:\documents and settings\all users\application data\Files To Phones
2013-12-31 23:09:34 -------- d-----w- c:\documents and settings\all users\application data\fjmcodeedhdmlbbhnbncllflkchdkljp
2013-12-31 23:09:34 -------- d-----w- c:\documents and settings\all users\application data\DiscOuntExtensi
2013-12-31 23:09:29 -------- d-----w- c:\documents and settings\all users\application data\SavierExttenssioon
.
==================== Find3M ====================
.
2013-12-31 23:48:03 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-31 23:48:03 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-31 23:48:03 43152 ----a-w- c:\windows\avastSS.scr
2013-12-31 23:48:03 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-19 01:56:36 4558848 ----a-w- c:\windows\system32\GPhotos.scr
2013-12-01 09:15:30 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2013-11-28 22:45:55 98304 ----a-w- c:\windows\system32CmdLineExt.dll
2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03:31 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:26:17 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:57:34 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:57:33 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-29 07:57:33 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:57:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-29 00:45:02 385024 ------w- c:\windows\system32\html.iec
2013-10-23 23:45:49 172032 ----a-w- c:\windows\system32\scrrun.dll
2013-01-19 07:44:40 2174976 ----a-w- c:\program files\common files\atimpenc.dll
.
============= FINISH: 14:54:56,29 ===============

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10459
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt



Arrow Korak 2

Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.



Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);


Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

offline
  • Pridružio: 12 Feb 2007
  • Poruke: 1221

Adwcleaner log

https://www.mycity.rs/must-login.png

Gmer logovi

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10459
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi sUBs-ov ComboFix sa sljedeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati fajl, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".

U toku rada, ComboFix će:provjeriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izvještaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obilježeni tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izvještaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primjetiš da izvještaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje fajla C:\ComboFix.txt uz poruku.
Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata.
Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata.
Ako nakon restarta dobijaš grešku prilikom startovanja nekih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to će riješiti problem.

offline
  • Pridružio: 12 Feb 2007
  • Poruke: 1221

ComboFix log

ComboFix 14-01-16.03 - Irena 18.01.2014 21:02:01.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3564.3111 [GMT 1:00]
Running from: c:\documents and settings\Irena\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
C:\prefs.js
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_DEFAULTTABSEARCH
.
.
((((((((((((((((((((((((( Files Created from 2013-12-18 to 2014-01-18 )))))))))))))))))))))))))))))))
.
.
2014-01-18 16:11 . 2014-01-18 16:12 -------- d-----w- C:\AdwCleaner
2014-01-18 13:43 . 2014-01-18 13:43 -------- d-----w- c:\program files\VS Revo Group
2014-01-18 12:58 . 2014-01-18 12:59 -------- d-----w- c:\windows\system32\MRT
2014-01-09 23:11 . 2014-01-09 23:11 -------- d-----w- c:\program files\MSXML 4.0
2014-01-09 05:02 . 2014-01-18 13:48 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-09 05:02 . 2014-01-18 13:48 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-01-09 04:38 . 2014-01-09 04:38 -------- d-----w- c:\documents and settings\Irena\Local Settings\Application Data\Mozilla
2014-01-09 04:37 . 2014-01-09 04:37 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-01-09 00:28 . 2014-01-18 13:39 -------- d-----w- c:\documents and settings\Irena\Application Data\uTorrent
2014-01-08 19:29 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2014-01-08 19:28 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2014-01-08 19:28 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2014-01-08 19:26 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2014-01-08 19:20 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2014-01-08 19:20 . 2013-07-03 02:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2014-01-08 19:20 . 2010-08-27 08:02 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2014-01-08 19:20 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2014-01-08 19:19 . 2013-11-27 20:21 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2014-01-08 19:19 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2014-01-08 19:19 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2014-01-08 19:19 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2014-01-08 19:19 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2014-01-08 19:19 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2014-01-08 19:19 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2014-01-08 19:19 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2014-01-08 19:19 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2014-01-08 19:15 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2014-01-08 19:14 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2014-01-08 19:14 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2014-01-08 19:14 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2014-01-08 19:13 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2014-01-08 19:12 . 2013-07-17 00:58 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2014-01-08 19:12 . 2013-07-17 00:58 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2014-01-08 19:12 . 2013-07-17 00:58 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys
2014-01-08 19:09 . 2012-07-04 14:05 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2014-01-08 19:08 . 2013-08-09 00:55 144128 -c----w- c:\windows\system32\dllcache\usbport.sys
2014-01-08 19:08 . 2013-08-09 00:55 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
2014-01-08 19:08 . 2013-08-09 00:55 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2014-01-08 19:08 . 2009-03-18 11:02 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2014-01-08 19:06 . 2014-01-09 00:29 -------- d-sh--w- c:\documents and settings\Irena\IECompatCache
2014-01-08 19:05 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2014-01-08 19:04 . 2012-05-28 18:16 536576 -c----w- c:\windows\system32\dllcache\msado15.dll
2014-01-08 19:04 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2014-01-08 19:00 . 2010-12-09 15:15 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
2014-01-08 19:00 . 2013-07-04 03:03 2149888 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2014-01-08 19:00 . 2013-07-04 02:59 2193536 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2014-01-08 19:00 . 2013-07-04 02:08 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2014-01-08 19:00 . 2013-07-04 02:08 2070144 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2014-01-08 19:00 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2014-01-08 19:00 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2014-01-08 19:00 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2014-01-08 19:00 . 2010-01-13 14:01 86016 -c----w- c:\windows\system32\dllcache\cabview.dll
2014-01-08 18:49 . 2008-04-14 04:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2014-01-08 18:49 . 2008-04-13 23:09 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2014-01-08 18:49 . 2008-04-13 23:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2014-01-08 18:49 . 2013-08-09 00:55 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-07 17:35 . 2014-01-07 17:35 -------- d-----w- c:\documents and settings\Irena\Local Settings\Application Data\PCHealth
2014-01-04 17:08 . 2014-01-04 17:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Files To Phones
2013-12-31 23:09 . 2013-12-31 23:42 -------- d-----w- c:\documents and settings\All Users\Application Data\DiscOuntExtensi
2013-12-31 23:09 . 2013-12-31 23:09 -------- d-----w- c:\documents and settings\All Users\Application Data\fjmcodeedhdmlbbhnbncllflkchdkljp
2013-12-31 23:09 . 2013-12-31 23:42 -------- d-----w- c:\documents and settings\All Users\Application Data\SavierExttenssioon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-31 23:48 . 2013-10-18 21:24 410528 ----a-w- c:\windows\system32\drivers\aswsp.sys
2013-12-31 23:48 . 2013-10-18 21:24 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-12-31 23:48 . 2013-10-18 21:24 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-12-31 23:48 . 2013-10-18 21:24 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-31 23:48 . 2013-10-18 21:24 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-31 23:48 . 2013-10-18 21:24 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-31 23:48 . 2013-10-18 21:23 43152 ----a-w- c:\windows\avastSS.scr
2013-12-31 23:48 . 2013-07-06 12:28 270240 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-19 01:56 . 2013-12-19 01:56 4558848 ----a-w- c:\windows\system32\GPhotos.scr
2013-12-01 09:15 . 2013-12-01 09:15 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2013-11-28 22:45 . 2013-11-28 22:45 98304 ----a-w- c:\windows\system32CmdLineExt.dll
2013-11-27 20:21 . 2004-08-04 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 02:59 . 2004-08-04 12:00 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2004-08-04 12:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03 . 2013-07-06 21:18 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:26 . 2004-08-04 12:00 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:57 . 2004-08-04 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:57 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-29 07:57 . 2004-08-04 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:57 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-29 00:45 . 2004-08-04 12:00 385024 ------w- c:\windows\system32\html.iec
2013-10-23 23:45 . 2004-08-04 12:00 172032 ----a-w- c:\windows\system32\scrrun.dll
2013-01-19 07:44 . 2013-01-19 07:44 2174976 ----a-w- c:\program files\Common Files\atimpenc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-31 23:48 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-31 3764024]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
backup=c:\windows\pss\CodecPackUpdateChecker.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Irena^Start Menu^Programs^Startup^MagicDisc.lnk]
path=c:\documents and settings\Irena\Start Menu\Programs\Startup\MagicDisc.lnk
backup=c:\windows\pss\MagicDisc.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Irena^Start Menu^Programs^Startup^MyPC Backup.lnk]
path=c:\documents and settings\Irena\Start Menu\Programs\Startup\MyPC Backup.lnk
backup=c:\windows\pss\MyPC Backup.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-09-05 14:03 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2012-05-15 09:40 15504192 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2012-05-15 09:40 108352 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2012-05-15 10:18 1634112 ----a-r- c:\program files\NVIDIA Corporation\nview\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2012-06-06 06:00 20065936 ----a-r- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super-Charger]
2012-07-27 16:52 495616 ----a-w- c:\program files\MSI\Super-Charger\Super-Charger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2014-01-09 00:29 1340496 ----a-w- c:\documents and settings\Irena\Application Data\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\Irena\\Application Data\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Red Alert 2 Yuri's Revenge\\game.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [18.10.2013 22:24 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [18.10.2013 22:24 180248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [18.10.2013 22:24 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [18.10.2013 22:24 410528]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [18.10.2013 22:24 67824]
R2 MSI_SuperCharger;MSI_SuperCharger;c:\program files\MSI\Super-Charger\ChargeService.exe [6.7.2013 12:17 136704]
R3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [6.7.2013 12:17 55104]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files\MSI\Super-Charger\NTIOLib.sys [6.7.2013 12:17 7680]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [6.7.2013 12:21 1691480]
S3 MSICDSetup;MSICDSetup;\??\d:\cdriver.sys --> d:\CDriver.sys [?]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C;\??\d:\ntiolib.sys --> d:\NTIOLib.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - NTIOLIB_1_0_3
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 08:43 1211344 ----a-w- c:\program files\Google\Chrome\Application\32.0.1700.41\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-09 13:48]
.
2014-01-18 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-10-18 23:48]
.
2014-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-06 11:16]
.
2014-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-06 11:16]
.
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.com/ncr
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Irena\Application Data\Mozilla\Firefox\Profiles\adfdl2s4.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
MSConfigStartUp-SpeedConnectStartUp - c:\program files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSConfigStartUp-TkBellExe - c:\program files\Real\RealPlayer\update\realsched.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-18 21:06
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\avast! sandbox
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1715567821-1606980848-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:4b,ec,87,c3,5c,62,01,18,b3,cd,ce,3b,98,db,44,ad,68,df,74,31,75,12,9a,
da,13,de,d1,4d,1e,32,d3,02,b5,f5,01,b8,5b,07,80,60,89,8d,f9,46,8b,5e,74,0b,\
"??"=hex:be,8d,49,c6,af,88,31,c4,d4,fc,71,77,a5,0e,e5,5a
.
[HKEY_USERS\S-1-5-21-1715567821-1606980848-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:49,b3,4b,4a,13,2f,98,96,3a,b4,f0,f8,f7,62,ed,e7,9c,09,bb,50,88,
22,a2,4e,d2,26,f3,18,5d,ad,87,1a,0e,c8,2e,7b,33,d3,17,37,3d,85,ba,aa,e8,f1,\
"rkeysecu"=hex:da,ce,8f,a1,d7,a0,f4,20,96,f6,7e,1a,1b,4e,06,1a
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1884)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\nvsvc32.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2014-01-18 21:07:37 - machine was rebooted
ComboFix-quarantined-files.txt 2014-01-18 20:07
.
Pre-Run: 120.151.535.616 bytes free
Post-Run: 120.219.475.968 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - EEF59D1B6A60CD84A10CA127FD0BC74E
8F558EB6672622401DA993E1E865C861

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10459
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow

Otvori Notepad i iskopiraj sljedeći tekst:

Folder::
c:\documents and settings\All Users\Application Data\DiscOuntExtensi
c:\documents and settings\All Users\Application Data\fjmcodeedhdmlbbhnbncllflkchdkljp
c:\documents and settings\All Users\Application Data\SavierExttenssioon

ClearJavaCache::


Snimi na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sljedećoj poruci log koji bude bio napravljen na kraju čišćenja/skeniranja.




Question

Kakvo je sada stanje?

offline
  • Pridružio: 12 Feb 2007
  • Poruke: 1221

Napisano: 19 Jan 2014 4:18

ComboFix log

ComboFix 14-01-16.03 - Irena 19.01.2014 4:10.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3564.3101 [GMT 1:00]
Running from: c:\documents and settings\Irena\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Irena\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\DiscOuntExtensi
c:\documents and settings\All Users\Application Data\DiscOuntExtensi\n4zY1Ati.dat
c:\documents and settings\All Users\Application Data\DiscOuntExtensi\n4zY1Ati.tlb
c:\documents and settings\All Users\Application Data\fjmcodeedhdmlbbhnbncllflkchdkljp
c:\documents and settings\All Users\Application Data\fjmcodeedhdmlbbhnbncllflkchdkljp\background.html
c:\documents and settings\All Users\Application Data\fjmcodeedhdmlbbhnbncllflkchdkljp\content.js
c:\documents and settings\All Users\Application Data\fjmcodeedhdmlbbhnbncllflkchdkljp\lsdb.js
c:\documents and settings\All Users\Application Data\fjmcodeedhdmlbbhnbncllflkchdkljp\manifest.json
c:\documents and settings\All Users\Application Data\fjmcodeedhdmlbbhnbncllflkchdkljp\OcLRfL6Ooa.js
c:\documents and settings\All Users\Application Data\SavierExttenssioon
c:\documents and settings\All Users\Application Data\SavierExttenssioon\DpofPmgkIk.dat
c:\documents and settings\All Users\Application Data\SavierExttenssioon\DpofPmgkIk.tlb
.
.
((((((((((((((((((((((((( Files Created from 2013-12-19 to 2014-01-19 )))))))))))))))))))))))))))))))
.
.
2014-01-18 16:11 . 2014-01-18 16:12 -------- d-----w- C:\AdwCleaner
2014-01-18 13:43 . 2014-01-18 13:43 -------- d-----w- c:\program files\VS Revo Group
2014-01-18 12:58 . 2014-01-18 12:59 -------- d-----w- c:\windows\system32\MRT
2014-01-09 23:11 . 2014-01-09 23:11 -------- d-----w- c:\program files\MSXML 4.0
2014-01-09 05:02 . 2014-01-18 13:48 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-09 05:02 . 2014-01-18 13:48 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-01-09 04:38 . 2014-01-09 04:38 -------- d-----w- c:\documents and settings\Irena\Local Settings\Application Data\Mozilla
2014-01-09 04:37 . 2014-01-09 04:37 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-01-09 00:28 . 2014-01-18 13:39 -------- d-----w- c:\documents and settings\Irena\Application Data\uTorrent
2014-01-08 19:29 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2014-01-08 19:28 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2014-01-08 19:28 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2014-01-08 19:26 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2014-01-08 19:20 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2014-01-08 19:20 . 2013-07-03 02:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2014-01-08 19:20 . 2010-08-27 08:02 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2014-01-08 19:20 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2014-01-08 19:19 . 2013-11-27 20:21 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2014-01-08 19:19 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2014-01-08 19:19 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2014-01-08 19:19 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2014-01-08 19:19 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2014-01-08 19:19 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2014-01-08 19:19 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2014-01-08 19:19 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2014-01-08 19:19 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2014-01-08 19:15 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2014-01-08 19:14 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2014-01-08 19:14 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2014-01-08 19:14 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2014-01-08 19:13 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2014-01-08 19:12 . 2013-07-17 00:58 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2014-01-08 19:12 . 2013-07-17 00:58 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2014-01-08 19:12 . 2013-07-17 00:58 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys
2014-01-08 19:09 . 2012-07-04 14:05 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2014-01-08 19:08 . 2013-08-09 00:55 144128 -c----w- c:\windows\system32\dllcache\usbport.sys
2014-01-08 19:08 . 2013-08-09 00:55 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
2014-01-08 19:08 . 2013-08-09 00:55 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2014-01-08 19:08 . 2009-03-18 11:02 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2014-01-08 19:06 . 2014-01-09 00:29 -------- d-sh--w- c:\documents and settings\Irena\IECompatCache
2014-01-08 19:05 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2014-01-08 19:04 . 2012-05-28 18:16 536576 -c----w- c:\windows\system32\dllcache\msado15.dll
2014-01-08 19:04 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2014-01-08 19:00 . 2010-12-09 15:15 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
2014-01-08 19:00 . 2013-07-04 03:03 2149888 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2014-01-08 19:00 . 2013-07-04 02:59 2193536 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2014-01-08 19:00 . 2013-07-04 02:08 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2014-01-08 19:00 . 2013-07-04 02:08 2070144 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2014-01-08 19:00 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2014-01-08 19:00 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2014-01-08 19:00 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2014-01-08 19:00 . 2010-01-13 14:01 86016 -c----w- c:\windows\system32\dllcache\cabview.dll
2014-01-08 18:49 . 2008-04-14 04:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2014-01-08 18:49 . 2008-04-13 23:09 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2014-01-08 18:49 . 2008-04-13 23:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2014-01-08 18:49 . 2013-08-09 00:55 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-07 17:35 . 2014-01-07 17:35 -------- d-----w- c:\documents and settings\Irena\Local Settings\Application Data\PCHealth
2014-01-04 17:08 . 2014-01-04 17:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Files To Phones
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-31 23:48 . 2013-10-18 21:24 410528 ----a-w- c:\windows\system32\drivers\aswsp.sys
2013-12-31 23:48 . 2013-10-18 21:24 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-12-31 23:48 . 2013-10-18 21:24 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-12-31 23:48 . 2013-10-18 21:24 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-31 23:48 . 2013-10-18 21:24 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-31 23:48 . 2013-10-18 21:24 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-31 23:48 . 2013-10-18 21:23 43152 ----a-w- c:\windows\avastSS.scr
2013-12-31 23:48 . 2013-07-06 12:28 270240 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-19 01:56 . 2013-12-19 01:56 4558848 ----a-w- c:\windows\system32\GPhotos.scr
2013-12-01 09:15 . 2013-12-01 09:15 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2013-11-28 22:45 . 2013-11-28 22:45 98304 ----a-w- c:\windows\system32CmdLineExt.dll
2013-11-27 20:21 . 2004-08-04 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 02:59 . 2004-08-04 12:00 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2004-08-04 12:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03 . 2013-07-06 21:18 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:26 . 2004-08-04 12:00 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:57 . 2004-08-04 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:57 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-29 07:57 . 2004-08-04 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:57 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-29 00:45 . 2004-08-04 12:00 385024 ------w- c:\windows\system32\html.iec
2013-10-23 23:45 . 2004-08-04 12:00 172032 ----a-w- c:\windows\system32\scrrun.dll
2013-01-19 07:44 . 2013-01-19 07:44 2174976 ----a-w- c:\program files\Common Files\atimpenc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-31 23:48 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-31 3764024]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
backup=c:\windows\pss\CodecPackUpdateChecker.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Irena^Start Menu^Programs^Startup^MagicDisc.lnk]
path=c:\documents and settings\Irena\Start Menu\Programs\Startup\MagicDisc.lnk
backup=c:\windows\pss\MagicDisc.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Irena^Start Menu^Programs^Startup^MyPC Backup.lnk]
path=c:\documents and settings\Irena\Start Menu\Programs\Startup\MyPC Backup.lnk
backup=c:\windows\pss\MyPC Backup.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-09-05 14:03 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2012-05-15 09:40 15504192 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2012-05-15 09:40 108352 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2012-05-15 10:18 1634112 ----a-r- c:\program files\NVIDIA Corporation\nview\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2012-06-06 06:00 20065936 ----a-r- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super-Charger]
2012-07-27 16:52 495616 ----a-w- c:\program files\MSI\Super-Charger\Super-Charger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2014-01-09 00:29 1340496 ----a-w- c:\documents and settings\Irena\Application Data\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\Irena\\Application Data\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Red Alert 2 Yuri's Revenge\\game.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [18.10.2013 22:24 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [18.10.2013 22:24 180248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [18.10.2013 22:24 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [18.10.2013 22:24 410528]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [18.10.2013 22:24 67824]
R2 MSI_SuperCharger;MSI_SuperCharger;c:\program files\MSI\Super-Charger\ChargeService.exe [6.7.2013 12:17 136704]
R3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [6.7.2013 12:17 55104]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files\MSI\Super-Charger\NTIOLib.sys [6.7.2013 12:17 7680]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [6.7.2013 12:21 1691480]
S3 MSICDSetup;MSICDSetup;\??\d:\cdriver.sys --> d:\CDriver.sys [?]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C;\??\d:\ntiolib.sys --> d:\NTIOLib.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - NTIOLIB_1_0_3
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-09 13:48]
.
2014-01-19 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-10-18 23:48]
.
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.com/ncr
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Irena\Application Data\Mozilla\Firefox\Profiles\adfdl2s4.default\
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-19 04:12
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1715567821-1606980848-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:4b,ec,87,c3,5c,62,01,18,b3,cd,ce,3b,98,db,44,ad,68,df,74,31,75,12,9a,
da,13,de,d1,4d,1e,32,d3,02,b5,f5,01,b8,5b,07,80,60,89,8d,f9,46,8b,5e,74,0b,\
"??"=hex:be,8d,49,c6,af,88,31,c4,d4,fc,71,77,a5,0e,e5,5a
.
[HKEY_USERS\S-1-5-21-1715567821-1606980848-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:49,b3,4b,4a,13,2f,98,96,3a,b4,f0,f8,f7,62,ed,e7,9c,09,bb,50,88,
22,a2,4e,d2,26,f3,18,5d,ad,87,1a,0e,c8,2e,7b,33,d3,17,37,3d,85,ba,aa,e8,f1,\
"rkeysecu"=hex:da,ce,8f,a1,d7,a0,f4,20,96,f6,7e,1a,1b,4e,06,1a
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2014-01-19 04:13:38
ComboFix-quarantined-files.txt 2014-01-19 03:13
ComboFix2.txt 2014-01-18 20:07
.
Pre-Run: 120.339.701.760 bytes free
Post-Run: 120.328.491.008 bytes free
.
- - End Of File - - 42D11D9EA90EE02F867F6F185AB8C5BB
8F558EB6672622401DA993E1E865C861

Dopuna: 19 Jan 2014 4:26

Radi znatno bolje, stranice ovde na forumu iz Firefoxa se ucitavaju za neko normalno vreme (dosta brzo), ne koci vise prilikom ucitavanja stranica, OS se podigao iz prve kada sam ponovo ukljucio taj PC.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10459
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Onda bi to bilo to. Tragova malware-a nije bilo, a ostaci PUP softvera su uklonjeni. Ostaje ti još da uradiš sljedeće:


Arrow

Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti i 7 koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sljedeće:

ComboFix /Uninstall

Primjeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).


Sačekaj da se proces deinstalacije završi.



Arrow

Ponovo pokreni AdwCleaner
Klikni na dugme Uninstall i pričekaj da se postupak deinstalacije završi.




Arrow

Posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.



Arrow

Preporučujem da za zaštitu USB memorijskih uređaja koristiš MCShield.
Nema nikakve veze sa antivirus-om tj. neće ometati njegov rad, a pokazao se kao jedan od najboljih vida zaštite od malware-a koji se prenosi putem USB mem. uređaja.


Home Page MCShield-a: http://www.mcshield.net
Više o MCShield-u možeš saznati u ovoj temi: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html
Facebook stranica MCShield-a: http://www.facebook.com/MCShield

offline
  • Pridružio: 12 Feb 2007
  • Poruke: 1221

Odrađeno, i već sam bio predložio da koriste MCShield.

Nadam se da neće opet da krene sa krekovanim programima i igricama, u svakom slučaju hvala na trudu.

Ko je trenutno na forumu
 

Ukupno su 747 korisnika na forumu :: 47 registrovanih, 4 sakrivenih i 696 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 2967 - dana 31 Okt 2019 06:37

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, _commandos_, _Sale, Alojz Hauptman, AMCXXL, Bane_RS2, branko7, BSD2, Cobi026, dejanbenkovic, djboj, djonsule, djordjekec, Drug pukovnik, dule10savic, hyla, ivance95, ivica976, jery2, jovan.krcmar, Kubovac, ljiljak2, ljuba.b, Ljubitelj, lojola, manda87, mercedesamg, Mercury2, mgaji21, Milan A. Nikolic, Miskohd, mrvica78, nebkv, nikolaus112, nuke92, Panonsky, Panter2, Radovan Vinčić, repac, SD, Toni, trutcina, USSVoyager, vladetije, wulfy, zixmix, 1872