poz ljudi

poz ljudi

offline
  • Pridružio: 05 Avg 2012
  • Poruke: 22

Napisano: 18 Sep 2013 23:06

e ovako..pisao sam vam vise puta za probleme ali idemo ponovo...probao sam da vam dostavim izvestaj sa vaseg programa dds ali nece da mi izbaci izvestaje..probao sam 2 puta .prvi put se kom ukocio,a drugi put je radilo dijagnostiku preko 15min(iako na njemu pise da nece raditi vise od 3 min)Smile
kom mi dize sistem nekih5-7min,koci,kada se pali moram stalno da idem na start windows normalno,da bi podigao sistem...molim za pomoc ili ako imate neki drugo program za dijagnostiku da vam dostavim informacije o racunaru

Dopuna: 18 Sep 2013 23:14

Aleksandar Peric 2 ::e ovako..pisao sam vam vise puta za probleme ali idemo ponovo...probao sam da vam dostavim izvestaj sa vaseg programa dds ali nece da mi izbaci izvestaje..probao sam 2 puta .prvi put se kom ukocio,a drugi put je radilo dijagnostiku preko 15min(iako na njemu pise da nece raditi vise od 3 min)Smile
kom mi dize sistem nekih5-7min,koci,kada se pali moram stalno da idem na start windows normalno,da bi podigao sistem...molim za pomoc ili ako imate neki drugo program za dijagnostiku da vam dostavim informacije o racunaru


ps..nasao sam program iz ranijih por i skenirao sam kom..pa vi vidite u cemu je problem

mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav, odradi sledece:


Preuzmi Farbar Recovery Scan Tool (FRST) i sacuvaj ga na Desktop
Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom.

Dvoklikom pokreni FRST, kada se alat startuje, klikni Yes na disclaimer.
Pod Optional Scan stikliraj optice "List BCD" i "Driver MD5"
Klikni na dugme Scan;
Alat ce kreirati izvestaj (FRST.txt) u isti direktorijum gde je i FRST.exe sacuvan.
Iskopiraj sadrzaj tog loga u poruku.
Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvestaj (Addition.txt). Taj izvestaj okaci u poruku koristeci opciju "Prikaci file".

offline
  • Pridružio: 05 Avg 2012
  • Poruke: 22

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-09-2013
Ran by Aca (administrator) on ACA-PC on 19-09-2013 17:57:02
Running from C:\Users\Aca\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\NRadioBox\NRadioBox\NRadioBox.exe
(Google Inc.) C:\Users\Aca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aca\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] - c:\program files\real\realplayer\Update\realsched.exe [296096 2012-10-30] (RealNetworks, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5078504 2013-03-21] (ESET)
HKCU\...\Run: [Google Update] - C:\Users\Aca\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-04-15] (Google Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\Aca\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Advanced SystemCare 6] - C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-01-15] (IObit)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\CurrentVersion\Windows: [Load] C:\Users\Aca\LOCALS~1\Temp\mstilsyo.scr <===== ATTENTION
MountPoints2: {d416ab2a-703e-11e1-bdf9-806e6f6e6963} - E:\setup.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ihotsee.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x06F94AFF4D04CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = search.babylon.com/?affID=117112&tt=461.....1fd06816ad
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com/ie
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = search.babylon.com/?q={searchTerms}&affID=117112&tt=4612_2&babsrc=SP_ss&mntrId=aa52e204000000000000001fd06816ad
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={sear
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = daemon-search.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 194.28.174.195 8.8.8.8

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Aca\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Aca\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Aca\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Aca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [{0F827075-B026-42F3-885D-98981EE7B1AE}] - C:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF Extension: Browser Manager - C:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Aca\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Aca\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Aca\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Unity Player) - C:\Users\Aca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Aca\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Extension: (Google Docs) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Freemake Video Converter) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (FBPHOTOZOOM) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\2.2_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [fjbbjfdilbioabojmcplalojlmdngbjl] - C:\Users\Aca\AppData\Roaming\OpenCandy\A3B0C91D422C44168F91811647F34A13\smileyswelovetoolbar.crx
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [mpieaakhacmfleokhjcjnpcnmnmpfkid] - C:\Program Files\fbphotozoom\fbphotozoom16.crx
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx
CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Aca\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [528192 2013-02-25] (IObit)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1341664 2013-03-21] (ESET)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1479488 2011-10-13] (TuneUp Software)
S2 Browser Manager; C:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [x]

==================== Drivers (Whitelisted) ====================

R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2012-09-23] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171680 2013-02-20] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [105760 2013-01-10] (ESET)
R3 ltmodem5; C:\Windows\System32\DRIVERS\ltmdmnt.sys [503296 2009-07-14] (Agere Systems)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2010-11-26] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2011-09-22] (TuneUp Software)
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 USBET; system32\DRIVERS\ETdrv.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9EBBBA55060F786F0FCAA3893BFA2806
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 42F158036BD4C2FF3122BF142E60E6FD
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 555E54AC2F601A8821CEF58961653991
C:\Windows\System32\drivers\dxgkrnl.sys 16498EBC04AE9DD07049A8884B205C05
C:\Windows\System32\DRIVERS\eamonm.sys 16FF05BE2BD95824B487B1476862A84B
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ehdrv.sys 366369746D1818FDD8589D1F2C8A6D03
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\epfwwfpr.sys E38CABC8881DBE278BDA5E131CFF74AC
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys B7895B4182C0D16F6EFADEB8081E8D36
C:\Windows\System32\Drivers\ksecpkg.sys 5FE1ABF1AF591A3458C9CF24ED9A4D35
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ltmdmnt.sys 838DF9675A08116F057B6BC530FBBE15
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 9CDAEBE5160B9AF02AE17C62BDB6C4B5
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys E891B3979F0CF2740C1B073F834221FE
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\System32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 65375DF758CA1872AB7EBBBA457FD5E6
C:\Windows\System32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt86win7.sys 5283B9A27FF230F2FF70D92451FF409A
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\System32\drivers\sfdrv01.sys 56250672235BBE54BA8A4963B1AC997C
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\System32\drivers\sfhlp02.sys 3AD2B15CCC03FEBFBAF5FF057822AA75
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\drivers\sfsync02.sys 798D918D8F20380008277CE3CE5319D1
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\Drivers\SmartDefragDriver.sys BF302072DC8374CF4E118FD88AA817A2
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\System32\DRIVERS\ss_bbus.sys 3F0164FBC0BD1ADBD02DF9759181451A
C:\Windows\System32\DRIVERS\ss_bmdfl.sys B89D62206034E5FE573C80A24DD55675
C:\Windows\System32\DRIVERS\ss_bmdm.sys 1ED0FCEA586FE2A416EE15196E5631DD
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\DRIVERS\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101
C:\Windows\System32\drivers\tsusbflt.sys 9CE253214ACAA5A7D323327D2055EFAA
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys F2107C9D85EC0DF116939CCCE06AE697
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys BD9C55D7023C5DE374507ACC7A14E2AC
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys F92DE757E4B7CE9C07C5E65423F3AE3B
C:\Windows\System32\DRIVERS\usbhub.sys 8DC94AEC6A7E644A06135AE7506DC2E9
C:\Windows\system32\drivers\usbohci.sys E185D44FAC515A18D9DEDDC23C2CDF44
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\System32\DRIVERS\usbuhci.sys 68DF884CF41CDADA664BEB01DAF67E3D
C:\Windows\System32\Drivers\usbvideo.sys 45F4E7BF43DB40A6C6B4D92C76CBC3F2
C:\Windows\System32\DRIVERS\usb8023x.sys AF77716205C97E902E6C5B78DECE2CCA
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys A840213F1ACDCC175B4D1D5AAEAC0D7A
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-19 17:55 - 2013-09-19 17:55 - 00000000 ____D C:\FRST
2013-09-19 17:54 - 2013-09-19 17:55 - 01083535 _____ (Farbar) C:\Users\Aca\Downloads\FRST.exe
2013-09-19 09:35 - 2013-09-19 09:35 - 189563983 _____ C:\Windows\MEMORY.DMP
2013-09-19 09:35 - 2013-09-19 09:35 - 00234576 _____ C:\Windows\Minidump\091913-152319-01.dmp
2013-09-18 23:14 - 2013-09-18 23:14 - 00044291 _____ C:\Users\Aca\Downloads\289152_662314738_New Text Document.txt
2013-09-18 23:09 - 2013-09-18 23:10 - 00044291 _____ C:\Users\Aca\Downloads\Result.txt
2013-09-18 23:08 - 2013-09-18 23:08 - 00760937 _____ (Farbar) C:\Users\Aca\Downloads\MiniToolBox.exe
2013-09-18 22:38 - 2013-09-18 23:12 - 00044291 _____ C:\Users\Aca\Desktop\New Text Document.txt
2013-09-18 22:37 - 2013-09-18 22:38 - 00688992 _____ (Swearware) C:\Users\Aca\Downloads\dds.pif
2013-09-18 22:37 - 2013-09-18 22:37 - 00688992 ____R (Swearware) C:\Users\Aca\Downloads\dds.com
2013-09-18 22:00 - 2013-09-19 09:35 - 00000280 _____ C:\Windows\setupact.log
2013-09-18 22:00 - 2013-09-18 22:00 - 00000000 _____ C:\Windows\setuperr.log
2013-09-18 18:39 - 2013-09-18 18:39 - 51814400 _____ C:\Windows\system32\config\software.iobit
2013-09-18 18:39 - 2013-09-18 18:39 - 42905600 _____ C:\Windows\system32\config\components.iobit
2013-09-18 18:39 - 2013-09-18 18:39 - 00425984 _____ C:\Windows\system32\config\default.iobit
2013-09-18 18:39 - 2013-09-18 18:39 - 00102400 _____ C:\Windows\system32\config\sam.iobit
2013-09-18 18:39 - 2013-09-18 18:39 - 00028672 _____ C:\Windows\system32\config\security.iobit
2013-09-17 18:12 - 2013-09-17 18:12 - 00026195 _____ C:\Users\Aca\Downloads\F025.tmp
2013-09-17 18:11 - 2013-09-17 18:11 - 00047882 _____ C:\Users\Aca\Downloads\DEBB.tmp
2013-09-17 17:40 - 2013-09-17 17:40 - 00648240 _____ (Unity Technologies ApS) C:\Users\Aca\Downloads\UnityWebPlayer (1).exe
2013-09-17 17:37 - 2013-09-17 17:37 - 00648240 _____ (Unity Technologies ApS) C:\Users\Aca\Downloads\UnityWebPlayer.exe
2013-09-10 21:13 - 2013-09-10 21:13 - 00001373 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-10 21:13 - 2013-09-10 21:13 - 00000020 ___SH C:\Users\Guest\ntuser.ini
2013-09-10 21:13 - 2013-09-10 21:13 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Real
2013-09-10 21:13 - 2013-09-10 21:13 - 00000000 ____D C:\Users\Guest\AppData\Local\VirtualStore
2013-09-10 21:13 - 2013-09-10 21:13 - 00000000 ____D C:\Users\Guest\AppData\Local\Adobe
2013-09-10 21:13 - 2013-09-10 21:13 - 00000000 ____D C:\Users\Guest
2013-09-10 21:13 - 2012-08-06 23:29 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Macromedia
2013-09-10 21:13 - 2012-04-12 06:17 - 00000000 ____D C:\Users\Guest\AppData\Local\Microsoft Help
2013-09-10 21:13 - 2009-07-14 06:42 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-10 21:13 - 2009-07-14 06:37 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-10 21:12 - 2013-09-10 21:22 - 00000632 __RSH C:\Users\Aca\ntuser.pol
2013-09-10 21:04 - 2013-09-10 21:04 - 00000000 ____H C:\Users\Aca\Documents\Default.rdp
2013-09-09 18:00 - 2013-09-09 18:00 - 00014252 _____ C:\Users\Aca\Downloads\Pretty Little Liars - 01x09 - The Perfect Storm HDTV HR.rar
2013-09-09 17:31 - 2013-09-09 17:42 - 00000000 ____D C:\Users\Aca\Desktop\vanjina veridba
2013-09-06 17:44 - 2013-09-06 18:00 - 00000000 ____D C:\Users\Aca\Desktop\maki fleska novo
2013-09-02 11:10 - 2013-09-09 21:48 - 00000000 ____D C:\Users\Aca\Desktop\Aca muzika
2013-08-31 18:01 - 2013-09-09 20:26 - 00000261 _____ C:\Users\Aca\Desktop\New Text Document (2).txt

==================== One Month Modified Files and Folders =======

2013-09-19 17:55 - 2013-09-19 17:55 - 00000000 ____D C:\FRST
2013-09-19 17:55 - 2013-09-19 17:54 - 01083535 _____ (Farbar) C:\Users\Aca\Downloads\FRST.exe
2013-09-19 17:39 - 2012-03-19 08:23 - 00000000 ____D C:\Users\Aca\AppData\Roaming\Skype
2013-09-19 17:23 - 2012-07-06 22:46 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4246160244-1240245473-2407550815-1001UA.job
2013-09-19 17:18 - 2012-04-25 03:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-19 17:12 - 2012-04-15 12:40 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-19 16:53 - 2012-04-13 22:43 - 00000920 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4246160244-1240245473-2407550815-1001UA.job
2013-09-19 11:23 - 2012-07-06 22:46 - 00000848 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4246160244-1240245473-2407550815-1001Core.job
2013-09-19 10:38 - 2013-05-15 16:05 - 01183022 _____ C:\Windows\WindowsUpdate.log
2013-09-19 09:40 - 2009-07-14 06:34 - 00019776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-19 09:40 - 2009-07-14 06:34 - 00019776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-19 09:35 - 2013-09-19 09:35 - 189563983 _____ C:\Windows\MEMORY.DMP
2013-09-19 09:35 - 2013-09-19 09:35 - 00234576 _____ C:\Windows\Minidump\091913-152319-01.dmp
2013-09-19 09:35 - 2013-09-18 22:00 - 00000280 _____ C:\Windows\setupact.log
2013-09-19 09:35 - 2012-04-15 12:40 - 00000876 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-19 09:35 - 2012-03-17 22:10 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-19 09:35 - 2012-03-17 21:31 - 00000000 ____D C:\Windows\Minidump
2013-09-19 09:35 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-18 23:14 - 2013-09-18 23:14 - 00044291 _____ C:\Users\Aca\Downloads\289152_662314738_New Text Document.txt
2013-09-18 23:12 - 2013-09-18 22:38 - 00044291 _____ C:\Users\Aca\Desktop\New Text Document.txt
2013-09-18 23:10 - 2013-09-18 23:09 - 00044291 _____ C:\Users\Aca\Downloads\Result.txt
2013-09-18 23:08 - 2013-09-18 23:08 - 00760937 _____ (Farbar) C:\Users\Aca\Downloads\MiniToolBox.exe
2013-09-18 22:38 - 2013-09-18 22:37 - 00688992 _____ (Swearware) C:\Users\Aca\Downloads\dds.pif
2013-09-18 22:37 - 2013-09-18 22:37 - 00688992 ____R (Swearware) C:\Users\Aca\Downloads\dds.com
2013-09-18 22:00 - 2013-09-18 22:00 - 00000000 _____ C:\Windows\setuperr.log
2013-09-18 18:39 - 2013-09-18 18:39 - 51814400 _____ C:\Windows\system32\config\software.iobit
2013-09-18 18:39 - 2013-09-18 18:39 - 42905600 _____ C:\Windows\system32\config\components.iobit
2013-09-18 18:39 - 2013-09-18 18:39 - 00425984 _____ C:\Windows\system32\config\default.iobit
2013-09-18 18:39 - 2013-09-18 18:39 - 00102400 _____ C:\Windows\system32\config\sam.iobit
2013-09-18 18:39 - 2013-09-18 18:39 - 00028672 _____ C:\Windows\system32\config\security.iobit
2013-09-18 18:39 - 2012-03-17 16:52 - 00000000 ____D C:\Users\Aca
2013-09-17 18:12 - 2013-09-17 18:12 - 00026195 _____ C:\Users\Aca\Downloads\F025.tmp
2013-09-17 18:11 - 2013-09-17 18:11 - 00047882 _____ C:\Users\Aca\Downloads\DEBB.tmp
2013-09-17 17:40 - 2013-09-17 17:40 - 00648240 _____ (Unity Technologies ApS) C:\Users\Aca\Downloads\UnityWebPlayer (1).exe
2013-09-17 17:37 - 2013-09-17 17:37 - 00648240 _____ (Unity Technologies ApS) C:\Users\Aca\Downloads\UnityWebPlayer.exe
2013-09-13 22:53 - 2012-04-13 22:43 - 00000898 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4246160244-1240245473-2407550815-1001Core.job
2013-09-13 19:18 - 2012-04-25 03:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-13 19:18 - 2012-04-25 03:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-11 08:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-09-10 23:30 - 2009-07-14 04:04 - 00000508 _____ C:\Windows\win.ini
2013-09-10 21:22 - 2013-09-10 21:12 - 00000632 __RSH C:\Users\Aca\ntuser.pol
2013-09-10 21:13 - 2013-09-10 21:13 - 00001373 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-10 21:13 - 2013-09-10 21:13 - 00000020 ___SH C:\Users\Guest\ntuser.ini
2013-09-10 21:13 - 2013-09-10 21:13 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Real
2013-09-10 21:13 - 2013-09-10 21:13 - 00000000 ____D C:\Users\Guest\AppData\Local\VirtualStore
2013-09-10 21:13 - 2013-09-10 21:13 - 00000000 ____D C:\Users\Guest\AppData\Local\Adobe
2013-09-10 21:13 - 2013-09-10 21:13 - 00000000 ____D C:\Users\Guest
2013-09-10 21:12 - 2009-07-14 04:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-09-10 21:04 - 2013-09-10 21:04 - 00000000 ____H C:\Users\Aca\Documents\Default.rdp
2013-09-10 20:31 - 2012-05-16 05:10 - 00369914 _____ C:\Windows\system32\prfh0804.dat
2013-09-10 20:31 - 2012-05-16 05:10 - 00104390 _____ C:\Windows\system32\prfc0804.dat
2013-09-10 20:31 - 2012-03-17 20:54 - 01191348 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-09 21:48 - 2013-09-02 11:10 - 00000000 ____D C:\Users\Aca\Desktop\Aca muzika
2013-09-09 20:26 - 2013-08-31 18:01 - 00000261 _____ C:\Users\Aca\Desktop\New Text Document (2).txt
2013-09-09 18:00 - 2013-09-09 18:00 - 00014252 _____ C:\Users\Aca\Downloads\Pretty Little Liars - 01x09 - The Perfect Storm HDTV HR.rar
2013-09-09 17:42 - 2013-09-09 17:31 - 00000000 ____D C:\Users\Aca\Desktop\vanjina veridba
2013-09-08 12:02 - 2012-03-17 21:35 - 00000000 ____D C:\Users\Aca\AppData\Roaming\DAEMON Tools Lite
2013-09-08 12:02 - 2012-03-17 20:58 - 00000000 ____D C:\Users\Aca\AppData\Roaming\Winamp
2013-09-06 18:00 - 2013-09-06 17:44 - 00000000 ____D C:\Users\Aca\Desktop\maki fleska novo
2013-09-06 09:30 - 2012-11-04 19:43 - 00000000 ____D C:\Users\Aca\Desktop\ivana selakov 2012
2013-08-26 12:27 - 2013-07-23 18:13 - 00000000 ____D C:\Users\Aca\Desktop\aca muzika novo
2013-08-26 05:23 - 2012-07-06 22:47 - 00000000 ____D C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-08-26 05:23 - 2012-03-17 21:56 - 00000000 ____D C:\ProgramData\Real
2013-08-26 05:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp
2013-08-26 05:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2013-08-26 05:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=C:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {0f313267-7047-11e1-96b0-ebf34ab44f50}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {0f313269-7047-11e1-96b0-ebf34ab44f50}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {0f313267-7047-11e1-96b0-ebf34ab44f50}
nx OptIn

Windows Boot Loader
-------------------
identifier {0f313269-7047-11e1-96b0-ebf34ab44f50}
device ramdisk=[C:]\Recovery\0f313269-7047-11e1-96b0-ebf34ab44f50\Winre.wim,{0f31326a-7047-11e1-96b0-ebf34ab44f50}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\0f313269-7047-11e1-96b0-ebf34ab44f50\Winre.wim,{0f31326a-7047-11e1-96b0-ebf34ab44f50}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {0f313267-7047-11e1-96b0-ebf34ab44f50}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {0f31326a-7047-11e1-96b0-ebf34ab44f50}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\0f313269-7047-11e1-96b0-ebf34ab44f50\boot.sdi



LastRegBack: 2013-09-11 20:11

==================== End Of Log ============================

mycity.rs/must-login.png

mycity.rs/must-login.png


EVO IZVASTAJA SA OVOG DRUGOG PROGRAMA....

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav,

Moja je preporuka da deinstaliras "Advanced SystemCare 6 (Version: 6.1)". Osim toga sto je on obican blotware, ovaj software ima i svoju malicioznu proslost. Plus sto svi ti programi tog tipa ne rade nista drugo nego obmanjuju ljude da ce navodno ubrzati rad racunara brisuci one registry kljuceve koje koristi ili ce koristiti neki software.

Moje licno misljenje i jeste da su ti ovakvi "Tune Up" programi i ostetili tvoj Windows vremenom brisuci sve i svasta.

Ako si voljan, procitaj sledece obavestenje:
http://forums.malwarebytes.org/index.php?showtopic=29681

Ista prica vazi i za program "TuneUp Utilities".

Ovaj gif ce ti reci sve:


Takodje u spojleru se nalaze jos par linkova sa tekstom zasto ne korisitit takozvane "registry cleaner" programe.
( izuzev CCleaner-a jer on stvarno povrsno skenira registry, bas onoliko koliko je to dozvoljeno )

+ Klikni Me!


Ako ces mene lepo poslusati, sve to lepo deinstaliraj i da ih tvoje oci vise ne vide.

----- FIX -----



Arrow Start > Control Panel > Programs and Feautres
Deinstaliraj sledece:

Browser Manager

Arrow FRST je pokrenut iz download foldera.
Citat:Running from C:\Users\Aca\Downloads
Prebaci ga na Desktop kao sto se u uputstvu navodi.


Arrow FRSTScript
Otvori Notepad i iskopiraj sledeći tekst koji se nalazi unutar osenčenog prostora.

START
HKCU\...\CurrentVersion\Windows: [Load] C:\Users\Aca\LOCALS~1\Temp\mstilsyo.scr <===== ATTENTION
C:\Users\Aca\LOCALS~1\Temp\mstilsyo.scr
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ihotsee.com/
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=117112&tt=461.....1fd06816ad
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=117112&tt=4612_2&babsrc=SP_ss&mntrId=aa52e204000000000000001fd06816ad
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
FF Extension: Browser Manager - C:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtensio
CHR HKLM\...\Chrome\Extension: [fjbbjfdilbioabojmcplalojlmdngbjl] - C:\Users\Aca\AppData\Roaming\OpenCandy\A3B0C91D422C44168F91811647F34A13\smileyswelovetoolbar.crx
C:\Users\Aca\AppData\Roaming\OpenCandy\A3B0C91D422C44168F91811647F34A13\smileyswelovetoolbar.crx
CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx
S2 Browser Manager; C:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [x]
C:\ProgramData\Browser Manager
C:\Users\Aca\Downloads\F025.tmp
C:\Users\Aca\Downloads\DEBB.tmp
Folder: C:\Windows\system32\GroupPolicy
CMD: netsh winsock reset
CMD: ipconfig /flushdns
Hosts:
END


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop

Napomena: Fixlist.txt i FRST.exe moraju da se nalaze na istoj lokaciji ili fix nece raditi.

Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.

Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Potrebno je da fixlog.txt kopiras na forum




----- potom -----


Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.



Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku;
Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata;
Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata;
Ako nakon restarta dobijaš grešku prilikom startovanja pojedinih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to ce rešiti problem.



----- potom -----


Arrow Ponovo pokreni FRST i postavi mi svez FRST.txt izvestaj.

offline
  • Pridružio: 05 Avg 2012
  • Poruke: 22

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 18-09-2013
Ran by Aca at 2013-09-20 18:35:37 Run:2
Running from C:\Users\Aca\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
START
HKCU\...\CurrentVersion\Windows: [Load] C:\Users\Aca\LOCALS~1\Temp\mstilsyo.scr <===== ATTENTION
C:\Users\Aca\LOCALS~1\Temp\mstilsyo.scr
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ihotsee.com/
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = search.babylon.com/?affID=117112&tt=461.....1fd06816ad
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = search.babylon.com/?q={searchTerms}&affID=117112&tt=4612_2&babsrc=SP_ss&mntrId=aa52e204000000000000001fd06816ad
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
FF Extension: Browser Manager - C:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtensio
CHR HKLM\...\Chrome\Extension: [fjbbjfdilbioabojmcplalojlmdngbjl] - C:\Users\Aca\AppData\Roaming\OpenCandy\A3B0C91D422C44168F91811647F34A13\smileyswelovetoolbar.crx
C:\Users\Aca\AppData\Roaming\OpenCandy\A3B0C91D422C44168F91811647F34A13\smileyswelovetoolbar.crx
CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx
S2 Browser Manager; C:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [x]
C:\ProgramData\Browser Manager
C:\Users\Aca\Downloads\F025.tmp
C:\Users\Aca\Downloads\DEBB.tmp
Folder: C:\Windows\system32\GroupPolicy
CMD: netsh winsock reset
CMD: ipconfig /flushdns
Hosts:
END
*****************

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => Value was restored successfully.
"C:\Users\Aca\LOCALS~1\Temp\mstilsyo.scr " => File/Directory not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => Value not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => Value not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} => Value not found.
HKCR\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value not found.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value not found.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
C:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtensio => not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl => Key not found.
"C:\Users\Aca\AppData\Roaming\OpenCandy\A3B0C91D422C44168F91811647F34A13\smileyswelovetoolbar.crx " => File/Directory not found.
"C:\Users\Aca\AppData\Roaming\OpenCandy\A3B0C91D422C44168F91811647F34A13\smileyswelovetoolbar.crx " => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph => Key not found.
"C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx " => File/Directory not found.
Browser Manager => Service not found.
"C:\ProgramData\Browser Manager " => File/Directory not found.
"C:\Users\Aca\Downloads\F025.tmp " => File/Directory not found.
"C:\Users\Aca\Downloads\DEBB.tmp " => File/Directory not found.

========================= Folder: C:\Windows\system32\GroupPolicy ========================


====== End of Folder: ======


========= netsh winsock reset =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====
mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Napisano: 21 Sep 2013 19:56

bump!

Molio bih te da ne trosis moje vreme koje sam izdvojio da bih tebi nesebicno pomogao.
I ranije si odlazio iz Ambulante bez i jednog odgovora.

Ukoliko ti treba pomoc, postavi mi Combofix izvestaj kao sto sam lepo trazio od tebe.
Ukoliko se ne javis u roku od 48h tema ce biti zakljucana.

Hvala na razumevanju.

Dopuna: 24 Sep 2013 1:41

Usled nedostatka odgovora, ova tema ce sada biti zatvorena.





[locked]

24 Sep 2013 01:41 magna86 Zaključavanje topica Razlog: Odgovoreno je  
Ko je trenutno na forumu
 

Ukupno su 743 korisnika na forumu :: 11 registrovanih, 1 sakriven i 731 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, drimer, ekser222, esx66, Istman, Kruger, Lazarus, nick79, panzerwaffe, vasa.93, VP6919