MyCity » Ambulanta -> Arhiva Ambulante » Usporen rad racunara

Usporen rad racunara

Napisano na dan: 24.2.2013
1

Usporen rad racunara
Sledeća strana Pagination

Idi na vrh

Poslao: 24 Feb 2013 01:35
Idi na vrh
offline
  • bucho 
  • Novi MyCity građanin
  • Pridružio: 23 Feb 2013
  • Poruke: 7

Racunar je poceo da radi usporeno pre par dana, treba mu znatno vise vremena da otvori bilo koij program, ukljucujuci i sajtove na internetu.
Avast nije detektovao zarazene fajlove, kao ni avg koji je trenutno instaliran.
Kablovski internet, download 10 Mbps, upload 1 Mbps.

DDS log:
DDS (Ver_2012-11-05.02) - NTFS_x86
Internet Explorer: 9.0.8112.16464
Run by Bucho at 23:34:43 on 2013-02-23
Microsoft Windows 7 Starter 6.1.7601.1.1250.381.1033.18.1014.121 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\System32\spoolsv.exe
C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\AsusService.exe
C:\windows\system32\Dwm.exe
C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\windows\Explorer.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\Program Files\ASUS\CapsHook\CapsHook.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files\Winamp\winampa.exe
C:\ProgramData\Telenor Internet\OnlineUpdate\ouc.exe
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
C:\ExpressGateUtil\VAWinService.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
C:\windows\system32\conhost.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\syncables\syncables desktop\syncables.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\syncables\syncables desktop\syncablesMAPI.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bigseekpro.com/howfytdl/{91F205C8-1A9A-4000-540F-8798B36A5047}
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://www.bigseekpro.com/howfytdl/{91F205C8-1A9A-4000-540F-8798B36A5047}
uProxyOverride = <local>
uWinlogon: Shell = c:\program files\oceanis\systemsetting\WallPaperAgent.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\program files\trend micro\amsp\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO: Windows 7 Starter Helper: {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - c:\program files\oceanis\systemsetting\StarterHelper.dll
uRun: [Syncables] c:\program files\syncables\syncables desktop\Syncables.exe
uRun: [Google Update] "c:\users\bucho\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Akamai NetSession Interface] "c:\users\bucho\appdata\local\akamai\netsession_win.exe"
mRun: [ETDWare] c:\program files\elantech\ETDCtrl.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [HotkeyMon] AsusSender.exe c:\program files\asus\hotkeyservice\HotKeyMon.exe
mRun: [HotkeyService] AsusSender.exe c:\program files\asus\hotkeyservice\HotkeyService.exe
mRun: [SuperHybridEngine] AsusSender.exe c:\program files\asus\she\SuperHybridEngine.exe
mRun: [LiveUpdate] AsusSender.exe c:\program files\asus\liveupdate\LiveUpdate.exe auto
mRun: [CapsHook] AsusSender.exe c:\program files\asus\capshook\CapsHook.exe
mRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exe autorun
mRun: [VizorHtmlDialog.exe] "c:\program files\trend micro\titanium\uiframework\vizorhtmldialog.exe" "def" "eula" "c:\program files\trend micro\titanium\ui\installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
mRun: [Trend Micro Client Framework] "c:\program files\trend micro\uniclient\uifrmwrk\UIWatchDog.exe"
mRun: [Trend Micro Titanium] c:\program files\trend micro\titanium\VizorShortCut.exe -ReFlush "none" "none"
mRun: [VAWinAgent] c:\expressgateutil\VAWinAgent.exe
mRun: [ASUSPRP] c:\program files\asus\aprp\APRP.EXE
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\asusvi~1.lnk - c:\program files\asus\asusvibe\AsusVibeLauncher.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office11\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 89.216.1.30 89.216.1.50
TCP: Interfaces\{1A7FF3FF-7BD4-4185-A6CD-D365A5E983DA} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{2501088A-0497-4F1A-A492-BC2E5BA76F5A} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{53AD1D5B-D900-420A-AB7A-5F21E43CCD1A} : DHCPNameServer = 89.216.1.30 89.216.1.50
TCP: Interfaces\{70031DFF-CAB9-4FFC-9065-C364481017DE} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{98BA0A08-9140-48EA-8CC9-8F5435C75942} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{C069A5CA-2AD4-40F8-AF3B-88AE8174B6A5} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{DD5697A3-F93B-4ECB-842F-1A2B1B70AFFA} : NameServer = 217.65.192.101 217.65.192.102
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\amsp\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-11-15 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2011-5-5 11832]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-12-6 109960]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-7-26 73216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-12-6 68208]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-7-26 102784]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\drivers\ewusbwwan.sys [2012-7-26 353280]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-5-5 39272]
.
=============== Created Last 30 ================
.
2013-02-23 15:06:55 -------- d-----w- c:\users\bucho\appdata\roaming\AVG2013
2013-02-23 15:01:46 -------- d-----w- c:\users\bucho\appdata\roaming\TuneUp Software
2013-02-23 14:59:08 -------- d--h--w- C:\$AVG
2013-02-23 14:59:08 -------- d-----w- c:\programdata\AVG2013
2013-02-23 14:57:32 -------- d-----w- c:\program files\AVG
2013-02-23 14:49:59 -------- d-----w- c:\users\bucho\appdata\local\MFAData
2013-02-23 14:49:59 -------- d-----w- c:\users\bucho\appdata\local\Avg2013
2013-02-23 14:49:59 -------- d-----w- c:\programdata\MFAData
2013-02-22 19:15:08 -------- d-----w- c:\programdata\AVAST Software
2013-02-22 19:15:08 -------- d-----w- c:\program files\AVAST Software
2013-02-22 10:41:51 6954968 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{3003c3ab-7f1b-410e-bcf5-7830f087f8f0}\mpengine.dll
2013-02-12 19:27:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-12 19:27:03 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-12 19:27:03 194048 ----a-w- c:\program files\internet explorer\IEShims.dll
2013-02-12 19:27:03 149528 ----a-w- c:\program files\internet explorer\sqmapi.dll
2013-02-12 19:27:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-12 19:27:01 194560 ----a-w- c:\program files\internet explorer\ieproxy.dll
2013-02-12 19:27:00 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-12 19:26:59 757280 ----a-w- c:\program files\internet explorer\iexplore.exe
2013-02-12 19:26:59 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-12 19:26:58 387584 ----a-w- c:\program files\internet explorer\jsdbgui.dll
2013-02-12 19:26:57 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll
2013-02-12 19:26:57 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-12 19:26:47 768000 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-12 18:49:49 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-12 18:49:31 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-12 18:49:29 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-12 18:49:28 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-12 18:49:27 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 18:49:21 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-29 14:41:13 -------- d-----w- c:\users\bucho\appdata\local\{CB0BF7C5-261B-43DB-AC6F-DA9559AF32DC}
.
==================== Find3M ====================
.
2013-02-04 11:47:49 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-04 11:47:49 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 23:38:15,75 ===============

mycity.rs/must-login.png

Gmer fajlovi:


mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

Pozdrav!

Poslao: 24 Feb 2013 10:44
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pozdrav i dobrodosao na forum.


Ovako, sto se tice malware-a racunar je cist, medjutim imas dva Antivirusa i to je problem.
Deinstaliraj preko Programs and Features > Trend Micro Titanium.

Zatim isprati uputstvo sa donjeg linka.

Uputstvo




Arrow
Pokreni ponovo DDS i iskopiraj sadrzaj DDS.txt izvestaja na forum.

Poslao: 24 Feb 2013 11:26
Idi na vrh
offline
  • bucho 
  • Novi MyCity građanin
  • Pridružio: 23 Feb 2013
  • Poruke: 7

Napisano: 24 Feb 2013 11:25

arguse,
hvala na dobrodoslici i brzom odgovoru Smile

kad unistaliram program iz programs and featurs stigne do nekih 80ak posto i dobijem gresku (slika1):



radeci uputstvo sa linka sto si mi poslao odradi sve.

DDS log:
DDS (Ver_2012-11-05.02) - NTFS_x86
Internet Explorer: 9.0.8112.16464
Run by Bucho at 11:19:59 on 2013-02-24
Microsoft Windows 7 Starter 6.1.7601.1.1250.381.1033.18.1014.62 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\System32\spoolsv.exe
C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
C:\windows\system32\AsusService.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
C:\windows\system32\taskhost.exe
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\windows\system32\Dwm.exe
C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\windows\Explorer.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\ProgramData\Telenor Internet\OnlineUpdate\ouc.exe
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
C:\ExpressGateUtil\VAWinService.exe
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
C:\windows\system32\conhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\Program Files\ASUS\CapsHook\CapsHook.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files\Winamp\winampa.exe
C:\windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\syncables\syncables desktop\syncables.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\syncables\syncables desktop\jre\bin\javaw.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\syncables\syncables desktop\syncablesMAPI.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bigseekpro.com/howfytdl/{91F205C8-1A9A-4000-540F-8798B36A5047}
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://www.bigseekpro.com/howfytdl/{91F205C8-1A9A-4000-540F-8798B36A5047}
uProxyOverride = <local>
uWinlogon: Shell = c:\program files\oceanis\systemsetting\WallPaperAgent.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\program files\trend micro\amsp\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO: Windows 7 Starter Helper: {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - c:\program files\oceanis\systemsetting\StarterHelper.dll
uRun: [Syncables] c:\program files\syncables\syncables desktop\Syncables.exe
uRun: [Google Update] "c:\users\bucho\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Akamai NetSession Interface] "c:\users\bucho\appdata\local\akamai\netsession_win.exe"
mRun: [ETDWare] c:\program files\elantech\ETDCtrl.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [HotkeyMon] AsusSender.exe c:\program files\asus\hotkeyservice\HotKeyMon.exe
mRun: [HotkeyService] AsusSender.exe c:\program files\asus\hotkeyservice\HotkeyService.exe
mRun: [SuperHybridEngine] AsusSender.exe c:\program files\asus\she\SuperHybridEngine.exe
mRun: [LiveUpdate] AsusSender.exe c:\program files\asus\liveupdate\LiveUpdate.exe auto
mRun: [CapsHook] AsusSender.exe c:\program files\asus\capshook\CapsHook.exe
mRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exe autorun
mRun: [VizorHtmlDialog.exe] "c:\program files\trend micro\titanium\uiframework\vizorhtmldialog.exe" "def" "eula" "c:\program files\trend micro\titanium\ui\installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
mRun: [Trend Micro Client Framework] "c:\program files\trend micro\uniclient\uifrmwrk\UIWatchDog.exe"
mRun: [Trend Micro Titanium] c:\program files\trend micro\titanium\VizorShortCut.exe -ReFlush "none" "none"
mRun: [VAWinAgent] c:\expressgateutil\VAWinAgent.exe
mRun: [ASUSPRP] c:\program files\asus\aprp\APRP.EXE
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\asusvi~1.lnk - c:\program files\asus\asusvibe\AsusVibeLauncher.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office11\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 89.216.1.30 89.216.1.50
TCP: Interfaces\{1A7FF3FF-7BD4-4185-A6CD-D365A5E983DA} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{2501088A-0497-4F1A-A492-BC2E5BA76F5A} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{53AD1D5B-D900-420A-AB7A-5F21E43CCD1A} : DHCPNameServer = 89.216.1.30 89.216.1.50
TCP: Interfaces\{70031DFF-CAB9-4FFC-9065-C364481017DE} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{98BA0A08-9140-48EA-8CC9-8F5435C75942} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{C069A5CA-2AD4-40F8-AF3B-88AE8174B6A5} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{DD5697A3-F93B-4ECB-842F-1A2B1B70AFFA} : NameServer = 217.65.192.101 217.65.192.102
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\amsp\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-11-15 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2011-5-5 11832]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
R2 ASUS InstantOn;ASUS InstantOn Service;c:\program files\common files\instanton\InsOnSrv.exe [2011-6-2 64128]
R2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2011-5-5 224680]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-11-28 2848168]
R2 TiMiniService;TiMiniService;c:\program files\trend micro\titanium\TiMiniService.exe [2011-4-2 161104]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-1-13 91464]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-12-6 109960]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-7-26 73216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-12-6 68208]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S2 Telenor Internet. RunOuc;Telenor Internet. OUC;c:\program files\telenor internet\updatedog\ouc.exe [2012-7-26 246112]
S3 Amsp;Trend Micro Solution Platform;c:\program files\trend micro\amsp\coreServiceShell.exe [2011-5-5 196320]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-7-26 102784]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\drivers\ewusbwwan.sys [2012-7-26 353280]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-5-5 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-11 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2011-2-11 27264]
S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-22 81704]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-23 51040]
.
=============== Created Last 30 ================
.
2013-02-23 15:06:55 -------- d-----w- c:\users\bucho\appdata\roaming\AVG2013
2013-02-23 15:01:46 -------- d-----w- c:\users\bucho\appdata\roaming\TuneUp Software
2013-02-23 14:59:08 -------- d--h--w- C:\$AVG
2013-02-23 14:59:08 -------- d-----w- c:\programdata\AVG2013
2013-02-23 14:57:32 -------- d-----w- c:\program files\AVG
2013-02-23 14:49:59 -------- d-----w- c:\users\bucho\appdata\local\MFAData
2013-02-23 14:49:59 -------- d-----w- c:\users\bucho\appdata\local\Avg2013
2013-02-23 14:49:59 -------- d-----w- c:\programdata\MFAData
2013-02-22 19:15:08 -------- d-----w- c:\programdata\AVAST Software
2013-02-22 19:15:08 -------- d-----w- c:\program files\AVAST Software
2013-02-22 10:41:51 6954968 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{3003c3ab-7f1b-410e-bcf5-7830f087f8f0}\mpengine.dll
2013-02-12 19:27:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-12 19:27:03 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-12 19:27:03 194048 ----a-w- c:\program files\internet explorer\IEShims.dll
2013-02-12 19:27:03 149528 ----a-w- c:\program files\internet explorer\sqmapi.dll
2013-02-12 19:27:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-12 19:27:01 194560 ----a-w- c:\program files\internet explorer\ieproxy.dll
2013-02-12 19:27:00 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-12 19:26:59 757280 ----a-w- c:\program files\internet explorer\iexplore.exe
2013-02-12 19:26:59 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-12 19:26:58 387584 ----a-w- c:\program files\internet explorer\jsdbgui.dll
2013-02-12 19:26:57 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll
2013-02-12 19:26:57 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-12 19:26:47 768000 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-12 18:49:49 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-12 18:49:31 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-12 18:49:29 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-12 18:49:28 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-12 18:49:27 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 18:49:21 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-29 14:41:13 -------- d-----w- c:\users\bucho\appdata\local\{CB0BF7C5-261B-43DB-AC6F-DA9559AF32DC}
.
==================== Find3M ====================
.
2013-02-04 11:47:49 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-04 11:47:49 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 11:22:19,71 ===============

Poslao: 24 Feb 2013 11:48
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Ne valja, eksperimentisao si sa Antivirusima i napravio sam sebi problem bez potrebe.

Moraces da deinstaliras i AVG pa onda Trend Micro.

Za AVG vazi isti postupak, znaci regularna deinstalacija preko Windows alata, a zatim pokreni Remover za ostatke.
http://www.avg.com/ww-en/utilities

Zatim ponovi postupak za Trend Micro.


I obavezno novi izvestaj DDS alata.

Poslao: 24 Feb 2013 14:18
Idi na vrh
offline
  • bucho 
  • Novi MyCity građanin
  • Pridružio: 23 Feb 2013
  • Poruke: 7

avg je uklonjen noramalno, ali za trend prijavljuje istu gresku opet.

novi dds log:
DDS (Ver_2012-11-05.02) - NTFS_x86
Internet Explorer: 9.0.8112.16464
Run by Bucho at 14:12:53 on 2013-02-24
Microsoft Windows 7 Starter 6.1.7601.1.1250.381.1033.18.1014.189 [GMT 1:00]
.
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
C:\windows\system32\AsusService.exe
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\ProgramData\Telenor Internet\OnlineUpdate\ouc.exe
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
C:\ExpressGateUtil\VAWinService.exe
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\conhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\Dwm.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\Explorer.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\Program Files\ASUS\CapsHook\CapsHook.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\syncables\syncables desktop\syncables.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\syncables\syncables desktop\jre\bin\javaw.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\syncables\syncables desktop\syncablesMAPI.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\sppsvc.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bigseekpro.com/howfytdl/{91F205C8-1A9A-4000-540F-8798B36A5047}
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://www.bigseekpro.com/howfytdl/{91F205C8-1A9A-4000-540F-8798B36A5047}
uProxyOverride = <local>
uWinlogon: Shell = c:\program files\oceanis\systemsetting\WallPaperAgent.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\program files\trend micro\amsp\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO: Windows 7 Starter Helper: {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - c:\program files\oceanis\systemsetting\StarterHelper.dll
uRun: [Syncables] c:\program files\syncables\syncables desktop\Syncables.exe
uRun: [Google Update] "c:\users\bucho\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Akamai NetSession Interface] "c:\users\bucho\appdata\local\akamai\netsession_win.exe"
mRun: [ETDWare] c:\program files\elantech\ETDCtrl.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [HotkeyMon] AsusSender.exe c:\program files\asus\hotkeyservice\HotKeyMon.exe
mRun: [HotkeyService] AsusSender.exe c:\program files\asus\hotkeyservice\HotkeyService.exe
mRun: [SuperHybridEngine] AsusSender.exe c:\program files\asus\she\SuperHybridEngine.exe
mRun: [LiveUpdate] AsusSender.exe c:\program files\asus\liveupdate\LiveUpdate.exe auto
mRun: [CapsHook] AsusSender.exe c:\program files\asus\capshook\CapsHook.exe
mRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exe autorun
mRun: [VizorHtmlDialog.exe] "c:\program files\trend micro\titanium\uiframework\vizorhtmldialog.exe" "def" "eula" "c:\program files\trend micro\titanium\ui\installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
mRun: [Trend Micro Client Framework] "c:\program files\trend micro\uniclient\uifrmwrk\UIWatchDog.exe"
mRun: [Trend Micro Titanium] c:\program files\trend micro\titanium\VizorShortCut.exe -ReFlush "none" "none"
mRun: [VAWinAgent] c:\expressgateutil\VAWinAgent.exe
mRun: [ASUSPRP] c:\program files\asus\aprp\APRP.EXE
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\asusvi~1.lnk - c:\program files\asus\asusvibe\AsusVibeLauncher.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office11\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 89.216.1.30 89.216.1.50
TCP: Interfaces\{1A7FF3FF-7BD4-4185-A6CD-D365A5E983DA} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{2501088A-0497-4F1A-A492-BC2E5BA76F5A} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{53AD1D5B-D900-420A-AB7A-5F21E43CCD1A} : DHCPNameServer = 89.216.1.30 89.216.1.50
TCP: Interfaces\{70031DFF-CAB9-4FFC-9065-C364481017DE} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{98BA0A08-9140-48EA-8CC9-8F5435C75942} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{C069A5CA-2AD4-40F8-AF3B-88AE8174B6A5} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{DD5697A3-F93B-4ECB-842F-1A2B1B70AFFA} : NameServer = 217.65.192.101 217.65.192.102
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\amsp\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2011-5-5 11832]
R2 ASUS InstantOn;ASUS InstantOn Service;c:\program files\common files\instanton\InsOnSrv.exe [2011-6-2 64128]
R2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2011-5-5 224680]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-11-28 2848168]
R2 TiMiniService;TiMiniService;c:\program files\trend micro\titanium\TiMiniService.exe [2011-4-2 161104]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-1-13 91464]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-12-6 109960]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-7-26 73216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-12-6 68208]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S2 Telenor Internet. RunOuc;Telenor Internet. OUC;c:\program files\telenor internet\updatedog\ouc.exe [2012-7-26 246112]
S3 Amsp;Trend Micro Solution Platform;c:\program files\trend micro\amsp\coreServiceShell.exe [2011-5-5 196320]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-7-26 102784]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\drivers\ewusbwwan.sys [2012-7-26 353280]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-5-5 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-11 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2011-2-11 27264]
S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-22 81704]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-23 51040]
.
=============== Created Last 30 ================
.
2013-02-23 15:01:46 -------- d-----w- c:\users\bucho\appdata\roaming\TuneUp Software
2013-02-22 19:15:08 -------- d-----w- c:\programdata\AVAST Software
2013-02-22 19:15:08 -------- d-----w- c:\program files\AVAST Software
2013-02-22 10:41:51 6954968 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{3003c3ab-7f1b-410e-bcf5-7830f087f8f0}\mpengine.dll
2013-02-12 19:27:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-12 19:27:03 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-12 19:27:03 194048 ----a-w- c:\program files\internet explorer\IEShims.dll
2013-02-12 19:27:03 149528 ----a-w- c:\program files\internet explorer\sqmapi.dll
2013-02-12 19:27:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-12 19:27:01 194560 ----a-w- c:\program files\internet explorer\ieproxy.dll
2013-02-12 19:27:00 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-12 19:26:59 757280 ----a-w- c:\program files\internet explorer\iexplore.exe
2013-02-12 19:26:59 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-12 19:26:58 387584 ----a-w- c:\program files\internet explorer\jsdbgui.dll
2013-02-12 19:26:57 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll
2013-02-12 19:26:57 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-12 19:26:47 768000 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-12 18:49:49 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-12 18:49:31 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-12 18:49:29 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-12 18:49:28 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-12 18:49:27 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 18:49:21 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-29 14:41:13 -------- d-----w- c:\users\bucho\appdata\local\{CB0BF7C5-261B-43DB-AC6F-DA9559AF32DC}
.
==================== Find3M ====================
.
2013-02-04 11:47:49 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-04 11:47:49 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 14:14:29,36 ===============

Poslao: 24 Feb 2013 14:29
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Ok, AVG je uklonjen ali TM nije.

Pokusaj ovim alatom da ga uklonis.

Preuzmi AppRemover (~ 6MB) na Desktop.
Pokreni ga dvoklikom.

Posle samo prati uputstvo.

Poslao: 24 Feb 2013 20:10
Idi na vrh
offline
  • bucho 
  • Novi MyCity građanin
  • Pridružio: 23 Feb 2013
  • Poruke: 7

Nece, tj kad pokrenem program detektuje samo utorrent, nista vise. Pokusao sam i da uklonim utorrent pa da vidim da li ce posle toga nesto da detektuje, ali nista ne detektuje.

Poslao: 24 Feb 2013 21:16
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pokusaj da ponovo instaliras Trend Micro, pa onda da ga deinstaliras.

Poslao: 25 Feb 2013 23:55
Idi na vrh
offline
  • bucho 
  • Novi MyCity građanin
  • Pridružio: 23 Feb 2013
  • Poruke: 7

Napisano: 25 Feb 2013 1:05

mislim da sam uspeo nekako da ga ukolonim, u programs and featurs vise ga nema a u start meniu imaju samo shortcut-ovi koji ne rade.

novi DDS log:
DDS (Ver_2012-11-05.02) - NTFS_x86
Internet Explorer: 9.0.8112.16464
Run by Bucho at 1:02:31 on 2013-02-25
Microsoft Windows 7 Starter 6.1.7601.1.1250.381.1033.18.1014.114 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\AsusService.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
C:\windows\system32\Dwm.exe
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\windows\Explorer.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\ProgramData\Telenor Internet\OnlineUpdate\ouc.exe
C:\ExpressGateUtil\VAWinService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
C:\Program Files\ASUS\CapsHook\CapsHook.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\syncables\syncables desktop\syncables.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\syncables\syncables desktop\jre\bin\javaw.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\syncables\syncables desktop\syncablesMAPI.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\sppsvc.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bigseekpro.com/howfytdl/{91F205C8-1A9A-4000-540F-8798B36A5047}
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://www.bigseekpro.com/howfytdl/{91F205C8-1A9A-4000-540F-8798B36A5047}
uProxyOverride = <local>
uWinlogon: Shell = c:\program files\oceanis\systemsetting\WallPaperAgent.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -
BHO: Windows 7 Starter Helper: {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - c:\program files\oceanis\systemsetting\StarterHelper.dll
uRun: [Syncables] c:\program files\syncables\syncables desktop\Syncables.exe
uRun: [Google Update] "c:\users\bucho\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Akamai NetSession Interface] "c:\users\bucho\appdata\local\akamai\netsession_win.exe"
mRun: [ETDWare] c:\program files\elantech\ETDCtrl.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [HotkeyMon] AsusSender.exe c:\program files\asus\hotkeyservice\HotKeyMon.exe
mRun: [HotkeyService] AsusSender.exe c:\program files\asus\hotkeyservice\HotkeyService.exe
mRun: [SuperHybridEngine] AsusSender.exe c:\program files\asus\she\SuperHybridEngine.exe
mRun: [LiveUpdate] AsusSender.exe c:\program files\asus\liveupdate\LiveUpdate.exe auto
mRun: [CapsHook] AsusSender.exe c:\program files\asus\capshook\CapsHook.exe
mRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exe autorun
mRun: [VizorHtmlDialog.exe] "c:\program files\trend micro\titanium\uiframework\vizorhtmldialog.exe" "def" "eula" "c:\program files\trend micro\titanium\ui\installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
mRun: [Trend Micro Client Framework] "c:\program files\trend micro\uniclient\uifrmwrk\UIWatchDog.exe"
mRun: [Trend Micro Titanium] c:\program files\trend micro\titanium\VizorShortCut.exe -ReFlush "none" "none"
mRun: [VAWinAgent] c:\expressgateutil\VAWinAgent.exe
mRun: [ASUSPRP] c:\program files\asus\aprp\APRP.EXE
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\asusvi~1.lnk - c:\program files\asus\asusvibe\AsusVibeLauncher.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office11\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 89.216.1.30 89.216.1.50
TCP: Interfaces\{1A7FF3FF-7BD4-4185-A6CD-D365A5E983DA} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{2501088A-0497-4F1A-A492-BC2E5BA76F5A} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{53AD1D5B-D900-420A-AB7A-5F21E43CCD1A} : DHCPNameServer = 89.216.1.30 89.216.1.50
TCP: Interfaces\{70031DFF-CAB9-4FFC-9065-C364481017DE} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{98BA0A08-9140-48EA-8CC9-8F5435C75942} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{C069A5CA-2AD4-40F8-AF3B-88AE8174B6A5} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{DD5697A3-F93B-4ECB-842F-1A2B1B70AFFA} : NameServer = 217.65.192.101 217.65.192.102
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2011-5-5 11832]
R2 ASUS InstantOn;ASUS InstantOn Service;c:\program files\common files\instanton\InsOnSrv.exe [2011-6-2 64128]
R2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2011-5-5 224680]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-11-28 2848168]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-1-13 91464]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-12-6 109960]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-7-26 73216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-12-6 68208]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S2 Telenor Internet. RunOuc;Telenor Internet. OUC;c:\program files\telenor internet\updatedog\ouc.exe [2012-7-26 246112]
S2 TiMiniService;TiMiniService;c:\program files\trend micro\titanium\timiniservice.exe --> c:\program files\trend micro\titanium\TiMiniService.exe [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-7-26 102784]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\drivers\ewusbwwan.sys [2012-7-26 353280]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-5-5 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-11 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2011-2-11 27264]
S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-22 81704]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-23 51040]
.
=============== Created Last 30 ================
.
2013-02-23 15:01:46 -------- d-----w- c:\users\bucho\appdata\roaming\TuneUp Software
2013-02-22 19:15:08 -------- d-----w- c:\programdata\AVAST Software
2013-02-22 19:15:08 -------- d-----w- c:\program files\AVAST Software
2013-02-22 10:41:51 6954968 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{3003c3ab-7f1b-410e-bcf5-7830f087f8f0}\mpengine.dll
2013-02-12 19:27:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-12 19:27:03 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-12 19:27:03 194048 ----a-w- c:\program files\internet explorer\IEShims.dll
2013-02-12 19:27:03 149528 ----a-w- c:\program files\internet explorer\sqmapi.dll
2013-02-12 19:27:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-12 19:27:01 194560 ----a-w- c:\program files\internet explorer\ieproxy.dll
2013-02-12 19:27:00 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-12 19:26:59 757280 ----a-w- c:\program files\internet explorer\iexplore.exe
2013-02-12 19:26:59 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-12 19:26:58 387584 ----a-w- c:\program files\internet explorer\jsdbgui.dll
2013-02-12 19:26:57 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll
2013-02-12 19:26:57 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-12 19:26:47 768000 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-12 18:49:49 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-12 18:49:31 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-12 18:49:29 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-12 18:49:28 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-12 18:49:27 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 18:49:21 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-29 14:41:13 -------- d-----w- c:\users\bucho\appdata\local\{CB0BF7C5-261B-43DB-AC6F-DA9559AF32DC}
.
==================== Find3M ====================
.
2013-02-04 11:47:49 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-04 11:47:49 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 1:03:50,63 ===============

Dopuna: 25 Feb 2013 23:55

mislim da sam nekako uspeo da ga otklonim.

dds log:
DDS (Ver_2012-11-05.02) - NTFS_x86
Internet Explorer: 9.0.8112.16464
Run by Bucho at 23:53:03 on 2013-02-25
Microsoft Windows 7 Starter 6.1.7601.1.1250.381.1033.18.1014.255 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\Program Files\ExpressFiles\EFUpdater.exe
C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe
C:\windows\system32\AsusService.exe
C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\windows\Explorer.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\ProgramData\Telenor Internet\OnlineUpdate\ouc.exe
C:\ExpressGateUtil\VAWinService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Yontoo\Y2Desktop.Updater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ASUS\CapsHook\CapsHook.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\syncables\syncables desktop\syncables.exe
C:\Users\Bucho\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Program Files\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\syncables\syncables desktop\syncablesMAPI.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Users\Bucho\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchnu.com/406
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://www.bigseekpro.com/howfytdl/{91F205C8-1A9A-4000-540F-8798B36A5047}
uProxyOverride = <local>
uURLSearchHooks: express-files Toolbar: {88ac3cb6-596b-4217-964c-b6757ef9602d} - c:\program files\express-files\prxtbexpr.dll
mURLSearchHooks: express-files Toolbar: {88ac3cb6-596b-4217-964c-b6757ef9602d} - c:\program files\express-files\prxtbexpr.dll
uWinlogon: Shell = c:\program files\oceanis\systemsetting\WallPaperAgent.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: express-files Toolbar: {88ac3cb6-596b-4217-964c-b6757ef9602d} - c:\program files\express-files\prxtbexpr.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -
BHO: Windows 7 Starter Helper: {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - c:\program files\oceanis\systemsetting\StarterHelper.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\yontoo\YontooIEClient.dll
TB: express-files Toolbar: {88ac3cb6-596b-4217-964c-b6757ef9602d} - c:\program files\express-files\prxtbexpr.dll
uRun: [Syncables] c:\program files\syncables\syncables desktop\Syncables.exe
uRun: [Google Update] "c:\users\bucho\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Akamai NetSession Interface] "c:\users\bucho\appdata\local\akamai\netsession_win.exe"
uRun: [Yontoo Desktop] "c:\users\bucho\appdata\roaming\yontoo\YontooDesktop.exe"
mRun: [ETDWare] c:\program files\elantech\ETDCtrl.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [HotkeyMon] AsusSender.exe c:\program files\asus\hotkeyservice\HotKeyMon.exe
mRun: [HotkeyService] AsusSender.exe c:\program files\asus\hotkeyservice\HotkeyService.exe
mRun: [SuperHybridEngine] AsusSender.exe c:\program files\asus\she\SuperHybridEngine.exe
mRun: [LiveUpdate] AsusSender.exe c:\program files\asus\liveupdate\LiveUpdate.exe auto
mRun: [CapsHook] AsusSender.exe c:\program files\asus\capshook\CapsHook.exe
mRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exe autorun
mRun: [VizorHtmlDialog.exe] "c:\program files\trend micro\titanium\uiframework\vizorhtmldialog.exe" "def" "eula" "c:\program files\trend micro\titanium\ui\installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
mRun: [VAWinAgent] c:\expressgateutil\VAWinAgent.exe
mRun: [ASUSPRP] c:\program files\asus\aprp\APRP.EXE
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\asusvi~1.lnk - c:\program files\asus\asusvibe\AsusVibeLauncher.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office11\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 89.216.1.30 89.216.1.50
TCP: Interfaces\{1A7FF3FF-7BD4-4185-A6CD-D365A5E983DA} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{2501088A-0497-4F1A-A492-BC2E5BA76F5A} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{53AD1D5B-D900-420A-AB7A-5F21E43CCD1A} : DHCPNameServer = 89.216.1.30 89.216.1.50
TCP: Interfaces\{70031DFF-CAB9-4FFC-9065-C364481017DE} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{98BA0A08-9140-48EA-8CC9-8F5435C75942} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{C069A5CA-2AD4-40F8-AF3B-88AE8174B6A5} : NameServer = 217.65.192.101 217.65.192.102
TCP: Interfaces\{DD5697A3-F93B-4ECB-842F-1A2B1B70AFFA} : NameServer = 217.65.192.101 217.65.192.102
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2011-5-5 11832]
R2 ASUS InstantOn;ASUS InstantOn Service;c:\program files\common files\instanton\InsOnSrv.exe [2011-6-2 64128]
R2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2011-5-5 224680]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-11-28 2848168]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-1-13 91464]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-12-6 109960]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-7-26 73216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-12-6 68208]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S2 Telenor Internet. RunOuc;Telenor Internet. OUC;c:\program files\telenor internet\updatedog\ouc.exe [2012-7-26 246112]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-7-26 102784]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\drivers\ewusbwwan.sys [2012-7-26 353280]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-5-5 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-11 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2011-2-11 27264]
S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-22 81704]
.
=============== Created Last 30 ================
.
2013-02-25 18:08:09 -------- d-----w- C:\_OTM
2013-02-25 15:08:16 -------- d-----w- c:\programdata\Browser Manager
2013-02-25 12:38:44 -------- d-----w- c:\programdata\boost_interprocess
2013-02-25 12:36:11 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{3003c3ab-7f1b-410e-bcf5-7830f087f8f0}\offreg.dll
2013-02-25 12:35:44 -------- d-----w- c:\users\bucho\appdata\local\Bundled software uninstaller
2013-02-25 12:28:53 -------- d-----w- c:\program files\Conduit
2013-02-25 12:28:48 -------- d-----w- c:\users\bucho\appdata\local\Conduit
2013-02-25 12:28:44 -------- d-----w- c:\program files\express-files
2013-02-25 12:28:36 -------- d-----w- c:\users\bucho\appdata\local\CRE
2013-02-25 12:28:08 -------- d-----w- c:\users\bucho\appdata\roaming\Yontoo
2013-02-25 12:28:07 -------- d-----w- c:\program files\Yontoo
2013-02-25 12:27:45 -------- d-----w- c:\program files\ExpressFiles
2013-02-23 15:01:46 -------- d-----w- c:\users\bucho\appdata\roaming\TuneUp Software
2013-02-22 19:15:08 -------- d-----w- c:\programdata\AVAST Software
2013-02-22 19:15:08 -------- d-----w- c:\program files\AVAST Software
2013-02-22 10:41:51 6954968 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{3003c3ab-7f1b-410e-bcf5-7830f087f8f0}\mpengine.dll
2013-02-12 19:27:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-12 19:27:03 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-12 19:27:03 194048 ----a-w- c:\program files\internet explorer\IEShims.dll
2013-02-12 19:27:03 149528 ----a-w- c:\program files\internet explorer\sqmapi.dll
2013-02-12 19:27:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-12 19:27:01 194560 ----a-w- c:\program files\internet explorer\ieproxy.dll
2013-02-12 19:27:00 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-12 19:26:59 757280 ----a-w- c:\program files\internet explorer\iexplore.exe
2013-02-12 19:26:59 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-12 19:26:58 387584 ----a-w- c:\program files\internet explorer\jsdbgui.dll
2013-02-12 19:26:57 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll
2013-02-12 19:26:57 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-12 19:26:47 768000 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-12 18:49:49 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-12 18:49:31 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-12 18:49:29 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-12 18:49:28 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-12 18:49:27 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 18:49:21 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-29 14:41:13 -------- d-----w- c:\users\bucho\appdata\local\{CB0BF7C5-261B-43DB-AC6F-DA9559AF32DC}
.
==================== Find3M ====================
.
2013-02-04 11:47:49 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-04 11:47:49 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 23:54:52,03 ===============

Poslao: 26 Feb 2013 00:00
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

U redu je sada, odradicemo jos jedan korak.



Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop
Dvoklikom pokreni program i klikni na dugme [Search] .
Kada program zavrsi analizu otvorice notepad sa izvestajem. Zatvori taj notepad.

Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok
Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt


..............................................


Javi kakvo je stanje odnosno kako sada radi racunar.

MyCity » Ambulanta -> Arhiva Ambulante » Usporen rad racunara

Ko je trenutno na forumu
 

Ukupno su 1243 korisnika na forumu :: 43 registrovanih, 7 sakrivenih i 1193 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., Apok, bokisha253, bolenbgd, ccoogg123, cenejac111, crnitrn, deLacy, DonRumataEstorski, Gall, Goran 0000, hyla, jackreacher011011, janbo, Joco Skljoco, Krvava Devetka, Kubovac, laurusri, Leonov, Lošmi, mercedesamg, milutin134, MrNo, nesa1962, NoOneEver Dreams, operniki, opt1, Oscar, panonski mornar, pein, procesor, raptorsi, Ripanjac, sasa87, Srle993, tubular, Tvrtko I, Valter071, xpforswodniw, šumar bk2, žeks62, 125