MyCity » Ambulanta -> Arhiva Ambulante » spor kompjuter

spor kompjuter

Napisano na dan: 22.11.2013

Strana:
1
2

spor kompjuter

Pagination

Prethodna strana

Odgovori

Strana:
1
2

lakijenervozan Poslao: 28 Nov 2013 09:33 Idi na vrh
offline lakijenervozan Novi MyCity građanin Pridružio: 30 Jan 2011 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evome opet C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt nisam našao nema ga. A m ovo je onaj štosma zaboravio Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-11-2013 01 Ran by Administrator at 2013-11-28 09:26:51 Run:1 Running from C:\Documents and Settings\Administrator\Desktop Boot Mode: Normal ============================================== Content of fixlist: *************** SearchScopes: HKCU - {7F76DC0D-541E-4E2F-A274-607C5E50D082} URL = websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10401&src=crm&q={searchTerms}&locale=&apn_ptnrs=^ABZ&apn_dtid=^YYYYYY^YY^BA&apn_uid=53127d3f-5061-4c23-a660-3583e1796339&apn_sauid=F6A78D62-A919-45E2-B3EE-7D7F098BEBD2 FF Extension: ftd - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oehrt3xr.default\Extensions\ftd@ftd.com.xpi C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oehrt3xr.default\Extensions\ftd@ftd.com.xpi CHR Extension: (\u0420\u043E\u0441\u0441\u0438\u044F \u0422\u0412) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\backaeplcmgnncbejeanhhohngidfapj\2.0.6_0 C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\backaeplcmgnncbejeanhhohngidfapj\2.0.6_0 AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51 AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9 AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 cmd: ipconfig /flushdns *************** HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F76DC0D-541E-4E2F-A274-607C5E50D082} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{7F76DC0D-541E-4E2F-A274-607C5E50D082} => Key not found. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oehrt3xr.default\Extensions\ftd@ftd.com.xpi => Moved successfully. "C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oehrt3xr.default\Extensions\ftd@ftd.com.xpi" => File/Directory not found. C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\backaeplcmgnncbejeanhhohngidfapj => Moved successfully. "C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\backaeplcmgnncbejeanhhohngidfapj\2.0.6_0" => File/Directory not found. C:\Documents and Settings\All Users\Application Data\TEMP => ":1CE11B51" ADS removed successfully. C:\Documents and Settings\All Users\Application Data\TEMP => ":CB0AACC9" ADS removed successfully. C:\Documents and Settings\All Users\Application Data\TEMP => ":D1B5B4F1" ADS removed successfully. ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ==== End of Fixlog ====

Profil

TwinHeadedEagle Poslao: 28 Nov 2013 19:54 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sada postavi svez FRST izvestaj i kazi mi kakvo je stanje?

Profil

lakijenervozan Poslao: 28 Nov 2013 22:08 Idi na vrh
offline lakijenervozan Novi MyCity građanin Pridružio: 30 Jan 2011 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kompjuter je jako spor. Na primjer kad otvaram vord to traje, i otvara dio po dio programa , pojavljuje se najprije radni list, pa onda alati . . . . Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-11-2013 Ran by Administrator at 2013-11-28 22:06:25 Run:2 Running from C:\Documents and Settings\Administrator\Desktop Boot Mode: Normal ============================================== Content of fixlist: *************** SearchScopes: HKCU - {7F76DC0D-541E-4E2F-A274-607C5E50D082} URL = websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10401&src=crm&q={searchTerms}&locale=&apn_ptnrs=^ABZ&apn_dtid=^YYYYYY^YY^BA&apn_uid=53127d3f-5061-4c23-a660-3583e1796339&apn_sauid=F6A78D62-A919-45E2-B3EE-7D7F098BEBD2 FF Extension: ftd - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oehrt3xr.default\Extensions\ftd@ftd.com.xpi C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oehrt3xr.default\Extensions\ftd@ftd.com.xpi CHR Extension: (\u0420\u043E\u0441\u0441\u0438\u044F \u0422\u0412) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\backaeplcmgnncbejeanhhohngidfapj\2.0.6_0 C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\backaeplcmgnncbejeanhhohngidfapj\2.0.6_0 AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51 AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9 AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 cmd: ipconfig /flushdns *************** HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F76DC0D-541E-4E2F-A274-607C5E50D082} => Key not found. HKCR\Wow6432Node\CLSID\{7F76DC0D-541E-4E2F-A274-607C5E50D082} => Key not found. C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oehrt3xr.default\Extensions\ftd@ftd.com.xpi => not found. "C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oehrt3xr.default\Extensions\ftd@ftd.com.xpi" => File/Directory not found. C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\backaeplcmgnncbejeanhhohngidfapj directory not found. "C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\backaeplcmgnncbejeanhhohngidfapj\2.0.6_0" => File/Directory not found. "C:\Documents and Settings\All Users\Application Data\TEMP" => ":1CE11B51" ADS not found. "C:\Documents and Settings\All Users\Application Data\TEMP" => ":CB0AACC9" ADS not found. "C:\Documents and Settings\All Users\Application Data\TEMP" => ":D1B5B4F1" ADS not found. ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-11-2013 Ran by Administrator (administrator) on EXPERIEN-FA9774 on 28-11-2013 21:58:33 Running from C:\Documents and Settings\Administrator\Desktop Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Dassault Systemes) C:\Program Files\Dassault Systemes\B17\intel_a\code\bin\CATSysDemon.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (SafeNet, Inc.) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-19] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [] - [x] Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.) HKLM\...\Policies\Explorer: [NoRemoteRecursiveEvents] 1 HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1 HKLM\...\Policies\Explorer: [NoCDBurning] 1 HKLM\...\Policies\Explorer: [StartMenuFavorites] 0 HKLM\...\Policies\Explorer: [Start_ShowMyComputer] 1 HKLM\...\Policies\Explorer: [Start_ShowMyDocs] 1 HKLM\...\Policies\Explorer: [Start_ShowMyMusic] 0 HKLM\...\Policies\Explorer: [Start_ShowRun] 1 HKLM\...\Policies\Explorer: [Start_ShowSearch] 0 HKCU\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKCU\...\Policies\Explorer: [NoResolveSearch] 1 HKCU\...\Policies\Explorer: [NoStartBanner] 1 HKCU\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKCU\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1 HKCU\...\Policies\Explorer: [NoSharedDocuments] 1 HKCU\...\Policies\Explorer: [NoRecentDocsMenu] 1 HKU\Default User\...\RunOnce: [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk ShortcutTarget: AutoCAD Startup Accelerator.lnk -> C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File SearchScopes: HKLM - DefaultScope value is missing. BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll (Microsoft Corporation) BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} quickscan.bitdefender.com/qsax/qsax.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8461312 2008-05-03] (Microsoft Corporation) ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [233472 2006-03-13] (Microsoft Corporation) Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 16 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oehrt3xr.default FF Homepage: google.rs/ FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Extension: DownloadHelper - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oehrt3xr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR RestoreOnStartup: "hxxp://www.google.com" CHR DefaultSearchURL: (Google \u043F\u0440\u0435\u0432\u043E\u0434\u0438\u043B\u0430\u0446) - translate.google.com/?source=osdd#auto\|auto\|{searchTerms} CHR DefaultSuggestURL: (Google \u043F\u0440\u0435\u0432\u043E\u0434\u0438\u043B\u0430\u0446) - "suggest_url": "", CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\31.0.1650.57\pdf.dll () CHR Plugin: (registryAccess) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background/registryAccess.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation) CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Facebook Video Calling Plugin) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Google Update) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll No File CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll No File CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\WINDOWS\system32\npDeployJava1.dll No File CHR Extension: (Angry Birds) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0 CHR Extension: (AddThis - Share & Bookmark (new)) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde\3.0.3_0 CHR Extension: (Stylish) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2_0 CHR Extension: (Pixlr Express) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid\1.2_0 CHR Extension: (Google Maps) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0 CHR Extension: (Google Wallet) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Telebas TV) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nnkmjgmdjeecojjdhiemgiiahgjacnle\1.0.0.4_0 CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-10-01] (Avira Operations GmbH & Co. KG) S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-07-21] () R2 BBDemon; C:\Program Files\Dassault Systemes\B17\intel_a\code\bin\CATSysDemon.exe [49152 2006-04-29] (Dassault Systemes) R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 SentinelKeysServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [316992 2007-04-27] (SafeNet, Inc.) R2 SentinelProtectionServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [206400 2007-04-27] (SafeNet, Inc) R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" ==================== Drivers (Whitelisted) ==================== R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36864 2006-06-19] (Advanced Micro Devices) R3 AtcL001; C:\Windows\System32\DRIVERS\atl01_xp.sys [35840 2006-10-31] (Attansic Technology corporation.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-11-19] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-19] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG) R0 d347bus; C:\Windows\System32\DRIVERS\d347bus.sys [155136 2004-08-22] ( ) R0 d347prt; C:\Windows\System32\Drivers\d347prt.sys [5248 2004-08-22] ( ) S3 gameenum; C:\Windows\System32\DRIVERS\gameenum.sys [10624 2008-03-20] (Microsoft Corporation) S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [670208 2004-11-05] (Aladdin Knowledge Systems Ltd.) R1 LUMDriver; C:\WINDOWS\system32\drivers\LUMDriver.sys [14912 2003-07-11] (IBM) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () R0 mv614x; C:\Windows\System32\DRIVERS\mv614x.sys [63232 2006-07-04] () R0 nvatabus; C:\Windows\System32\Drivers\nvatabus.sys [100736 2008-05-03] (NVIDIA Corporation) R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [102400 2007-08-10] (NVIDIA Corporation) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-18] (Avira GmbH) R0 videX32; C:\Windows\System32\DRIVERS\videX32.sys [9728 2006-02-23] (VIA Technologies, Inc.) R0 xfilt; C:\Windows\System32\DRIVERS\xfilt.sys [11264 2006-02-23] (VIA Technologies,Inc) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x] S4 IntelIde; No ImagePath S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x] U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-28 21:58 - 2013-11-28 22:00 - 00015952 _____ C:\Documents and Settings\Administrator\Desktop\FRST.txt 2013-11-28 21:58 - 2013-11-28 21:58 - 01092049 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe 2013-11-25 20:15 - 2013-11-25 20:15 - 04121952 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Administrator\Desktop\tdsskiller.exe 2013-11-25 17:05 - 2013-11-25 17:05 - 00001690 _____ C:\Documents and Settings\All Users\Desktop\AutoCAD 2006.lnk 2013-11-25 17:04 - 2013-11-25 17:04 - 00000000 ____D C:\Program Files\AnswerWorks 4.0 2013-11-25 17:00 - 2013-11-25 17:05 - 00000000 ____D C:\Program Files\AutoCAD 2006 2013-11-25 16:55 - 2013-11-25 17:05 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared 2013-11-25 16:55 - 2013-11-25 17:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Autodesk 2013-11-25 16:55 - 2013-11-25 16:55 - 00000000 ____D C:\Program Files\Autodesk 2013-11-23 18:02 - 2013-11-23 18:02 - 00000000 ____D C:\FRST 2013-11-23 00:10 - 2013-11-23 00:10 - 00000512 _____ C:\Documents and Settings\Administrator\Desktop\MBR.dat 2013-11-22 23:15 - 2013-11-22 23:21 - 00000000 ____D C:\AdwCleaner 2013-11-22 23:12 - 2013-11-22 23:12 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Administrator\Desktop\aswMBR.exe 2013-11-22 23:10 - 2013-11-22 23:11 - 01085542 _____ C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe 2013-11-16 09:01 - 2013-11-16 13:44 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-11-14 12:44 - 2013-11-14 12:44 - 00000156 _____ C:\WINDOWS\Twunk001.MTX 2013-11-07 21:33 - 2013-11-07 21:33 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Google 2013-11-07 21:31 - 2013-11-07 21:31 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth 2013-11-07 21:27 - 2013-11-07 21:31 - 00000000 ____D C:\Program Files\Google 2013-11-03 17:54 - 2013-11-03 17:54 - 00000000 ____D C:\Program Files\SafeNet Sentinel 2013-11-03 17:54 - 2013-11-03 17:54 - 00000000 ____D C:\Program Files\Common Files\SafeNet Sentinel 2013-11-03 17:52 - 2013-11-22 08:36 - 00000000 ____D C:\Program Files\Delcam 2013-11-03 17:52 - 2013-11-03 17:56 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\PS-Exchange ==================== One Month Modified Files and Folders ======= 2013-11-28 22:00 - 2013-11-28 21:58 - 00015952 _____ C:\Documents and Settings\Administrator\Desktop\FRST.txt 2013-11-28 21:58 - 2013-11-28 21:58 - 01092049 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe 2013-11-28 21:56 - 2011-12-19 16:59 - 00001010 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1645522239-1417001333-500UA.job 2013-11-28 21:48 - 2011-11-11 22:28 - 00000438 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{AD849537-D7C9-42E0-AC57-5CB8B3ABA4CA}.job 2013-11-28 21:32 - 2011-10-18 22:00 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-28 21:32 - 2011-10-18 22:00 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-28 20:32 - 2010-06-17 14:12 - 00032420 _____ C:\WINDOWS\SchedLgU.Txt 2013-11-28 19:06 - 2012-09-24 21:01 - 00001030 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1123561945-1645522239-1417001333-500UA.job 2013-11-28 18:47 - 2013-05-02 22:48 - 00002495 _____ C:\Documents and Settings\Administrator\Desktop\Microsoft Office Excel 2003.lnk 2013-11-28 18:46 - 2013-05-02 22:44 - 00002497 _____ C:\Documents and Settings\Administrator\Desktop\Microsoft Office Word 2003.lnk 2013-11-28 18:18 - 2010-06-17 14:09 - 01125165 _____ C:\WINDOWS\WindowsUpdate.log 2013-11-28 18:17 - 2010-06-17 15:05 - 00000159 _____ C:\WINDOWS\wiadebug.log 2013-11-28 18:17 - 2010-06-17 15:05 - 00000050 _____ C:\WINDOWS\wiaservc.log 2013-11-28 18:16 - 2013-06-09 00:01 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job 2013-11-28 18:16 - 2013-05-31 20:42 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2013-11-28 18:16 - 2010-06-17 14:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-11-28 16:31 - 2010-06-17 14:12 - 00000278 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2013-11-28 16:31 - 2010-06-17 14:12 - 00000000 ____D C:\Documents and Settings\Administrator 2013-11-27 22:06 - 2012-09-24 21:01 - 00001008 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1123561945-1645522239-1417001333-500Core.job 2013-11-27 17:56 - 2011-12-19 16:59 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1645522239-1417001333-500Core.job 2013-11-26 22:41 - 2010-06-17 16:54 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Skype 2013-11-26 20:35 - 2010-06-17 16:13 - 00000000 ____D C:\Program Files\Winamp 2013-11-26 20:01 - 2011-11-05 22:20 - 00002267 _____ C:\Documents and Settings\All Users\Desktop\Skype.lnk 2013-11-25 20:15 - 2013-11-25 20:15 - 04121952 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Administrator\Desktop\tdsskiller.exe 2013-11-25 17:11 - 2010-06-17 16:05 - 00144160 _____ C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2013-11-25 17:08 - 2010-06-17 15:01 - 00466008 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-11-25 17:05 - 2013-11-25 17:05 - 00001690 _____ C:\Documents and Settings\All Users\Desktop\AutoCAD 2006.lnk 2013-11-25 17:05 - 2013-11-25 17:00 - 00000000 ____D C:\Program Files\AutoCAD 2006 2013-11-25 17:05 - 2013-11-25 16:55 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared 2013-11-25 17:05 - 2013-11-25 16:55 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Autodesk 2013-11-25 17:04 - 2013-11-25 17:04 - 00000000 ____D C:\Program Files\AnswerWorks 4.0 2013-11-25 16:55 - 2013-11-25 16:55 - 00000000 ____D C:\Program Files\Autodesk 2013-11-25 16:54 - 2010-06-17 15:03 - 00456496 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-11-25 16:54 - 2010-06-17 14:07 - 00000000 ____D C:\WINDOWS\Registration 2013-11-25 16:52 - 2010-06-17 14:57 - 00000000 ____D C:\WINDOWS\system32\mui 2013-11-23 18:02 - 2013-11-23 18:02 - 00000000 ____D C:\FRST 2013-11-23 00:10 - 2013-11-23 00:10 - 00000512 _____ C:\Documents and Settings\Administrator\Desktop\MBR.dat 2013-11-22 23:21 - 2013-11-22 23:15 - 00000000 ____D C:\AdwCleaner 2013-11-22 23:20 - 2012-01-13 19:43 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox 2013-11-22 23:20 - 2011-12-19 17:07 - 00000000 ____D C:\Documents and Settings\Administrator\Start Menu\Programs\Google Chrome 2013-11-22 23:20 - 2010-06-17 14:12 - 00000761 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk 2013-11-22 23:12 - 2013-11-22 23:12 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Administrator\Desktop\aswMBR.exe 2013-11-22 23:11 - 2013-11-22 23:10 - 01085542 _____ C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe 2013-11-22 08:37 - 2013-10-28 14:20 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\uTorrent 2013-11-22 08:36 - 2013-11-03 17:52 - 00000000 ____D C:\Program Files\Delcam 2013-11-19 12:04 - 2013-03-18 15:23 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2013-11-19 12:04 - 2013-03-18 15:23 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2013-11-18 23:08 - 2008-05-03 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2013-11-18 07:32 - 2011-07-01 15:01 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\vlc 2013-11-17 09:00 - 2011-12-19 17:08 - 00002346 _____ C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk 2013-11-16 16:51 - 2013-07-10 14:04 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-11-16 13:44 - 2013-11-16 09:01 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-11-14 12:45 - 2012-06-25 10:51 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Canon 2013-11-14 12:44 - 2013-11-14 12:44 - 00000156 _____ C:\WINDOWS\Twunk001.MTX 2013-11-14 12:44 - 2011-10-15 14:33 - 00000005 _____ C:\WINDOWS\Twain001.Mtx 2013-11-11 09:18 - 2010-06-17 15:01 - 00000000 ____D C:\WINDOWS\pss 2013-11-07 21:33 - 2013-11-07 21:33 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Google 2013-11-07 21:33 - 2010-09-07 16:13 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Google 2013-11-07 21:31 - 2013-11-07 21:31 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth 2013-11-07 21:31 - 2013-11-07 21:27 - 00000000 ____D C:\Program Files\Google 2013-11-06 22:28 - 2010-06-29 08:54 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2013-11-04 12:19 - 2013-02-09 15:16 - 00032397 _____ C:\WINDOWS\SGTBox.INI 2013-11-03 17:58 - 2013-10-28 14:21 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\BitTorrent Sync 2013-11-03 17:56 - 2013-11-03 17:52 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\PS-Exchange 2013-11-03 17:54 - 2013-11-03 17:54 - 00000000 ____D C:\Program Files\SafeNet Sentinel 2013-11-03 17:54 - 2013-11-03 17:54 - 00000000 ____D C:\Program Files\Common Files\SafeNet Sentinel 2013-11-03 17:53 - 2010-06-17 16:02 - 00000000 ____D C:\WINDOWS\Downloaded Installations 2013-11-03 17:51 - 2013-10-28 20:26 - 00000000 ___SD C:\Documents and Settings\All Users\Documents\ArtCAM Files 2013-10-29 17:11 - 2010-06-17 14:57 - 00000000 ____D C:\WINDOWS\repair 2013-10-29 07:36 - 2010-06-17 15:47 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Adobe Some content of TEMP: ==================== C:\Documents and Settings\Administrator\Local Settings\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2008-05-03 13:00] - [2008-05-03 13:00] - 1033728 ____A (Microsoft Corporation) 91172f1f7decaa275ed52fcb61f57307 C:\Windows\System32\winlogon.exe [2008-05-03 13:00] - [2008-05-03 13:00] - 0507904 ____A (Microsoft Corporation) b8135e9ed99a0858df535ce0a0271558 C:\Windows\System32\svchost.exe [2008-05-03 13:00] - [2008-05-03 13:00] - 0014336 ____A (Microsoft Corporation) 0b3290fb3815f5f6553e198642bb7e07 C:\Windows\System32\services.exe [2011-03-05 00:59] - [2008-05-03 13:00] - 0108544 ____A (Microsoft Corporation) c91018fe1f9b53de349398dd4aec6f8c C:\Windows\System32\User32.dll [2008-05-03 13:00] - [2008-05-03 13:00] - 0578560 ____A (Microsoft Corporation) f92d8964b5286de225bd2b6bf89764be C:\Windows\System32\userinit.exe [2008-05-03 13:00] - [2008-05-03 13:00] - 0026112 ____A (Microsoft Corporation) ccbf7e850d72b2de4f5a1d64d2627686 C:\Windows\System32\Drivers\volsnap.sys [2008-05-03 13:00] - [2008-05-03 13:00] - 0052352 ____A (Microsoft Corporation) 999a7ab63b8f364f4df130d48ba7e972 ==================== End Of Log ============================ ==== End of Fixlog ====

Profil

TwinHeadedEagle Poslao: 29 Nov 2013 21:24 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da izvrsimo dodatnu proveru Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku; Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata; Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata; Ako nakon restarta dobijaš grešku prilikom startovanja pojedinih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to ce rešiti problem.

Profil

lakijenervozan Poslao: 04 Dec 2013 17:33 Idi na vrh
offline lakijenervozan Novi MyCity građanin Pridružio: 30 Jan 2011 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 04 Dec 2013 17:09 Evo ga završio skeniranje ComboFix 13-12-04.02 - Administrator 12/04/2013 16:50:13.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.581 [GMT 1:00] Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\22find.lnk c:\documents and settings\Administrator\WINDOWS c:\documents and settings\All Users\Application Data\TEMP c:\windows\daemon.dll c:\windows\Fonts\#aaifnt.ttf c:\windows\system32\_000001_.tmp.dll c:\windows\system32\Cache c:\windows\system32\Cache\1b72a63cacd41e6a.fb c:\windows\system32\Cache\26c630d098e22dd5.fb c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\287204568329e189.fb c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\2c53092c95605355.fb c:\windows\system32\Cache\31a0997e9a5b5eb3.fb c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\3917078cb68ec657.fb c:\windows\system32\Cache\436a1f1412b4129d.fb c:\windows\system32\Cache\47a46681c1ac7ca1.fb c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\610289e025a3ee9a.fb c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\95f567698be8a182.fb c:\windows\system32\Cache\98957b3f06c97bd4.fb c:\windows\system32\Cache\a8556537add6dfc5.fb c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\be4635b590d8f6d8.fb c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d2e94710a5708128.fb c:\windows\system32\Cache\d693ea4c020752ad.fb c:\windows\system32\Cache\d79b9dfe81484ec4.fb c:\windows\system32\Cache\dd80e36818eaf561.fb c:\windows\system32\Cache\f998975c9cc711ee.fb c:\windows\wininit.ini . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_DEFAULTTABSEARCH . . ((((((((((((((((((((((((( Files Created from 2013-11-04 to 2013-12-04 ))))))))))))))))))))))))))))))) . . 2013-12-04 15:58 . 2013-12-04 15:58 -------- d-----w- c:\windows\system32\wbem\snmp 2013-12-04 15:58 . 2013-12-04 15:58 -------- d-----w- c:\windows\system32\xircom 2013-11-25 16:04 . 2013-11-25 16:04 -------- d-----w- c:\program files\AnswerWorks 4.0 2013-11-25 16:00 . 2013-11-25 16:05 -------- d-----w- c:\program files\AutoCAD 2006 2013-11-25 15:55 . 2013-11-25 16:05 -------- d-----w- c:\program files\Common Files\Autodesk Shared 2013-11-25 15:55 . 2013-11-25 15:55 -------- d-----w- c:\program files\Autodesk 2013-11-23 17:02 . 2013-11-23 17:02 -------- d-----w- C:\FRST 2013-11-22 22:15 . 2013-11-22 22:21 -------- d-----w- C:\AdwCleaner 2013-11-07 20:27 . 2013-11-07 20:31 -------- d-----w- c:\program files\Google . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-12-03 12:39 . 2013-03-18 14:23 90400 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2013-11-19 11:04 . 2013-03-18 14:23 137208 ----a-w- c:\windows\system32\drivers\avipbb.sys 2013-10-08 05:50 . 2013-10-25 09:11 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-10-08 05:29 . 2013-10-25 09:12 145408 ----a-w- c:\windows\system32\javacpl.cpl 2013-10-01 10:03 . 2013-03-18 14:23 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-05-03 . 37D8387CBD4437C55F454209BE10EF11 . 361344 . . [5.1.2600.5508] . . c:\windows\system32\drivers\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-11-19 683576] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_3"="advpack.dll" [2009-03-08 128512] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2005-3-5 10872] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "MemCheckBoxInRunDlg"= 1 (0x1) "StartMenuFavorites"= 0 (0x0) "Start_ShowMyComputer"= 1 (0x1) "Start_ShowMyDocs"= 1 (0x1) "Start_ShowMyMusic"= 0 (0x0) "Start_ShowRun"= 1 (0x1) "Start_ShowSearch"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472] . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Adobe Gamma.lnk] backup=c:\windows\pss\Adobe Gamma.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^fliptoast.lnk] backup=c:\windows\pss\fliptoast.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^VCatcher.lnk] backup=c:\windows\pss\VCatcher.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk] backup=c:\windows\pss\Adobe Gamma Loader.exe.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk] backup=c:\windows\pss\AutoCAD Startup Accelerator.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk] backup=c:\windows\pss\Windows Desktop Search.lnkCommon Startup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-phishing Domain Advisor HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCShieldTray HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Panda Security URL Filtering HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSUNMain HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0] 2004-12-14 00:12 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2013-09-05 14:03 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 16:43 69632 ----a-w- c:\windows\ALCMTR.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange] 2009-07-21 15:43 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] 2013-11-19 11:03 683576 ----a-w- c:\program files\Avira\AntiVir Desktop\avgnt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] 2012-09-24 20:01 138096 ----atw- c:\documents and settings\Administrator\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2011-12-19 15:59 136176 ----atw- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2013-04-04 13:50 532040 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCShield] 2012-03-12 20:25 583680 ----a-w- c:\program files\MCShield\MCShieldRTM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCShield Monitor] 2012-03-12 20:25 583680 ----a-w- c:\program files\MCShield\MCShieldRTM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig] 2008-05-03 12:00 169984 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2004-11-02 19:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2005-09-22 11:36 14854144 ----a-w- c:\windows\RTHDCPL.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2013-01-08 11:59 18705664 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2006-05-16 17:04 2879488 ----a-w- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2009-07-21 10:00 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2013-07-02 07:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) "ose"=3 (0x3) "Ati HotKey Poller"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Dassault Systemes\\B17\\intel_a\\code\\bin\\orbixd.exe"= "c:\\Program Files\\Dassault Systemes\\B17\\intel_a\\code\\bin\\CNEXT.exe"= "c:\\WINDOWS\\system32\\javaw.exe"= "c:\\Documents and Settings\\Administrator\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.1544\\Agent.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.1675\\Agent.exe"= "c:\\Program Files\\Winamp\\winamp.exe"= "c:\\Program Files\\Java\\jre7\\bin\\java.exe"= "c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"= "c:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Protection Server\\WinNT\\spnsrvnt.exe"= "c:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Keys Server\\sntlkeyssrvr.exe"= . R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [8/23/2012 1:23 PM 155136] R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [8/23/2012 1:23 PM 5248] R0 mv614x;mv614x;c:\windows\system32\drivers\mv614x.sys [12/17/2010 5:22 PM 63232] R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [3/18/2013 3:23 PM 37352] R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [7/11/2003 2:22 PM 14912] R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [3/18/2013 3:23 PM 440376] R2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [3/18/2013 3:23 PM 1164360] R2 BBDemon;Backbone Service;c:\program files\Dassault Systemes\B17\intel_a\code\bin\CATSysDemon.exe [4/29/2006 7:32 AM 49152] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [10/10/2012 6:31 PM 418376] R2 SentinelKeysServer;Sentinel Keys Server;c:\program files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [4/27/2007 1:00 AM 316992] R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [12/17/2010 5:39 PM 35840] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9/6/2012 12:32 PM 22856] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9/6/2012 12:30 PM 701512] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [1/8/2013 12:55 PM 161536] S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?] . --- Other Services/Drivers In Memory --- . NewlyCreated - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2013-12-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1123561945-1645522239-1417001333-500Core.job - c:\documents and settings\Administrator\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-09-24 20:01] . 2013-12-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1123561945-1645522239-1417001333-500UA.job - c:\documents and settings\Administrator\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-09-24 20:01] . 2013-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-11-07 20:26] . 2013-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-11-07 20:26] . 2013-12-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1645522239-1417001333-500Core.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-19 15:59] . 2013-12-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1645522239-1417001333-500UA.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-19 15:59] . 2013-12-04 c:\windows\Tasks\User_Feed_Synchronization-{AD849537-D7C9-42E0-AC57-5CB8B3ABA4CA}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uLocal Page = c:\windows\pchealth\helpctr\System\panels\blank.htm uDefault_Search_URL = hxxp://www.google.com mStart Page = hxxp://www.google.com mLocal Page = c:\windows\pchealth\helpctr\System\panels\blank.htm mSearch Bar = hxxp://www.google.com uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oehrt3xr.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.google.rs/ . . ------- File Associations ------- . .scr=AutoCADScriptFile . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file) URLSearchHooks-{D8278076-BC68-4484-9233-6E7F1628B56C} - (no file) MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe MSConfigStartUp-BitTorrent Sync - c:\program files\BitTorrent Sync\BTSync.exe MSConfigStartUp-DAEMON Tools-1033 - d:\sims 2\daemon.exe MSConfigStartUp-rfagent - c:\program files\RFA 8\rfagent32.exe MSConfigStartUp-ROC_roc_ssl_v12 - c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe MSConfigStartUp-Tweak UI - TWEAKUI.CPL MSConfigStartUp-uTorrent - c:\program files\uTorrent\uTorrent.exe MSConfigStartUp-vProt - c:\program files\AVG Secure Search\vprot.exe AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe . . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2013-12-04 17:01 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ********************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1123561945-1645522239-1417001333-500\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (Administrator) "{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,24,3e, 56,8a,3f,13,0b,85,fa,ba,9b,04,70,38,6c . [HKEY_USERS\S-1-5-21-1123561945-1645522239-1417001333-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3e,75,62,85,d4,41,b8,40,95,9e,e1,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3e,75,62,85,d4,41,b8,40,95,9e,e1,\ . [HKEY_USERS\S-1-5-21-1123561945-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings] @Denied: (2) (Administrator) . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):18,17,e5,20,86,2a,4e,68,88,86,cc,f1,55,b1,76,5f,d8,4f,ef,e1,8e, aa,88,51,5e,45,4d,cd,63,dd,7f,3c,8d,62,60,0d,6f,5c,92,bf,00,00,00,00,00,00,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{efa3ab75-c601-4b86-ac90-aacc40d29450}] @Denied: (Full) (Everyone) "Model"=dword:00000045 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,7c,a3,58,23,ec,af,2d,15,15,ef,a1,46,54,19,6c,0d,35,95,e0,f3,7c,6d,\ . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(708) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'lsass.exe'(764) c:\program files\Avira\AntiVir Desktop\avsda.dll . - - - - - - - > 'explorer.exe'(3536) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Java\jre7\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\system32\wscntfy.exe . ************************************************************************ . Completion time: 2013-12-04 17:05:25 - machine was rebooted ComboFix-quarantined-files.txt 2013-12-04 16:05 . Pre-Run: 22,583,345,152 bytes free Post-Run: 22,540,001,280 bytes free . - - End Of File - - 9101BF4F42C04AD870761EF3950EC3B7 8F558EB6672622401DA993E1E865C861 Dopuna: 04 Dec 2013 17:33 I da , sad je malo dobio na brzin. Ako ima još nešto da se može odraditii, bilo bi još bolje.

Profil

TwinHeadedEagle Poslao: 04 Dec 2013 19:42 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Racunar je cist, to bi bilo to...

Profil

lakijenervozan Poslao: 04 Dec 2013 22:38 Idi na vrh
offline lakijenervozan Novi MyCity građanin Pridružio: 30 Jan 2011 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala za trud

Profil

TwinHeadedEagle Poslao: 04 Dec 2013 22:44 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nema na cemu Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop Dvoklikom pokreni program. Štikliraj sledeće opcije: Remove disinfection tools Purge System Restore Reset system settings Klikni na dugme "Run" i pričekaj da program završi rad. Alat ce ukloniti sve koriscene alate u ovoj temi... Kada alat završi, otvoriće izvestaj u notepadu. Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt Nije potrebno dostavljati izvestaj. Ako imas dodatnih problema sa racunarom, otvori temu u Windows potforumu i tamo iznesi problem. Ovde resavamo probleme samo uzrokovane virusima. Preporučujem da za zaštitu USB memorijskih uredjaja koristiš MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad, a pokazao se kao jedan od najboljih vidova zaštite od malware-a koji se prenosi putem USB mem. uređaja. Skineš, instaliraš, ubodeš USB mem. uređaj, izvrši se skeniranje nakon čega dobiješ obaveštenje da je uređaj čist (ukoliko je stvarno tako); ili dobiješ log u kome vidiš informacije o malware-u koji je nađen i obrisan. Home Page MCShield-a ::Anti-Malware Tool:: v2: http://amf.mycity.rs/mcshield/ Više o MCShield-u možeš saznati u ovim temama: v1: http://www.mycity.rs/MyCity-Laboratorija/MCShield.html v2: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj. Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html

Profil

MyCity » Ambulanta -> Arhiva Ambulante » spor kompjuter

Ko je trenutno na forumu

Ukupno su 1211 korisnika na forumu :: 41 registrovanih, 7 sakrivenih i 1163 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Boris90, cenejac111, cifra, cuculo, djboj, DPera, draganca, DragoslavS, Duh sa sekirom, esx66, HogarStrashni, janbo, Kibice, kolle.the.kid, Kubovac, laki_bb, Litostroton, loon123, maiden6657, mercedesamg, Mercury, Millennium, Milometer, Milos ZA, mrav pesadinac, proka89, Romibrat, stegonosa, studentbgd, Sumadija34, Tas011, Tragač, vathra, VJ, Vlad000, Vladko, voja64, vukovi, x9, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by