problemi sa virusom

problemi sa virusom

offline
  • Pridružio: 02 Apr 2015
  • Poruke: 2

Evo pročitala sam vaša pravila i nadam se da sam sve napravila kako treba, inače se komp dosta resetira, imam avast s kojim sam dosad godinama radila i nisam imala problema, on detektira nekakav trojanac win. logonui pri svakom gašenju kompa i kad pokrenem malwarebytes, posvuda su reklame, a ne mogu da mrdnem, stalno se otvaraju neke stranice (film-za-odrasle)-o sadržaja ili neke druge, koristim chrome, već par dana me izluđuje, nadam se da mi možete pomoći, gore imam xp nekakav black edition, vjerojatno je virus već bio u windowsima kod instalacije, nemam pojma
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Admin (administrator) on PAL on 02-04-2015 17:26:23
Running from C:\Documents and Settings\Admin\My Documents\Downloads
Loaded Profiles: Admin (Available profiles: Admin)
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-02] (Avast Software s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [279552 2007-12-28] ()
HKU\S-1-5-19\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-21-436374069-1383384898-1801674531-1003\...\MountPoints2: {9346ace0-d7c1-11e4-be1d-0015f26b516f} - G:\
HKU\S-1-5-21-436374069-1383384898-1801674531-1003\...\MountPoints2: {94f18a19-7c83-11e4-9871-806d6172696f} - F:\3ivxCodecVer502.exe
HKU\S-1-5-18\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-436374069-1383384898-1801674531-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-21-436374069-1383384898-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKU\.DEFAULT -> DefaultScope {7DB0124C-1A43-4F77-876C-79EA5BCF12C6} URL = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKU\.DEFAULT -> {1921ED09-583B-4B28-84F2-8BBDB35CEF39} URL = RyanVM.net
SearchScopes: HKU\.DEFAULT -> {39FF1121-7EB7-4C51-BCC8-DCE06F3745E3} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\.DEFAULT -> {5A171114-24D8-435B-8A2C-D28AC20D125C} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\.DEFAULT -> {7780F183-7385-4512-8AC8-F4E401767900} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\.DEFAULT -> {79096E8E-F8B5-4F97-9EE8-7E59B5566BFF} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&invocationType=msie70a
SearchScopes: HKU\.DEFAULT -> {7C408AA2-928B-4381-A61A-52DF4164615F} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&o=10365
SearchScopes: HKU\.DEFAULT -> {7DB0124C-1A43-4F77-876C-79EA5BCF12C6} URL = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKU\.DEFAULT -> {91814F9F-43DF-4C65-AD76-BAA6EA56A609} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&GO=GO
SearchScopes: HKU\.DEFAULT -> {91821537-42FB-4108-AF1C-851E2C002716} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKU\.DEFAULT -> {E16D1698-A644-4B5D-AA96-5129DEAD3A48} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\.DEFAULT -> {E50C76D9-48D9-4941-9327-A3498F3B0E84} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\.DEFAULT -> {FA9BB16A-2F4A-4461-B9D0-CD95DED53CE2} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {7DB0124C-1A43-4F77-876C-79EA5BCF12C6} URL = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKU\S-1-5-19 -> {1921ED09-583B-4B28-84F2-8BBDB35CEF39} URL = RyanVM.net
SearchScopes: HKU\S-1-5-19 -> {39FF1121-7EB7-4C51-BCC8-DCE06F3745E3} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-19 -> {5A171114-24D8-435B-8A2C-D28AC20D125C} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-19 -> {7780F183-7385-4512-8AC8-F4E401767900} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-19 -> {79096E8E-F8B5-4F97-9EE8-7E59B5566BFF} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&invocationType=msie70a
SearchScopes: HKU\S-1-5-19 -> {7C408AA2-928B-4381-A61A-52DF4164615F} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&o=10365
SearchScopes: HKU\S-1-5-19 -> {7DB0124C-1A43-4F77-876C-79EA5BCF12C6} URL = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKU\S-1-5-19 -> {91814F9F-43DF-4C65-AD76-BAA6EA56A609} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&GO=GO
SearchScopes: HKU\S-1-5-19 -> {91821537-42FB-4108-AF1C-851E2C002716} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKU\S-1-5-19 -> {E16D1698-A644-4B5D-AA96-5129DEAD3A48} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-19 -> {E50C76D9-48D9-4941-9327-A3498F3B0E84} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-19 -> {FA9BB16A-2F4A-4461-B9D0-CD95DED53CE2} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {7DB0124C-1A43-4F77-876C-79EA5BCF12C6} URL = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKU\S-1-5-20 -> {1921ED09-583B-4B28-84F2-8BBDB35CEF39} URL = RyanVM.net
SearchScopes: HKU\S-1-5-20 -> {39FF1121-7EB7-4C51-BCC8-DCE06F3745E3} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-20 -> {5A171114-24D8-435B-8A2C-D28AC20D125C} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-20 -> {7780F183-7385-4512-8AC8-F4E401767900} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-20 -> {79096E8E-F8B5-4F97-9EE8-7E59B5566BFF} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&invocationType=msie70a
SearchScopes: HKU\S-1-5-20 -> {7C408AA2-928B-4381-A61A-52DF4164615F} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&o=10365
SearchScopes: HKU\S-1-5-20 -> {7DB0124C-1A43-4F77-876C-79EA5BCF12C6} URL = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKU\S-1-5-20 -> {91814F9F-43DF-4C65-AD76-BAA6EA56A609} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&GO=GO
SearchScopes: HKU\S-1-5-20 -> {91821537-42FB-4108-AF1C-851E2C002716} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKU\S-1-5-20 -> {E16D1698-A644-4B5D-AA96-5129DEAD3A48} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-20 -> {E50C76D9-48D9-4941-9327-A3498F3B0E84} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-20 -> {FA9BB16A-2F4A-4461-B9D0-CD95DED53CE2} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-21-436374069-1383384898-1801674531-1003 -> DefaultScope {7DB0124C-1A43-4F77-876C-79EA5BCF12C6} URL = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKU\S-1-5-21-436374069-1383384898-1801674531-1003 -> {1921ED09-583B-4B28-84F2-8BBDB35CEF39} URL = RyanVM.net
SearchScopes: HKU\S-1-5-21-436374069-1383384898-1801674531-1003 -> {39FF1121-7EB7-4C51-BCC8-DCE06F3745E3} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-21-436374069-1383384898-1801674531-1003 -> {5A171114-24D8-435B-8A2C-D28AC20D125C} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-21-436374069-1383384898-1801674531-1003 -> {7780F183-7385-4512-8AC8-F4E401767900} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-21-436374069-1383384898-1801674531-1003 -> {79096E8E-F8B5-4F97-9EE8-7E59B5566BFF} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&invocationType=msie70a
SearchScopes: HKU\S-1-5-21-436374069-1383384898-1801674531-1003 -> {7C408AA2-928B-4381-A61A-52DF4164615F} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&o=10365
SearchScopes: HKU\S-1-5-21-436374069-1383384898-1801674531-1003 -> {7DB0124C-1A43-4F77-876C-79EA5BCF12C6} URL = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKU\S-1-5-21-436374069-1383384898-1801674531-1003 -> {91814F9F-43DF-4C65-AD76-BAA6EA56A609} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&GO=GO
SearchScopes: HKU\S-1-5-21-436374069-1383384898-1801674531-1003 -> {91821537-42FB-4108-AF1C-851E2C002716} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKU\S-1-5-21-436374069-1383384898-1801674531-1003 -> {E16D1698-A644-4B5D-AA96-5129DEAD3A48} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-21-436374069-1383384898-1801674531-1003 -> {E50C76D9-48D9-4941-9327-A3498F3B0E84} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-436374069-1383384898-1801674531-1003 -> {FA9BB16A-2F4A-4461-B9D0-CD95DED53CE2} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-02] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-02] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-02] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\k6ig3x9y.default
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-02] (Oracle Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.3088 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2007-12-21] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.11.3006 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2007-12-21] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-436374069-1383384898-1801674531-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Admin\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-436374069-1383384898-1801674531-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Admin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2007-11-28] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2007-12-21] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2007-12-21] (RealNetworks, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml [2007-11-28]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2007-11-28]
FF Extension: Talkback - C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org [2014-12-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-06]
StartMenuInternet: FIREFOX.EXE - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

Chrome:
=======
CHR HomePage: Default -> [Link mogu videti samo ulogovani korisnici]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-06]
CHR Extension: (Google Docs) - C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-06]
CHR Extension: (Google Drive) - C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-06]
CHR Extension: (YouTube) - C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-06]
CHR Extension: (Google Search) - C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-06]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-06]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-12-14]
CHR Extension: (Chrono Download Manager) - C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2015-02-01]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-06]
CHR Extension: (Gmail) - C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-06]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-02]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-02]
CHR HKU\S-1-5-21-436374069-1383384898-1801674531-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - [Link mogu videti samo ulogovani korisnici]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-02] (Avast Software s.r.o.)
S3 TuneUp.Defrag; C:\WINDOWS\System32\TuneUpDefragService.exe [306432 2014-12-06] (TuneUp Software GmbH)
S2 Service Mgr ExpressFind; "C:\Documents and Settings\All Users\Application Data\77790361-426c-4fa2-8cf3-5994543d685d\plugincontainer.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24144 2015-04-02] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [73440 2015-04-02] (Avast Software s.r.o.)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-04-02] (Avast Software s.r.o.)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49904 2015-04-02] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788272 2015-04-02] (Avast Software s.r.o.)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [427736 2015-04-02] (Avast Software s.r.o.)
S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35144 2014-12-06] (The OpenVPN Project)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-04-02] (Avast Software s.r.o.)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208024 2015-04-02] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-04] (Microsoft Corporation)
R3 cmpci; C:\WINDOWS\System32\drivers\cmaudio.sys [377358 2002-11-19] (C-Media Inc)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2004-08-04] (Microsoft Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2015-04-01] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-04] (Microsoft Corporation)
R2 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [163644 2007-12-28] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 SISNIC; C:\WINDOWS\System32\DRIVERS\sisnic.sys [32768 2004-08-04] (SiS Corporation)
R0 sisraidx; C:\WINDOWS\system32\Drivers\sisraidx.sys [47616 2007-12-29] (Silicon Integrated Systems Corp.) [File not signed]
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [360704 2007-12-28] (Microsoft Corporation) [File not signed]
S4 IntelIde; No ImagePath
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [78720 2007-12-28] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-02 17:26 - 2015-04-02 17:26 - 00000000 ____D () C:\FRST
2015-04-02 16:47 - 2015-04-02 16:47 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-04-02 16:31 - 2015-04-02 16:31 - 00291312 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-04-02 16:31 - 2015-04-02 16:31 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-04-02 16:29 - 2015-04-02 16:29 - 00090112 _____ () C:\WINDOWS\Minidump\Mini040215-02.dmp
2015-04-02 12:36 - 2015-04-02 12:36 - 00090112 _____ () C:\WINDOWS\Minidump\Mini040215-01.dmp
2015-04-01 23:14 - 2015-04-01 23:14 - 00090112 _____ () C:\WINDOWS\Minidump\Mini040115-03.dmp
2015-04-01 21:33 - 2015-04-01 21:33 - 00000000 ____D () C:\Avenger
2015-04-01 18:42 - 2015-04-01 18:42 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agentsvr.exe
2015-04-01 18:42 - 2015-04-01 18:42 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\accwiz.exe
2015-04-01 18:42 - 2015-04-01 18:42 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ahui.exe
2015-04-01 18:42 - 2015-04-01 18:42 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\alg.exe
2015-04-01 18:42 - 2015-04-01 18:42 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\arp.exe
2015-04-01 18:42 - 2015-04-01 18:42 - 00016439 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admin.exe
2015-04-01 18:42 - 2015-04-01 18:42 - 00012498 _____ () C:\WINDOWS\system32\dllcache\append.exe
2015-04-01 18:42 - 2015-04-01 18:42 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\actmovie.exe
2015-04-01 18:39 - 2015-04-01 18:39 - 00000759 _____ () C:\Documents and Settings\Admin\Desktop\DllSuite.lnk
2015-04-01 18:39 - 2015-04-01 18:39 - 00000000 ____D () C:\Program Files\DLLSuite
2015-04-01 18:39 - 2015-04-01 18:39 - 00000000 ____D () C:\Documents and Settings\Admin\Start Menu\Programs\Dll Suite 2014
2015-04-01 16:22 - 2015-04-01 16:22 - 00090112 _____ () C:\WINDOWS\Minidump\Mini040115-02.dmp
2015-04-01 08:20 - 2015-04-01 08:20 - 00090112 _____ () C:\WINDOWS\Minidump\Mini040115-01.dmp
2015-03-31 19:15 - 2015-03-31 19:15 - 00090112 _____ () C:\WINDOWS\Minidump\Mini033115-01.dmp
2015-03-31 18:18 - 2015-03-31 18:18 - 00004730 _____ () C:\WINDOWS\setupapi.log
2015-03-30 23:02 - 2015-03-30 23:02 - 00000000 ____D () C:\Documents and Settings\Admin\Application Data\RHEng
2015-03-30 23:01 - 2015-03-30 23:08 - 00000000 ____D () C:\KMPlayer
2015-03-30 23:01 - 2015-03-30 23:01 - 00001593 _____ () C:\Documents and Settings\Admin\Desktop\KMP Games.lnk
2015-03-30 23:01 - 2015-03-30 23:01 - 00000522 _____ () C:\Documents and Settings\Admin\Desktop\KMPlayer.lnk
2015-03-30 23:01 - 2015-03-30 23:01 - 00000000 ____D () C:\Documents and Settings\Admin\Start Menu\Programs\The KMPlayer
2015-03-19 18:17 - 2015-03-19 18:18 - 00000000 ____D () C:\Documents and Settings\Admin\Desktop\heroes
2015-03-16 09:48 - 2015-03-16 09:51 - 00000000 ____D () C:\Documents and Settings\Admin\Desktop\New Folder
2015-03-13 20:44 - 2015-03-13 20:44 - 00000000 ____D () C:\WINDOWS\system32\QuickTime
2015-03-13 20:44 - 2015-03-13 20:44 - 00000000 ____D () C:\Program Files\3ivx
2015-03-13 20:44 - 2015-03-13 20:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\3ivx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-02 17:27 - 2014-12-06 00:24 - 00000000 ____D () C:\Documents and Settings\Admin\Local Settings\Temp
2015-04-02 17:20 - 2014-12-06 05:21 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-02 16:47 - 2014-12-27 21:54 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-04-02 16:46 - 2014-12-27 21:54 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-04-02 16:46 - 2014-12-27 21:53 - 00000000 ____D () C:\Program Files\Java
2015-04-02 16:45 - 2014-12-06 01:16 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-04-02 16:41 - 2014-12-06 00:18 - 01444840 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-02 16:40 - 2014-12-07 00:48 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-04-02 16:40 - 2014-12-07 00:48 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2015-04-02 16:40 - 2014-12-06 05:21 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-02 16:40 - 2014-12-06 00:20 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-02 16:39 - 2014-12-06 00:24 - 00000178 ___SH () C:\Documents and Settings\Admin\ntuser.ini
2015-04-02 16:39 - 2014-12-06 00:20 - 00032562 _____ () C:\WINDOWS\SchedLgU.Txt
2015-04-02 16:31 - 2014-12-06 01:15 - 00788272 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-04-02 16:31 - 2014-12-06 01:15 - 00427736 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-04-02 16:31 - 2014-12-06 01:15 - 00208024 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-04-02 16:31 - 2014-12-06 01:15 - 00073440 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-04-02 16:31 - 2014-12-06 01:15 - 00057888 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-04-02 16:31 - 2014-12-06 01:15 - 00055200 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-04-02 16:31 - 2014-12-06 01:15 - 00049904 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-04-02 16:31 - 2014-12-06 01:15 - 00024144 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-04-02 16:29 - 2014-12-05 16:01 - 00000000 ____D () C:\WINDOWS\Minidump
2015-04-01 22:19 - 2014-12-06 02:36 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-30 23:06 - 2014-12-06 00:24 - 00000000 ____D () C:\Documents and Settings\Admin\Application Data\uTorrent
2015-03-30 23:06 - 2014-12-06 00:24 - 00000000 ____D () C:\Documents and Settings\Admin
2015-03-30 22:39 - 2014-12-06 06:15 - 00020992 _____ () C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-29 09:36 - 2014-12-05 15:55 - 00356120 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-22 21:16 - 2014-12-13 22:50 - 00000000 ___RD () C:\Documents and Settings\Admin\My Documents\Google disk
2015-03-20 09:22 - 2014-12-06 05:21 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-03-19 17:38 - 2014-12-06 02:29 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-17 19:16 - 2014-12-06 00:18 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM

==================== Files in the root of some directories =======

2014-12-06 06:15 - 2015-03-30 22:39 - 0020992 _____ () C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some content of TEMP:
====================
C:\Documents and Settings\Admin\Local Settings\Temp\KMPAddedCode_KMP_adpageopen_Step1.exe
C:\Documents and Settings\Admin\Local Settings\Temp\KMP_3.9.1.134.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

pokušala sam prikačiti fajl ali ne ide, evo kopije Addition fajl
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Admin at 2015-04-02 17:27:41
Running from C:\Documents and Settings\Admin\My Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\.DEFAULT\...\uTorrent) (Version: 1.7.5 - )
µTorrent (HKU\S-1-5-19\...\uTorrent) (Version: 1.7.5 - )
µTorrent (HKU\S-1-5-20\...\uTorrent) (Version: 1.7.5 - )
µTorrent (HKU\S-1-5-21-436374069-1383384898-1801674531-1003\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
3ivx MPEG-4 5.0.2 (remove only) (HKLM\...\3ivx MPEG-4 5.0.2) (Version: 5.0.2 - 3ivx Technologies, Pty. Ltd.)
Adobe Flash Player 16 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 16.0.0.240 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Croatian (HKLM\...\{AC76BA86-7AD7-1050-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2215 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
DLL Suite 2013 (HKLM\...\{885843E7-6CAC-4791-B7BF-1CD516017954}_is1) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Drive (HKLM\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Heart of Darkness CD-Rip, CD-Rip (PC Windows, © 1998 - Amazing Studios) (HKLM\...\{68D7D124-673A-42C6-B716-6E8E4E26995F}_is1) (Version: 2.06 - DJ OldGames)
Heroes Chronicles (HKLM\...\GOGPACKHEROESCHRONICLES_is1) (Version: 2.0.0.38 - GOG.com)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
K-Lite Mega Codec Pack 3.6.2 (HKLM\...\KLiteCodecPack_is1) (Version: 3.6.2 - )
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.9.0.128 - PandoraTV)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Meine Tierklinik (HKLM\...\Meine Tierklinik_is1) (Version: Meine Tierklinik - Braingame)
Mozilla Firefox (2.0.0.11) (HKLM\...\Mozilla Firefox (2.0.0.11)) (Version: 2.0.0.11 (en-US) - Mozilla)
Opera Stable 26.0.1656.60 (HKLM\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
PCI Audio Driver (HKLM\...\PCI Audio Driver) (Version: - )
Software Update for Web Folders (Version: 9.60.6715.0 - Microsoft Corporation) Hidden
TuneUp Utilities 2008 (HKLM\...\{5888428E-699C-4E71-BF71-94EE06B497DA}) (Version: 7.0.7991 - TuneUp Software)
Unity Web Player (HKU\S-1-5-21-436374069-1383384898-1801674531-1003\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Windows Vista Games All In One (HKLM\...\VistaGames) (Version: - )
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-436374069-1383384898-1801674531-1003_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Documents and Settings\Admin\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-436374069-1383384898-1801674531-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Documents and Settings\Admin\Local Settings\Application Data\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-436374069-1383384898-1801674531-1003_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Documents and Settings\Admin\Local Settings\Application Data\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-436374069-1383384898-1801674531-1003_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Documents and Settings\Admin\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-436374069-1383384898-1801674531-1003_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Documents and Settings\Admin\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

==================== Restore Points =========================

05-02-2015 16:15:07 System Checkpoint
06-02-2015 21:01:32 System Checkpoint
10-02-2015 11:28:36 System Checkpoint
11-02-2015 12:38:55 System Checkpoint
16-02-2015 16:22:07 System Checkpoint
18-02-2015 12:22:18 System Checkpoint
20-02-2015 21:51:21 System Checkpoint
22-02-2015 08:47:46 System Checkpoint
23-02-2015 21:06:56 System Checkpoint
25-02-2015 16:03:06 System Checkpoint
27-02-2015 07:54:52 System Checkpoint
28-02-2015 14:19:18 System Checkpoint
01-03-2015 17:14:43 System Checkpoint
03-03-2015 13:29:01 System Checkpoint
06-03-2015 13:15:08 System Checkpoint
07-03-2015 16:33:46 System Checkpoint
10-03-2015 13:48:47 System Checkpoint
12-03-2015 12:46:19 System Checkpoint
13-03-2015 14:20:59 System Checkpoint
16-03-2015 17:05:20 System Checkpoint
17-03-2015 21:18:25 System Checkpoint
19-03-2015 18:56:23 System Checkpoint
22-03-2015 09:17:07 System Checkpoint
24-03-2015 08:52:51 System Checkpoint
25-03-2015 10:46:30 System Checkpoint
30-03-2015 10:13:31 System Checkpoint
01-04-2015 10:00:17 System Checkpoint
02-04-2015 16:30:48 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-04 06:00 - 2004-08-04 06:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\1-Click Maintenance.job => C:\Program Files\TuneUp Utilities 2008\OneClick.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-436374069-1383384898-1801674531-1003Core.job => C:\Documents and Settings\Admin\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-436374069-1383384898-1801674531-1003UA.job => C:\Documents and Settings\Admin\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1417819024.job => C:\Program Files\Opera\launcher.exe

==================== Loaded Modules (whitelisted) ==============

2015-04-02 16:31 - 2015-04-02 16:31 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-02 16:31 - 2015-04-02 16:31 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-02 16:30 - 2015-04-02 16:30 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15040201\algo.dll
2015-03-14 06:49 - 2015-04-02 16:31 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2004-08-04 06:00 - 2004-08-04 06:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-04 06:00 - 2004-08-04 06:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2015-03-20 09:22 - 2015-03-14 12:12 - 09278792 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.101\pdf.dll
2015-03-20 09:22 - 2015-03-14 12:12 - 14974280 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll
2014-12-06 16:45 - 2014-02-10 22:44 - 04592128 _____ () C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-12-06 16:45 - 2014-02-10 22:44 - 00112128 _____ () C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-436374069-1383384898-1801674531-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Shortcut to RocketDock.lnk => C:\WINDOWS\pss\Shortcut to RocketDock.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Shortcut to sidebar.lnk => C:\WINDOWS\pss\Shortcut to sidebar.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: C-Media Mixer => Mixer.exe /startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: Facebook Update => "C:\Documents and Settings\Admin\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: uTorrent => "C:\Documents and Settings\Admin\Application Data\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: VistaDrive => C:\WINDOWS\VistaDrive.exe

==================== Accounts: =============================

Admin (S-1-5-21-436374069-1383384898-1801674531-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Admin
Administrator (S-1-5-21-436374069-1383384898-1801674531-500 - Administrator - Enabled)
Guest (S-1-5-21-436374069-1383384898-1801674531-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-436374069-1383384898-1801674531-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-436374069-1383384898-1801674531-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Multimedia Audio Controller
Description: Multimedia Audio Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/01/2015 02:56:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 41.0.2272.101, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x000321f1.
Processing media-specific event for [chrome.exe!ws!]

Error: (04/01/2015 02:50:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 41.0.2272.101, faulting module chrome.dll, version 41.0.2272.101, fault address 0x003da3db.
Processing media-specific event for [chrome.exe!ws!]

Error: (04/01/2015 02:25:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 41.0.2272.101, faulting module chrome.dll, version 41.0.2272.101, fault address 0x0000811d.
Processing media-specific event for [chrome.exe!ws!]

Error: (03/30/2015 11:00:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application kmplayer_3-9-0-128.exe, version 3.9.0.128, faulting module riched20.dll, version 5.30.23.1228, fault address 0x00057e5b.
Processing media-specific event for [kmplayer_3-9-0-128.exe!ws!]

Error: (03/27/2015 08:24:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 41.0.2272.101, faulting module chrome.dll, version 41.0.2272.101, fault address 0x003aebf4.
Processing media-specific event for [chrome.exe!ws!]

Error: (03/24/2015 08:32:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 41.0.2272.101, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.
Processing media-specific event for [chrome.exe!ws!]

Error: (03/24/2015 05:29:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 41.0.2272.101, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [chrome.exe!ws!]

Error: (03/22/2015 00:09:04 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation ContextC:\DOCUME~1\Admin\LOCALS~1\Temp\richard.exeThe operation completed successfully.

Error: (03/22/2015 00:09:04 AM) (Source: SideBySide) (EventID: 58) (User: )
Description: Access is denied.
C:\DOCUME~1\Admin\LOCALS~1\Temp\richard.exe0

Error: (03/19/2015 04:39:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 41.0.2272.89, faulting module chrome.dll, version 41.0.2272.89, fault address 0x003a3d58.
Processing media-specific event for [chrome.exe!ws!]


System errors:
=============
Error: (01/17/2015 01:44:25 PM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.

Error: (01/17/2015 08:06:50 AM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.

Error: (01/16/2015 06:21:17 PM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.

Error: (01/16/2015 06:00:13 PM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.

Error: (01/15/2015 07:35:53 PM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.

Error: (01/15/2015 07:24:04 PM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.

Error: (01/14/2015 04:58:19 PM) (Source: System Error) (EventID: 1003) (User: )
Description: Error code 100000d1, parameter1 27ae0f50, parameter2 00000002, parameter3 00000000, parameter4 f70fb8f4.

Error: (01/14/2015 04:58:09 PM) (Source: System Error) (EventID: 1003) (User: )
Description: Error code 10000050, parameter1 80e0ddb5, parameter2 00000000, parameter3 80e0ddb5, parameter4 00000000.

Error: (01/13/2015 00:24:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (01/12/2015 01:54:10 PM) (Source: System Error) (EventID: 1003) (User: )
Description: Error code 1000000a, parameter1 8d55f6d4, parameter2 00000002, parameter3 00000001, parameter4 804f652b.


Microsoft Office Sessions:
=========================
Error: (04/01/2015 02:56:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.101ntdll.dll5.1.2600.2180000321f1

Error: (04/01/2015 02:50:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.101chrome.dll41.0.2272.101003da3db

Error: (04/01/2015 02:25:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.101chrome.dll41.0.2272.1010000811d

Error: (03/30/2015 11:00:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: kmplayer_3-9-0-128.exe3.9.0.128riched20.dll5.30.23.122800057e5b

Error: (03/27/2015 08:24:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.101chrome.dll41.0.2272.101003aebf4

Error: (03/24/2015 08:32:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.101ntdll.dll5.1.2600.218000018fea

Error: (03/24/2015 05:29:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.101unknown0.0.0.000000000

Error: (03/22/2015 00:09:04 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation ContextC:\DOCUME~1\Admin\LOCALS~1\Temp\richard.exeThe operation completed successfully.

Error: (03/22/2015 00:09:04 AM) (Source: SideBySide) (EventID: 58) (User: )
Description: Access is denied.
C:\DOCUME~1\Admin\LOCALS~1\Temp\richard.exe0

Error: (03/19/2015 04:39:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.89chrome.dll41.0.2272.89003a3d58


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz
Percentage of memory in use: 75%
Total physical RAM: 1023.29 MB
Available physical RAM: 246.86 MB
Total Pagefile: 2463.75 MB
Available Pagefile: 1696.26 MB
Total Virtual: 2047.88 MB
Available Virtual: 1940.37 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.65 GB) (Free:77.74 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:97.65 GB) (Free:53.37 GB) NTFS
Drive e: () (Fixed) (Total:102.77 GB) (Free:30.3 GB) NTFS
Drive f: (PaceNet) (CDROM) (Total:0.14 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 04280427)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=OF Extended)

==================== End Of Log ============================



offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Pozdrav nanaklas

Imaš instaliran XP SP2 za koji je Microsoft još odavno prekinuo podršku plus što je u pitanju modfikovana verzija zvana black edition. Čišćenje takvog sistema se ne isplati. Nabrže i najbezboljnije rješenje je da formatiraš C: i instaliraš nemodifikovani XP SP3.
Kako je i za XP prije godinu dana prekinuta podrška, preporučujem ti da onda instaliraš neku laganu Linux distribuciju ako računar koristiš isključivo za surfanje.



offline
  • Pridružio: 02 Apr 2015
  • Poruke: 2

hmm.. hvala ti, znači total crash, sve u smeće, tako sam i mislila

Ko je trenutno na forumu
 

Ukupno su 5582 korisnika na forumu :: 66 registrovanih, 8 sakrivenih i 5508 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: AK - 230, ALEXV, Aristotle2002, ArmFPGA, Badja, bavar357, Bojan198527, bojanstros9, branko7, cavatina, Coficab, comi_pfc, Dare, DJUNTA, doktor1964, DragoslavS, dule10savic, Dusko_Dugousko, DzigiNS, esx66, Imperator_Aleksandr_lll, Joint Chief, jon istvan, Jozo74, klepesina, kolateralnasteta, Komder, laganini123, LeGrandCharles, LjubisaR, M74AB3, Magarac, Marko Marković, markusx, metallac777, Metanoja, Milometer, mir juzni, Mis uz pusku, mm1811, mrdaak, nenad81, oldtimer, Orc, ozzy, Pale2025, Pekman, peradetlić, Radio operater, raso76, Ray1973, repac, Sava89, Sinisa76, slowhand, strn, The Boss, troki1971, VBoss, vukajlo71, XBMC, yrraf, ZetaMan, Zoran1959, Zukov, Zvonkozvonko