MyCity » Ambulanta -> Arhiva Ambulante » Usporen komp i net

Usporen komp i net

Napisano na dan: 23.2.2014

Strana:
1
2

Usporen komp i net

Sledeća strana

Pagination

Odgovori

Strana:
1
2

crusher Poslao: 23 Feb 2014 21:11 Idi na vrh
offline crusher Ugledni građanin Pridružio: 15 Maj 2012 Poruke: 396	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Nesto je kompjuter mnogo poceo da mi koci i internet mi mnogo sporije radi, pa bih da proverim da l' mozda nema neki malware. Evo izvestaja. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.51.2 Run by Gruja at 21:07:18 on 2014-02-23 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3071.1677 [GMT 1:00] . AV: Microsoft Security Essentials Enabled/Updated {641105E6-77ED-3F35-A304-765193BCB75F} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials Enabled/Updated {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\Hotspot Shield\bin\cmw_srv.exe C:\Program Files\Garena Plus\ggdllhost.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Users\Gruja\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files\MCShield\MCShieldRTM.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Garena Plus\GarenaMessenger.exe C:\Program Files\Hotspot Shield\bin\hsswd.exe C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Hotspot Shield\bin\hsscp.exe D:\Program Files\LeagueOfLegends\RADS\system\rads_user_kernel.exe D:\Program Files\LeagueOfLegends\RADS\projects\lol_launcher\releases\0.0.0.199\deploy\LoLLauncher.exe D:\Program Files\LeagueOfLegends\RADS\projects\lol_air_client\releases\0.0.1.71\deploy\LolClient.exe C:\Program Files\Hotspot Shield\bin\af_proxy_cmd.exe C:\Windows\system32\conhost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxp://websearch.toolksearchbook.info/?pid=1617&r=2014/01/15&hid=14155846905687428733&lg=EN&cc=RS&unqvl=46 mStart Page = hxxp://websearch.toolksearchbook.info/?pid=1617&r=2014/01/15&hid=14155846905687428733&lg=EN&cc=RS&unqvl=46 uProxyServer = hxxp=127.0.0.1:8555;https=127.0.0.1:8555 uProxyOverride = <local>127.0.0.1;localhost;10.;192.168.;127.0.0.1:895;127.0.0.1:896 BHO: VaUdix: {08B52FE0-5E55-3695-33C8-973EC78CDA39} - c:\program files\vaudix\S2bdL.dll BHO: Speed Test 127: {11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} - c:\program files\speed test 127\ScriptHost.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: SNT: {7A4D7B87-B62F-5A06-B914-933CC81F1181} - c:\program files\snt\QX14KmB.dll BHO: Free Games 111: {C45EC9F0-8333-465D-9728-074BD41985C9} - c:\program files\free games 111\ScriptHost.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll uRun: [uTorrent] "c:\users\gruja\appdata\roaming\utorrent\uTorrent.exe" /MINIMIZED uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [LiveSupport] "c:\program files\livesupport\LiveSupport.exe" /noshow /log uRun: [GarenaPlus] "c:\program files\garena plus\GarenaMessenger.exe" -autolaunch mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: NameServer = 192.168.1.1 0.0.0.0 TCP: Interfaces\{535ED385-C97B-4B9D-A760-7AD733AD6518} : DHCPNameServer = 192.168.1.1 0.0.0.0 TCP: Interfaces\{F8209418-4666-4D8F-8009-8B6ABBFB046E} : DHCPNameServer = 8.8.8.8 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.117\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 214696] R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2014-2-21 39624] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-4-20 176128] R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\cmw_srv.exe [2014-1-15 944424] R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2014-1-15 555304] R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-28 104768] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-12-5 94720] R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [2009-4-30 25088] R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288] R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2014-1-14 37064] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-12 105144] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-2-13 108032] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-12-5 14848] S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184] S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2013-12-5 24064] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-12-5 49664] S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-12-5 27136] S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640] . =============== Created Last 30 ================ . 2014-02-23 10:08:43 7947048 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9281f38e-a75c-4a55-8802-3793439c71f5}\mpengine.dll 2014-02-21 17:45:27 -------- d-----w- c:\programdata\Hotspot Shield 2014-02-21 17:44:42 39624 ----a-w- c:\windows\system32\drivers\hssdrv6.sys 2014-02-21 17:44:41 -------- d-----w- c:\program files\Hotspot Shield 2014-02-21 17:44:37 -------- d-----w- c:\users\gruja\appdata\roaming\Hotspot Shield 2014-02-21 09:14:09 7947048 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2014-02-20 09:02:29 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{21ea8fc2-0d3e-4834-9f2a-06e5a21ee88f}\gapaengine.dll 2014-02-13 20:34:24 454656 ----a-w- c:\windows\system32\vbscript.dll 2014-02-13 16:24:37 2048 ----a-w- c:\windows\system32\msxml3r.dll 2014-02-13 16:24:37 1237504 ----a-w- c:\windows\system32\msxml3.dll 2014-02-13 16:23:18 3419136 ----a-w- c:\windows\system32\d2d1.dll 2014-02-13 16:23:18 1987584 ----a-w- c:\windows\system32\d3d10warp.dll 2014-02-13 16:22:59 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2014-02-13 16:22:59 87040 ----a-w- c:\windows\system32\secproc_ssp.dll 2014-02-13 16:22:59 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe 2014-02-13 16:22:59 572416 ----a-w- c:\windows\system32\RMActivate.exe 2014-02-13 16:22:59 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2014-02-13 16:22:59 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2014-02-13 16:22:59 428032 ----a-w- c:\windows\system32\secproc.dll 2014-02-13 16:22:59 423936 ----a-w- c:\windows\system32\secproc_isv.dll 2014-02-13 16:22:59 390144 ----a-w- c:\windows\system32\msdrm.dll 2014-02-08 17:51:30 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . ==================== Find3M ==================== . 2014-02-06 10:20:26 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2014-02-06 10:19:55 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll 2014-02-06 10:01:36 61952 ----a-w- c:\windows\system32\iesetup.dll 2014-02-06 10:00:46 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll 2014-02-06 09:47:22 112128 ----a-w- c:\windows\system32\ieUnatt.exe 2014-02-06 09:47:18 108032 ----a-w- c:\windows\system32\ieetwcollector.exe 2014-02-06 09:46:27 553472 ----a-w- c:\windows\system32\jscript9diag.dll 2014-02-06 09:25:36 4244480 ----a-w- c:\windows\system32\jscript9.dll 2014-02-06 09:09:30 1964032 ----a-w- c:\windows\system32\inetcpl.cpl 2014-02-06 08:41:35 1820160 ----a-w- c:\windows\system32\wininet.dll 2014-01-19 07:32:23 231584 ------w- c:\windows\system32\MpSigStub.exe 2014-01-14 22:49:16 37064 ----a-w- c:\windows\system32\drivers\taphss6.sys 2013-12-20 15:23:41 324096 ----a-w- c:\windows\system32\drivers\sptd.sys 2013-12-05 03:29:39 69632 ----a-w- c:\windows\system32\smss.exe 2013-12-05 03:29:39 640512 ----a-w- c:\windows\system32\advapi32.dll 2013-12-05 03:29:39 619520 ----a-w- c:\windows\system32\tdh.dll 2013-12-05 03:29:39 3969472 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-12-05 03:29:39 3914176 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-12-05 03:29:39 38912 ----a-w- c:\windows\system32\csrsrv.dll 2013-12-05 03:29:39 1289096 ----a-w- c:\windows\system32\ntdll.dll 2013-12-05 03:29:29 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2013-12-05 03:29:28 338944 ----a-w- c:\windows\system32\drivers\afd.sys 2013-12-05 03:29:28 231424 ----a-w- c:\windows\system32\mswsock.dll 2013-12-05 03:29:28 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-12-04 05:43:09 49152 ----a-w- c:\windows\system32\taskhost.exe 2013-12-04 05:31:41 1505280 ----a-w- c:\windows\system32\d3d11.dll 2013-12-04 03:22:35 0 ----a-w- c:\windows\ativpsrm.bin 2013-11-27 01:14:25 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys 2013-11-27 01:13:46 284672 ----a-w- c:\windows\system32\drivers\usbport.sys 2013-11-27 01:13:44 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2013-11-27 01:13:41 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys 2013-11-27 01:13:38 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys 2013-11-27 01:13:36 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2013-11-27 01:13:33 6016 ----a-w- c:\windows\system32\drivers\usbd.sys 2013-11-26 11:11:29 240576 ----a-w- c:\windows\system32\drivers\netio.sys 2013-11-26 10:10:21 2349056 ----a-w- c:\windows\system32\win32k.sys . ============= FINISH: 21:08:14.60 =============== https://www.mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 23 Feb 2014 23:01 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: `c:\program files\vaudix;fs c:\program files\speed test 127;fs c:\program files\snt;fs c:\program files\free games 111;fs c:\program files\livesupport;fs autoclean; emptyalltemp; emptyclsid;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

crusher Poslao: 24 Feb 2014 13:24 Idi na vrh
offline crusher Ugledni građanin Pridružio: 15 Maj 2012 Poruke: 396	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo, uradio sam. Zoek.exe v5.0.0.0 Updated 19-February-2014 Tool run by Gruja on Mon 02/24/2014 at 12:50:01.67. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gruja\Desktop\Zoek\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 2/24/2014 12:51:02 PM Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-360854678-2893440964-506927118-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HssTrayService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\HssTrayService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hshld deleted successfully ==== Deleting Files \ Folders ====================== c:\program files\livesupport not found c:\program files\vaudix deleted c:\program files\speed test 127 deleted c:\program files\snt deleted c:\program files\free games 111 deleted C:\Users\Gruja\AppData\LocalLow\{08B52FE0-5E55-3695-33C8-973EC78CDA39} deleted C:\Users\Gruja\AppData\LocalLow\{7A4D7B87-B62F-5A06-B914-933CC81F1181} deleted C:\PROGRA~2\VaUdix deleted C:\PROGRA~2\SNT deleted C:\Users\Gruja\AppData\Roaming\freegames111 deleted C:\Users\Gruja\AppData\Roaming\speedtest4354 deleted C:\Users\Gruja\AppData\Roaming\Hotspot Shield deleted C:\Users\Gruja\AppData\Roaming\Systweak deleted C:\Users\Gruja\AppData\Roaming\PerformerSoft deleted C:\PROGRA~2\InstallMate deleted C:\PROGRA~2\House Of Soft deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield deleted C:\Windows\system32\roboot.exe deleted C:\Users\Gruja\Documents\Optimizer Pro deleted C:\Users\Gruja\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers deleted C:\Users\Gruja\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers deleted "C:\PROGRA~2\cd3965e30808a219\{681002C6-5019-81A2-7871-A43754F71E56}" deleted "C:\PROGRA~2\cd3965e30808a219\{681002C6-5019-81A2-7871-A43754F71E56}.old" deleted "C:\PROGRA~2\cd3965e30808a219\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" deleted "C:\Program Files\Garena Plus\CommonLib.dll" deleted "C:\Program Files\Garena Plus\CxImage.dll" deleted "C:\Program Files\Garena Plus\data" deleted "C:\Program Files\Garena Plus\DibModule.dll" deleted "C:\Program Files\Garena Plus\FileLoader.dll" deleted "C:\Program Files\Garena Plus\GarenaMessenger.exe" deleted "C:\Program Files\Garena Plus\ggdllhost.exe" deleted "C:\Program Files\Garena Plus\ggdownloader.dll" deleted "C:\Program Files\Garena Plus\ggspawn.dll" deleted "C:\Program Files\Garena Plus\ImageModule.dll" deleted "C:\Program Files\Garena Plus\lame_enc.dll" deleted "C:\Program Files\Garena Plus\libcurl.dll" deleted "C:\Program Files\Garena Plus\libeay32.dll" deleted "C:\Program Files\Garena Plus\libmpg123.dll" deleted "C:\Program Files\Garena Plus\libzmq.dll" deleted "C:\Program Files\Garena Plus\log4cxx.dll" deleted "C:\Program Files\Garena Plus\PluginKernel.dll" deleted "C:\Program Files\Garena Plus\PluginModule.dll" deleted "C:\Program Files\Garena Plus\resdata" deleted "C:\Program Files\Garena Plus\ServerMemAlloc.dll" deleted "C:\Program Files\Garena Plus\sqlite3.dll" deleted "C:\Program Files\Garena Plus\ssleay32.dll" deleted "C:\Program Files\Garena Plus\umdata" deleted "C:\Program Files\Garena Plus\VersionModule.dll" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.avatw" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.blackshot" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.common" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.dnf" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.elsph" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.fo3" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.fo3id" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.fo3th" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.fo3vn" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.hon" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.honcis" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.ldj" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.lol" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.lolid" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.lolph" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.lolth" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.loltw" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.lolvn" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.mstar" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.mstartw" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.pb" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.pbth" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.perfectworld" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.poe" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.pwen" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.the7tw" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.wintexastw" deleted "C:\Program Files\Garena Plus\garena.game.plugins\garena.game.zsg" deleted "C:\Program Files\Garena Plus\lib\Http.dll" deleted "C:\Program Files\Garena Plus\lib\MP3Module.dll" deleted "C:\Program Files\Garena Plus\lib\TaskManagerLib.dll" deleted "C:\Program Files\Garena Plus\lib\UILayout.dll" deleted "C:\Program Files\Garena Plus\lib\XLL.dll" deleted "C:\Program Files\Garena Plus\lib\xlldata" deleted "C:\Program Files\Garena Plus\lib\XmlUIModule.dll" deleted "C:\Program Files\Garena Plus\Plugins\ggplugin.dll" deleted "C:\Program Files\Garena Plus\Plugins\Stats" deleted "C:\Program Files\Garena Plus\Plugins\StatsPlugin.dll" deleted "C:\Program Files\Garena Plus\lib\delay_load\AudioMixerLib.dll" deleted "C:\Program Files\Garena Plus\lib\delay_load\ClientTcp.dll" deleted "C:\Program Files\Garena Plus\lib\delay_load\FileSender.dll" deleted "C:\Program Files\Garena Plus\lib\delay_load\GaFileTransfer.dll" deleted "C:\Program Files\Garena Plus\lib\delay_load\GaVoiceGroup.dll" deleted "C:\Program Files\Garena Plus\lib\delay_load\MediaEngine.dll" deleted "C:\Program Files\Garena Plus\lib\delay_load\RSALib.dll" deleted "C:\Program Files\Garena Plus\lib\delay_load\UdtLib.dll" deleted "C:\Program Files\Garena Plus\lib\fs\YYFileSystem.dll" deleted "C:\Program Files\Hotspot Shield\bin\af_proxy.dll" deleted "C:\Program Files\Hotspot Shield\bin\HSSCP.exe" deleted "C:\Program Files\Hotspot Shield\bin\zlib1.dll" deleted "C:\Program Files\Hotspot Shield\bin\lang\gui-eng.dll" deleted "C:\PROGRA~2\cd3965e30808a219" deleted "C:\Program Files\Garena Plus" deleted "C:\Program Files\Hotspot Shield" deleted "C:\PROGRA~2\Hotspot Shield" deleted "C:\Program Files\Garena Plus\garena.game.plugins" deleted "C:\Program Files\Garena Plus\lib" deleted "C:\Program Files\Garena Plus\Plugins" deleted "C:\Program Files\Garena Plus\lib\delay_load" deleted "C:\Program Files\Garena Plus\lib\fs" deleted "C:\Program Files\Hotspot Shield\bin" deleted "C:\Program Files\Hotspot Shield\bin\lang" deleted "C:\PROGRA~2\Hotspot Shield\config" deleted "C:\PROGRA~2\Hotspot Shield\config\hsspx" deleted ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "speedtest4354@BestOffers"="C:\Users\Gruja\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers" [] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jljheddigenhleadfofeccneimcmlefp - C:\Users\Gruja\AppData\Roaming\speedtest4354\speedtest4354.crx[] lbgfiglojokgabdbhegbpjgojgppppgf - C:\Users\Gruja\AppData\Roaming\freegames111\freegames111.crx[] SNT - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah Vaoudix - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle SNT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah Vaoudix - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle SNT - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah Vaoudix - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle SNT - Administrator\AppData\Local\Torch\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah Vaoudix - Administrator\AppData\Local\Torch\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle SNT - Gruja\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah Vaoudix - Gruja\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle SNT - Gruja\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah Vaoudix - Gruja\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle SNT - Gruja\AppData\Local\Torch\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah Vaoudix - Gruja\AppData\Local\Torch\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle SNT - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah Vaoudix - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle SNT - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah Vaoudix - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle SNT - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah Vaoudix - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle SNT - Guest\AppData\Local\Torch\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah Vaoudix - Guest\AppData\Local\Torch\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle ==== Chrome Fix ====================== C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah deleted successfully C:\Users\Gruja\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah deleted successfully C:\Users\Gruja\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah deleted successfully C:\Users\Gruja\AppData\Local\Torch\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah deleted successfully C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah deleted successfully C:\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\beghdbedjchidnjlocdiakfdeafmlpah deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle deleted successfully C:\Users\Gruja\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle deleted successfully C:\Users\Gruja\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle deleted successfully C:\Users\Gruja\AppData\Local\Torch\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle deleted successfully C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle deleted successfully C:\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\hjkedndlcgfichckncfjccnldidkhlle deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://websearch.toolksearchbook.info/?pid=1617&r=2014/01/15&hid=14155846905687428733&lg=EN&cc=RS&unqvl=46" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://websearch.toolksearchbook.info/?pid=1617&r=2014/01/15&hid=14155846905687428733&lg=EN&cc=RS&unqvl=46" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-360854678-2893440964-506927118-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} deleted successfully HKEY_USERS\S-1-5-21-360854678-2893440964-506927118-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C45EC9F0-8333-465D-9728-074BD41985C9} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08B52FE0-5E55-3695-33C8-973EC78CDA39} deleted successfully HKEY_CLASSES_ROOT\CLSID\{08B52FE0-5E55-3695-33C8-973EC78CDA39} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08B52FE0-5E55-3695-33C8-973EC78CDA39} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7A4D7B87-B62F-5A06-B914-933CC81F1181} deleted successfully HKEY_CLASSES_ROOT\CLSID\{7A4D7B87-B62F-5A06-B914-933CC81F1181} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A4D7B87-B62F-5A06-B914-933CC81F1181} deleted successfully HKEY_CLASSES_ROOT\CLSID\{C45EC9F0-8333-465D-9728-074BD41985C9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C45EC9F0-8333-465D-9728-074BD41985C9} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-360854678-2893440964-506927118-1000\Software\Mozilla\Firefox\Extensions\freegames4357@BestOffers deleted successfully HKEY_USERS\S-1-5-21-360854678-2893440964-506927118-1000\Software\Mozilla\Firefox\Extensions\speedtest4354@BestOffers deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\74ef6c46-7d52-4c9e-9a5a-8a06a604edea deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jljheddigenhleadfofeccneimcmlefp deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lbgfiglojokgabdbhegbpjgojgppppgf deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\im deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{681002C6-5019-81A2-7871-A43754F71E56} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HotspotShield deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gruja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A28IDONY will be deleted at reboot C:\Users\Gruja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3O1C0M8 will be deleted at reboot C:\Users\Gruja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KOC7USOY will be deleted at reboot C:\Users\Gruja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSEQVKBG will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gruja\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=775 folders=139 158592610 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gruja\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Gruja\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Gruja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A28IDONY" not found "C:\Users\Gruja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3O1C0M8" not found "C:\Users\Gruja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KOC7USOY" not found "C:\Users\Gruja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSEQVKBG" not found ==== EOF on Mon 02/24/2014 at 12:59:20.29 ======================

Profil

TwinHeadedEagle Poslao: 24 Feb 2014 13:42 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ima li poboljsanja nakon ovoga?

Profil

crusher Poslao: 24 Feb 2014 15:42 Idi na vrh
offline crusher Ugledni građanin Pridružio: 15 Maj 2012 Poruke: 396	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ne, isto.

Profil

TwinHeadedEagle Poslao: 24 Feb 2014 21:15 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu, idemo na dodatnu dijagnostiku: Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop: Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom. Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih c´e raditi na tvom sistemu, to c´e biti prava verzija. dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor; pričekati koji trenutak dok alat proverava postoji li novija verzija; klikni na dugme Scan; po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj FRST.txt izveštaja u poruku; po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt); okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl Preuzmi aswMBR i sacuvaj ga na Desktop. Dvoklikom pokreni aswMBR. Ukoliko dobijes sledecu poruku: Would you like to download latest Avast! virus definitions? Klikni na dugme Yes i pricekaj da se proces preuzimanja definicija zavrsi. Proveri da je pod AV Scan: izabrana opcija QuickScan Klikni na Scan. Kada zavrsi skeniranje ( Scan finished successfully ) klikni Save log. Sacuvaj aswMBR log na Desktop. Sadrzaj tog loga iskopiraj u temi.

Profil

crusher Poslao: 25 Feb 2014 09:36 Idi na vrh
offline crusher Ugledni građanin Pridružio: 15 Maj 2012 Poruke: 396	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-02-2014 01 Ran by Gruja (administrator) on GRUJA-PC on 25-02-2014 09:18:16 Running from C:\Users\Gruja\Downloads Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (BitTorrent Inc.) C:\Users\Gruja\AppData\Roaming\uTorrent\uTorrent.exe (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-27] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11430504 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKU\S-1-5-21-360854678-2893440964-506927118-1000\...\Run: [uTorrent] - C:\Users\Gruja\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-01-27] (BitTorrent Inc.) HKU\S-1-5-21-360854678-2893440964-506927118-1000\...\Run: [MCShield Monitor] - C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-02-02] (MyCity) HKU\S-1-5-21-360854678-2893440964-506927118-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-15] (Skype Technologies S.A.) HKU\S-1-5-21-360854678-2893440964-506927118-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) HKU\S-1-5-21-360854678-2893440964-506927118-1000\...\Run: [LiveSupport] - "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log HKU\S-1-5-21-360854678-2893440964-506927118-1000\...\Run: [GarenaPlus] - "C:\Program Files\Garena Plus\GarenaMessenger.exe" -autolaunch ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled. SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 Chrome: ======= CHR Extension: (Google Wallet) - C:\Users\Gruja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-03] ========================== Services (Whitelisted) ================= R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [39624 2014-01-14] (AnchorFree Inc.) R3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-30] (Windows (R) Codename Longhorn DDK provider) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2013-12-20] (Duplex Secure Ltd.) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2014-01-14] (Anchorfree Inc.) U3 aihmyx7v; C:\Windows\system32\Drivers\aihmyx7v.sys [0 ] (Advanced Micro Devices) S3 cpuz134; \??\C:\Users\Gruja\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-25 09:18 - 2014-02-25 09:18 - 03343716 _____ () C:\Users\Gruja\Downloads\Unconfirmed 958886.crdownload 2014-02-25 09:18 - 2014-02-25 09:18 - 00006447 _____ () C:\Users\Gruja\Downloads\FRST.txt 2014-02-25 09:17 - 2014-02-25 09:18 - 00000000 ____D () C:\FRST 2014-02-25 09:17 - 2014-02-25 09:17 - 01144320 _____ (Farbar) C:\Users\Gruja\Downloads\FRST.exe 2014-02-24 14:43 - 2014-02-24 14:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-02-24 14:40 - 2014-02-24 14:40 - 00000000 ____D () C:\Users\Gruja\Downloads\GTA IV PC Version 2014-02-24 12:57 - 2014-02-24 12:49 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-02-24 12:50 - 2014-02-24 12:59 - 00021227 _____ () C:\zoek-results.log 2014-02-24 12:49 - 2014-02-24 12:56 - 00000000 ____D () C:\zoek_backup 2014-02-21 18:44 - 2014-01-14 23:45 - 00039624 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys 2014-02-15 11:31 - 2014-02-15 11:32 - 00001984 _____ () C:\Users\Public\Desktop\Adobe Reader 9.lnk 2014-02-15 11:31 - 2014-02-15 11:31 - 00000000 ____D () C:\Program Files\Adobe 2014-02-15 11:25 - 2014-02-24 12:58 - 00001514 _____ () C:\Windows\PFRO.log 2014-02-13 21:38 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-13 21:38 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-13 21:38 - 2014-02-06 11:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-13 21:38 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-13 21:38 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-13 21:38 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-13 21:38 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-13 21:38 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-13 21:38 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-13 21:38 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-13 21:38 - 2014-02-06 10:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-13 21:38 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-13 21:38 - 2014-02-06 10:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-13 21:38 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-13 21:38 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-13 21:38 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-13 21:38 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-13 21:38 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-13 21:38 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-13 21:38 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-13 21:38 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-13 21:34 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-13 17:24 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-02-13 17:24 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-13 17:24 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-02-13 17:23 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-02-13 17:23 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-02-13 17:22 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-02-13 17:22 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-02-13 17:22 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-02-13 17:22 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-02-13 17:22 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-02-13 17:22 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-02-13 17:22 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-02-13 17:22 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-02-13 17:22 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-08 18:51 - 2014-02-08 18:51 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-02-08 18:51 - 2014-02-08 18:51 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-02-08 18:51 - 2014-02-08 18:51 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-02-08 18:51 - 2014-02-08 18:51 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-02-08 18:51 - 2014-02-08 18:51 - 00000000 ____D () C:\Program Files\Java 2014-02-08 18:51 - 2014-02-08 18:51 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-02-08 15:48 - 2014-02-08 15:48 - 307482592 _____ () C:\Windows\MEMORY.DMP 2014-02-08 15:48 - 2014-02-08 15:48 - 00143712 _____ () C:\Windows\Minidump\020814-13821-01.dmp ==================== One Month Modified Files and Folders ======= 2014-02-25 09:18 - 2014-02-25 09:18 - 03343716 _____ () C:\Users\Gruja\Downloads\Unconfirmed 958886.crdownload 2014-02-25 09:18 - 2014-02-25 09:18 - 00006447 _____ () C:\Users\Gruja\Downloads\FRST.txt 2014-02-25 09:18 - 2014-02-25 09:17 - 00000000 ____D () C:\FRST 2014-02-25 09:17 - 2014-02-25 09:17 - 01144320 _____ (Farbar) C:\Users\Gruja\Downloads\FRST.exe 2014-02-25 09:17 - 2013-12-06 02:48 - 00000000 ____D () C:\Users\Gruja\AppData\Roaming\Skype 2014-02-25 09:14 - 2013-12-03 19:41 - 00000000 ____D () C:\Users\Gruja\AppData\Roaming\uTorrent 2014-02-25 09:05 - 2009-07-14 05:34 - 00028976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-25 09:05 - 2009-07-14 05:34 - 00028976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-25 09:02 - 2013-12-04 04:34 - 02072933 _____ () C:\Windows\WindowsUpdate.log 2014-02-25 09:02 - 2010-11-20 22:01 - 00799038 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-25 08:58 - 2014-01-20 10:16 - 00004832 _____ () C:\Windows\setupact.log 2014-02-25 08:58 - 2013-12-04 04:40 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-25 08:58 - 2013-12-03 19:51 - 00000000 ____D () C:\ProgramData\MCShield 2014-02-25 08:58 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-24 21:26 - 2013-12-04 04:40 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-24 21:08 - 2013-12-04 05:32 - 00000000 ____D () C:\Users\Gruja\Documents\Visual Studio 2010 2014-02-24 14:43 - 2014-02-24 14:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-02-24 14:40 - 2014-02-24 14:40 - 00000000 ____D () C:\Users\Gruja\Downloads\GTA IV PC Version 2014-02-24 12:59 - 2014-02-24 12:50 - 00021227 _____ () C:\zoek-results.log 2014-02-24 12:58 - 2014-02-15 11:25 - 00001514 _____ () C:\Windows\PFRO.log 2014-02-24 12:56 - 2014-02-24 12:49 - 00000000 ____D () C:\zoek_backup 2014-02-24 12:49 - 2014-02-24 12:57 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-02-24 09:29 - 2014-01-21 20:24 - 00000000 ____D () C:\Users\Gruja\AppData\Roaming\GarenaPlus 2014-02-24 09:29 - 2014-01-21 20:23 - 00000000 ____D () C:\ProgramData\GarenaMessenger 2014-02-15 15:25 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-02-15 11:32 - 2014-02-15 11:31 - 00001984 _____ () C:\Users\Public\Desktop\Adobe Reader 9.lnk 2014-02-15 11:31 - 2014-02-15 11:31 - 00000000 ____D () C:\Program Files\Adobe 2014-02-15 11:31 - 2013-12-07 02:51 - 00000000 ____D () C:\Users\Gruja\AppData\Local\Adobe 2014-02-15 11:31 - 2013-12-04 05:06 - 00000000 ____D () C:\ProgramData\Adobe 2014-02-15 11:31 - 2013-12-04 05:05 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-02-14 16:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-02-13 21:38 - 2013-12-04 06:29 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-13 21:36 - 2013-12-04 06:29 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-13 21:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS 2014-02-09 20:54 - 2013-12-03 19:51 - 00000000 ____D () C:\Program Files\MCShield 2014-02-08 18:52 - 2014-01-11 19:25 - 00000000 ____D () C:\ProgramData\Oracle 2014-02-08 18:51 - 2014-02-08 18:51 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-02-08 18:51 - 2014-02-08 18:51 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-02-08 18:51 - 2014-02-08 18:51 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-02-08 18:51 - 2014-02-08 18:51 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-02-08 18:51 - 2014-02-08 18:51 - 00000000 ____D () C:\Program Files\Java 2014-02-08 18:51 - 2014-02-08 18:51 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-02-08 15:48 - 2014-02-08 15:48 - 307482592 _____ () C:\Windows\MEMORY.DMP 2014-02-08 15:48 - 2014-02-08 15:48 - 00143712 _____ () C:\Windows\Minidump\020814-13821-01.dmp 2014-02-08 15:48 - 2014-01-16 21:27 - 00000000 ____D () C:\Windows\Minidump 2014-02-07 18:17 - 2009-07-14 05:53 - 00029482 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-02-06 11:38 - 2014-02-13 21:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-06 11:20 - 2014-02-13 21:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-06 11:19 - 2014-02-13 21:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-06 11:01 - 2014-02-13 21:38 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-06 11:00 - 2014-02-13 21:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-06 10:57 - 2014-02-13 21:38 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-06 10:52 - 2014-02-13 21:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-06 10:52 - 2014-02-13 21:38 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-06 10:49 - 2014-02-13 21:38 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-06 10:47 - 2014-02-13 21:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-06 10:47 - 2014-02-13 21:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-06 10:46 - 2014-02-13 21:38 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-06 10:34 - 2014-02-13 21:38 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-06 10:25 - 2014-02-13 21:38 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-06 10:25 - 2014-02-13 21:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-06 10:13 - 2014-02-13 21:38 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-06 10:09 - 2014-02-13 21:38 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-06 10:03 - 2014-02-13 21:38 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-06 09:41 - 2014-02-13 21:38 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-06 09:36 - 2014-02-13 21:38 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-06 09:34 - 2014-02-13 21:38 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-01 16:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-19 13:59 ==================== End Of Log ============================ https://www.mycity.rs/must-login.png Evo od aswMBR: aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software Run date: 2014-02-25 09:19:11 ----------------------------- 09:19:11.532 OS Version: Windows 6.1.7601 Service Pack 1 09:19:11.532 Number of processors: 2 586 0x602 09:19:11.533 ComputerName: GRUJA-PC UserName: Gruja 09:19:12.477 Initialize success 09:24:18.210 AVAST engine defs: 14022401 09:24:26.896 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d 09:24:26.902 Disk 0 Vendor: Hitachi_ JP2O Size: 476940MB BusType: 3 09:24:26.914 Disk 0 MBR read successfully 09:24:26.919 Disk 0 MBR scan 09:24:26.975 Disk 0 Windows 7 default MBR code 09:24:26.986 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 149896 MB offset 206848 09:24:27.034 Disk 0 Partition - 00 0F Extended LBA 326932 MB offset 307194930 09:24:27.055 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 326932 MB offset 307194993 09:24:27.095 Disk 0 scanning sectors +976752000 09:24:27.246 Disk 0 scanning C:\Windows\system32\drivers 09:24:41.883 Service scanning 09:24:56.145 Service MpKsl08c37a85 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2554D694-2DAE-41C1-9163-3B6033C4A5BA}\MpKsl08c37a85.sys LOCKED 32 09:25:16.110 Modules scanning 09:25:22.831 Disk 0 trace - called modules: 09:25:22.872 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x8556b1f8]<< 09:25:22.878 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x865b1030] 09:25:22.885 3 CLASSPNP.SYS[8b79b59e] -> nt!IofCallDriver -> [0x855bbb40] 09:25:22.891 5 ACPI.sys[8b1173d4] -> nt!IofCallDriver -> \Device\0000005d[0x85ea2030] 09:25:22.898 \Driver\nvstor[0x86299eb0] -> IRP_MJ_CREATE -> 0x8556b1f8 09:25:23.631 AVAST engine scan C:\Windows 09:25:25.750 AVAST engine scan C:\Windows\system32 09:29:28.288 AVAST engine scan C:\Windows\system32\drivers 09:29:44.973 AVAST engine scan C:\Users\Gruja 09:31:12.137 AVAST engine scan C:\ProgramData 09:31:46.127 Scan finished successfully 09:34:59.786 Disk 0 MBR has been saved successfully to "C:\Users\Gruja\Downloads\MBR.dat" 09:34:59.806 The log file has been saved successfully to "C:\Users\Gruja\Downloads\aswMBR.txt"

Profil

TwinHeadedEagle Poslao: 25 Feb 2014 12:25 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U Control Panel-u obrisi sledece ukoliko ne koristis: - Speed Test 127 - Pro Pinball - Timeshock! 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: `HKU\S-1-5-21-360854678-2893440964-506927118-1000\...\Run: [LiveSupport] - "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log C:\Program Files\LiveSupport cmd: ipconfig /flushdns` 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. Preuzmi TDSSKiller i sacuvaj ga na Desktop Dvoklikom pokreni TDSSKiller.exe ... klikni na dugme Start Scan Ukoliko sumnjive stavke Suspicious object budu detektovani, podrazumevana opcija (default action) jeste Skip, klikni na Continue. Ukoliko maliciozni objekti Malicious objects budu detektovani, izaberi opciju Cure. Okaci mi sadrzaj log-a sa sledece lokacije: C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt (DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vreme kada je log napravljen)[/quote]

Profil

crusher Poslao: 25 Feb 2014 18:04 Idi na vrh
offline crusher Ugledni građanin Pridružio: 15 Maj 2012 Poruke: 396	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Evo log iz FRST-a. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-02-2014 01 Ran by Gruja at 2014-02-25 18:00:36 Run:1 Running from C:\Users\Gruja\Downloads Boot Mode: Normal ============================================== Content of fixlist: *************** HKU\S-1-5-21-360854678-2893440964-506927118-1000\...\Run: [LiveSupport] - "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log C:\Program Files\LiveSupport cmd: ipconfig /flushdns *************** HKU\S-1-5-21-360854678-2893440964-506927118-1000\Software\Microsoft\Windows\CurrentVersion\Run\\LiveSupport => Value deleted successfully. "C:\Program Files\LiveSupport" => File/Directory not found. ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ==== End of Fixlog ==== https://www.mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 25 Feb 2014 18:14 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Racunar je cist, da li i dalje imas probleme?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Usporen komp i net

Ko je trenutno na forumu

Ukupno su 856 korisnika na forumu :: 8 registrovanih, 1 sakriven i 847 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: comi_pfc, draggan, pein, prle122, Shilok, stalja, zlaya011, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by