MyCity » Ambulanta -> Arhiva Ambulante » Trojanac koga ne mogu da skinem

Trojanac koga ne mogu da skinem

Napisano na dan: 24.4.2014

Strana:
1
2
3

Trojanac koga ne mogu da skinem

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

popaj Poslao: 24 Apr 2014 07:47 Idi na vrh
offline popaj Građanin Pridružio: 05 Jun 2004 Poruke: 81	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Ovaj problem se javio pre više od mesec dana na kompjuteru mog sina. Posle podizanja windowsa ili restarta, AVG free antivirus prijavljuje ovog trojanca. Klikom na Protect me problem se prividno resava jer dobijam poruku da je sada windows protected. Medjutim to je samo do sledećeg restarta kada se ponovo javlja ovaj problem. Osim AVG-a, probao sam čišćenje Combofix-om, Malverbajtom, Ccleanerom i AwdCleanerom. Medjutim trojanac je i dalje tu. Operativni sistem je Windows 7 Ultimate 32 bitni. Evo DDS loga DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.45.2 Run by MONTAZA at 7:44:03 on 2014-04-24 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.1020 [GMT 2:00] . AV: AVG AntiVirus Free Edition 2014 Enabled/Updated {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition 2014 Enabled/Updated {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes ================ . C:\PROGRA~1\AVG\AVG2014\avgrsx.exe C:\Program Files\AVG\AVG2014\avgcsrvx.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\AVG\AVG2014\avgidsagent.exe C:\Program Files\AVG\AVG2014\avgwdsvc.exe C:\Windows\system32\gearsec.exe C:\Windows\TEMP\nsk9E13.tmp\nsA796.tmp C:\Windows\system32\conhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Program Files\AVG\AVG2014\avgnsx.exe C:\Program Files\AVG\AVG2014\avgemcx.exe C:\Program Files\SlimDrivers\SlimDrivers.exe C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG2014\avgui.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Users\MONTAZA\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe F:\MOVIE\AVG PC TuneUp 2014 v14.0.1001.295 Portable\App\AVG PC TuneUp 2014\TuneUpUtilitiesService32.exe F:\MOVIE\AVG PC TuneUp 2014 v14.0.1001.295 Portable\App\AVG PC TuneUp 2014\TuneUpUtilitiesApp32.exe C:\Program Files\TeamViewer\Version9\TeamViewer.exe C:\Program Files\TeamViewer\Version9\tv_w32.exe C:\Program Files\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\AIMP3\AIMP3.exe C:\Windows\system32\sppsvc.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k SDRSVC . ============== Pseudo HJT Report =============== . uStart Page = [Link mogu videti samo ulogovani korisnici] BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Media Viewer: {cd1d7496-85de-477a-9381-95be66f6a43a} - c:\program files\mediaviewerv1\mediaviewerv1alpha326\ie\MediaViewerV1alpha326.dll uRun: [uTorrent] "c:\users\montaza\appdata\roaming\utorrent\uTorrent.exe" /MINIMIZED mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: Interfaces\{333F000A-1FD6-4F43-BDC5-A92DE121FF1D} : NameServer = 192.168.1.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome IFEO: searchinstaller.exe - tasklist.exe . ================= FIREFOX =================== . FF - ProfilePath - c:\users\montaza\appdata\roaming\mozilla\firefox\profiles\14vkjkc5.default-1393567253111\ FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\pure codec\real\netscape6\nppl3260.dll FF - plugin: c:\program files\pure codec\real\netscape6\nprjplug.dll FF - plugin: c:\program files\pure codec\real\netscape6\nprpjplug.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_13_0_0_182.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-11-25 149272] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-10-31 222520] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-10-1 102712] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-10 27448] R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2014-2-6 18624] R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-11-25 120600] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-25 210712] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-1-19 22808] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-11-1 176952] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-8-1 193848] R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622;c:\program files\settings manager\systemk\systemkmgrc1.cfg [2014-4-10 31120] R1 zghsn2k;zghsn2k;c:\windows\system32\drivers\zghsn2k.sys [2014-2-25 125680] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2014-2-23 3782672] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008] R2 gearsec;gearsec;c:\windows\system32\gearsec.exe [2005-11-30 58952] R2 TeamViewer9;TeamViewer 9;c:\program files\teamviewer\version9\TeamViewer_Service.exe [2014-4-2 4972864] R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;f:\movie\avg pc tuneup 2014 v14.0.1001.295 portable\app\avg pc tuneup 2014\TuneUpUtilitiesService32.exe [2014-4-17 1741624] R3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [2013-10-4 32896] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2291-9-2 77312] R3 mirrorv3;mirrorv3;c:\windows\system32\drivers\rminiv3.sys [2009-10-9 3328] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2014-2-15 683736] R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [2013-9-2 25088] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;f:\movie\avg pc tuneup 2014 v14.0.1001.295 portable\app\avg pc tuneup 2014\TuneUpUtilitiesDriver32.sys [2014-4-17 12320] R3 UsbFltr;WayTech USB Filter Driver1;c:\windows\system32\drivers\UsbFltr.sys [2007-4-9 9600] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 ProtectMonitor;Protect Monitor;c:\program files\pcdata\StartHelp.exe [2014-2-13 70828] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464] S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2013-12-16 30504] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-4-15 108032] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2014-3-24 13464] S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184] S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224] S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640] S3 zghsdiag;ZTE General Handset Diagnostic Port;c:\windows\system32\drivers\zghsdiag.sys [2011-1-13 106752] S3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\drivers\zghsmdm.sys [2011-1-13 106752] S3 zghsnmea;ZTE General Handset NMEA Port;c:\windows\system32\drivers\zghsnmea.sys [2011-1-13 106752] S3 zghsser;ZTE General Handset Serial Port;c:\windows\system32\drivers\zghsser.sys [2013-10-22 116232] S4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2290-8-13 217088] S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2013-9-2 79360] S4 LiveUpdateSvc;LiveUpdate;c:\program files\iobit\liveupdate\LiveUpdate.exe [2014-2-6 2151200] S4 RServer3;Radmin Server V3;c:\windows\system32\rserver30\rserver3.exe [2009-10-9 1242504] . =============== Created Last 30 ================ . 2290-08-13 20:15:20 929736 ----a-w- c:\windows\system32\aticfx32.dll 2290-08-13 20:15:20 84480 ----a-w- c:\windows\system32\DelayAPO.dll 2290-08-13 20:15:20 62976 ----a-w- c:\windows\system32\atimpc32.dll 2290-08-13 20:15:20 62976 ----a-w- c:\windows\system32\amdpcom32.dll 2290-08-13 20:15:20 58368 ----a-w- c:\windows\system32\coinst_8.97.100.11.dll 2290-08-13 20:15:20 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2290-08-13 20:15:20 48544 ----a-w- c:\windows\system32\atiuxpag.dll 2290-08-13 20:15:20 45056 ----a-w- c:\windows\system32\ATIODCLI.exe 2290-08-13 20:15:20 217088 ----a-w- c:\windows\system32\atiesrxx.exe 2290-08-13 20:15:20 14848 ----a-w- c:\windows\system32\atiglpxx.dll 2290-08-13 20:15:20 13402112 ----a-w- c:\windows\system32\aticaldd.dll 2290-08-13 20:15:20 118784 ----a-w- c:\windows\system32\atibtmon.exe 2290-08-13 20:15:20 10070016 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2289-11-19 13:29:00 100896 ----a-w- c:\windows\system32\RTNUninst32.dll 2014-04-22 12:31:44 -------- d-----w- c:\program files\Microsoft Picture It! 7 2014-04-18 16:46:47 -------- d-----w- c:\programdata\Avg_Update_0414b 2014-04-17 08:47:46 74703 ----a-w- c:\windows\system32\mfc45.dat 2014-04-17 08:46:35 -------- d-----w- c:\users\montaza\appdata\roaming\AVG 2014-04-17 08:46:35 -------- d-----w- c:\programdata\Common Files 2014-04-17 08:46:35 -------- d-----w- c:\programdata\AVG 2014-04-17 08:07:21 -------- d-----w- c:\program files\Burrrn 2014-04-16 13:10:50 -------- d-sh--w- C:\$RECYCLE.BIN 2014-04-16 13:09:36 -------- d-s---w- C:\ComboFix 2014-04-16 12:04:04 -------- d-----w- c:\users\montaza\appdata\local\RealVNC 2014-04-15 05:13:49 -------- d-sh--w- c:\users\montaza\appdata\local\EmieUserList 2014-04-15 05:13:49 -------- d-sh--w- c:\users\montaza\appdata\local\EmieSiteList 2014-04-14 15:47:36 -------- d-----w- c:\programdata\Malwarebytes 2014-04-14 15:47:29 107224 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-04-14 15:46:31 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-04-14 12:15:28 24064 ----a-w- c:\windows\zoek-delete.exe 2014-04-14 12:09:34 -------- d-----w- C:\zoek_backup 2014-04-10 09:42:04 -------- d-----w- c:\program files\ALCATech 2014-04-10 05:15:48 -------- d-----w- c:\program files\Settings Manager 2014-04-10 05:15:47 -------- d-----w- c:\programdata\systemk 2014-04-10 05:15:30 -------- d-----w- c:\program files\Flvto Youtube Downloader 2014-04-09 16:21:24 -------- d-----w- c:\users\montaza\appdata\roaming\MixMeister Technology 2014-04-09 16:19:35 -------- d-----w- c:\program files\MixMeister Fusion 2014-04-09 16:18:40 -------- d-----w- c:\program files\common files\Wise Installation Wizard 2014-04-09 05:06:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2014-04-09 05:06:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys 2014-04-09 05:06:07 2048 ----a-w- c:\windows\system32\iologmsg.dll 2014-04-09 05:06:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys 2014-04-09 05:06:06 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys 2014-04-01 13:26:50 4608 ----a-w- c:\windows\system32\drivers\vncmirror.sys 2014-04-01 13:26:50 20992 ----a-w- c:\windows\system32\vncmirror.dll 2014-03-31 12:38:43 -------- d-----w- c:\program files\The KMPlayer 2014-03-25 13:36:17 -------- d-----w- C:\Temp 2014-03-25 06:54:40 -------- d-----w- C:\DJPower . ==================== Find3M ==================== . 2290-08-13 20:15:20 6857392 ----a-w- c:\windows\system32\atidxx32.dll 2290-08-13 20:15:20 6288832 ----a-w- c:\windows\system32\atiumdag.dll 2014-04-24 05:44:29 111973878 ----a-w- c:\windows\system32\Wcncache.dll 2014-04-24 05:34:56 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys 2014-04-24 05:33:45 1536 ----a-w- c:\windows\system32\thunk.dll 2014-04-16 13:04:00 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-04-16 13:04:00 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-03-10 17:17:26 109856 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll 2014-03-06 08:32:07 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2014-03-06 08:31:27 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll 2014-03-06 08:02:34 61952 ----a-w- c:\windows\system32\iesetup.dll 2014-03-06 08:02:33 455168 ----a-w- c:\windows\system32\vbscript.dll 2014-03-06 08:01:01 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll 2014-03-06 07:46:36 4254720 ----a-w- c:\windows\system32\jscript9.dll 2014-03-06 07:38:13 112128 ----a-w- c:\windows\system32\ieUnatt.exe 2014-03-06 07:38:10 108032 ----a-w- c:\windows\system32\ieetwcollector.exe 2014-03-06 07:36:40 592896 ----a-w- c:\windows\system32\jscript9diag.dll 2014-03-06 07:28:01 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2014-03-06 07:13:43 32256 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll 2014-03-06 06:40:39 1967104 ----a-w- c:\windows\system32\inetcpl.cpl 2014-03-06 05:41:49 1789440 ----a-w- c:\windows\system32\wininet.dll 2014-02-15 07:38:26 76872 ----a-w- c:\windows\system32\RtNicProp32.dll 2014-02-15 07:38:26 683736 ----a-w- c:\windows\system32\drivers\Rt86win7.sys 2014-02-07 01:07:56 2349056 ----a-w- c:\windows\system32\win32k.sys 2014-02-04 02:04:22 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll 2014-02-04 02:04:11 509440 ----a-w- c:\windows\system32\qedit.dll 2014-01-29 02:06:47 381440 ----a-w- c:\windows\system32\wer.dll 2014-01-28 02:07:07 185344 ----a-w- c:\windows\system32\wwansvc.dll . ============= FINISH: 7:44:45.15 =============== [Link mogu videti samo ulogovani korisnici]

Profil

argus Poslao: 24 Apr 2014 11:27 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Pogledaj u C:\ComboFix pa mi dostavi Combofix log.

Profil

popaj Poslao: 24 Apr 2014 12:05 Idi na vrh
offline popaj Građanin Pridružio: 05 Jun 2004 Poruke: 81	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! problem i sa combofixom, stigne do nivoa 2 nece dalje. OVako stoji vec 45 minuta

Profil

argus Poslao: 24 Apr 2014 12:07 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Iskljuci Combofix, nigde ne pise da trebas da ga pokreces na svoju ruku. Restartuj racunar i uradi sledece: Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop: Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom. Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija. dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor; pričekati koji trenutak dok alat proverava postoji li novija verzija; klikni na dugme Scan; po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj FRST.txt izveštaja u poruku; po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt); okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

Profil

popaj Poslao: 25 Apr 2014 18:16 Idi na vrh
offline popaj Građanin Pridružio: 05 Jun 2004 Poruke: 81	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-04-2014 01 Ran by MONTAZA (administrator) on MONTAZA-PC on 25-04-2014 18:13:45 Running from C:\Users\MONTAZA\Desktop Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: [Link mogu videti samo ulogovani korisnici] Download link for 64-Bit Version: [Link mogu videti samo ulogovani korisnici] Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe (GEAR Software) C:\Windows\system32\gearsec.exe (SlimWare Utilities, Inc.) C:\Program Files\SlimDrivers\SlimDrivers.exe (IObit) C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (BitTorrent Inc.) C:\Users\MONTAZA\AppData\Roaming\uTorrent\uTorrent.exe () C:\Windows\TEMP\nsv85F2.tmp\ns905E.tmp (Microsoft Corporation) C:\Windows\system32\cmd.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (AVG) F:\MOVIE\AVG PC TuneUp 2014 v14.0.1001.295 Portable\App\AVG PC TuneUp 2014\TuneUpUtilitiesService32.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe (AVG) F:\MOVIE\AVG PC TuneUp 2014 v14.0.1001.295 Portable\App\AVG PC TuneUp 2014\TuneUpUtilitiesApp32.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe (ACD Systems) C:\Program Files\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2000-01-01] (Realtek Semiconductor) HKU\S-1-5-21-2754972142-2546801407-1974970147-1000\...\Run: [uTorrent] => C:\Users\MONTAZA\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-01-23] (BitTorrent Inc.) IFEO\searchinstaller.exe: [Debugger] tasklist.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0AEAD2DDE8DACE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKLM - {d2df733b-70ae-425f-a358-b24f8871ddb9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT3309767&CUI=UN11379035163226023&UM=2 SearchScopes: HKCU - DefaultScope {A0B53B3D-69FF-4E92-ACB6-2CEEEF91DC79} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {A0B53B3D-69FF-4E92-ACB6-2CEEEF91DC79} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKCU - {d2df733b-70ae-425f-a358-b24f8871ddb9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT3309767&CUI=UN11379035163226023&UM=2 BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Media Viewer - {cd1d7496-85de-477a-9381-95be66f6a43a} - C:\Program Files\MediaViewerV1\MediaViewerV1alpha326\ie\MediaViewerV1alpha326.dll () Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\..\Interfaces\{333F000A-1FD6-4F43-BDC5-A92DE121FF1D}: [NameServer]192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\MONTAZA\AppData\Roaming\Mozilla\Firefox\Profiles\14vkjkc5.default-1393567253111 FF user.js: detected! => C:\Users\MONTAZA\AppData\Roaming\Mozilla\Firefox\Profiles\14vkjkc5.default-1393567253111\user.js FF SearchEngineOrder.1: default-search.net FF Homepage: [Link mogu videti samo ulogovani korisnici] FF Keyword.URL: [Link mogu videti samo ulogovani korisnici] FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.11.2571 - C:\Program Files\Pure Codec\Real\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprjplug;version=1.0.2.2629 - C:\Program Files\Pure Codec\Real\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 - C:\Program Files\Pure Codec\Real\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml FF Extension: Linkey for Firefox - C:\Users\MONTAZA\AppData\Roaming\Mozilla\Firefox\Profiles\14vkjkc5.default-1393567253111\Extensions\extension@linkeyproject.com [2014-04-10] FF Extension: Settings Manager - C:\Users\MONTAZA\AppData\Roaming\Mozilla\Firefox\Profiles\14vkjkc5.default-1393567253111\Extensions\{34FA153F-3A2C-364C-E68F-3F8A21AA8D9D} [2014-04-10] FF Extension: Best Video Downloader 2 - C:\Users\MONTAZA\AppData\Roaming\Mozilla\Firefox\Profiles\14vkjkc5.default-1393567253111\Extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi [2014-03-07] FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [] FF HKLM\...\Firefox\Extensions: [ext@MediaViewerV1alpha326.net] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha326\ff FF Extension: Media Viewer - C:\Program Files\MediaViewerV1\MediaViewerV1alpha326\ff [2014-02-24] FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha2322.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha2322\ff FF Extension: Media View - C:\Program Files\MediaViewV1\MediaViewV1alpha2322\ff [2014-02-28] Chrome: ======= CHR HomePage: [Link mogu videti samo ulogovani korisnici] CHR StartupUrls: "hxxp://www.default-search.net?sid=498&aid=121&itype=n&ver=12302&tm=313&src=hmp" CHR DefaultSearchKeyword: ask.com CHR DefaultSearchProvider: default-search.net CHR DefaultSearchURL: [Link mogu videti samo ulogovani korisnici]{searchTerms} CHR DefaultNewTabURL: CHR Extension: (Google документи) - C:\Users\MONTAZA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-13] CHR Extension: (Google диск) - C:\Users\MONTAZA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-13] CHR Extension: (YouTube) - C:\Users\MONTAZA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-13] CHR Extension: (Google претрага) - C:\Users\MONTAZA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-13] CHR Extension: (Media View) - C:\Users\MONTAZA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejfbagefmhgpelhcgnnloolhmjnjfmka [2014-02-28] CHR Extension: (Media Viewer) - C:\Users\MONTAZA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbodbikcpjebjlhjmonalnlhpicgeagp [2014-02-24] CHR Extension: (Freemake Video Converter) - C:\Users\MONTAZA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2014-01-13] CHR Extension: (Google новчаник) - C:\Users\MONTAZA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13] CHR Extension: (Gmail) - C:\Users\MONTAZA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-13] CHR HKLM\...\Chrome\Extension: [ejfbagefmhgpelhcgnnloolhmjnjfmka] - C:\Program Files\MediaViewV1\MediaViewV1alpha2322\ch\MediaViewV1alpha2322.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [jbodbikcpjebjlhjmonalnlhpicgeagp] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha326\ch\MediaViewerV1alpha326.crx [2014-02-23] CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-11-23] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.) S4 bgsvcgen; C:\Windows\system32\bgsvcgen.exe [139264 2013-09-30] (SOURCENEXT) R2 gearsec; C:\Windows\system32\gearsec.exe [58952 2005-11-30] (GEAR Software) S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit) S2 ProtectMonitor; C:\Program Files\PCData\StartHelp.exe [70828 2014-02-13] () S4 RServer3; C:\Windows\system32\rserver30\RServer3.exe [1242504 2009-10-09] (Famatech Corp.) R2 TuneUp.UtilitiesSvc; F:\MOVIE\AVG PC TuneUp 2014 v14.0.1001.295 Portable\App\AVG PC TuneUp 2014\TuneUpUtilitiesService32.exe [1741624 2014-04-17] (AVG) ==================== Drivers (Whitelisted) ==================== R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [123160 2014-03-27] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [199960 2014-04-18] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [150296 2014-03-27] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22296 2014-03-27] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [193304 2014-03-27] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [238872 2014-03-27] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [108312 2014-03-31] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [28440 2014-03-27] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [211224 2014-03-31] (AVG Technologies CZ, s.r.o.) R1 cdrbsdrv; C:\Windows\system32\Drivers\cdrbsdrv.sys [38944 2013-09-30] (B.H.A Corporation) R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg [31120 2014-04-08] (Aztec Media Inc) R3 mirrorv3; C:\Windows\System32\DRIVERS\rminiv3.sys [3328 2009-10-09] (Famatech International Corp.) R3 P17; C:\Windows\System32\drivers\P17.sys [1168896 2009-10-16] (Creative Technology Ltd.) R0 PxHelp20; C:\Windows\System32\DRIVERS\PxHelp20.sys [45968 2011-11-03] (Rovi Corporation) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2013-12-24] (IObit) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-04-25] () R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2013-06-06] (TeamViewer GmbH) R3 TuneUpUtilitiesDrv; F:\MOVIE\AVG PC TuneUp 2014 v14.0.1001.295 Portable\App\AVG PC TuneUp 2014\TuneUpUtilitiesDriver32.sys [12320 2014-04-17] (TuneUp Software) S3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2014-04-01] (RealVNC Ltd.) S3 zghsdiag; C:\Windows\System32\DRIVERS\zghsdiag.sys [106752 2011-01-13] (ZTE Incorporated) S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [106752 2011-01-13] (ZTE Incorporated) R1 zghsn2k; C:\Windows\System32\drivers\zghsn2k.sys [125680 2013-12-27] () S3 zghsnmea; C:\Windows\System32\DRIVERS\zghsnmea.sys [106752 2011-01-13] (ZTE Incorporated) S3 zghsser; C:\Windows\System32\DRIVERS\zghsser.sys [116232 2012-07-18] (ZTE Incorporated) S3 catchme; \??\C:\Users\MONTAZA\AppData\Local\Temp\catchme.sys [X] S1 csc2k; system32\drivers\csc2k.sys [X] S3 massfilter_hs; system32\drivers\massfilter_hs.sys [X] S0 rjaty; System32\drivers\imofugc.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 VNUSB; system32\DRIVERS\VNUSB.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2099-11-19 15:29 - 2014-02-15 09:38 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 19584512 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atioglxx.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 01978240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumdmv.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00618823 _____ () C:\Windows\system32\atiicdxx.dat 2099-09-02 04:58 - 2291-09-02 04:58 - 00453632 _____ (AMD) C:\Windows\system32\atieclxx.exe 2099-09-02 04:58 - 2291-09-02 04:58 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00364544 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00294912 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe 2099-09-02 04:58 - 2291-09-02 04:58 - 00290304 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys 2099-09-02 04:58 - 2291-09-02 04:58 - 00163840 _____ (AMD) C:\Windows\system32\atitmmxx.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe 2099-09-02 04:58 - 2291-09-02 04:58 - 00157144 _____ () C:\Windows\system32\ativvsva.dat 2099-09-02 04:58 - 2291-09-02 04:58 - 00077312 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW73.sys 2099-09-02 04:58 - 2291-09-02 04:58 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\system32\ati2edxx.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00038768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9pag.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atigktxx.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00020992 _____ (AMD) C:\Windows\system32\atimuixx.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 13402112 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 10070016 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2099-08-13 22:15 - 2290-08-13 22:15 - 02852480 _____ () C:\Windows\system32\atiumdva.cap 2099-08-13 22:15 - 2290-08-13 22:15 - 00929736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx32.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00246000 _____ () C:\Windows\system32\atiapfxx.blb 2099-08-13 22:15 - 2290-08-13 22:15 - 00217088 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2099-08-13 22:15 - 2290-08-13 22:15 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat 2099-08-13 22:15 - 2290-08-13 22:15 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atibtmon.exe 2099-08-13 22:15 - 2290-08-13 22:15 - 00084480 _____ (TODO: <Company name>) C:\Windows\system32\DelayAPO.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc32.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom32.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00058368 _____ (AMD) C:\Windows\system32\coinst_8.97.100.11.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00048544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxpag.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00045056 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe 2099-08-13 22:15 - 2290-08-13 22:15 - 00038177 _____ () C:\Windows\atiogl.xml 2099-08-13 22:15 - 2290-08-13 22:15 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00003917 _____ () C:\Windows\system32\atipblag.dat 2014-04-25 18:13 - 2014-04-25 18:14 - 00014387 _____ () C:\Users\MONTAZA\Desktop\FRST.txt 2014-04-25 18:13 - 2014-04-25 18:13 - 00000000 ____D () C:\FRST 2014-04-25 18:12 - 2014-04-25 18:12 - 01048576 _____ (Farbar) C:\Users\MONTAZA\Desktop\FRST.exe 2014-04-25 18:07 - 2014-04-25 18:07 - 03186396 _____ () C:\Users\MONTAZA\Desktop\jabuka.std 2014-04-25 18:05 - 2014-04-25 18:05 - 00007851 ____H () C:\Users\MONTAZA\Desktop\mvstcdxx.lst 2014-04-25 16:02 - 2014-04-25 17:00 - 00000000 ___HD () C:\Users\MONTAZA\Desktop\[Originals] 2014-04-25 13:47 - 2014-04-25 15:31 - 630507620 _____ () C:\Users\MONTAZA\Desktop\FUSNOTA 25-04-2014.wav 2014-04-24 18:12 - 2014-04-25 17:47 - 638099576 _____ () C:\Users\MONTAZA\Desktop\SASKOVA KASETA.wav 2014-04-24 12:41 - 2014-04-24 12:41 - 00001846 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Picture It! Photo 7.0.lnk 2014-04-24 12:40 - 2014-04-24 12:40 - 00000000 ____D () C:\Program Files\Microsoft Picture It! 7 2014-04-24 11:33 - 2014-04-24 11:35 - 00000000 ___SD () C:\ComboFix 2014-04-24 11:32 - 2014-04-24 11:32 - 05196870 ____R (Swearware) C:\Users\MONTAZA\Downloads\ComboFix.exe 2014-04-24 10:42 - 2014-04-24 10:42 - 00297984 _____ () C:\Windows\system32\AppInitHook321.dll 2014-04-24 10:42 - 2014-04-24 10:42 - 00000000 ____D () C:\Windows\system32\Drivers\sysfilter 2014-04-24 10:36 - 2014-02-14 00:16 - 00759296 _____ (http://www.microkeylogger.com/) C:\Users\MONTAZA\Downloads\uninstall-201.exe 2014-04-24 10:36 - 2013-11-13 11:18 - 00000135 _____ () C:\Users\MONTAZA\Downloads\online-user-guide.url 2014-04-24 09:31 - 2014-04-24 10:04 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\Audacity 2014-04-24 09:31 - 2014-04-24 09:31 - 00000996 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2014-04-24 09:31 - 2014-04-24 09:31 - 00000984 _____ () C:\Users\Public\Desktop\Audacity.lnk 2014-04-24 09:31 - 2014-04-24 09:31 - 00000000 ____D () C:\Program Files\Audacity 2014-04-24 09:29 - 2014-04-24 09:30 - 22180353 _____ (Audacity Team ) C:\Users\MONTAZA\Downloads\audacity-win-2.0.5.exe 2014-04-24 08:05 - 2014-04-24 11:20 - 00000046 _____ () C:\Windows\system32\E302AF636FDE.ini 2014-04-24 08:04 - 2014-04-24 11:21 - 00000000 ____D () C:\Program Files\ProKAward 2014-04-24 08:04 - 2009-05-13 19:35 - 01706800 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll 2014-04-24 08:04 - 2009-05-13 19:35 - 00258352 _____ (Microsoft Corporation) C:\Windows\system32\unicows.dll 2014-04-24 08:04 - 2009-05-13 19:35 - 00050688 _____ (Stardock.Net, Inc) C:\Windows\system32\wbhelp2.dll 2014-04-24 08:04 - 2009-05-13 19:35 - 00028160 _____ (Neil Banfield) C:\Windows\system32\anim.dll 2014-04-24 07:43 - 2014-04-24 07:43 - 00688992 ____R (Swearware) C:\Users\MONTAZA\Desktop\dds.scr 2014-04-24 07:34 - 2014-04-25 14:48 - 00000280 _____ () C:\Windows\setupact.log 2014-04-24 07:34 - 2014-04-24 07:34 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-24 07:33 - 2014-04-25 06:50 - 00001454 _____ () C:\Windows\PFRO.log 2014-04-18 19:17 - 2014-04-18 19:17 - 00000915 _____ () C:\Users\MONTAZA\Desktop\Radmin Viewer 3.lnk 2014-04-18 18:46 - 2014-04-18 18:46 - 00000000 ____D () C:\ProgramData\Avg_Update_0414b 2014-04-18 15:02 - 2014-04-18 15:02 - 00199960 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys 2014-04-17 10:47 - 2014-04-17 10:47 - 00074703 _____ () C:\Windows\system32\mfc45.dat 2014-04-17 10:46 - 2014-04-17 10:50 - 00000000 ____D () C:\ProgramData\AVG 2014-04-17 10:46 - 2014-04-17 10:46 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\AVG 2014-04-17 10:33 - 2014-04-17 10:34 - 70658472 _____ (AVG) C:\Users\MONTAZA\Downloads\avg_tuh_stf_all_2014_380_24c43.exe 2014-04-17 10:07 - 2014-04-17 10:07 - 00000000 ____D () C:\Program Files\Burrrn 2014-04-17 10:06 - 2014-04-17 10:06 - 02125249 _____ () C:\Users\MONTAZA\Downloads\burrrn_package.exe 2014-04-16 17:33 - 2014-04-16 17:33 - 00021027 _____ () C:\Users\MONTAZA\Downloads\[rutracker.org].t3995610.torrent 2014-04-16 17:29 - 2014-04-16 17:29 - 00021876 _____ () C:\Users\MONTAZA\Downloads\[rutracker.org].t4079459.torrent 2014-04-16 15:53 - 2014-04-16 15:53 - 00013357 _____ () C:\Users\MONTAZA\Downloads\[rutracker.org].t4198010 (1).torrent 2014-04-16 15:50 - 2014-04-16 15:50 - 00013357 _____ () C:\Users\MONTAZA\Downloads\[rutracker.org].t4198010.torrent 2014-04-16 15:41 - 2014-04-12 08:45 - 00000000 ____D () C:\Users\MONTAZA\Downloads\VA - Acoustic_Blues - 50 Raw Blues Classics 2014-04-16 15:35 - 2014-04-16 15:38 - 335822504 _____ () C:\Users\MONTAZA\Downloads\VA - Acoustic_Blues - 50 Raw Blues Classics.rar 2014-04-16 14:04 - 2014-04-16 14:04 - 00000000 ____D () C:\Users\MONTAZA\AppData\Local\RealVNC 2014-04-15 07:13 - 2014-04-15 07:13 - 00000000 __SHD () C:\Users\MONTAZA\AppData\Local\EmieUserList 2014-04-15 07:13 - 2014-04-15 07:13 - 00000000 __SHD () C:\Users\MONTAZA\AppData\Local\EmieSiteList 2014-04-15 03:00 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-15 03:00 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-15 03:00 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-15 03:00 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-15 03:00 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-15 03:00 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-15 03:00 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-15 03:00 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-15 03:00 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-15 03:00 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-15 03:00 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-15 03:00 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-15 03:00 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-15 03:00 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-15 03:00 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-15 03:00 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-15 03:00 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-15 03:00 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-15 03:00 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-15 03:00 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-15 03:00 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-15 03:00 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-15 03:00 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-15 03:00 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-15 03:00 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-15 03:00 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-14 17:47 - 2014-04-14 17:47 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-14 17:47 - 2014-04-14 17:47 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-14 17:46 - 2014-04-14 17:46 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-14 14:15 - 2014-04-14 14:09 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-04-14 14:11 - 2014-04-14 14:18 - 00057651 _____ () C:\zoek-results.log 2014-04-14 14:09 - 2014-04-14 14:09 - 00000000 ____D () C:\zoek_backup 2014-04-10 11:42 - 2014-04-10 11:42 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ALCATech 2014-04-10 11:42 - 2014-04-10 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALCATech 2014-04-10 11:42 - 2014-04-10 11:42 - 00000000 ____D () C:\Program Files\ALCATech 2014-04-10 07:15 - 2014-04-10 10:14 - 00000000 ____D () C:\ProgramData\systemk 2014-04-10 07:15 - 2014-04-10 07:15 - 00000000 ____D () C:\Program Files\Settings Manager 2014-04-10 07:15 - 2014-04-10 07:15 - 00000000 ____D () C:\Program Files\Flvto Youtube Downloader 2014-04-09 18:28 - 2014-04-22 16:39 - 00053994 _____ () C:\Users\MONTAZA\dsp_stereo_tool.ini 2014-04-09 18:21 - 2014-04-09 18:21 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\MixMeister Technology 2014-04-09 18:19 - 2014-04-09 18:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister 2014-04-09 18:19 - 2014-04-09 18:19 - 00000000 ____D () C:\Program Files\MixMeister Fusion 2014-04-09 18:18 - 2014-04-09 18:18 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2014-04-09 07:06 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 07:06 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-09 07:06 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-09 07:06 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-09 07:06 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-09 07:06 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-04 17:02 - 2014-04-04 17:02 - 00000740 _____ () C:\Users\MONTAZA\Desktop\CD-ROM Extraction.lnk 2014-04-04 17:02 - 2014-04-04 17:02 - 00000607 _____ () C:\Users\MONTAZA\Desktop\DJPower®.lnk 2014-04-04 17:02 - 2014-04-04 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJPower 2014-04-03 12:15 - 2014-04-03 12:15 - 00000000 _____ () C:\hpfr3320.xml 2014-04-02 13:22 - 2014-04-09 11:06 - 00001075 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-04-02 13:22 - 2014-04-09 11:06 - 00001063 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-04-01 15:26 - 2014-04-01 15:26 - 00020992 _____ (RealVNC Ltd.) C:\Windows\system32\vncmirror.dll 2014-04-01 15:26 - 2014-04-01 15:26 - 00004608 _____ (RealVNC Ltd.) C:\Windows\system32\Drivers\vncmirror.sys 2014-04-01 09:21 - 2014-04-25 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-03-31 16:11 - 2014-03-31 16:11 - 00211224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdix.sys 2014-03-31 16:11 - 2014-03-31 16:11 - 00108312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys 2014-03-31 14:42 - 2014-04-23 14:16 - 00000000 ____D () C:\Users\MONTAZA\Documents\The KMPlayer 2014-03-31 14:38 - 2014-04-25 18:10 - 00000000 ____D () C:\Program Files\The KMPlayer 2014-03-29 10:05 - 2014-04-02 12:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-03-27 22:15 - 2014-03-27 22:15 - 00193304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys 2014-03-27 22:14 - 2014-03-27 22:14 - 00123160 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiskx.sys 2014-03-27 22:04 - 2014-03-27 22:04 - 00238872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avglogx.sys 2014-03-27 22:04 - 2014-03-27 22:04 - 00150296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidshx.sys 2014-03-27 22:03 - 2014-03-27 22:03 - 00028440 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx86.sys 2014-03-27 22:03 - 2014-03-27 22:03 - 00022296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsshimx.sys ==================== One Month Modified Files and Folders ======= 2099-09-02 04:58 - 2291-09-02 04:58 - 19584512 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atioglxx.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 01978240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumdmv.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00618823 _____ () C:\Windows\system32\atiicdxx.dat 2099-09-02 04:58 - 2291-09-02 04:58 - 00453632 _____ (AMD) C:\Windows\system32\atieclxx.exe 2099-09-02 04:58 - 2291-09-02 04:58 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00364544 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00294912 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe 2099-09-02 04:58 - 2291-09-02 04:58 - 00290304 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys 2099-09-02 04:58 - 2291-09-02 04:58 - 00163840 _____ (AMD) C:\Windows\system32\atitmmxx.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe 2099-09-02 04:58 - 2291-09-02 04:58 - 00157144 _____ () C:\Windows\system32\ativvsva.dat 2099-09-02 04:58 - 2291-09-02 04:58 - 00077312 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW73.sys 2099-09-02 04:58 - 2291-09-02 04:58 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\system32\ati2edxx.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00038768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9pag.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atigktxx.dll 2099-09-02 04:58 - 2291-09-02 04:58 - 00020992 _____ (AMD) C:\Windows\system32\atimuixx.dll 2099-09-02 04:58 - 2009-07-14 00:09 - 04782960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumdva.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 13402112 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 10070016 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2099-08-13 22:15 - 2290-08-13 22:15 - 02852480 _____ () C:\Windows\system32\atiumdva.cap 2099-08-13 22:15 - 2290-08-13 22:15 - 00929736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx32.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00246000 _____ () C:\Windows\system32\atiapfxx.blb 2099-08-13 22:15 - 2290-08-13 22:15 - 00217088 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2099-08-13 22:15 - 2290-08-13 22:15 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat 2099-08-13 22:15 - 2290-08-13 22:15 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atibtmon.exe 2099-08-13 22:15 - 2290-08-13 22:15 - 00084480 _____ (TODO: <Company name>) C:\Windows\system32\DelayAPO.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc32.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom32.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00058368 _____ (AMD) C:\Windows\system32\coinst_8.97.100.11.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00048544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxpag.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00045056 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe 2099-08-13 22:15 - 2290-08-13 22:15 - 00038177 _____ () C:\Windows\atiogl.xml 2099-08-13 22:15 - 2290-08-13 22:15 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2099-08-13 22:15 - 2290-08-13 22:15 - 00003917 _____ () C:\Windows\system32\atipblag.dat 2099-08-13 22:15 - 2009-07-14 00:09 - 06857392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx32.dll 2099-08-13 22:15 - 2009-06-10 23:19 - 06288832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumdag.dll 2014-04-25 18:14 - 2014-04-25 18:13 - 00014387 _____ () C:\Users\MONTAZA\Desktop\FRST.txt 2014-04-25 18:13 - 2014-04-25 18:13 - 00000000 ____D () C:\FRST 2014-04-25 18:13 - 2014-02-25 12:34 - 216905498 _____ () C:\Windows\system32\Wcncache.dll 2014-04-25 18:12 - 2014-04-25 18:12 - 01048576 _____ (Farbar) C:\Users\MONTAZA\Desktop\FRST.exe 2014-04-25 18:12 - 2013-09-03 08:03 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\uTorrent 2014-04-25 18:10 - 2014-03-31 14:38 - 00000000 ____D () C:\Program Files\The KMPlayer 2014-04-25 18:08 - 2013-09-03 02:29 - 02071815 _____ () C:\Windows\WindowsUpdate.log 2014-04-25 18:07 - 2014-04-25 18:07 - 03186396 _____ () C:\Users\MONTAZA\Desktop\jabuka.std 2014-04-25 18:05 - 2014-04-25 18:05 - 00007851 ____H () C:\Users\MONTAZA\Desktop\mvstcdxx.lst 2014-04-25 17:47 - 2014-04-24 18:12 - 638099576 _____ () C:\Users\MONTAZA\Desktop\SASKOVA KASETA.wav 2014-04-25 17:23 - 2013-09-03 17:07 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-25 17:20 - 2014-03-04 13:19 - 00000000 ____D () C:\ProgramData\MFAData 2014-04-25 17:00 - 2014-04-25 16:02 - 00000000 ___HD () C:\Users\MONTAZA\Desktop\[Originals] 2014-04-25 15:31 - 2014-04-25 13:47 - 630507620 _____ () C:\Users\MONTAZA\Desktop\FUSNOTA 25-04-2014.wav 2014-04-25 14:56 - 2009-07-14 06:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-25 14:56 - 2009-07-14 06:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-25 14:54 - 2013-11-14 07:51 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\AIMP3 2014-04-25 14:49 - 2014-03-24 14:54 - 00013464 _____ () C:\Windows\system32\Drivers\SWDUMon.sys 2014-04-25 14:49 - 2014-03-24 14:54 - 00000390 _____ () C:\Windows\Tasks\SlimDrivers Startup.job 2014-04-25 14:49 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-25 14:48 - 2014-04-24 07:34 - 00000280 _____ () C:\Windows\setupact.log 2014-04-25 14:48 - 2013-11-04 14:52 - 00001536 _____ () C:\Windows\system32\thunk.dll 2014-04-25 13:02 - 2010-11-20 23:01 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-25 08:31 - 2014-04-01 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-04-25 08:31 - 2014-03-11 12:43 - 00000950 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-04-25 06:50 - 2014-04-24 07:33 - 00001454 _____ () C:\Windows\PFRO.log 2014-04-24 12:41 - 2014-04-24 12:41 - 00001846 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Picture It! Photo 7.0.lnk 2014-04-24 12:40 - 2014-04-24 12:40 - 00000000 ____D () C:\Program Files\Microsoft Picture It! 7 2014-04-24 12:40 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help 2014-04-24 12:40 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-04-24 11:35 - 2014-04-24 11:33 - 00000000 ___SD () C:\ComboFix 2014-04-24 11:32 - 2014-04-24 11:32 - 05196870 ____R (Swearware) C:\Users\MONTAZA\Downloads\ComboFix.exe 2014-04-24 11:21 - 2014-04-24 08:04 - 00000000 ____D () C:\Program Files\ProKAward 2014-04-24 11:20 - 2014-04-24 08:05 - 00000046 _____ () C:\Windows\system32\E302AF636FDE.ini 2014-04-24 10:42 - 2014-04-24 10:42 - 00297984 _____ () C:\Windows\system32\AppInitHook321.dll 2014-04-24 10:42 - 2014-04-24 10:42 - 00000000 ____D () C:\Windows\system32\Drivers\sysfilter 2014-04-24 10:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\security 2014-04-24 10:39 - 2013-10-28 16:54 - 00000000 ____D () C:\Users\MONTAZA\Desktop\MY CITY 2014-04-24 10:04 - 2014-04-24 09:31 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\Audacity 2014-04-24 09:31 - 2014-04-24 09:31 - 00000996 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2014-04-24 09:31 - 2014-04-24 09:31 - 00000984 _____ () C:\Users\Public\Desktop\Audacity.lnk 2014-04-24 09:31 - 2014-04-24 09:31 - 00000000 ____D () C:\Program Files\Audacity 2014-04-24 09:30 - 2014-04-24 09:29 - 22180353 _____ (Audacity Team ) C:\Users\MONTAZA\Downloads\audacity-win-2.0.5.exe 2014-04-24 07:43 - 2014-04-24 07:43 - 00688992 ____R (Swearware) C:\Users\MONTAZA\Desktop\dds.scr 2014-04-24 07:34 - 2014-04-24 07:34 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-23 17:54 - 2013-09-02 18:13 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\Winamp 2014-04-23 14:16 - 2014-03-31 14:42 - 00000000 ____D () C:\Users\MONTAZA\Documents\The KMPlayer 2014-04-22 18:20 - 2013-11-23 10:16 - 00000000 ____D () C:\Users\MONTAZA\AppData\Local\Windows Live 2014-04-22 16:39 - 2014-04-09 18:28 - 00053994 _____ () C:\Users\MONTAZA\dsp_stereo_tool.ini 2014-04-22 16:39 - 2013-09-02 17:32 - 00000000 ____D () C:\Users\MONTAZA 2014-04-22 14:13 - 2009-07-14 06:33 - 01106784 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-22 14:09 - 2013-09-02 17:49 - 00424784 _____ () C:\Users\MONTAZA\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-18 19:17 - 2014-04-18 19:17 - 00000915 _____ () C:\Users\MONTAZA\Desktop\Radmin Viewer 3.lnk 2014-04-18 18:46 - 2014-04-18 18:46 - 00000000 ____D () C:\ProgramData\Avg_Update_0414b 2014-04-18 15:35 - 2014-03-03 18:44 - 00000000 ____D () C:\Program Files\Free mp3 Wma Converter 2014-04-18 15:02 - 2014-04-18 15:02 - 00199960 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys 2014-04-18 11:33 - 2013-09-02 17:32 - 00000000 ____D () C:\Users\MONTAZA\AppData\Local\VirtualStore 2014-04-17 11:34 - 2014-01-13 17:42 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-17 11:34 - 2014-01-13 17:42 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-17 10:55 - 2013-12-24 10:27 - 00000000 ____D () C:\Users\MONTAZA\AppData\Local\Downloaded Installations 2014-04-17 10:55 - 2013-09-02 17:38 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\Sony 2014-04-17 10:50 - 2014-04-17 10:46 - 00000000 ____D () C:\ProgramData\AVG 2014-04-17 10:47 - 2014-04-17 10:47 - 00074703 _____ () C:\Windows\system32\mfc45.dat 2014-04-17 10:46 - 2014-04-17 10:46 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\AVG 2014-04-17 10:46 - 2014-03-24 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft 2014-04-17 10:34 - 2014-04-17 10:33 - 70658472 _____ (AVG) C:\Users\MONTAZA\Downloads\avg_tuh_stf_all_2014_380_24c43.exe 2014-04-17 10:07 - 2014-04-17 10:07 - 00000000 ____D () C:\Program Files\Burrrn 2014-04-17 10:06 - 2014-04-17 10:06 - 02125249 _____ () C:\Users\MONTAZA\Downloads\burrrn_package.exe 2014-04-16 17:33 - 2014-04-16 17:33 - 00021027 _____ () C:\Users\MONTAZA\Downloads\[rutracker.org].t3995610.torrent 2014-04-16 17:29 - 2014-04-16 17:29 - 00021876 _____ () C:\Users\MONTAZA\Downloads\[rutracker.org].t4079459.torrent 2014-04-16 15:53 - 2014-04-16 15:53 - 00013357 _____ () C:\Users\MONTAZA\Downloads\[rutracker.org].t4198010 (1).torrent 2014-04-16 15:50 - 2014-04-16 15:50 - 00013357 _____ () C:\Users\MONTAZA\Downloads\[rutracker.org].t4198010.torrent 2014-04-16 15:38 - 2014-04-16 15:35 - 335822504 _____ () C:\Users\MONTAZA\Downloads\VA - Acoustic_Blues - 50 Raw Blues Classics.rar 2014-04-16 15:09 - 2013-12-24 12:51 - 00000000 ____D () C:\Qoobox 2014-04-16 15:04 - 2013-09-03 17:07 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-04-16 15:04 - 2013-09-03 17:07 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-04-16 15:04 - 2013-09-03 17:07 - 00000000 ____D () C:\Users\MONTAZA\AppData\Local\Adobe 2014-04-16 14:04 - 2014-04-16 14:04 - 00000000 ____D () C:\Users\MONTAZA\AppData\Local\RealVNC 2014-04-16 12:46 - 2014-02-14 16:35 - 00000000 ____D () C:\Users\MONTAZA\Desktop\SVASTA 2014-04-15 07:13 - 2014-04-15 07:13 - 00000000 __SHD () C:\Users\MONTAZA\AppData\Local\EmieUserList 2014-04-15 07:13 - 2014-04-15 07:13 - 00000000 __SHD () C:\Users\MONTAZA\AppData\Local\EmieSiteList 2014-04-15 04:07 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2014-04-14 18:02 - 2010-11-21 02:46 - 00000000 ____D () C:\Windows\CSC 2014-04-14 18:00 - 2013-12-25 18:29 - 00000000 ____D () C:\ProgramData\PYN 2014-04-14 17:47 - 2014-04-14 17:47 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-14 17:47 - 2014-04-14 17:47 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-14 17:46 - 2014-04-14 17:46 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-14 14:18 - 2014-04-14 14:11 - 00057651 _____ () C:\zoek-results.log 2014-04-14 14:09 - 2014-04-14 14:15 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-04-14 14:09 - 2014-04-14 14:09 - 00000000 ____D () C:\zoek_backup 2014-04-12 08:45 - 2014-04-16 15:41 - 00000000 ____D () C:\Users\MONTAZA\Downloads\VA - Acoustic_Blues - 50 Raw Blues Classics 2014-04-11 19:31 - 2013-12-04 15:31 - 00000000 ____D () C:\Program Files\IObit 2014-04-11 18:59 - 2014-02-14 18:09 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\foobar2000 2014-04-11 12:09 - 2014-01-13 17:43 - 00002146 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-10 12:51 - 2014-01-22 16:04 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\dvdcss 2014-04-10 11:42 - 2014-04-10 11:42 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ALCATech 2014-04-10 11:42 - 2014-04-10 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALCATech 2014-04-10 11:42 - 2014-04-10 11:42 - 00000000 ____D () C:\Program Files\ALCATech 2014-04-10 10:14 - 2014-04-10 07:15 - 00000000 ____D () C:\ProgramData\systemk 2014-04-10 10:14 - 2014-01-20 17:57 - 00000000 ____D () C:\AdwCleaner 2014-04-10 07:15 - 2014-04-10 07:15 - 00000000 ____D () C:\Program Files\Settings Manager 2014-04-10 07:15 - 2014-04-10 07:15 - 00000000 ____D () C:\Program Files\Flvto Youtube Downloader 2014-04-10 03:04 - 2009-07-14 04:04 - 00000540 _____ () C:\Windows\win.ini 2014-04-10 03:03 - 2013-09-03 16:28 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-10 03:00 - 2013-09-03 16:28 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-09 18:21 - 2014-04-09 18:21 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\MixMeister Technology 2014-04-09 18:19 - 2014-04-09 18:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister 2014-04-09 18:19 - 2014-04-09 18:19 - 00000000 ____D () C:\Program Files\MixMeister Fusion 2014-04-09 18:18 - 2014-04-09 18:18 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2014-04-09 18:10 - 2014-03-15 09:35 - 00000000 ____D () C:\Users\MONTAZA\Downloads\Compressed 2014-04-09 11:07 - 2013-12-23 19:33 - 00003810 _____ () C:\Windows\system32\TeamViewer9_Hooks.log 2014-04-09 11:06 - 2014-04-02 13:22 - 00001075 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-04-09 11:06 - 2014-04-02 13:22 - 00001063 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-04-08 12:22 - 2014-03-10 18:02 - 00000000 ____D () C:\Windows\system32\config\SM Registry Backup 2014-04-07 15:00 - 2013-11-13 20:04 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\DMCache 2014-04-04 17:02 - 2014-04-04 17:02 - 00000740 _____ () C:\Users\MONTAZA\Desktop\CD-ROM Extraction.lnk 2014-04-04 17:02 - 2014-04-04 17:02 - 00000607 _____ () C:\Users\MONTAZA\Desktop\DJPower®.lnk 2014-04-04 17:02 - 2014-04-04 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJPower 2014-04-04 17:01 - 2014-03-25 08:54 - 00000000 ____D () C:\DJPower 2014-04-04 17:01 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2014-04-03 12:15 - 2014-04-03 12:15 - 00000000 _____ () C:\hpfr3320.xml 2014-04-03 07:06 - 2014-03-12 08:03 - 00000000 ____D () C:\Users\MONTAZA\Downloads\Video 2014-04-02 13:22 - 2013-09-02 17:51 - 00000000 ____D () C:\Program Files\TeamViewer 2014-04-02 13:20 - 2013-09-03 07:03 - 00000000 ____D () C:\Users\MONTAZA\AppData\Roaming\TeamViewer 2014-04-02 12:52 - 2014-03-29 10:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-04-01 15:26 - 2014-04-01 15:26 - 00020992 _____ (RealVNC Ltd.) C:\Windows\system32\vncmirror.dll 2014-04-01 15:26 - 2014-04-01 15:26 - 00004608 _____ (RealVNC Ltd.) C:\Windows\system32\Drivers\vncmirror.sys 2014-03-31 16:11 - 2014-03-31 16:11 - 00211224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdix.sys 2014-03-31 16:11 - 2014-03-31 16:11 - 00108312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys 2014-03-31 14:02 - 2014-01-08 17:54 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-03-31 14:02 - 2009-07-14 06:53 - 00032594 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-03-27 22:15 - 2014-03-27 22:15 - 00193304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys 2014-03-27 22:14 - 2014-03-27 22:14 - 00123160 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiskx.sys 2014-03-27 22:04 - 2014-03-27 22:04 - 00238872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avglogx.sys 2014-03-27 22:04 - 2014-03-27 22:04 - 00150296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidshx.sys 2014-03-27 22:03 - 2014-03-27 22:03 - 00028440 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx86.sys 2014-03-27 22:03 - 2014-03-27 22:03 - 00022296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsshimx.sys 2014-03-27 11:49 - 2013-09-30 18:23 - 00000000 ____D () C:\Users\MONTAZA\Documents\TMPGEnc Authoring Works 4 2014-03-26 15:48 - 2013-09-03 07:52 - 00000984 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-03-26 15:48 - 2013-09-03 07:52 - 00000000 ____D () C:\Program Files\CCleaner 2014-03-26 15:47 - 2013-10-08 13:22 - 00000000 ____D () C:\Windows\Minidump Some content of TEMP: ==================== C:\Users\MONTAZA\AppData\Local\temp\catchme.dll C:\Users\MONTAZA\AppData\Local\temp\dup2patcher.dll C:\Users\MONTAZA\AppData\Local\temp\PIPInstaller_PTV_.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-19 00:46 ==================== End Of Log ============================ [Link mogu videti samo ulogovani korisnici]

Profil

argus Poslao: 25 Apr 2014 19:24 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start Media View (HKLM\...\MediaViewV1alpha2322) (Version: 1.1 - Media View) <==== ATTENTION Media Viewer (HKLM\...\MediaViewerV1alpha326) (Version: 1.1 - Media Viewer) <==== ATTENTION PC Data App (HKLM\...\PCData App) (Version: - ) <==== ATTENTION Settings Manager (HKLM\...\Settings Manager) (Version: 5.0.0.12302 - Aztec Media Inc) <==== ATTENTION GroupPolicy: Group Policy on Chrome detected <======= ATTENTION FF Extension: Best Video Downloader 2 - C:\Users\MONTAZA\AppData\Roaming\Mozilla\Firefox\Profiles\14vkjkc5.default-1393567253111\Extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi [2014-03-07] CHR HKLM\...\Chrome\Extension: [ejfbagefmhgpelhcgnnloolhmjnjfmka] - C:\Program Files\MediaViewV1\MediaViewV1alpha2322\ch\MediaViewV1alpha2322.crx [2014-02-26] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION S2 ProtectMonitor; C:\Program Files\PCData\StartHelp.exe [70828 2014-02-13] () C:\Users\MONTAZA\AppData\Local\temp\catchme.dll C:\Users\MONTAZA\AppData\Local\temp\dup2patcher.dll C:\Users\MONTAZA\AppData\Local\temp\PIPInstaller_PTV_.exe End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

popaj Poslao: 26 Apr 2014 08:09 Idi na vrh
offline popaj Građanin Pridružio: 05 Jun 2004 Poruke: 81	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-04-2014 01 Ran by MONTAZA at 2014-04-26 08:05:18 Run:1 Running from C:\Users\MONTAZA\Desktop Boot Mode: Normal ============================================== Content of fixlist: *************** Start Media View (HKLM\...\MediaViewV1alpha2322) (Version: 1.1 - Media View) <==== ATTENTION Media Viewer (HKLM\...\MediaViewerV1alpha326) (Version: 1.1 - Media Viewer) <==== ATTENTION PC Data App (HKLM\...\PCData App) (Version: - ) <==== ATTENTION Settings Manager (HKLM\...\Settings Manager) (Version: 5.0.0.12302 - Aztec Media Inc) <==== ATTENTION GroupPolicy: Group Policy on Chrome detected <======= ATTENTION FF Extension: Best Video Downloader 2 - C:\Users\MONTAZA\AppData\Roaming\Mozilla\Firefox\Profiles\14vkjkc5.default-1393567253111\Extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi [2014-03-07] CHR HKLM\...\Chrome\Extension: [ejfbagefmhgpelhcgnnloolhmjnjfmka] - C:\Program Files\MediaViewV1\MediaViewV1alpha2322\ch\MediaViewV1alpha2322.crx [2014-02-26] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION S2 ProtectMonitor; C:\Program Files\PCData\StartHelp.exe [70828 2014-02-13] () C:\Users\MONTAZA\AppData\Local\temp\catchme.dll C:\Users\MONTAZA\AppData\Local\temp\dup2patcher.dll C:\Users\MONTAZA\AppData\Local\temp\PIPInstaller_PTV_.exe End *************** C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. C:\Users\MONTAZA\AppData\Roaming\Mozilla\Firefox\Profiles\14vkjkc5.default-1393567253111\Extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi => Moved successfully. HKLM\SOFTWARE\Google\Chrome\Extensions\ejfbagefmhgpelhcgnnloolhmjnjfmka => Key deleted successfully. C:\Program Files\MediaViewV1\MediaViewV1alpha2322\ch\MediaViewV1alpha2322.crx => Moved successfully. HKLM\SOFTWARE\Policies\Google => Key deleted successfully. ProtectMonitor => Service deleted successfully. C:\Users\MONTAZA\AppData\Local\temp\catchme.dll => Moved successfully. C:\Users\MONTAZA\AppData\Local\temp\dup2patcher.dll => Moved successfully. C:\Users\MONTAZA\AppData\Local\temp\PIPInstaller_PTV_.exe => Moved successfully. The system needed a reboot. p.s. odradio, restartovao se, nakon podizanja windowsa situacija je ista, tu je dvdscr.exe ==== End of Fixlog ====

Profil

argus Poslao: 26 Apr 2014 09:27 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo pokreni FRST/FRST64: upiši dvdsvr.exe u polje Search: i klikni na dugme Search File(s); alat će skenirati tvoj računar i formirati izveštaj (Search.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj Search.txt izveštaja u poruku;

Profil

popaj Poslao: 26 Apr 2014 11:10 Idi na vrh
offline popaj Građanin Pridružio: 05 Jun 2004 Poruke: 81	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Farbar Recovery Scan Tool (x86) Version: 26-04-2014 01 Ran by MONTAZA at 2014-04-26 11:07:05 Running from C:\Users\MONTAZA\Desktop Boot Mode: Normal ================== Search: "dvdsvr.exe" =================== === End Of Search ===

Profil

argus Poslao: 26 Apr 2014 11:11 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Trojanac koga ne mogu da skinem

Ko je trenutno na forumu

Ukupno su 1434 korisnika na forumu :: 45 registrovanih, 3 sakrivenih i 1386 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 1MAP, Bobrock1, boxbole, brundo65, Bubimir, Chainsaw, d.arsenal321, Djole3621, Ercomero, Hans Gajger, HrcAk47, ILGromovnik, istina, ivanhoe31, ivica976, jodzula, Krusarac, kuntakinte, Kuroje, kybonacci, lacko, Lazur_01, lcc, LeGrandCharles, Metanoja, mgolub, mile.ilic75, Moldovan, Morava71, Mrav Obrad, narandzasti, PlayerOne, Pururin, royst33, Srky Boy, StrahinjicOgnjen, Topaz9, tritonus, trutcina, Username1000, vaso1, Vl veliki, Zastava, Zdilar, zoran77

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by