MyCity » Ambulanta -> Arhiva Ambulante » Teško inficiran komp

Teško inficiran komp

Napisano na dan: 22.4.2014

Strana:
1
2

Teško inficiran komp

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Acid_Burn Poslao: 22 Apr 2014 10:52 Idi na vrh
offline Acid_Burn Moderator foruma Glavni moderator foruma Zabava Hellraiser Demon to some. Angel to others Pridružio: 07 Jan 2005 Poruke: 25503 Gde živiš: Beneath the Black Sky	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pošto komp nije moj ono što sam uspeo da saznam i da sam dijagnostikujem do sada je sledeće: -Komp ne može na net,nešto ga blokira. Mrežna radi,ruter radi,sve radi ali i dalje ne može da otvori ni jednu stranu -Treba mu dobrih 5-10 minuta da učita ceo sistem sa svim desktopom -Nestalo je dosta windows fontova. -Ovu gamad pokreće sa start upom i nema šanse da se isključi boot tih programa -Avast je instaliran,updatovan i ne prijavljuje ništa prilikom skeniranja -S&D takodje ništa -AWARD Keylogger je instaliran radi kontrole detetove on line aktivnosti i bilo bi poželjno da ostane. Ako ne nikom ništa LOG DDS: DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16545 BrowserJavaVersion: 10.45.2 Run by UROS at 10:15:31 on 2014-04-22 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3070.2041 [GMT 2:00] . AV: avast! Antivirus Enabled/Updated {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus Enabled/Updated {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\atiesrxx.exe C:\Windows\system32\atieclxx.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files\ProKAward\aklservice.exe C:\Program Files\ProKAward\kl.exe C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Windows\System32\wscript.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Users\UROS\AppData\Local\Temp\cvbesp.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Users\UROS\AppData\Local\Temp\avicap.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\UROS\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\osk.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\System32\WUDFHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.rs/ uSearch Bar = hxxp://www.bing.com uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned> BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [TuneUp] wscript.exe //B "c:\users\uros\appdata\local\temp\TuneUp.Utilities.vbs" uRun: [Yontoo Desktop] "c:\users\uros\appdata\roaming\yontoo\YontooDesktop.exe" uRun: [ISUSPM] "c:\programdata\flexnet\connect\11\ISUSPM.exe" -scheduler uRun: [Google Update] "c:\users\uros\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [19716103e0878c20bdece13a4af1db02] "c:\users\uros\appdata\local\temp\avicap.exe" .. uRun: [49c6633e090ea1f818451573e772534a] "c:\users\uros\appdata\local\temp\cvbesp.exe" .. uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui mRun: [TuneUp] wscript.exe //B "c:\users\uros\appdata\local\temp\TuneUp.Utilities.vbs" mRun: [ASKLPro Startup] c:\program files\prokaward\kl.exe mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Nuance PDF Reader-reminder] "c:\program files\nuance\pdf reader\ereg\ereg.exe" -r "c:\programdata\nuance\pdf reader\ereg\Ereg.ini" mRun: [49c6633e090ea1f818451573e772534a] "c:\users\uros\appdata\local\temp\cvbesp.exe" .. mRun: [19716103e0878c20bdece13a4af1db02] "c:\users\uros\appdata\local\temp\avicap.exe" .. StartupFolder: c:\users\uros\appdata\roaming\microsoft\windows\start menu\programs\startup\19716103e0878c20bdece13a4af1db02.exe StartupFolder: c:\users\uros\appdata\roaming\microsoft\windows\start menu\programs\startup\49c6633e090ea1f818451573e772534a.exe StartupFolder: c:\users\uros\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\uros\appdata\roaming\dropbox\bin\Dropbox.exe StartupFolder: c:\users\uros\appdata\roaming\microsoft\windows\start menu\programs\startup\TuneUp.Utilities.vbs uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 95.180.0.18 95.180.1.2 TCP: Interfaces\{1D7417F2-DF3F-4ECC-9AF3-392C0DD199D9} : DHCPNameServer = 95.180.0.18 95.180.1.2 SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\users\uros\appdata\roaming\mozilla\firefox\profiles\ccjjnl1i.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms} FF - plugin: c:\program files\google\update\1.3.21.165\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\nuance\pdf reader\bin\nppdf.dll FF - plugin: c:\program files\nuance\pdf reader\bin\nppdf.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 FF - user.js: extentions.y2layers.installId - c0c07cc9-9de1-4f43-ae29-450acdb69d61 FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers . . FF - user.js: extentions.y2layers.installId - c0c07cc9-9de1-4f43-ae29-450acdb69d61 FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffers FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 6414ea35000000000000001d7dc5699c FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15951 FF - user.js: extensions.delta.vrsn - 1.8.24.6 FF - user.js: extensions.delta.vrsni - 1.8.24.6 FF - user.js: extensions.delta.vrsnTs - 1.8.24.613:54:56 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=121565&tsp=4994 FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false FF - user.js: extensions.buenosearch.tlbrSrchUrl - hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=TB_ss&mntrId=6414001D7DC5699C&affID=128492&tt=300314_06&tsp=5204 FF - user.js: extensions.buenosearch.tb_url - hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=TB_ss&mntrId=6414001D7DC5699C&affID=128492&tt=300314_06&tsp=5204 FF - user.js: extensions.buenosearch.id - 6414ea35000000000000001d7dc5699c FF - user.js: extensions.buenosearch.appId - {37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F} FF - user.js: extensions.buenosearch.instlDay - 16161 FF - user.js: extensions.buenosearch.vrsn - 1.8.28.7 FF - user.js: extensions.buenosearch.vrsni - 1.8.28.7 FF - user.js: extensions.buenosearch.vrsnTs - 1.8.28.720:37:33 FF - user.js: extensions.buenosearch.prtnrId - buenosearch FF - user.js: extensions.buenosearch.prdct - buenosearch FF - user.js: extensions.buenosearch.aflt - babsst FF - user.js: extensions.buenosearch.smplGrp - none FF - user.js: extensions.buenosearch.tlbrId - base FF - user.js: extensions.buenosearch.instlRef - sst FF - user.js: extensions.buenosearch.dfltLng - en FF - user.js: extensions.buenosearch.excTlbr - false FF - user.js: extensions.buenosearch.ffxUnstlRst - true FF - user.js: extensions.buenosearch.admin - false FF - user.js: extensions.buenosearch.autoRvrt - false FF - user.js: extensions.buenosearch.rvrt - false FF - user.js: extensions.buenosearch.newTab - false . . . . . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-22 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-3-22 180632] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2013-7-29 21576] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-1-28 776976] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-1-28 411552] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-1-4 242240] R1 wStLibG;wStLibG;c:\windows\system32\drivers\wStLibG.sys [2014-4-17 52920] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-6-18 217088] R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-4-18 291840] R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-4-21 24184] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-1-28 67824] R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-2-18 67776] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-2-18 50344] R2 SKLProService;Run software as Windows service;c:\program files\prokaward\aklservice.exe [2012-11-2 90112] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2014\TuneUpUtilitiesService32.exe [2013-12-18 1742136] R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2012-6-2 37944] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-6-18 79360] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2014\TuneUpUtilitiesDriver32.sys [2013-12-16 12320] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [2009-4-29 25088] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-5-4 14848] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-11-24 27192] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-5-4 49664] S4 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-1-28 1153368] . =============== Created Last 30 ================ . 2014-04-21 22:32:09 -------- d-----w- c:\users\uros\appdata\local\Mozilla 2014-04-21 22:27:48 203264 ----a-w- c:\users\uros\appdata\roaming\microsoft\windows\start menu\programs\startup\49c6633e090ea1f818451573e772534a.exe 2014-04-21 22:26:37 -------- d-----w- c:\users\uros\appdata\local\Google 2014-04-21 21:28:32 -------- d-----w- c:\program files\SAMSUNG 2014-04-21 21:26:38 -------- d-----w- c:\programdata\Samsung 2014-04-21 21:02:59 197304 ----a-w- c:\users\uros\appdata\roaming\microsoft\windows\start menu\programs\startup\19716103e0878c20bdece13a4af1db02.exe 2014-04-21 20:25:46 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys 2014-04-21 20:25:42 43152 ----a-w- c:\windows\avastSS.scr 2014-04-21 19:14:20 36664 ----a-w- c:\windows\system32\TURegOpt.exe 2014-04-21 19:14:18 25400 ----a-w- c:\windows\system32\authuitu.dll 2014-04-21 19:13:17 -------- d-----w- c:\program files\TuneUp Utilities 2014 2014-04-21 19:10:37 49859 --sha-w- c:\users\uros\appdata\roaming\microsoft\windows\start menu\programs\startup\TuneUp.Utilities.vbs 2014-04-21 19:10:37 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-04-21 19:09:41 -------- d-----w- c:\program files\TuneUp Software 2014-04-18 22:10:44 8050496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{19098c81-0cb9-48cf-99ac-15ffd3d1d97f}\mpengine.dll 2014-04-18 20:32:14 -------- d-----w- c:\users\uros\appdata\roaming\3909 2014-04-17 21:15:37 52920 ----a-w- c:\windows\system32\drivers\wStLibG.sys 2014-04-16 10:11:48 49859 ----a-w- c:\windows\TuneUp.Utilities.vbs 2014-03-28 16:12:28 -------- d-----w- c:\users\uros\appdata\roaming\DropboxMaster . ==================== Find3M ==================== . 2014-04-21 20:25:42 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2014-04-21 20:25:42 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2014-04-21 20:25:42 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2014-04-21 20:25:42 67776 ----a-w- c:\windows\system32\drivers\aswStm.sys 2014-04-21 20:25:42 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2014-04-21 20:25:42 180632 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-03-31 07:35:10 231584 ------w- c:\windows\system32\MpSigStub.exe 2014-03-11 20:57:10 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-03-11 20:57:10 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-03-07 23:12:00 1806848 ----a-w- c:\windows\system32\jscript9.dll 2014-03-07 23:02:19 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2014-03-07 23:02:07 1129472 ----a-w- c:\windows\system32\wininet.dll 2014-03-07 22:57:17 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2014-03-07 22:56:03 421376 ----a-w- c:\windows\system32\vbscript.dll 2014-03-07 22:52:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2014-02-07 01:07:56 2349056 ----a-w- c:\windows\system32\win32k.sys 2014-02-04 02:04:11 509440 ----a-w- c:\windows\system32\qedit.dll 2014-01-29 02:06:47 381440 ----a-w- c:\windows\system32\wer.dll . ============= FINISH: 10:15:56,59 =============== Attach file: https://www.mycity.rs/must-login.png

Profil

argus Poslao: 22 Apr 2014 11:33 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Deinstaliraj TuneUp Utilities. Preuzmi na desktop Anti-VBSVBE * Pokreni program klikni na Run i sacekaj da program zavrsi sa radom * Na deskopu ce se pojaviti izvestaj koji je potrebno iskopirati na forum. ****************** Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt **************************** Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: `filesrcm; startupall; skipfix-iedefaults; firefoxlook; chromelook;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

Acid_Burn Poslao: 22 Apr 2014 13:17 Idi na vrh
offline Acid_Burn Moderator foruma Glavni moderator foruma Zabava Hellraiser Demon to some. Angel to others Pridružio: 07 Jan 2005 Poruke: 25503 Gde živiš: Beneath the Black Sky	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Anti-VBSVBE ---------------------------------- Running fix at 22.4.2014 12:39:25 > Found: C:\Users\UROS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TuneUp.Utilities.vbs - deleted. > Found: c:\users\uros\appdata\local\temp\tuneup.utilities.vbs - deleted. > Found: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TuneUp - deleted. > Found: HKU\UROS\Software\Microsoft\Windows\CurrentVersion\Run\TuneUp - deleted. Fix finished at 22.4.2014 12:39:30 Anti-VBS/VBE, build 11 http://www.mcshield.net/download/tools/Anti-VBSVBE/ AdwCleaner https://www.mycity.rs/must-login.png zoek Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by UROS on uto 22.04.2014 at 13:08:23,42. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Safe Mode NETWORK Internet Access Detected Launched: C:\Users\UROS\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== ==== Deleting Files \ Folders ====================== C:\Windows\system32\appdata deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-04-21 20:25:42 0B5A0005C0BDF4A05174576AF80DEA04 43152 ----a-w- C:\Windows\avastSS.scr ====== C:\Users\UROS\AppData\Local\Temp ==== 2014-04-22 10:15:50 6333EBB38859C4F6DE1CCD18FAD9FD36 41984 ----a-w- C:\Users\UROS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpok4ml9.dll 2014-04-22 08:38:57 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\erunt\ERUNT.EXE 2014-04-21 22:31:25 56E1A14242583CC71C12A887626E8902 197304 ----a-w- C:\Users\UROS\AppData\Local\Temp\avicap.exe 2014-04-21 22:31:18 942E4A80240F94BAFD91A3A5D6C865B4 203264 ----a-w- C:\Users\UROS\AppData\Local\Temp\cvbesp.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-04-22 09:31:31 056EBE3D31D85DF1892F7DBFEA601C3B 499592 ----a-w- C:\Windows\System32\FNTCACHE.DAT 2014-04-08 22:35:32 BC63D80B6810238266D4334A80783D60 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2014-04-08 22:35:32 AC65D9692CA56D8581F75FCFE0C0C4D6 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2014-04-08 22:35:31 447C9FADAC167AA7031328C11464C7D0 421376 ----a-w- C:\Windows\System32\vbscript.dll 2014-04-08 22:35:30 D20FBD7E03F24A2720EAD746EADEE5A2 176640 ----a-w- C:\Windows\System32\ieui.dll 2014-04-08 22:35:30 4C43E955E8F782E722659364341E0529 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2014-04-08 22:35:30 48CB5C9B0942011010F5504F056FBF4E 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-04-08 22:35:29 E8E0342BC443D013E8806EE1B69C1FC7 717824 ----a-w- C:\Windows\System32\jscript.dll 2014-04-08 22:35:29 DCEBA94B909C218BA2E471AEB9913E1C 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2014-04-08 22:35:29 62077F806BC59CBD5A404338D710D133 1129472 ----a-w- C:\Windows\System32\wininet.dll 2014-04-08 22:35:28 6D4BC1F977EDF186A8C68152BFB43769 1806848 ----a-w- C:\Windows\System32\jscript9.dll 2014-04-08 22:35:28 46F8078ED1D499BF8149B7FDF915E5D5 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2014-04-08 22:35:28 077B7BE0796C9DA2E8C45F90496CFE36 231936 ----a-w- C:\Windows\System32\url.dll 2014-04-08 22:35:27 8229FB32D999CDD1DFA731E8E2E510A4 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-04-08 22:35:27 25B97E6F25AFDA7EA0C9BF3CB137B4D8 1105408 ----a-w- C:\Windows\System32\urlmon.dll 2014-04-08 22:35:26 D15B8C3BD0F2F6F520A10D5CFCE68879 9739264 ----a-w- C:\Windows\System32\ieframe.dll 2014-04-08 22:35:24 10D0FA4F2A6ADBEEA0FFF10583CC5407 12347904 ----a-w- C:\Windows\System32\mshtml.dll 2014-04-08 18:29:37 F74FFA7654702F81884BDB41EB80DAC2 868352 ----a-w- C:\Windows\System32\kernel32.dll ====== C:\Windows\system32\drivers ===== 2014-04-21 20:25:46 4D6C6E0505A8E5A0656DCB223497D37C 24184 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2014-04-17 21:15:37 7D5B493CB307C227DD3D49B30B9CF452 52920 ----a-w- C:\Windows\System32\drivers\wStLibG.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-04-21 21:28:32 -------- d-----w- C:\Program Files\SAMSUNG 2014-04-21 19:09:41 -------- d-----w- C:\Program Files\TuneUp Software ======= C: ===== ====== C:\Users\UROS\AppData\Roaming ====== 2014-04-22 09:46:52 -------- d-----w- C:\Users\UROS\AppData\Local\ElevatedDiagnostics 2014-04-21 22:32:09 -------- d-----w- C:\Users\UROS\AppData\Local\Mozilla 2014-04-21 22:26:37 -------- d-----w- C:\Users\UROS\AppData\Local\Google 2014-04-18 20:32:14 -------- d-----w- C:\Users\UROS\AppData\Roaming\3909 2014-03-28 16:12:28 -------- d-----w- C:\Users\UROS\AppData\Roaming\DropboxMaster ====== C:\Users\UROS ====== 2014-04-22 10:47:37 75289CAB6CFB7624124AAC337B2E09C2 1335637 ----a-w- C:\Users\UROS\Downloads\AdwCleaner.exe 2014-04-21 21:26:38 -------- d-----w- C:\ProgramData\Samsung 2014-04-21 20:34:20 3B892324A1EDE092397ABEB14F1E0CEC 33044640 ----a-w- C:\Users\UROS\Downloads\3.8.0.122_20140403070800.exe 2014-04-21 19:10:37 -------- d-sh--w- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} ====== C: exe-files == 2014-04-22 10:47:37 75289CAB6CFB7624124AAC337B2E09C2 1335637 ----a-w- C:\Users\UROS\Downloads\AdwCleaner.exe 2014-04-22 08:38:57 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\erunt\ERUNT.EXE 2014-04-21 22:31:25 56E1A14242583CC71C12A887626E8902 197304 ----a-w- C:\Users\UROS\AppData\Local\Temp\avicap.exe 2014-04-21 22:31:18 942E4A80240F94BAFD91A3A5D6C865B4 203264 ----a-w- C:\Users\UROS\AppData\Local\Temp\cvbesp.exe 2014-04-21 21:30:19 5371B4A0F75B5ACA7891B43D6E2EAD33 1021264 ----a-w- C:\Program Files\SAMSUNG\USB Drivers\Uninstall.exe 2014-04-21 20:34:20 3B892324A1EDE092397ABEB14F1E0CEC 33044640 ----a-w- C:\Users\UROS\Downloads\3.8.0.122_20140403070800.exe 2014-04-21 20:29:48 63D0737CB6002F203595E4152757CFAC 1672784 ----a-w- C:\Users\UROS\AppData\Roaming\uTorrent\uTorrent.exe 2014-04-21 20:28:22 63D0737CB6002F203595E4152757CFAC 1672784 ----a-w- C:\Users\UROS\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe 2014-04-16 13:28:04 C5E7BDB26338C24307275C703DD21A82 120460 ----a-w- C:\Program Files\TuneUp Software\TuneUp Utilities 2014\Uninstall.exe === C: other files == 2014-04-22 08:38:56 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\modules.bat 2014-04-22 08:38:56 C4A5476A9D54B400F1623A2EE7DDA5C5 13955 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\chrome.bat 2014-04-22 08:38:56 BAD6C67C870CC81C48DBA53089929884 153331 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\firefox.bat 2014-04-22 08:38:56 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\FWPolicy.bat 2014-04-22 08:38:56 B8AF52799C6359D40228B006C1432C57 16063 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\get.bat 2014-04-22 08:38:56 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\ask.bat 2014-04-22 08:38:56 87458834C37183459AA6F19EF5E06533 9099 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\runvalues.bat 2014-04-22 08:38:56 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\ev_clear.bat 2014-04-22 08:38:56 75C9C20DD9839BF287B43B0E179822DC 31414 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\iexplore.bat 2014-04-22 08:38:56 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\delorphans.bat 2014-04-22 08:38:56 58605DA3492FB918D3D40B1FB88046AE 39471 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\prelim.bat 2014-04-22 08:38:56 504CA0FC8BE3A47ECE89CEC2E5B21E67 10261 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\JRT.bat 2014-04-22 08:38:56 372EA6F783198102CF5779072EE78C79 24751 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\searchlnk.bat 2014-04-22 08:38:56 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\TDL4.bat 2014-04-22 08:38:56 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\medfos.bat 2014-04-22 08:38:56 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\delfolders.bat 2014-04-22 08:38:56 006F09DF7EB9E9E61935F16AF2B6DC71 150291 ----a-w- C:\Users\UROS\AppData\Local\Temp\jrt\misc.bat 2014-04-21 20:25:46 4D6C6E0505A8E5A0656DCB223497D37C 24184 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2014-04-17 21:15:37 7D5B493CB307C227DD3D49B30B9CF452 52920 ----a-w- C:\Windows\System32\drivers\wStLibG.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-1306698523-992630619-3036138130-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "osk.exe"="osk.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ASKLPro Startup"="C:\Program Files\ProKAward\kl.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "osk.exe"="osk.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASKLPro Startup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ASKLPro Startup" "hkey"="HKLM" "command"="C:\\Program Files\\ProKAward\\kl.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AvastUI.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AvastUI.exe" "hkey"="HKLM" "command"="\"C:\\Program Files\\AVAST Software\\Avast\\AvastUI.exe\" /nogui" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nuance PDF Reader-reminder] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Nuance PDF Reader-reminder" "hkey"="HKLM" "command"="\"C:\\Program Files\\Nuance\\PDF Reader\\Ereg\\Ereg.exe\" -r \"C:\\ProgramData\\Nuance\\PDF Reader\\Ereg\\Ereg.ini\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RtHDVCpl" "hkey"="HKLM" "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sidebar" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TuneUp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TuneUp" "hkey"="HKLM" "command"="wscript.exe //B \"C:\\Users\\UROS\\AppData\\Local\\Temp\\TuneUp.Utilities.vbs\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^UROS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\UROS\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\UROS\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" "item"="Dropbox" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"C:\\Users\\UROS\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" "uTorrent"="\"C:\\Users\\UROS\\Downloads\\uTorrent.exe\"" "TuneUp"="wscript.exe //B \"C:\\Users\\UROS\\AppData\\Local\\Temp\\TuneUp.Utilities.vbs\"" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "AMD AVT"="Cmd.exe /c start \"AMD Accelerated Video Transcoding device initialization\" /min \"C:\\Program Files\\AMD AVT\\bin\\kdbsync.exe\" aml" "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" "ASKLPro Startup"="C:\\Program Files\\ProKAward\\kl.exe" "TuneUp"="wscript.exe //B \"C:\\Users\\UROS\\AppData\\Local\\Temp\\TuneUp.Utilities.vbs\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11.03.2014 22:57] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [04.06.2013 18:41] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [04.06.2013 18:41] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1306698523-992630619-3036138130-1001Core.job --a------ C:\Users\UROS\AppData\Local\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1306698523-992630619-3036138130-1001UA.job --a------ C:\Users\UROS\AppData\Local\Google\Update\GoogleUpdate.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Google Updater and Installer" [C:\Users\UROS\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1306698523-992630619-3036138130-1001Core" [C:\Users\UROS\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1306698523-992630619-3036138130-1001UA" [C:\Users\UROS\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\{876BB048-9203-4C98-9407-D326A65EF806}" ["c:\users\uros\appdata\local\google\chrome\application\chrome.exe"] "C:\Windows\system32\tasks\{937D2AEA-7ECC-493C-87F7-C0F10BD6A1A7}" ["c:\users\uros\appdata\local\google\chrome\application\chrome.exe"] "C:\Windows\system32\tasks\{9EC7E198-DAB5-404E-B0BA-B59C03C034B4}" ["c:\users\uros\appdata\local\google\chrome\application\chrome.exe"] "C:\Windows\system32\tasks\{A52493FD-21BB-4268-A5D1-1A2AB759766D}" ["c:\users\uros\appdata\local\google\chrome\application\chrome.exe"] "C:\Windows\system32\tasks\{A8A475F7-F87B-4D3E-8AEA-4316C4F93442}" ["c:\users\uros\appdata\local\google\chrome\application\chrome.exe"] "C:\Windows\system32\tasks\{C4B93392-B38A-401D-A3FD-BE58AA021857}" ["c:\users\uros\appdata\local\google\chrome\application\chrome.exe"] "C:\Windows\system32\tasks\{D8C0A77D-04F3-48AB-9AC1-8D2A8599C0CE}" ["c:\users\uros\appdata\local\google\chrome\application\chrome.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [21.04.2014 22:25] ==== Firefox Extensions ====================== ProfilePath: C:\Users\UROS\AppData\Roaming\Mozilla\Firefox\Profiles\ccjjnl1i.default - avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\UROS\AppData\Roaming\Mozilla\Firefox\Profiles\ccjjnl1i.default 95812430959AE88CDD0301AB3A71913B - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update 6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45 F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18 CB862D18BC1359AB6949636ACA6A7444 - C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll - DocuCom PDF Plus CB862D18BC1359AB6949636ACA6A7444 - C:\Program Files\Nuance\PDF Reader\Bin\nppdf.dll - DocuCom PDF Plus ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iibmmjhgclhlahmjniokmhleigemjpbh - C:\Users\UROS\AppData\Local\CRE\iibmmjhgclhlahmjniokmhleigemjpbh.crx[] pacgpkgadgmibnhpdidcnfafllnmeomc - C:\Users\UROS\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions iibmmjhgclhlahmjniokmhleigemjpbh - C:\Users\UROS\AppData\Local\CRE\iibmmjhgclhlahmjniokmhleigemjpbh.crx[] pacgpkgadgmibnhpdidcnfafllnmeomc - C:\Users\UROS\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx[] ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.rs/" "Search Bar"="http://www.bing.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2 folders=4 16449 bytes) ==== EOF on uto 22.04.2014 at 13:13:45,55 ======================

Profil

argus Poslao: 22 Apr 2014 13:35 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ako si prebacivao preko fleske alate odmah instaliraj sledece. Preuzmi MCShield sa sljedeće adrese: http://www.mcshield.net/download/MCShield-Setup.exe Instaliraj MCShield i sačekaj da se završi uvodno skeniranje. Kad se završi uvodno skeniranje, ubacuj sve USB memorijske uređaje redom u USB port i svaki zadrži u portu dok MCShield ne izbaci poruku da je skeniranje završeno. Ukoliko imaš više USB uređaja, zabilježi negdje kojim su redom ubacivani. Objašnjenje: U USB memorijske uređaje spadaju svi oni uređaji koji po priključivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uređaji itd. Idi na Start -> All Programs -> MCShield -> Logs -> AllScans Otvoriće ti se izvještaj u Notepad-u čiji sadržaj treba da postaviš u poruku ***************************** Ponovo pokreni zoek ; zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; U beli okvir prozora iskopiraj sledeći tekst: `C:\Users\UROS\AppData\Local\Temp\avicap.exe;f C:\Users\UROS\AppData\Local\Temp\cvbesp.exe;f [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TuneUp];r "command"=-;r [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-];r "TuneUp"=-;r [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-];r "TuneUp"=-;r iibmmjhgclhlahmjniokmhleigemjpbh;chr C:\Users\UROS\AppData\Local\CRE\iibmmjhgclhlahmjniokmhleigemjpbh.crx;chr emptyalltemp; autoclean; emptyclsid;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku. ****************************** Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop: Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom. Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija. dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor; pričekati koji trenutak dok alat proverava postoji li novija verzija; klikni na dugme Scan; po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj FRST.txt izveštaja u poruku; po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt); okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

Profil

Acid_Burn Poslao: 22 Apr 2014 14:34 Idi na vrh
offline Acid_Burn Moderator foruma Glavni moderator foruma Zabava Hellraiser Demon to some. Angel to others Pridružio: 07 Jan 2005 Poruke: 25503 Gde živiš: Beneath the Black Sky	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: MCShield >>> MCShield AllScans.txt <<< ----------------------------- MCShield ::Anti-Malware Tool:: http://www.mcshield.net/ >>> v 3.0.5.28 / DB: 2014.4.12.1 / Windows 7 <<< 22.4.2014 13:53:53 > Drive C: - scan started (no label ~76 GB, NTFS HDD )... => The drive is clean. 22.4.2014 13:53:54 > Drive D: - scan started (Documents ~117 GB, NTFS HDD )... => The drive is clean. 22.4.2014 13:53:54 > Drive E: - scan started (Muzika ~117 GB, NTFS HDD )... => The drive is clean. 22.4.2014 13:53:54 > Drive F: - scan started (Sistem ~64 GB, NTFS HDD )... => The drive is clean. MCShield ::Anti-Malware Tool:: http://www.mcshield.net/ >>> v 3.0.5.28 / DB: 2014.4.12.1 / Windows 7 <<< 22.4.2014 13:54:13 > Drive L: - scan started (CRUZER ~1904 MB, FAT32 flash drive )... => The drive is clean. MCShield ::Anti-Malware Tool:: http://www.mcshield.net/ >>> v 3.0.5.28 / DB: 2014.4.12.1 / Windows 7 <<< 22.4.2014 13:55:34 > Drive L: - scan started (CRUZER ~1904 MB, FAT32 flash drive )... => The drive is clean. MCShield ::Anti-Malware Tool:: http://www.mcshield.net/ >>> v 3.0.5.28 / DB: 2014.4.12.1 / Windows 7 <<< 22.4.2014 13:56:09 > Drive L: - scan started (PENDRIVE ~1916 MB, FAT32 flash drive )... => The drive is clean. Zoek Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by UROS on uto 22.04.2014 at 13:58:28,62. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\UROS\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-04-22-111345.log 17784 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\UROS\AppData\Roaming\Mozilla\Firefox\Profiles\ccjjnl1i.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_22.04.2014_1416_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TuneUp] "command"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "TuneUp"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "TuneUp"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted C:\PROGRA~2\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted C:\Program Files\GUM814B.tmp deleted C:\Windows\wininit.ini deleted C:\Windows\System32\searchplugins deleted C:\Windows\System32\Extensions deleted C:\Users\UROS\AppData\Roaming\Mozilla\Firefox\Profiles\ccjjnl1i.default\jetpack deleted C:\Users\UROS\AppData\Roaming\Mozilla\Firefox\Profiles\ccjjnl1i.default\CT3072253 deleted "C:\Users\UROS\AppData\Local\Temp\avicap.exe" deleted "C:\Users\UROS\AppData\Local\Temp\cvbesp.exe" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [21.04.2014 22:25] ==== Firefox Extensions ====================== ProfilePath: C:\Users\UROS\AppData\Roaming\Mozilla\Firefox\Profiles\ccjjnl1i.default - avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\UROS\AppData\Roaming\Mozilla\Firefox\Profiles\ccjjnl1i.default 95812430959AE88CDD0301AB3A71913B - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update 6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45 F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18 CB862D18BC1359AB6949636ACA6A7444 - C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll - DocuCom PDF Plus CB862D18BC1359AB6949636ACA6A7444 - C:\Program Files\Nuance\PDF Reader\Bin\nppdf.dll - DocuCom PDF Plus ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iibmmjhgclhlahmjniokmhleigemjpbh - C:\Users\UROS\AppData\Local\CRE\iibmmjhgclhlahmjniokmhleigemjpbh.crx[] pacgpkgadgmibnhpdidcnfafllnmeomc - C:\Users\UROS\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions iibmmjhgclhlahmjniokmhleigemjpbh - C:\Users\UROS\AppData\Local\CRE\iibmmjhgclhlahmjniokmhleigemjpbh.crx[] pacgpkgadgmibnhpdidcnfafllnmeomc - C:\Users\UROS\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.rs/" "Search Bar"="http://www.bing.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.rs/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneUp deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UROS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UROS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\UROS\AppData\Local\Mozilla\Firefox\Profiles\ccjjnl1i.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=70 folders=33 792695 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UROS\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\UROS\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\UROS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on uto 22.04.2014 at 14:23:39,61 ====================== FRST Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-04-2014 Ran by UROS (administrator) on UROS-PC on 22-04-2014 14:25:52 Running from C:\Users\UROS\Downloads Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Award Software, Inc) C:\Program Files\ProKAward\aklservice.exe () C:\Program Files\ProKAward\kl.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe (Dropbox, Inc.) C:\Users\UROS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\Windows\System32\osk.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ASKLPro Startup] => C:\Program Files\ProKAward\kl.exe [3305472 2013-06-26] () HKU\S-1-5-21-1306698523-992630619-3036138130-1001\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-1306698523-992630619-3036138130-1001\...\MountPoints2: {be4d859f-6d53-11e2-bfbb-001d7dc5699c} - I:\Startme.exe Startup: C:\Users\UROS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\UROS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.rs/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF843E41793DFCC01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-rs SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\UROS\AppData\Roaming\Mozilla\Firefox\Profiles\ccjjnl1i.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: ZEON/PDF,version=2.0 - C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\UROS\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\UROS\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF Extension: Adblock Plus - C:\Users\UROS\AppData\Roaming\Mozilla\Firefox\Profiles\ccjjnl1i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-29] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-28] ========================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-04-18] (Advanced Micro Devices, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-18] (AVAST Software) S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2013-11-03] () S4 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) R2 SKLProService; C:\Program Files\ProKAward\aklservice.exe [90112 2011-10-28] (Award Software, Inc) ==================== Drivers (Whitelisted) ==================== R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-04-21] () R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-21] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-04-21] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-21] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-04-21] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-04-21] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [67776 2014-04-21] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-04-21] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-04] (DT Soft Ltd) S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider) R1 wStLibG; C:\Windows\System32\drivers\wStLibG.sys [52920 2014-04-17] (StdLib) S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-22 14:25 - 2014-04-22 14:26 - 00008058 _____ () C:\Users\UROS\Downloads\FRST.txt 2014-04-22 14:25 - 2014-04-22 14:25 - 00008019 _____ () C:\Users\UROS\Desktop\zoek-results.txt 2014-04-22 14:25 - 2014-04-22 14:25 - 00000000 ____D () C:\FRST 2014-04-22 14:21 - 2014-04-22 13:57 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-04-22 13:59 - 2014-04-22 13:13 - 00017784 _____ () C:\zoek-results2014-04-22-111345.log 2014-04-22 13:57 - 2014-04-22 13:57 - 00002714 _____ () C:\Users\UROS\Desktop\MCShield-AllScans.txt 2014-04-22 13:52 - 2014-04-22 14:23 - 00000000 ____D () C:\ProgramData\MCShield 2014-04-22 13:52 - 2014-04-22 13:52 - 00000000 ____D () C:\Program Files\MCShield 2014-04-22 13:48 - 2014-04-22 13:48 - 01048064 _____ (Farbar) C:\Users\UROS\Downloads\FRST.exe 2014-04-22 13:47 - 2014-04-22 13:48 - 00000512 _____ () C:\Users\UROS\Desktop\New Text Document.txt 2014-04-22 13:46 - 2014-04-22 13:46 - 02856736 _____ (MyCity) C:\Users\UROS\Downloads\MCShield-Setup.exe 2014-04-22 13:10 - 2014-04-22 14:23 - 00008019 _____ () C:\zoek-results.log 2014-04-22 13:08 - 2014-04-22 13:08 - 01285120 _____ () C:\Users\UROS\Downloads\zoek.exe 2014-04-22 13:01 - 2014-04-22 13:01 - 00000000 ____D () C:\Users\UROS\Downloads\zoek 2014-04-22 12:47 - 2014-04-22 12:47 - 01335637 _____ () C:\Users\UROS\Downloads\AdwCleaner.exe 2014-04-22 12:32 - 2014-04-22 14:16 - 00000000 ____D () C:\zoek_backup 2014-04-22 12:14 - 2014-04-22 14:23 - 00002108 _____ () C:\Windows\PFRO.log 2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\UROS\AppData\Local\Macromedia 2014-04-22 11:34 - 2014-04-22 14:26 - 00158180 _____ () C:\Windows\WindowsUpdate.log 2014-04-22 11:31 - 2014-04-22 14:23 - 00001558 _____ () C:\Windows\setupact.log 2014-04-22 11:31 - 2014-04-22 11:31 - 00499592 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-22 11:31 - 2014-04-22 11:31 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-22 11:24 - 2014-04-22 11:24 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-04-22 11:24 - 2014-04-22 11:24 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-22 00:32 - 2014-04-22 11:39 - 00000000 ____D () C:\Users\UROS\AppData\Local\Mozilla 2014-04-22 00:26 - 2014-04-22 00:26 - 00000000 ____D () C:\Users\UROS\AppData\Local\Google 2014-04-21 23:28 - 2014-04-21 23:28 - 00000000 ____D () C:\Program Files\SAMSUNG 2014-04-21 23:26 - 2014-04-21 23:26 - 00000000 ____D () C:\ProgramData\Samsung 2014-04-21 22:34 - 2014-04-21 22:34 - 33044640 _____ (PandoraTV) C:\Users\UROS\Downloads\3.8.0.122_20140403070800.exe 2014-04-21 22:29 - 2014-04-21 22:29 - 00000849 _____ () C:\Users\UROS\Desktop\µTorrent.lnk 2014-04-21 22:25 - 2014-04-21 22:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-04-21 22:25 - 2014-04-21 22:25 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-04-21 21:09 - 2014-04-21 21:09 - 00000000 ____D () C:\Program Files\TuneUp Software 2014-04-21 21:04 - 2014-04-21 21:04 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-04-18 22:32 - 2014-04-19 00:01 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\3909 2014-04-17 23:15 - 2014-04-17 23:15 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG.sys 2014-04-09 00:35 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-09 00:35 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-09 00:35 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-09 00:35 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-09 00:35 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-09 00:35 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-09 00:35 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-09 00:35 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-09 00:35 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-09 00:35 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-09 00:35 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-09 00:35 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-09 00:35 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-09 00:35 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-09 00:35 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-04-09 00:35 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-08 20:29 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-03-28 18:12 - 2014-03-28 18:12 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\DropboxMaster ==================== One Month Modified Files and Folders ======= 2014-04-22 14:26 - 2014-04-22 14:25 - 00008058 _____ () C:\Users\UROS\Downloads\FRST.txt 2014-04-22 14:26 - 2014-04-22 11:34 - 00158180 _____ () C:\Windows\WindowsUpdate.log 2014-04-22 14:25 - 2014-04-22 14:25 - 00008019 _____ () C:\Users\UROS\Desktop\zoek-results.txt 2014-04-22 14:25 - 2014-04-22 14:25 - 00000000 ____D () C:\FRST 2014-04-22 14:24 - 2012-12-24 09:37 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\Dropbox 2014-04-22 14:23 - 2014-04-22 13:52 - 00000000 ____D () C:\ProgramData\MCShield 2014-04-22 14:23 - 2014-04-22 13:10 - 00008019 _____ () C:\zoek-results.log 2014-04-22 14:23 - 2014-04-22 12:14 - 00002108 _____ () C:\Windows\PFRO.log 2014-04-22 14:23 - 2014-04-22 11:31 - 00001558 _____ () C:\Windows\setupact.log 2014-04-22 14:23 - 2012-11-02 22:13 - 00000049 _____ () C:\Windows\system32\E302AF636FDE.ini 2014-04-22 14:23 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-22 14:16 - 2014-04-22 12:32 - 00000000 ____D () C:\zoek_backup 2014-04-22 14:00 - 2012-01-28 21:57 - 00783310 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-22 13:57 - 2014-04-22 14:21 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-04-22 13:57 - 2014-04-22 13:57 - 00002714 _____ () C:\Users\UROS\Desktop\MCShield-AllScans.txt 2014-04-22 13:57 - 2012-04-07 19:20 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-22 13:55 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-22 13:55 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-22 13:52 - 2014-04-22 13:52 - 00000000 ____D () C:\Program Files\MCShield 2014-04-22 13:49 - 2012-11-24 00:22 - 00000000 ____D () C:\Windows\pss 2014-04-22 13:48 - 2014-04-22 13:48 - 01048064 _____ (Farbar) C:\Users\UROS\Downloads\FRST.exe 2014-04-22 13:48 - 2014-04-22 13:47 - 00000512 _____ () C:\Users\UROS\Desktop\New Text Document.txt 2014-04-22 13:46 - 2014-04-22 13:46 - 02856736 _____ (MyCity) C:\Users\UROS\Downloads\MCShield-Setup.exe 2014-04-22 13:39 - 2012-07-12 21:40 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1306698523-992630619-3036138130-1001UA.job 2014-04-22 13:13 - 2014-04-22 13:59 - 00017784 _____ () C:\zoek-results2014-04-22-111345.log 2014-04-22 13:08 - 2014-04-22 13:08 - 01285120 _____ () C:\Users\UROS\Downloads\zoek.exe 2014-04-22 13:01 - 2014-04-22 13:01 - 00000000 ____D () C:\Users\UROS\Downloads\zoek 2014-04-22 12:59 - 2013-11-13 23:52 - 00000000 ____D () C:\AdwCleaner 2014-04-22 12:47 - 2014-04-22 12:47 - 01335637 _____ () C:\Users\UROS\Downloads\AdwCleaner.exe 2014-04-22 12:25 - 2012-01-28 21:48 - 00000000 ____D () C:\Users\UROS 2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\UROS\AppData\Local\Macromedia 2014-04-22 11:47 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-22 11:39 - 2014-04-22 00:32 - 00000000 ____D () C:\Users\UROS\AppData\Local\Mozilla 2014-04-22 11:31 - 2014-04-22 11:31 - 00499592 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-22 11:31 - 2014-04-22 11:31 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-22 11:29 - 2012-09-29 19:41 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool 2014-04-22 11:29 - 2012-07-12 21:41 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-04-22 11:29 - 2012-03-03 15:43 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\uTorrent 2014-04-22 11:29 - 2012-01-30 22:18 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\Media Player Classic 2014-04-22 11:29 - 2012-01-29 06:36 - 00000000 ____D () C:\Windows\Panther 2014-04-22 11:29 - 2012-01-28 22:51 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\Winamp 2014-04-22 11:29 - 2012-01-28 22:51 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-22 11:29 - 2012-01-28 22:41 - 00000000 ____D () C:\Users\UROS\Tracing 2014-04-22 11:29 - 2012-01-28 22:39 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\DAEMON Tools Lite 2014-04-22 11:26 - 2012-01-28 23:03 - 00000939 _____ () C:\Windows\system32\Drivers\etc\hosts.txt 2014-04-22 11:24 - 2014-04-22 11:24 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-04-22 11:24 - 2014-04-22 11:24 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-22 00:26 - 2014-04-22 00:26 - 00000000 ____D () C:\Users\UROS\AppData\Local\Google 2014-04-21 23:58 - 2012-12-24 09:40 - 00000000 ___RD () C:\Users\UROS\Dropbox 2014-04-21 23:28 - 2014-04-21 23:28 - 00000000 ____D () C:\Program Files\SAMSUNG 2014-04-21 23:26 - 2014-04-21 23:26 - 00000000 ____D () C:\ProgramData\Samsung 2014-04-21 22:38 - 2012-01-28 23:01 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-04-21 22:34 - 2014-04-21 22:34 - 33044640 _____ (PandoraTV) C:\Users\UROS\Downloads\3.8.0.122_20140403070800.exe 2014-04-21 22:32 - 2013-01-05 20:00 - 00000000 ____D () C:\Program Files\The KMPlayer 2014-04-21 22:29 - 2014-04-21 22:29 - 00000849 _____ () C:\Users\UROS\Desktop\µTorrent.lnk 2014-04-21 22:28 - 2012-01-28 23:28 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-04-21 22:25 - 2014-04-21 22:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-04-21 22:25 - 2014-04-21 22:25 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-04-21 22:25 - 2014-02-18 21:06 - 00067776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-04-21 22:25 - 2013-03-22 23:26 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-04-21 22:25 - 2013-03-22 23:26 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-04-21 22:25 - 2012-03-25 02:23 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-04-21 22:25 - 2012-01-28 22:03 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-04-21 22:25 - 2012-01-28 22:03 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-04-21 22:25 - 2012-01-28 22:03 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-04-21 22:25 - 2012-01-28 22:02 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-04-21 21:40 - 2012-07-12 21:40 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1306698523-992630619-3036138130-1001Core.job 2014-04-21 21:34 - 2012-07-12 13:23 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-04-21 21:29 - 2012-02-26 16:25 - 00000000 ____D () C:\ProgramData\Skype 2014-04-21 21:28 - 2012-02-26 16:26 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\Skype 2014-04-21 21:14 - 2012-01-28 23:02 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\TuneUp Software 2014-04-21 21:09 - 2014-04-21 21:09 - 00000000 ____D () C:\Program Files\TuneUp Software 2014-04-21 21:04 - 2014-04-21 21:04 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-04-21 00:07 - 2009-07-14 04:04 - 00000580 _____ () C:\Windows\win.ini 2014-04-19 00:01 - 2014-04-18 22:32 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\3909 2014-04-17 23:15 - 2014-04-17 23:15 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG.sys 2014-04-17 12:23 - 2014-01-24 22:49 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\.minecraft 2014-04-09 00:36 - 2012-01-28 23:28 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-04 20:13 - 2009-07-14 06:53 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-03-31 09:35 - 2012-01-28 22:11 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-03-28 18:12 - 2014-03-28 18:12 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\DropboxMaster 2014-03-28 18:12 - 2012-12-24 09:38 - 00000000 ____D () C:\Users\UROS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox Some content of TEMP: ==================== C:\Users\UROS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpryuvm9.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-19 23:25 ==================== End Of Log ============================ Addittion.txt https://www.mycity.rs/must-login.png

Profil

argus Poslao: 22 Apr 2014 14:46 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je stanje?

Profil

Acid_Burn Poslao: 22 Apr 2014 14:53 Idi na vrh
offline Acid_Burn Moderator foruma Glavni moderator foruma Zabava Hellraiser Demon to some. Angel to others Pridružio: 07 Jan 2005 Poruke: 25503 Gde živiš: Beneath the Black Sky	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Internet i dalje ne radi. U safe mode-u radi net u normal modu ne Oni korejanski hijeroglifi su nestali iz startupa

Profil

argus Poslao: 22 Apr 2014 15:05 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	1Ovo se svidja korisniku: ThePhilosopher Registruj se da bi pohvalio/la poruku! Napisano: 22 Apr 2014 14:56 Probaj da deinstaliras Avast iz Control panela, a zatim pokreni ovaj alat iz safe mode. http://www.avast.com/uninstall-utility Da vidimo da ga slucajno antivirus ne zeza. Dopuna: 22 Apr 2014 15:05 Takodje odradi i ovo: Start > Run > cmd Upisati ipconfig /flushdns enter. cmd pokreni sa Run as Administrator.

Profil

Acid_Burn Poslao: 22 Apr 2014 15:08 Idi na vrh
offline Acid_Burn Moderator foruma Glavni moderator foruma Zabava Hellraiser Demon to some. Angel to others Pridružio: 07 Jan 2005 Poruke: 25503 Gde živiš: Beneath the Black Sky	1Ovo se svidja korisniku: ThePhilosopher Registruj se da bi pohvalio/la poruku! Evo ga radi.... Avast ga je zezao majku mu.... Moram sad da nadjem alternativni antivirus jer očigledno avast više nije ono što je bio Hvala na pomoći i strpljenju

Profil

argus Poslao: 22 Apr 2014 15:12 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 22 Apr 2014 15:11 Ma ne mora da znaci, instaliraj ga ponovo i najverovatnije ce raditi kako treba. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja. Dopuna: 22 Apr 2014 15:12 Zamalo da zaboravim, Keylogger mu nisam dirao

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Teško inficiran komp

Ko je trenutno na forumu

Ukupno su 853 korisnika na forumu :: 4 registrovanih, 1 sakriven i 848 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bladesu, Bokiboks, Milos82, scimitar19

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by