pruzeo sam neki program koji se sam pokrece kad nešto pretražujem

pruzeo sam neki program koji se sam pokrece kad nešto pretražujem

offline
  • Pridružio: 11 Jan 2014
  • Poruke: 22

probo sam rešiti proglem sa onim vasim programom za tulbar nije resijo prglem ime ti programa SMARTER PASSWORD I SAFE PC REPAIR.ima jos ti.kad sam tražijo u pretragi svi podataka c i d nemaji nidje imam avast anti virus.






Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
Ran by goran (administrator) on GORAN-B73602638 (14-02-2016 20:12:23)
Running from C:\Documents and Settings\goran\My Documents\Downloads
Loaded Profiles: goran (Available Profiles: goran)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Program Files\Telenor Internet\BackgroundService\ServiceManager.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(PixArt Imaging Incorporation) C:\WINDOWS\PixArt\PAC207\Monitor.exe
() C:\Program Files\KYE\WebMate\BM.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Smart Turn Off Inc.) C:\Program Files\Smart Turn Off\SMTimer.exe
() C:\Documents and Settings\goran\Local Settings\Application Data\Viber\Viber.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\AthServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\IEXPLORE.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [15872 2010-03-09] ()
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-02-07] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-02-07] (Intel Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Telenor_Serbian Lighter ModemListener] => C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe [118784 2012-10-29] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-14] (AVAST Software)
HKLM\...\Run: [PAC207_Monitor] => C:\WINDOWS\PixArt\PAC207\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [Monitor] => C:\WINDOWS\PixArt\PAC207\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [BMISR] => C:\Program Files\KYE\WebMate\BM.exe [208896 2008-08-19] ()
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\Run: [Google Update] => C:\Documents and Settings\goran\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\Run: [SMTimer.exe] => C:\Program Files\Smart Turn Off\SMTimer.exe [635524 2008-12-22] (Smart Turn Off Inc.)
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\Run: [Viber] => C:\Documents and Settings\goran\Local Settings\Application Data\Viber\Viber.exe [776400 2015-02-25] ()
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\MountPoints2: {0ca931c0-cb05-11e3-99a3-b7e7a4d8c26e} - F:\AutoRun.exe
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\MountPoints2: {39109ba8-5cd3-11e3-9845-000e7b174e1b} - G:\AutoRun.exe
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\MountPoints2: {39109bab-5cd3-11e3-9845-000e7b174e1b} - F:\AutoRun.exe
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\MountPoints2: {39109bad-5cd3-11e3-9845-000e7b174e1b} - G:\AutoRun.exe
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\MountPoints2: {a4937c70-8644-11e5-9f46-bb35e89b0140} - F:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-14] (AVAST Software)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2014-02-02]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Documents and Settings\goran\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2014-11-03]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3757D8E2-634D-4F01-B2B1-F3BF593EBD3E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-117609710-920026266-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.rs/
HKU\S-1-5-21-117609710-920026266-839522115-1003\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/UP97_FRPage
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKLM -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKU\S-1-5-21-117609710-920026266-839522115-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://yandex.ru/yandsearch?win=109&clid=2073738&text={searchTerms}
SearchScopes: HKU\S-1-5-21-117609710-920026266-839522115-1003 -> AE7AFC37B7AB14526D0E4E0EE6DBCBC2 URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-117609710-920026266-839522115-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://yandex.ru/yandsearch?win=109&clid=2073738&text={searchTerms}
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-14] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\goran\Application Data\Mozilla\Firefox\Profiles\uf6fp1kb.default
FF SearchEngineOrder.3: Bing
FF Homepage: about:home
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-117609710-920026266-839522115-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\goran\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]
FF Plugin HKU\S-1-5-21-117609710-920026266-839522115-1003: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\goran\Application Data\Mozilla\plugins\npgoogletalk.dll [2014-01-31] (Google)
FF Plugin HKU\S-1-5-21-117609710-920026266-839522115-1003: @talk.google.com/O1DPlugin -> C:\Documents and Settings\goran\Application Data\Mozilla\plugins\npo1d.dll [2014-01-31] (Google)
FF Plugin HKU\S-1-5-21-117609710-920026266-839522115-1003: @talk.google.com/O3DPlugin -> C:\Documents and Settings\goran\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll [2014-01-31] ()
FF Plugin HKU\S-1-5-21-117609710-920026266-839522115-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\goran\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\goran\Application Data\mozilla\plugins\npgoogletalk.dll [2014-01-31] (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\goran\Application Data\mozilla\plugins\npgtpo3dautoplugin.dll [2014-01-31] ()
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\goran\Application Data\mozilla\plugins\npo1d.dll [2014-01-31] (Google)
FF SearchPlugin: C:\Documents and Settings\goran\Application Data\Mozilla\Firefox\Profiles\uf6fp1kb.default\searchplugins\facebook.xml [2015-12-10]
FF Extension: Adblock Plus - C:\Documents and Settings\goran\Application Data\Mozilla\Firefox\Profiles\uf6fp1kb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-14]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-14]

Chrome:
=======
CHR Profile: C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google документи) - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-10]
CHR Extension: (YouTube) - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-10]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-14]
CHR Extension: (Google Search) - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-10]
CHR Extension: (Google табеле) - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-10]
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-10]
CHR Extension: (Gmail) - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-10]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-14]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 acs; C:\WINDOWS\system32\acs.exe [499796 2011-12-26] (Atheros) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-14] (AVAST Software)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation)
S3 jswpsapi; C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [360529 2011-12-26] (wireless) [File not signed]
R2 Telenor_Serbian Lighter Modem Device Helper; C:\Program Files\Telenor Internet\BackgroundService\ServiceManager.exe [53312 2012-03-14] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1763584 2012-10-18] (Atheros Communications, Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [32792 2016-02-14] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [91168 2016-02-14] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [64272 2016-02-14] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [58776 2016-02-14] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [812720 2016-02-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [447848 2016-02-14] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [171608 2016-02-14] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [67088 2016-02-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [221240 2016-02-14] (AVAST Software)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [1399615 2006-02-07] (Intel Corporation) [File not signed]
S3 jrdusbser; C:\WINDOWS\System32\DRIVERS\jrdusbser.sys [106112 2011-06-20] (TCT International Mobile Ltd) [File not signed]
R3 JSWSCIMD; C:\WINDOWS\System32\DRIVERS\jswscimd.sys [57440 2011-12-26] (Atheros Communications, Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 PAC207; C:\WINDOWS\System32\DRIVERS\PFC027.SYS [618112 2009-06-25] (PixArt Imaging Inc.)
R0 PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [20016 2003-10-28] (Sonic Solutions) [File not signed]
R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [59388 2010-04-12] (PowerISO Computing, Inc.) [File not signed]
R3 STAC97; C:\WINDOWS\System32\drivers\STAC97.sys [276816 2004-11-11] (SigmaTel, Inc.) [File not signed]
S3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2216064 2008-01-07] (Intel® Corporation)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [58208 2011-12-26] (Atheros Communications, Inc.) [File not signed]
S3 AgereSoftModem; system32\DRIVERS\AGRSM.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [42752 2008-07-12] (Microsoft Corporation)
S3 rt2870; system32\DRIVERS\rt2870.sys [X]
S3 SNP325; system32\DRIVERS\snp325.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-03-09] () [File not signed]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-14 20:04 - 2016-02-14 20:12 - 00000000 ____D C:\FRST
2016-02-14 07:26 - 2016-02-14 07:24 - 00334280 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-02-14 07:24 - 2016-02-14 07:24 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-02-13 17:39 - 2016-02-13 18:55 - 00000000 ____D C:\AdwCleaner
2016-02-12 08:38 - 2016-02-12 09:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-11 18:57 - 2016-02-11 18:57 - 00000000 ____D C:\Program Files\Common Files\PAC207
2016-02-11 18:57 - 2016-02-11 18:57 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Eye 110
2016-02-11 18:57 - 2009-06-25 16:45 - 00618112 _____ (PixArt Imaging Inc.) C:\WINDOWS\system32\Drivers\PFC027.SYS
2016-02-11 18:57 - 2008-05-13 15:27 - 00000405 _____ C:\WINDOWS\system32\Remover.ini
2016-02-11 18:57 - 2008-04-23 14:05 - 00047616 _____ (PixArt Imaging Incorporation) C:\WINDOWS\system32\Remove.exe
2016-02-11 18:57 - 2007-06-29 11:07 - 00000566 _____ C:\WINDOWS\system32\SP207.ini
2016-02-11 18:57 - 2007-05-17 15:50 - 00129024 _____ (PixArt Imaging Incorporation) C:\WINDOWS\system32\SP207.AX
2016-02-11 18:50 - 2016-02-13 16:31 - 00000000 ____D C:\WINDOWS\Album
2016-02-11 18:50 - 2016-02-11 18:50 - 00001405 _____ C:\Documents and Settings\All Users\Desktop\WebMate.lnk
2016-02-11 18:50 - 2016-02-11 18:50 - 00000000 ____D C:\Pac6371
2016-02-11 18:50 - 2016-02-11 18:50 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\WebMate
2016-02-11 17:17 - 2016-02-11 17:17 - 00304164 _____ C:\PA207.DAT
2016-02-10 20:59 - 2016-02-10 20:59 - 00000000 ____D C:\WINDOWS\PixArt
2016-02-10 20:59 - 2007-11-02 11:07 - 00006656 _____ (PixArt Imaging Inc.) C:\WINDOWS\system32\CoInst_080213.dll
2016-02-10 08:39 - 2016-02-10 08:39 - 00000000 ____D C:\Documents and Settings\goran\Application Data\SpringFiles
2016-02-10 08:17 - 2007-11-02 11:07 - 00006656 _____ (PixArt Imaging Inc.) C:\WINDOWS\system32\CoInst_071102.dll
2016-02-09 18:55 - 2005-04-03 20:56 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc71.dll
2016-02-09 18:55 - 2005-01-28 14:15 - 00007064 _____ C:\WINDOWS\system32\WMVCORE.lib
2016-02-09 18:25 - 2016-02-11 18:57 - 00000000 ____D C:\Program Files\KYE
2016-01-27 14:51 - 2014-04-24 10:16 - 166716364 _____ C:\Documents and Settings\goran\Desktop\Braća Bez Gaća - 4 Kasete (1h i 30min).mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-14 20:13 - 2013-09-12 23:08 - 00000000 ____D C:\Documents and Settings\goran\Local Settings\Temp
2016-02-14 20:03 - 2015-05-13 19:25 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-14 19:28 - 2015-12-16 20:27 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-02-14 19:26 - 2013-10-11 06:06 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-117609710-920026266-839522115-1003UA.job
2016-02-14 19:16 - 2014-01-15 13:04 - 00000998 ____C C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-117609710-920026266-839522115-1003UA.job
2016-02-14 18:09 - 2015-05-31 18:14 - 00000000 ____D C:\Documents and Settings\goran\Application Data\ViberPC
2016-02-14 18:09 - 2015-05-31 18:13 - 00000000 ____D C:\Documents and Settings\goran\Local Settings\Application Data\Viber
2016-02-14 18:07 - 2015-05-13 19:25 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-14 18:07 - 2013-09-12 23:07 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2016-02-14 18:06 - 2013-10-22 22:06 - 00524288 _____ C:\WINDOWS\system32\config\ACS.evt
2016-02-14 18:06 - 2013-09-12 23:08 - 00000178 ___SH C:\Documents and Settings\goran\ntuser.ini
2016-02-14 18:06 - 2013-09-12 23:07 - 00032388 _____ C:\WINDOWS\SchedLgU.Txt
2016-02-14 17:21 - 2013-09-12 23:08 - 00000000 ____D C:\Documents and Settings\goran
2016-02-14 08:26 - 2013-10-11 06:06 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-117609710-920026266-839522115-1003Core.job
2016-02-14 07:34 - 2013-09-13 00:46 - 00000000 ___HD C:\WINDOWS\inf
2016-02-14 07:29 - 2015-12-16 20:27 - 00221240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-02-14 07:25 - 2015-12-16 20:27 - 00447848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-02-14 07:25 - 2015-12-16 20:27 - 00171608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2016-02-14 07:25 - 2015-12-16 20:27 - 00091168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-02-14 07:25 - 2015-12-16 20:27 - 00067088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2016-02-14 07:25 - 2015-12-16 20:27 - 00064272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2016-02-14 07:25 - 2015-12-16 20:27 - 00058776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-02-14 07:25 - 2015-12-16 20:27 - 00032792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-02-14 07:23 - 2015-12-16 20:27 - 00812720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-02-13 16:31 - 2013-12-25 17:52 - 00000069 ____C C:\WINDOWS\NeroDigital.ini
2016-02-13 08:36 - 2013-11-16 09:34 - 00000000 ____D C:\Documents and Settings\goran\My Documents\Преузимања
2016-02-13 08:10 - 2014-10-16 14:09 - 00000000 ____D C:\Documents and Settings\goran\Local Settings\Application Data\Adobe
2016-02-12 19:31 - 2014-03-29 08:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-12 14:18 - 2013-12-15 17:45 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-02-12 13:09 - 2014-01-15 13:04 - 00000976 ____C C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-117609710-920026266-839522115-1003Core.job
2016-02-11 19:29 - 2015-06-01 07:37 - 00000000 ____D C:\Documents and Settings\goran\My Documents\ViberDownloads
2016-02-11 19:28 - 2013-09-12 23:08 - 00000000 ___RD C:\Documents and Settings\goran\My Documents
2016-02-11 18:59 - 2008-04-14 09:00 - 00001163 ____C C:\WINDOWS\win.ini
2016-02-11 18:50 - 2013-09-12 23:16 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-02-10 23:06 - 2013-11-15 19:42 - 00001815 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome.lnk
2016-02-10 23:06 - 2013-11-15 19:42 - 00001809 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2016-02-10 22:52 - 2013-09-12 23:41 - 00001125 ____C C:\WINDOWS\winamp.ini
2016-02-10 08:22 - 2013-09-12 23:16 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2016-02-10 07:22 - 2013-09-12 23:09 - 00000000 ___RD C:\Documents and Settings\goran\My Documents\My Pictures
2016-01-29 09:39 - 2014-01-31 19:01 - 00000000 ____D C:\The KMPlayer
2016-01-25 06:09 - 2008-04-14 09:00 - 00002206 ____C C:\WINDOWS\system32\wpa.dbl
2016-01-17 21:16 - 2014-06-20 21:09 - 00000372 _____ C:\Documents and Settings\goran\My Documents\spider.sav

==================== Files in the root of some directories =======

2013-09-16 03:05 - 2014-06-23 06:42 - 0003726 ____C () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2014-02-22 20:54 - 2015-10-17 21:21 - 0012800 _____ () C:\Documents and Settings\goran\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-12 20:48 - 2015-11-12 20:48 - 0000036 _____ () C:\Documents and Settings\goran\Local Settings\Application Data\housecall.guid.cache

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================





mycity.rs/must-login.png
mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav,

Moraces sacekati dok neko od AMF tima ne preuzme tvoj slucaj i ne pokusa da resi tvoj prglem koji imas.

Nego, pokusaj da nam objasnis usput, dok cekas, zasto pises sa ovog naloga kada imas Simo Uni?

offline
  • Pridružio: 11 Jan 2014
  • Poruke: 22

ok sačekaću

offline
  • Pridružio: 02 Jan 2008
  • Poruke: 2167

Pozdrav! Smile

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
File: C:\Program Files\KYE\WebMate\BM.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
StandardProfile\AuthorizedApplications: [C:\Program Files\SpringFiles\SprgFiles.exe] => Enabled:SpringFiles
StandardProfile\AuthorizedApplications: [C:\Program Files\SpringFiles\downloader.exe] => Enabled:SpringFiles
C:\Program Files\SpringFiles
RemoveDirectory: C:\AdwCleaner
CMD: netsh advfirewall set currentprofile state on
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.




Nakon toga,

Preuzmi ZHPDaig3 sa ovog linka i sacuvaj installer na Desktop:
klik na plavo "Download Now!" dugme zapocinje preuzimanje programa

Dvoklikom na ZHPDiag3, potom klikni na I Agree i aplikacija ce biti pokrenuta;
Klikni na Scanner dugme i alat zapocinje analizu i skeniranje sistema. Pricekati dok alat ne zavrsi;
Kada alat zavrsi, formirace ZHPDiag.txt izvestaj na Desktop-u koji je potrebno prikaciti uz poruku koristeci Prikači fajl;

offline
  • Pridružio: 11 Jan 2014
  • Poruke: 22

necu ja to znati mozeli daljinski pomoc od vas

offline
  • Pridružio: 02 Jan 2008
  • Poruke: 2167

Ambulanta ne pruza "daljinsku pomoc" i takvu pomoc ovde, na zalost, ne mozes dobiti. Korake koje sam ti ovde postavio uopste nije tesko resiti i samo treba pazljivo ispratiti ono sto je napisano i nikakvih problema nece biti.

Ukoliko zelis pomoc u Ambulanti, moras se barem ovoliko pomuciti i uraditi ono sto smo ti napisali, drugacije ne moze Smile Mozes pogledati i ostale slucajeve u Ambulanti i videti da skoro niko ne pravi problem oko uputstava koje od clanova AMF tima dobije.

Ukoliko bude problema oko pracenja uputstava koje si dobio, reci slobodno, ali daljinsku pomoc, kao sto rekoh, ovde ne mozes dobiti Smile

Ko je trenutno na forumu
 

Ukupno su 1032 korisnika na forumu :: 47 registrovanih, 6 sakrivenih i 979 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., bojanM84, BORUTUS, BraneS, brundo65, ccoogg123, dankisha, Dannyboy, Djokkinen, Doca, DonRumataEstorski, draganca, DragoslavS, GenZee, Grah0, havoc995, helen1, ikan, Joja, JOntra, Još malo pa deda, kovinacc, Kubovac, kunktator, kybonacci, ljubacv, loon123, LUDI, MB120mm, mean_machine, milimoj, misa1xx, MrNo, nemkea71, nenad81, nick79, novator, opt1, panzerwaffe, royst33, Seeker, slonic_tonic, solic, stalja, theNedjeljko, VJ, Zi0mek