MyCity » Ambulanta -> Arhiva Ambulante » Valjda internet

Valjda internet

Napisano na dan: 1.6.2014

Strana:
1
2
3

Valjda internet

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

Ikac1996 Poslao: 02 Jun 2014 23:07 Idi na vrh
offline Ikac1996 Novi MyCity građanin Pridružio: 01 Jun 2014 Poruke: 23	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvini što te mučim ali ja ću na kraju da poludim totalno. Malwarebytes Anti-rootkit:error Non 7z archive

Profil

TwinHeadedEagle Poslao: 02 Jun 2014 23:18 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Idemo dalje Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku; Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata; Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata; Ako nakon restarta dobijaš grešku prilikom startovanja pojedinih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to ce rešiti problem.

Profil

Ikac1996 Poslao: 02 Jun 2014 23:47 Idi na vrh
offline Ikac1996 Novi MyCity građanin Pridružio: 01 Jun 2014 Poruke: 23	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uspelo je konačno nešto ComboFix 14-05-29.01 - win7 02.06.2014 23:26:26.1.2 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3552.2265 [GMT 2:00] Running from: c:\users\win7\Desktop\ComboFix.exe AV: avast! Antivirus Disabled/Updated {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: avast! Antivirus Disabled/Updated {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\MediaBuzzV1 c:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode4065\ch\MediaBuzzV1mode4065.crx c:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode4065\ff\chrome.manifest c:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode4065\ff\chrome\content\ffMediaBuzzV1mode4065.js c:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode4065\ff\chrome\content\ffMediaBuzzV1mode4065ffaction.js c:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode4065\ff\chrome\content\icons\default\MediaBuzzV1mode4065_32.png c:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode4065\ff\chrome\content\icons\Thumbs.db c:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode4065\ff\chrome\content\overlay.xul c:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode4065\ff\install.rdf c:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode4065\uninstall.exe c:\program files (x86)\MediaPlayerV1 c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha293\ch\MediaPlayerV1alpha293.crx c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha293\ff\chrome.manifest c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha293\ff\chrome\content\ffMediaPlayerV1alpha293.js c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha293\ff\chrome\content\ffMediaPlayerV1alpha293ffaction.js c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha293\ff\chrome\content\icons\default\MediaPlayerV1alpha293_32.png c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha293\ff\chrome\content\icons\Thumbs.db c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha293\ff\chrome\content\overlay.xul c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha293\ff\install.rdf c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha293\uninstall.exe c:\program files (x86)\MediaViewerV1 c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha1806\ch\MediaViewerV1alpha1806.crx c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha1806\ff\chrome.manifest c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha1806\ff\chrome\content\ffMediaViewerV1alpha1806.js c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha1806\ff\chrome\content\ffMediaViewerV1alpha1806ffaction.js c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha1806\ff\chrome\content\icons\default\MediaViewerV1alpha1806_32.png c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha1806\ff\chrome\content\icons\Thumbs.db c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha1806\ff\chrome\content\overlay.xul c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha1806\ff\install.rdf c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha1806\uninstall.exe c:\program files (x86)\MediaViewV1 c:\program files (x86)\MediaViewV1\MediaViewV1alpha1507\ch\MediaViewV1alpha1507.crx c:\program files (x86)\MediaViewV1\MediaViewV1alpha1507\ff\chrome.manifest c:\program files (x86)\MediaViewV1\MediaViewV1alpha1507\ff\chrome\content\ffMediaViewV1alpha1507.js c:\program files (x86)\MediaViewV1\MediaViewV1alpha1507\ff\chrome\content\ffMediaViewV1alpha1507ffaction.js c:\program files (x86)\MediaViewV1\MediaViewV1alpha1507\ff\chrome\content\icons\default\MediaViewV1alpha1507_32.png c:\program files (x86)\MediaViewV1\MediaViewV1alpha1507\ff\chrome\content\icons\Thumbs.db c:\program files (x86)\MediaViewV1\MediaViewV1alpha1507\ff\chrome\content\overlay.xul c:\program files (x86)\MediaViewV1\MediaViewV1alpha1507\ff\install.rdf c:\program files (x86)\MediaViewV1\MediaViewV1alpha1507\uninstall.exe c:\program files (x86)\MediaWatchV1 c:\program files (x86)\MediaWatchV1\MediaWatchV1home218\ch\MediaWatchV1home218.crx c:\program files (x86)\MediaWatchV1\MediaWatchV1home218\ff\chrome.manifest c:\program files (x86)\MediaWatchV1\MediaWatchV1home218\ff\chrome\content\ffMediaWatchV1home218.js c:\program files (x86)\MediaWatchV1\MediaWatchV1home218\ff\chrome\content\ffMediaWatchV1home218ffaction.js c:\program files (x86)\MediaWatchV1\MediaWatchV1home218\ff\chrome\content\icons\default\MediaWatchV1home218_32.png c:\program files (x86)\MediaWatchV1\MediaWatchV1home218\ff\chrome\content\icons\Thumbs.db c:\program files (x86)\MediaWatchV1\MediaWatchV1home218\ff\chrome\content\overlay.xul c:\program files (x86)\MediaWatchV1\MediaWatchV1home218\ff\install.rdf c:\program files (x86)\MediaWatchV1\MediaWatchV1home218\uninstall.exe c:\program files (x86)\VideoPlayerV3 c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta220\ch\VideoPlayerV3beta220.crx c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta220\ff\chrome.manifest c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta220\ff\chrome\content\ffVideoPlayerV3beta220.js c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta220\ff\chrome\content\ffVideoPlayerV3beta220ffaction.js c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta220\ff\chrome\content\icons\default\VideoPlayerV3beta220_32.png c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta220\ff\chrome\content\icons\Thumbs.db c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta220\ff\chrome\content\overlay.xul c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta220\ff\install.rdf c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta220\uninstall.exe c:\program files (x86)\WebexpEnhancedV1 c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha800\ch\WebexpEnhancedV1alpha800.crx c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha800\ff\chrome.manifest c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha800\ff\chrome\content\ffWebexpEnhancedV1alpha800.js c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha800\ff\chrome\content\ffWebexpEnhancedV1alpha800ffaction.js c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha800\ff\chrome\content\icons\default\WebexpEnhancedV1alpha800_32.png c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha800\ff\chrome\content\icons\Thumbs.db c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha800\ff\chrome\content\overlay.xul c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha800\ff\install.rdf c:\users\win7\AppData\Roaming\SearchProtect c:\users\win7\AppData\Roaming\SearchProtect\bin\ChromeModule.dll c:\users\win7\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe c:\users\win7\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll c:\users\win7\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll c:\users\win7\AppData\Roaming\SearchProtect\bin\msvcp100.dll c:\users\win7\AppData\Roaming\SearchProtect\bin\msvcr100.dll c:\users\win7\AppData\Roaming\SearchProtect\bin\rep.dat c:\users\win7\AppData\Roaming\SearchProtect\bin\SPHook32.dll c:\users\win7\AppData\Roaming\SearchProtect\bin\SPHook64.dll c:\users\win7\AppData\Roaming\SearchProtect\bin\SPRunner.exe c:\users\win7\AppData\Roaming\SearchProtect\bin\SPTool64.exe c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css c:\users\win7\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\abstraction.js c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\application.js c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\dialogsApi.js c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\jquery.min.js c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\json2.js c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.css c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.js c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\information.png c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-LTR.png c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-RTL.png c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-LTR.png c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-RTL.png c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\main.html c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\ok-button.png c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\separation-line.png c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\warning.png c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\main.html c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\SearchProtector.css c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\settings.js c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\popupTransparent.xul c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\EN c:\users\win7\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\searchProtectorData c:\users\win7\Documents\~yt28EE.tmp c:\users\win7\Documents\~yt2AD8.tmp c:\users\win7\Documents\~yt455F.tmp c:\users\win7\Documents\~yt7810.tmp c:\users\win7\Documents\~yt7DF5.tmp c:\users\win7\Documents\~yt8D5E.tmp c:\users\win7\Documents\~ytB386.tmp c:\users\win7\Documents\~ytCC05.tmp c:\users\win7\Documents\~ytE4F9.tmp c:\users\win7\Documents\~ytF733.tmp . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_DefaultTabSearch . . ((((((((((((((((((((((((( Files Created from 2014-05-02 to 2014-06-02 ))))))))))))))))))))))))))))))) . . 2014-06-02 21:36 . 2014-06-02 21:36 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-06-02 20:16 . 2014-05-19 23:18 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98737C75-6C01-439D-BD04-0CB0A7BCEF49}\mpengine.dll 2014-06-02 19:57 . 2013-07-15 01:34 9460976 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{61923D06-25B6-468D-B33B-E28765250CB3}\mpengine.dll 2014-06-02 19:55 . 2013-07-15 01:34 9460976 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AEB6FC31-0F08-4DA1-AA32-99CD03B7ABBD}\mpengine.dll 2014-06-02 19:52 . 2013-07-15 01:34 9460976 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{62A93467-8D85-49E4-874E-77FFFDD1BE02}\mpengine.dll 2014-06-02 18:48 . 2013-07-15 01:34 9460976 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E82F9949-5659-4ED6-A446-56F0DFFB4DC6}\mpengine.dll 2014-06-02 18:45 . 2014-06-02 18:45 -------- d-----w- C:\zoek_backup 2014-06-02 15:52 . 2013-07-15 01:34 9460976 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8D192F12-4C48-4045-B4D4-01EC29784BC9}\mpengine.dll 2014-06-02 08:14 . 2013-07-15 01:34 9460976 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BACA1AAD-EA0D-4888-97A2-112B3B0273B0}\mpengine.dll 2014-06-01 18:30 . 2013-07-15 01:34 9460976 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B7316ECE-898A-41B5-83AA-468C5FA7B350}\mpengine.dll 2014-05-27 22:07 . 2014-05-27 22:07 -------- d-----w- c:\programdata\InstallMate 2014-05-27 21:08 . 2013-07-15 01:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BBFC8886-82A9-48DF-B072-0E23F9B744BA}\mpengine.dll 2014-05-26 14:47 . 2014-05-26 14:50 -------- d-----w- c:\program files (x86)\Yu-Gi-Oh! Power Chaos common 2014-05-23 10:01 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F5BCE2BC-6167-41C1-8A20-D48E0A0EE7D7}\mpengine.dll 2014-05-22 10:02 . 2014-05-22 10:02 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2014-05-22 10:01 . 2014-05-22 10:01 10594416 ----a-w- c:\program files (x86)\Mozilla Firefox\icudt52.dll 2014-05-22 10:01 . 2014-05-22 10:01 965232 ----a-w- c:\program files (x86)\Mozilla Firefox\icuuc52.dll 2014-05-22 10:01 . 2014-05-22 10:01 1266800 ----a-w- c:\program files (x86)\Mozilla Firefox\icuin52.dll 2014-05-21 22:49 . 2014-05-21 22:49 -------- d-----w- c:\users\win7\AppData\Roaming\AVAST Software 2014-05-21 22:47 . 2014-05-21 22:47 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys 2014-05-21 22:47 . 2014-05-21 22:47 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys 2014-05-21 22:47 . 2014-05-21 22:47 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-05-21 22:47 . 2014-05-21 22:47 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys 2014-05-21 22:47 . 2014-05-21 22:47 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2014-05-21 22:47 . 2014-05-21 22:47 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2014-05-21 22:47 . 2014-05-21 22:47 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys 2014-05-21 22:47 . 2014-05-21 22:47 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2014-05-21 22:47 . 2014-05-21 22:47 43152 ----a-w- c:\windows\avastSS.scr 2014-05-21 22:46 . 2014-05-21 22:46 -------- d-----w- c:\program files\AVAST Software 2014-05-15 10:23 . 2014-05-15 10:23 -------- d-----w- c:\windows\CheckSur 2014-05-08 21:57 . 2014-05-08 21:57 -------- d-----w- c:\users\win7\AppData\Roaming\Publish Providers 2014-05-08 21:46 . 2014-05-08 21:49 -------- d-----w- c:\users\win7\AppData\Local\Sony 2014-05-08 21:46 . 2014-05-08 21:46 -------- d-----w- c:\programdata\Sony 2014-05-08 21:46 . 2014-05-08 21:46 -------- d-----w- c:\program files (x86)\Sony 2014-05-08 21:41 . 2014-05-09 21:06 -------- d-----w- c:\users\win7\AppData\Roaming\Sony 2014-05-06 08:06 . 2014-05-15 12:06 -------- d-s---w- c:\windows\system32\CompatTel . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-05-21 22:47 . 2013-08-07 18:12 334648 ----a-w- c:\windows\system32\aswBoot.exe 2014-05-14 13:01 . 2013-11-28 23:16 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-05-14 13:01 . 2013-11-28 23:16 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-04-29 16:00 . 2014-05-03 09:23 23133184 ----a-w- c:\windows\system32\mshtml.dll 2014-04-29 15:24 . 2014-05-03 09:23 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2014-04-29 14:14 . 2014-05-03 09:23 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb 2014-04-27 16:19 . 2013-08-16 22:29 50464 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2014-04-24 10:30 . 2014-04-25 12:00 61120 ----a-w- c:\windows\system32\drivers\{345422e3-72fa-447a-9550-97803edfacf3}Gw64.sys 2013-02-07 12:22 . 2013-02-07 12:22 50330 ----a-w- c:\program files (x86)\AntiDust.exe . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll [-] 2013-08-07 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll . [-] 2013-08-07 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll [7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0ffd0ef2-dbe9-483a-80c4-d2c331da1ce4}] 2014-05-08 22:06 249632 ----a-w- c:\program files (x86)\SecretSauce\SecretSauceBHO.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-07 17706088] "uTorrent"="c:\users\win7\AppData\Roaming\uTorrent\uTorrent.exe" [2014-04-29 1270352] "Akamai NetSession Interface"="c:\users\win7\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2014-04-27 2557976] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-01 3888648] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 aswRvrt;avast! Revert; [x] S0 aswVmm;avast! VM Monitor; [x] S1 {345422e3-72fa-447a-9550-97803edfacf3}Gw64;{345422e3-72fa-447a-9550-97803edfacf3}Gw64;c:\windows\system32\drivers\{345422e3-72fa-447a-9550-97803edfacf3}Gw64.sys;c:\windows\SYSNATIVE\drivers\{345422e3-72fa-447a-9550-97803edfacf3}Gw64.sys [x] S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x] S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x] S2 CltMngSvc;Search Protect by Conduit Updater;c:\program files (x86)\SearchProtect\bin\CltMngSvc.exe;c:\program files (x86)\SearchProtect\bin\CltMngSvc.exe [x] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x] S2 Update SecretSauce;Update SecretSauce;c:\program files (x86)\SecretSauce\updateSecretSauce.exe;c:\program files (x86)\SecretSauce\updateSecretSauce.exe [x] S2 Util SecretSauce;Util SecretSauce;c:\program files (x86)\SecretSauce\bin\utilSecretSauce.exe;c:\program files (x86)\SecretSauce\bin\utilSecretSauce.exe [x] S2 vToolbarUpdater18.1.0;vToolbarUpdater18.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [x] S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x] S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] . . --- Other Services/Drivers In Memory --- . NewlyCreated - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-05-27 21:11 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2014-06-02 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-28 13:01] . 2014-05-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-169506411-3708393231-39178482-1000Core.job - c:\users\win7\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-13 11:48] . 2014-06-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-169506411-3708393231-39178482-1000UA.job - c:\users\win7\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-13 11:48] . 2014-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07 14:29] . 2014-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07 14:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2014-05-21 22:47 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://search.conduit.com/?ctid=CT3282698&octid=CT3282698&SearchSource=61&CUI=UN21704424982530139&UM=2&UP=SP08BE8079-F11A-466D-A13E-18B4E6C33910 mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll FF - ProfilePath - c:\users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\4hcbmhpf.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282698&CUI=UN32135905601482511&UM=2&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3282698&octid=CT3282698&SearchSource=61&CUI=UN32135905601482511&UM=2&UP=SP08BE8079-F11A-466D-A13E-18B4E6C33910 FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&octid=CT1750559&CUI=UN59019329324208959&UM=1&SearchSource=2&q= FF - user.js: extensions.Softonic.hpOld0 - FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=1&cc=&mi=321197d700000000000074de2b10034a&q= FF - user.js: extensions.Softonic.id - 321197d700000000000074de2b10034a FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D} FF - user.js: extensions.Softonic.instlDay - 15958 FF - user.js: extensions.Softonic.vrsn - 1.8.19.3 FF - user.js: extensions.Softonic.vrsni - 1.8.19.3 FF - user.js: extensions.Softonic.vrsnTs - 1.8.19.314:45 FF - user.js: extensions.Softonic.prtnrId - softonic FF - user.js: extensions.Softonic.prdct - Softonic FF - user.js: extensions.Softonic.aflt - SD FF - user.js: extensions.Softonic.smplGrp - none FF - user.js: extensions.Softonic.tlbrId - 2013desingbrand FF - user.js: extensions.Softonic.instlRef - INF00176 FF - user.js: extensions.Softonic.dfltLng - FF - user.js: extensions.Softonic.excTlbr - false FF - user.js: extensions.Softonic.ffxUnstlRst - false FF - user.js: extensions.Softonic.admin - false FF - user.js: extensions.Softonic.autoRvrt - false FF - user.js: extensions.Softonic.rvrt - false FF - user.js: extensions.Softonic.hmpg - true FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=13&cc=&mi=321197d700000000000074de2b10034a FF - user.js: extensions.Softonic.dfltSrch - true FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic) FF - user.js: extensions.Softonic.kw_url - hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=2&cc=&mi=321197d700000000000074de2b10034a&q= FF - user.js: extensions.Softonic.dnsErr - true FF - user.js: extensions.Softonic.newTab - true FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00176/tb_v1/?SearchSource=15&cc=&mi=321197d700000000000074de2b10034a FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 321197d700000000000074de2b10034a FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15961 FF - user.js: extensions.delta.vrsn - 1.8.24.6 FF - user.js: extensions.delta.vrsni - 1.8.24.6 FF - user.js: extensions.delta.vrsnTs - 1.8.24.617:17 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=119776&tsp=5004 FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . - - - - ORPHANS REMOVED - - - - . BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) Toolbar-10 - (no file) Wow6432Node-HKCU-Run-AdobeBridge - (no file) Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe Wow6432Node-HKCU-Run-NextLive - c:\users\win7\AppData\Roaming\newnext.me\nengine.dll Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe Wow6432Node-HKU-Default-Run-AviraSpeedup - c:\program files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-10 - (no file) AddRemove-Better Surf Plus - c:\program files (x86)\BetterSurf\BetterSurfPlus\uninstall.exe AddRemove-MediaBuzzV1mode4065 - c:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode4065\uninstall.exe AddRemove-MediaPlayerV1alpha293 - c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha293\uninstall.exe AddRemove-MediaViewerV1alpha1806 - c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha1806\uninstall.exe AddRemove-MediaViewV1alpha1507 - c:\program files (x86)\MediaViewV1\MediaViewV1alpha1507\uninstall.exe AddRemove-MediaWatchV1home218 - c:\program files (x86)\MediaWatchV1\MediaWatchV1home218\uninstall.exe AddRemove-Video Player - c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta220\uninstall.exe AddRemove-{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} - c:\users\win7\AppData\Local\SwvUpdater\Updater.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.13" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe . ************************************************************************** . Completion time: 2014-06-02 23:43:11 - machine was rebooted ComboFix-quarantined-files.txt 2014-06-02 21:43 . Pre-Run: 61.078.859.776 bytes free Post-Run: 62.009.004.032 bytes free . - - End Of File - - 25D9DB4C64E4E9D0936607C74C4A5621 A36C5E4F47E84449FF07ED3517B43A31

Profil

TwinHeadedEagle Poslao: 03 Jun 2014 07:50 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odlicno, sada pokreni Zoek na isti nacin kao sto sam postavio u poruci na prvoj strani.

Profil

Ikac1996 Poslao: 03 Jun 2014 11:35 Idi na vrh
offline Ikac1996 Novi MyCity građanin Pridružio: 01 Jun 2014 Poruke: 23	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Opet kad pokrenem zoek restartuje mi laptop a da se ne otvori ništa bilo gde da kliknem u zoek fajl

Profil

TwinHeadedEagle Poslao: 03 Jun 2014 12:40 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: Folder:: c:\programdata\InstallMate c:\program files (x86)\SecretSauce c:\program files (x86)\SearchProtect Registry:: [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0ffd0ef2-dbe9-483a-80c4-d2c331da1ce4}] Driver:: {345422e3-72fa-447a-9550-97803edfacf3}Gw64 CltMngSvc Update SecretSauce Util SecretSauce DDS:: uStart Page = hxxp://search.conduit.com/?ctid=CT3282698&octid=CT3282698&SearchSource=61&CUI=UN21704424982530139&UM=2&UP=SP08BE8079-F11A-466D-A13E-18B4E6C33910 Firefox:: FF - ProfilePath - c:\users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\4hcbmhpf.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282698&CUI=UN32135905601482511&UM=2&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3282698&octid=CT3282698&SearchSource=61&CUI=UN32135905601482511&UM=2&UP=SP08BE8079-F11A-466D-A13E-18B4E6C33910 FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&octid=CT1750559&CUI=UN59019329324208959&UM=1&SearchSource=2&q= FF - user.js: extensions.Softonic.hpOld0 - FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=1&cc=&mi=321197d700000000000074de2b10034a&q= FF - user.js: extensions.Softonic.id - 321197d700000000000074de2b10034a FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D} FF - user.js: extensions.Softonic.instlDay - 15958 FF - user.js: extensions.Softonic.vrsn - 1.8.19.3 FF - user.js: extensions.Softonic.vrsni - 1.8.19.3 FF - user.js: extensions.Softonic.vrsnTs - 1.8.19.314:45 FF - user.js: extensions.Softonic.prtnrId - softonic FF - user.js: extensions.Softonic.prdct - Softonic FF - user.js: extensions.Softonic.aflt - SD FF - user.js: extensions.Softonic.smplGrp - none FF - user.js: extensions.Softonic.tlbrId - 2013desingbrand FF - user.js: extensions.Softonic.instlRef - INF00176 FF - user.js: extensions.Softonic.dfltLng - FF - user.js: extensions.Softonic.excTlbr - false FF - user.js: extensions.Softonic.ffxUnstlRst - false FF - user.js: extensions.Softonic.admin - false FF - user.js: extensions.Softonic.autoRvrt - false FF - user.js: extensions.Softonic.rvrt - false FF - user.js: extensions.Softonic.hmpg - true FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=13&cc=&mi=321197d700000000000074de2b10034a FF - user.js: extensions.Softonic.dfltSrch - true FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic) FF - user.js: extensions.Softonic.kw_url - hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=2&cc=&mi=321197d700000000000074de2b10034a&q= FF - user.js: extensions.Softonic.dnsErr - true FF - user.js: extensions.Softonic.newTab - true FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00176/tb_v1/?SearchSource=15&cc=&mi=321197d700000000000074de2b10034a FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 321197d700000000000074de2b10034a FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15961 FF - user.js: extensions.delta.vrsn - 1.8.24.6 FF - user.js: extensions.delta.vrsni - 1.8.24.6 FF - user.js: extensions.delta.vrsnTs - 1.8.24.617:17 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=119776&tsp=5004 FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false ClearJavaCache:: Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

Ikac1996 Poslao: 03 Jun 2014 20:53 Idi na vrh
offline Ikac1996 Novi MyCity građanin Pridružio: 01 Jun 2014 Poruke: 23	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 14-06-03.01 - win7 03.06.2014 20:35:32.2.2 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3552.2213 [GMT 2:00] Running from: c:\users\win7\Desktop\ComboFix.exe Command switches used :: c:\users\win7\Desktop\CFScript.txt AV: avast! Antivirus Disabled/Updated {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: avast! Antivirus Disabled/Updated {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\SearchProtect c:\program files (x86)\SearchProtect\bin\ChromeModule.dll c:\program files (x86)\SearchProtect\bin\CltMngSvc.exe c:\program files (x86)\SearchProtect\bin\FirefoxModule.dll c:\program files (x86)\SearchProtect\bin\InternetExplorerModule.dll c:\program files (x86)\SearchProtect\bin\msvcp100.dll c:\program files (x86)\SearchProtect\bin\msvcr100.dll c:\program files (x86)\SearchProtect\bin\SPHook32.dll c:\program files (x86)\SearchProtect\bin\SPHook64.dll c:\program files (x86)\SearchProtect\bin\SPRunner.exe c:\program files (x86)\SearchProtect\bin\SPTool64.exe c:\program files (x86)\SearchProtect\bin\uninstall.exe c:\program files (x86)\SearchProtect\Dialogs\dialogsApi.js c:\program files (x86)\SearchProtect\Dialogs\lib\jquery.min.js c:\program files (x86)\SearchProtect\Dialogs\lib\json2.js c:\program files (x86)\SearchProtect\Dialogs\spbd\bubble.css c:\program files (x86)\SearchProtect\Dialogs\spbd\bubble.js c:\program files (x86)\SearchProtect\Dialogs\spbd\images\information.png c:\program files (x86)\SearchProtect\Dialogs\spbd\images\x-default-LTR.png c:\program files (x86)\SearchProtect\Dialogs\spbd\images\x-default-RTL.png c:\program files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png c:\program files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png c:\program files (x86)\SearchProtect\Dialogs\spbd\main.html c:\program files (x86)\SearchProtect\Dialogs\spsd\images\ok-button.png c:\program files (x86)\SearchProtect\Dialogs\spsd\images\separation-line.png c:\program files (x86)\SearchProtect\Dialogs\spsd\images\warning.png c:\program files (x86)\SearchProtect\Dialogs\spsd\main.html c:\program files (x86)\SearchProtect\Dialogs\spsd\SearchProtector.css c:\program files (x86)\SearchProtect\Dialogs\spsd\settings.js c:\program files (x86)\SearchProtect\ffprotect\abstraction.js c:\program files (x86)\SearchProtect\ffprotect\application.js c:\program files (x86)\SearchProtect\ffprotect\nsprotector.js c:\program files (x86)\SecretSauce c:\program files (x86)\SecretSauce\bin\{345422e3-72fa-447a-9550-97803edfacf3}.dll c:\program files (x86)\SecretSauce\bin\7za.exe c:\program files (x86)\SecretSauce\bin\BrowserAdapterS.7z c:\program files (x86)\SecretSauce\bin\plugins\SecretSauce.Bromon.dll c:\program files (x86)\SecretSauce\bin\plugins\SecretSauce.BroStats.dll c:\program files (x86)\SecretSauce\bin\plugins\SecretSauce.BrowserAdapterS.dll c:\program files (x86)\SecretSauce\bin\plugins\SecretSauce.CompatibilityChecker.dll c:\program files (x86)\SecretSauce\bin\plugins\SecretSauce.FFUpdate.dll c:\program files (x86)\SecretSauce\bin\plugins\SecretSauce.IEUpdate.dll c:\program files (x86)\SecretSauce\bin\plugins\SecretSauce.PurBrowseG.dll c:\program files (x86)\SecretSauce\bin\SecretSauce.BrowserAdapter.exe c:\program files (x86)\SecretSauce\bin\SecretSauce.PurBrowse64.exe c:\program files (x86)\SecretSauce\bin\SecretSauce.PurBrowseG.zip c:\program files (x86)\SecretSauce\bin\SecretSauceBAApp.dll c:\program files (x86)\SecretSauce\bin\sqlite3.dll c:\program files (x86)\SecretSauce\bin\utilSecretSauce.exe c:\program files (x86)\SecretSauce\bin\utilSecretSauce.InstallState c:\program files (x86)\SecretSauce\SecretSauce.ico c:\program files (x86)\SecretSauce\SecretSauceBHO.dll c:\program files (x86)\SecretSauce\SecretSauceUninstall.exe c:\program files (x86)\SecretSauce\sqlite3.exe c:\program files (x86)\SecretSauce\updateSecretSauce.exe c:\program files (x86)\SecretSauce\updateSecretSauce.InstallState c:\programdata\InstallMate c:\programdata\InstallMate\2D28D2CF\cfg\1.ini c:\programdata\InstallMate\2D28D2CF\cfg\1_1.ini c:\programdata\InstallMate\2D28D2CF\cfg\2.ini c:\programdata\InstallMate\2D28D2CF\cfg\2_1.ini c:\programdata\InstallMate\2D28D2CF\cfg\3.ini c:\programdata\InstallMate\2D28D2CF\cfg\3_0.ini c:\programdata\InstallMate\2D28D2CF\cfg\3_1.ini c:\programdata\InstallMate\2D28D2CF\cfg\3_2.ini c:\programdata\InstallMate\2D28D2CF\cfg\3_2_1.ini c:\programdata\InstallMate\2D28D2CF\cfg\4.ini c:\programdata\InstallMate\2D28D2CF\cfg\5.ini c:\programdata\InstallMate\2D28D2CF\cfg\6.ini c:\programdata\InstallMate\2D28D2CF\cfg\6_1.ini c:\programdata\Origin c:\programdata\Origin\local.xml c:\programdata\Origin\Origin_App.ini . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_{345422E3-72FA-447A-9550-97803EDFACF3}GW64 -------\Service_{345422e3-72fa-447a-9550-97803edfacf3}Gw64 -------\Service_CltMngSvc -------\Service_Update SecretSauce -------\Service_Util SecretSauce . . ((((((((((((((((((((((((( Files Created from 2014-05-03 to 2014-06-03 ))))))))))))))))))))))))))))))) . . 2014-06-03 18:44 . 2014-06-03 18:44 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-06-03 17:59 . 2014-05-19 23:18 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{01ED2CB7-1B03-4013-B03E-5F8D5F9525A4}\mpengine.dll 2014-06-02 18:45 . 2014-06-02 18:45 -------- d-----w- C:\zoek_backup 2014-05-26 14:47 . 2014-05-26 14:50 -------- d-----w- c:\program files (x86)\Yu-Gi-Oh! Power Chaos common 2014-05-22 10:02 . 2014-05-22 10:02 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2014-05-22 10:01 . 2014-05-22 10:01 10594416 ----a-w- c:\program files (x86)\Mozilla Firefox\icudt52.dll 2014-05-22 10:01 . 2014-05-22 10:01 965232 ----a-w- c:\program files (x86)\Mozilla Firefox\icuuc52.dll 2014-05-22 10:01 . 2014-05-22 10:01 1266800 ----a-w- c:\program files (x86)\Mozilla Firefox\icuin52.dll 2014-05-21 22:49 . 2014-05-21 22:49 -------- d-----w- c:\users\win7\AppData\Roaming\AVAST Software 2014-05-21 22:47 . 2014-05-21 22:47 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys 2014-05-21 22:47 . 2014-05-21 22:47 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys 2014-05-21 22:47 . 2014-05-21 22:47 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-05-21 22:47 . 2014-05-21 22:47 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys 2014-05-21 22:47 . 2014-05-21 22:47 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2014-05-21 22:47 . 2014-05-21 22:47 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2014-05-21 22:47 . 2014-05-21 22:47 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys 2014-05-21 22:47 . 2014-05-21 22:47 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2014-05-21 22:47 . 2014-05-21 22:47 43152 ----a-w- c:\windows\avastSS.scr 2014-05-21 22:46 . 2014-05-21 22:46 -------- d-----w- c:\program files\AVAST Software 2014-05-15 10:23 . 2014-05-15 10:23 -------- d-----w- c:\windows\CheckSur 2014-05-08 21:57 . 2014-05-08 21:57 -------- d-----w- c:\users\win7\AppData\Roaming\Publish Providers 2014-05-08 21:46 . 2014-05-08 21:49 -------- d-----w- c:\users\win7\AppData\Local\Sony 2014-05-08 21:46 . 2014-05-08 21:46 -------- d-----w- c:\programdata\Sony 2014-05-08 21:46 . 2014-05-08 21:46 -------- d-----w- c:\program files (x86)\Sony 2014-05-08 21:41 . 2014-05-09 21:06 -------- d-----w- c:\users\win7\AppData\Roaming\Sony 2014-05-06 08:06 . 2014-05-15 12:06 -------- d-s---w- c:\windows\system32\CompatTel . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-05-21 22:47 . 2013-08-07 18:12 334648 ----a-w- c:\windows\system32\aswBoot.exe 2014-05-14 13:01 . 2013-11-28 23:16 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-05-14 13:01 . 2013-11-28 23:16 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-04-29 16:00 . 2014-05-03 09:23 23133184 ----a-w- c:\windows\system32\mshtml.dll 2014-04-29 15:24 . 2014-05-03 09:23 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2014-04-29 14:14 . 2014-05-03 09:23 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb 2014-04-27 16:19 . 2013-08-16 22:29 50464 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2014-04-24 10:30 . 2014-04-25 12:00 61120 ----a-w- c:\windows\system32\drivers\{345422e3-72fa-447a-9550-97803edfacf3}Gw64.sys 2014-03-31 07:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe 2013-02-07 12:22 . 2013-02-07 12:22 50330 ----a-w- c:\program files (x86)\AntiDust.exe . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll [-] 2013-08-07 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll . [-] 2013-08-07 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll [7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-07 17706088] "uTorrent"="c:\users\win7\AppData\Roaming\uTorrent\uTorrent.exe" [2014-04-29 1270352] "Akamai NetSession Interface"="c:\users\win7\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2014-04-27 2557976] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-01 3888648] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 aswRvrt;avast! Revert; [x] S0 aswVmm;avast! VM Monitor; [x] S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x] S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x] S2 vToolbarUpdater18.1.0;vToolbarUpdater18.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [x] S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x] S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-05-27 21:11 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2014-06-03 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-28 13:01] . 2014-05-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-169506411-3708393231-39178482-1000Core.job - c:\users\win7\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-13 11:48] . 2014-06-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-169506411-3708393231-39178482-1000UA.job - c:\users\win7\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-13 11:48] . 2014-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07 14:29] . 2014-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07 14:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2014-05-21 22:47 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll FF - ProfilePath - c:\users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\4hcbmhpf.default\ . - - - - ORPHANS REMOVED - - - - . BHO-{0ffd0ef2-dbe9-483a-80c4-d2c331da1ce4} - c:\program files (x86)\SecretSauce\SecretSauceBHO.dll BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) Toolbar-10 - (no file) AddRemove-Better Surf Plus - c:\program files (x86)\BetterSurf\BetterSurfPlus\uninstall.exe AddRemove-MediaBuzzV1mode4065 - c:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode4065\uninstall.exe AddRemove-MediaPlayerV1alpha293 - c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha293\uninstall.exe AddRemove-MediaViewerV1alpha1806 - c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha1806\uninstall.exe AddRemove-MediaViewV1alpha1507 - c:\program files (x86)\MediaViewV1\MediaViewV1alpha1507\uninstall.exe AddRemove-MediaWatchV1home218 - c:\program files (x86)\MediaWatchV1\MediaWatchV1home218\uninstall.exe AddRemove-SearchProtect - c:\program files (x86)\SearchProtect\bin\uninstall.exe AddRemove-Video Player - c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta220\uninstall.exe AddRemove-{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} - c:\users\win7\AppData\Local\SwvUpdater\Updater.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.13" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe . ************************************************************************** . Completion time: 2014-06-03 20:50:28 - machine was rebooted ComboFix-quarantined-files.txt 2014-06-03 18:50 ComboFix2.txt 2014-06-02 21:43 . Pre-Run: 65.463.341.056 bytes free Post-Run: 65.335.435.264 bytes free . - - End Of File - - DB409329B9704CA9F58762F383FC8786 A36C5E4F47E84449FF07ED3517B43A31

Profil

TwinHeadedEagle Poslao: 03 Jun 2014 21:06 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odlicno Ajde sad probaj Zoek

Profil

Ikac1996 Poslao: 03 Jun 2014 22:57 Idi na vrh
offline Ikac1996 Novi MyCity građanin Pridružio: 01 Jun 2014 Poruke: 23	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! O Bože poludeću :O a može to da se uradi nešto bez zoek-a čim kliknem na ikonicu ono se pojavi neko malo prozorče kaže da će da se restartuje za less pa dalje nisam stigao da pročitam i restartuje mi laptop. Druže izvini što te mučim ako ne može ništa da se uradi šta da mu radim, videću da pronadjem nekoga u blizini ako ima da sredi nek restartuje sve ili kako već se to radi pa ću da platim i gotovo, mučim te već 2-3 dana

Profil

TwinHeadedEagle Poslao: 03 Jun 2014 22:59 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ma nikakav problem Mozes li da pokrenes FRST sada?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Valjda internet

Ko je trenutno na forumu

Ukupno su 854 korisnika na forumu :: 4 registrovanih, 2 sakrivenih i 848 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: ALBION101, MilosKop, S-lash, Shilok

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by