staro dobro čišćenje

1

staro dobro čišćenje

offline
  • Pridružio: 01 Sep 2007
  • Poruke: 137

Napisano: 11 Jan 2015 22:48

poceo komp da secka.sta god da pokrenem treba mu vremena.mozilla jos grdja.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:19-08-2014
Ran by momo (administrator) on MOMO-PC on 11-01-2015 22:40:32
Running from C:\Users\momo\Desktop\AMBULANTA
Platform: Microsoft Windows 7 Édition Starter (X86) OS Language: Français (France)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(SFR) C:\Program Files\SFR\Gestionnaire de Connexion\SFR.Dashboard.Service.exe
() C:\Program Files\Telenor Internet\BackgroundService\ServiceManager.exe
() C:\Program Files\T-Mobile Internet Manager\AssistantServices.exe
(RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_svc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_bg.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files\T-Mobile Internet Manager\UIExec.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SoftPerfect Research) C:\Program Files\NetWorx\networx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
(Microsoft Corporation) C:\Windows\System32\calc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [UIExec] => C:\Program Files\T-Mobile Internet Manager\UIExec.exe [136328 2010-03-02] ()
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [Telenor_Montenegro Imola ModemListener] => C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe [109120 2012-03-14] ()
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [4462288 2014-11-03] (SoftPerfect Research)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2198749600-2772488607-3266564224-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-2198749600-2772488607-3266564224-1000\...\Run: [Mobile Partner] => C:\Program Files\Telenor Internet\Telenor Internet
HKU\S-1-5-21-2198749600-2772488607-3266564224-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe [855216 2014-12-11] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:8123;https=127.0.0.1:8123;socks=127.0.0.1:1080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x56FCA23C63BCCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\momo\AppData\Roaming\Mozilla\Firefox\Profiles\om3flhal.default
FF SelectedSearchEngine: StartWeb
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\momo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\momo\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\ddg.xml
FF Extension: SaveFrom.net helper - C:\Users\momo\AppData\Roaming\Mozilla\Firefox\Profiles\om3flhal.default\Extensions\helper@savefrom.net.xpi [2014-02-06]
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile Internet Manager\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile Internet Manager\addon [2014-02-14]

Chrome:
=======
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (Auto Scroll) - C:\Users\momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eochlhpceohhhfogfeladaifggikcjhk [2014-12-07]
CHR Extension: (Iminent) - C:\Users\momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2014-09-01]
CHR Extension: (SaveFrom.net helper) - C:\Users\momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl [2014-07-24]
CHR Extension: (Google Wallet) - C:\Users\momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-29]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [993584 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [276048 2013-02-06] ()
R2 SFR.Dashboard.Service; C:\Program Files\SFR\Gestionnaire de Connexion\SFR.Dashboard.Service.exe [28632 2012-11-12] (SFR)
R2 Telenor_Montenegro Imola Modem Device Helper; C:\Program Files\Telenor Internet\BackgroundService\ServiceManager.exe [53312 2012-03-14] ()
R2 UI Assistant Service; C:\Program Files\T-Mobile Internet Manager\AssistantServices.exe [245384 2010-03-02] () [File not signed]
R2 Unchecky; C:\Program Files\Unchecky\bin\unchecky_svc.exe [111208 2014-12-22] (RaMMicHaeL)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [271360 2013-11-03] () [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-02-25] (Avira Operations GmbH & Co. KG)
U0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [22528 2010-02-10] (Bytemobile, Inc.) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-09-30] (Disc Soft Ltd)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [101248 2013-03-04] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [70528 2013-03-04] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27776 2013-03-04] (Huawei Technologies Co., Ltd.)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [106112 2011-06-20] (TCT International Mobile Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [18048 2013-11-03] () [File not signed]
R1 networx; C:\Windows\System32\drivers\networx.sys [55288 2014-11-03] (NetFilterSDK.com)
S3 ogtap100; C:\Windows\System32\DRIVERS\ogtap100.sys [31360 2014-05-05] (The OpenVPN Project)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-02-25] (Avira GmbH)
S1 tcpipBM; C:\Windows\system32\Drivers\tcpipBM.sys [18816 2010-02-10] (Bytemobile, Inc.) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\momo\AppData\Local\Temp\catchme.sys [X]
S3 DUMeterDrv; \??\C:\Program Files\DU Meter\DUMETR32.SYS [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\momo\AppData\Local\Temp\Rar$EXa0.961\OpenHardwareMonitor\OpenHardwareMonitor.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-11 22:40 - 2015-01-11 22:40 - 00000000 ____D () C:\FRST
2015-01-11 02:40 - 2015-01-11 22:33 - 00000605 _____ () C:\Users\momo\Documents\11.1.15 O,U.txt
2015-01-11 02:38 - 2015-01-11 22:34 - 00015360 _____ () C:\Users\momo\Documents\11.1.15 ODD,EVEN.xls
2015-01-10 07:10 - 2015-01-11 02:29 - 00015360 _____ () C:\Users\momo\Documents\10.1.15 ODD,EVEN.xls
2015-01-10 07:07 - 2015-01-11 14:46 - 00000793 _____ () C:\Users\momo\Documents\10.1.15 O,U.txt
2015-01-09 02:54 - 2015-01-10 07:08 - 00014848 _____ () C:\Users\momo\Documents\9.1.15 ODD,EVEN.xls
2015-01-09 02:49 - 2015-01-10 20:01 - 00000604 _____ () C:\Users\momo\Documents\9.1.15 O,U.txt
2015-01-08 17:05 - 2015-01-08 17:05 - 00002142 _____ () C:\Users\momo\Documents\RAFAELO.txt
2015-01-08 13:15 - 2015-01-09 20:40 - 00000329 _____ () C:\Users\momo\Documents\8.1.15 O,U.txt
2015-01-08 02:10 - 2015-01-09 01:08 - 00014848 _____ () C:\Users\momo\Documents\8.1.15 ODD,EVEN.xls
2015-01-07 12:59 - 2015-01-07 22:04 - 00000311 _____ () C:\Users\momo\Documents\7.1.15 O,U.txt
2015-01-06 22:54 - 2015-01-08 01:55 - 00014848 _____ () C:\Users\momo\Documents\7.1.15 ODD,EVEN.xls
2015-01-06 02:39 - 2015-01-06 22:47 - 00014848 _____ () C:\Users\momo\Documents\6.1.15 ODD,EVEN.xls
2015-01-06 02:34 - 2015-01-06 22:47 - 00000408 _____ () C:\Users\momo\Documents\6.1.15 O,U.txt
2015-01-05 01:09 - 2015-01-06 02:07 - 00000585 _____ () C:\Users\momo\Documents\5.1.15 O,U.txt
2015-01-05 01:07 - 2015-01-06 02:22 - 00014848 _____ () C:\Users\momo\Documents\5.1.15 ODD,EVEN.xls
2015-01-04 05:02 - 2015-01-05 00:39 - 00015360 _____ () C:\Users\momo\Documents\4.1.15 ODD,EVEN.xls
2015-01-04 05:00 - 2015-01-05 00:39 - 00000683 _____ () C:\Users\momo\Documents\4.1.15 O,U.txt
2015-01-03 02:15 - 2015-01-04 10:59 - 00000682 _____ () C:\Users\momo\Documents\3.1.15 O,U.txt
2015-01-03 02:04 - 2015-01-04 05:57 - 00015360 _____ () C:\Users\momo\Documents\3.1.15 ODD,EVEN.xls
2015-01-02 04:58 - 2015-01-03 01:57 - 00000399 _____ () C:\Users\momo\Documents\2.1.15 O,U.txt
2015-01-02 04:55 - 2015-01-03 01:57 - 00014848 _____ () C:\Users\momo\Documents\2.1.15 ODD,EVEN.xls
2015-01-01 11:44 - 2015-01-02 04:42 - 00000285 _____ () C:\Users\momo\Documents\1.1.15 O,U.txt
2015-01-01 01:56 - 2015-01-02 04:43 - 00014848 _____ () C:\Users\momo\Documents\1.1.15 ODD,EVEN.xls
2014-12-31 01:01 - 2015-01-01 11:44 - 00000511 _____ () C:\Users\momo\Documents\31.12.14 O,U.txt
2014-12-31 00:55 - 2015-01-01 01:40 - 00014848 _____ () C:\Users\momo\Documents\31.12.14 ODD,EVEN.xls
2014-12-30 09:43 - 2014-12-30 22:24 - 00000409 _____ () C:\Users\momo\Documents\30.12.14 O,U.txt
2014-12-30 00:53 - 2014-12-31 00:39 - 00000566 _____ () C:\Users\momo\Documents\TEST GOLOVA UNDER 2.5.txt
2014-12-30 00:37 - 2014-12-31 00:19 - 00014848 _____ () C:\Users\momo\Documents\30.12.14 ODD,EVEN.xls
2014-12-29 12:51 - 2014-12-30 00:14 - 00000290 _____ () C:\Users\momo\Documents\29.12.14 O,U.txt
2014-12-28 23:00 - 2014-12-30 00:08 - 00014848 _____ () C:\Users\momo\Documents\29.12.14 ODD,EVEN.xls
2014-12-28 22:10 - 2014-12-28 22:10 - 00002491 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2014-12-28 22:10 - 2014-12-28 22:10 - 00002479 _____ () C:\Users\Public\Desktop\Safari.lnk
2014-12-28 22:10 - 2014-12-28 22:10 - 00000000 ____D () C:\Program Files\Safari
2014-12-28 22:01 - 2014-12-28 22:08 - 38494576 _____ (Apple Inc.) C:\Users\momo\Desktop\SafariSetup.exe
2014-12-28 01:01 - 2014-12-29 12:51 - 00000551 _____ () C:\Users\momo\Documents\28.12.14 O,U.txt
2014-12-28 00:35 - 2014-12-28 22:29 - 00014848 _____ () C:\Users\momo\Documents\28.12.14 ODD,EVEN.xls
2014-12-27 12:46 - 2014-12-28 01:01 - 00000350 _____ () C:\Users\momo\Documents\27.12.14 O,U.txt
2014-12-26 22:36 - 2014-12-28 00:33 - 00014848 _____ () C:\Users\momo\Documents\27.12.14 ODD,EVEN.xls
2014-12-25 23:34 - 2014-12-27 12:45 - 00000281 _____ () C:\Users\momo\Documents\26.12.14 O,U.txt
2014-12-25 23:16 - 2014-12-26 22:28 - 00014848 _____ () C:\Users\momo\Documents\26.12.14 ODD,EVEN.xls
2014-12-25 15:23 - 2014-12-25 15:24 - 00000000 ____D () C:\Users\momo\Desktop\Horrible.Bosses.2.2014.HC.WEBRip.x264-RARBG
2014-12-24 23:56 - 2014-12-25 22:54 - 00014336 _____ () C:\Users\momo\Documents\25.12.14 oDD.xls
2014-12-24 23:52 - 2014-12-25 19:28 - 00000196 _____ () C:\Users\momo\Documents\25.12.14 O,U.txt
2014-12-24 01:02 - 2014-12-24 23:44 - 00000293 _____ () C:\Users\momo\Documents\24.12.14 O,U.txt
2014-12-24 01:00 - 2014-12-24 20:35 - 00015872 _____ () C:\Users\momo\Documents\24.12.14 ODD,EVEN.xls
2014-12-23 00:36 - 2014-12-23 22:51 - 00014848 _____ () C:\Users\momo\Documents\23.12.14 ODD,EVEN.xls
2014-12-23 00:17 - 2014-12-23 23:11 - 00000374 _____ () C:\Users\momo\Documents\23.12.14 O,U.txt
2014-12-22 12:51 - 2014-12-23 23:03 - 00014848 _____ () C:\Users\momo\Documents\22.12.14 ODD,EVEN.xls
2014-12-22 12:49 - 2014-12-23 00:16 - 00000434 _____ () C:\Users\momo\Documents\22.12.14 O,U.txt
2014-12-21 00:12 - 2014-12-22 00:40 - 00001044 _____ () C:\Users\momo\Documents\21.12.14 O,U.txt
2014-12-21 00:05 - 2014-12-22 00:14 - 00014848 _____ () C:\Users\momo\Documents\21.12.14 ODD,EVEN.xls
2014-12-20 02:01 - 2014-12-21 14:56 - 00015360 _____ () C:\Users\momo\Documents\20.12.14 ODD,EVEN.xls
2014-12-19 09:28 - 2014-12-20 12:41 - 00014848 _____ () C:\Users\momo\Documents\19.12.14 ODD,EVEN.xls
2014-12-18 20:28 - 2014-12-20 23:32 - 00004031 _____ () C:\Users\momo\Documents\TEST GOLOVA O,U.txt
2014-12-17 23:46 - 2014-12-19 23:44 - 00017920 _____ () C:\Users\momo\Documents\18.12.14 ODD,EVEN.xls
2014-12-17 01:23 - 2014-12-18 14:46 - 00015872 _____ () C:\Users\momo\Documents\17.12.14 ODD,EVEN.xls
2014-12-16 03:56 - 2014-12-16 23:02 - 00015360 _____ () C:\Users\momo\Documents\16.12.14 ODD,EVEN.xls
2014-12-15 17:45 - 2014-12-16 15:10 - 00000340 _____ () C:\Users\momo\Documents\16.12.14 ODD,EVEN.txt
2014-12-14 18:09 - 2014-12-14 20:52 - 00000471 _____ () C:\Users\momo\Documents\RAZNO RAZNI NIZOVI.txt
2014-12-14 11:55 - 2014-12-15 00:17 - 00014336 _____ () C:\Users\momo\Documents\14.12.14 FIKS.xls
2014-12-14 11:01 - 2014-12-14 17:21 - 00014848 _____ () C:\Users\momo\Documents\14.12.14 ODD,EVEN.xls
2014-12-13 17:42 - 2014-12-14 11:48 - 00014336 _____ () C:\Users\momo\Documents\13.12.14 FIKS.xls
2014-12-13 12:58 - 2014-12-14 10:39 - 00015360 _____ () C:\Users\momo\Documents\13.12.14 ODD,EVEN.xls
2014-12-12 21:52 - 2014-12-12 21:52 - 00001091 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-12 21:07 - 2014-12-16 15:22 - 00000561 _____ () C:\Users\momo\Documents\SUREBETS.txt
2014-12-12 13:29 - 2014-12-13 19:35 - 00014848 _____ () C:\Users\momo\Documents\12.12.14 FIKS.xls
2014-12-12 12:59 - 2014-12-13 19:25 - 00015360 _____ () C:\Users\momo\Documents\12.12.14 ODD,EVEN.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-11 22:40 - 2015-01-11 22:40 - 00000000 ____D () C:\FRST
2015-01-11 22:40 - 2014-08-21 00:36 - 00000000 ____D () C:\Users\momo\Desktop\AMBULANTA
2015-01-11 22:34 - 2015-01-11 02:38 - 00015360 _____ () C:\Users\momo\Documents\11.1.15 ODD,EVEN.xls
2015-01-11 22:33 - 2015-01-11 02:40 - 00000605 _____ () C:\Users\momo\Documents\11.1.15 O,U.txt
2015-01-11 22:20 - 2014-07-19 23:40 - 00000000 ____D () C:\Users\momo\AppData\Roaming\TS3Client
2015-01-11 22:19 - 2009-07-14 05:34 - 00005856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-11 22:19 - 2009-07-14 05:34 - 00005856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-11 22:16 - 2013-09-29 13:23 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-11 22:06 - 2013-09-19 14:51 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-11 21:03 - 2013-12-24 13:45 - 00081291 _____ () C:\Windows\setupact.log
2015-01-11 20:56 - 2013-09-19 14:46 - 01433679 _____ () C:\Windows\WindowsUpdate.log
2015-01-11 18:13 - 2013-09-19 14:57 - 00000000 ____D () C:\Users\momo\AppData\Roaming\vlc
2015-01-11 18:08 - 2013-09-29 13:23 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-11 18:07 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-11 14:57 - 2014-12-07 20:11 - 00000000 ____D () C:\Users\momo\Documents\9083RLJ180
2015-01-11 14:46 - 2015-01-10 07:07 - 00000793 _____ () C:\Users\momo\Documents\10.1.15 O,U.txt
2015-01-11 02:29 - 2015-01-10 07:10 - 00015360 _____ () C:\Users\momo\Documents\10.1.15 ODD,EVEN.xls
2015-01-10 20:01 - 2015-01-09 02:49 - 00000604 _____ () C:\Users\momo\Documents\9.1.15 O,U.txt
2015-01-10 07:08 - 2015-01-09 02:54 - 00014848 _____ () C:\Users\momo\Documents\9.1.15 ODD,EVEN.xls
2015-01-09 20:40 - 2015-01-08 13:15 - 00000329 _____ () C:\Users\momo\Documents\8.1.15 O,U.txt
2015-01-09 01:08 - 2015-01-08 02:10 - 00014848 _____ () C:\Users\momo\Documents\8.1.15 ODD,EVEN.xls
2015-01-08 17:05 - 2015-01-08 17:05 - 00002142 _____ () C:\Users\momo\Documents\RAFAELO.txt
2015-01-08 01:55 - 2015-01-06 22:54 - 00014848 _____ () C:\Users\momo\Documents\7.1.15 ODD,EVEN.xls
2015-01-07 22:04 - 2015-01-07 12:59 - 00000311 _____ () C:\Users\momo\Documents\7.1.15 O,U.txt
2015-01-06 22:47 - 2015-01-06 02:39 - 00014848 _____ () C:\Users\momo\Documents\6.1.15 ODD,EVEN.xls
2015-01-06 22:47 - 2015-01-06 02:34 - 00000408 _____ () C:\Users\momo\Documents\6.1.15 O,U.txt
2015-01-06 02:22 - 2015-01-05 01:07 - 00014848 _____ () C:\Users\momo\Documents\5.1.15 ODD,EVEN.xls
2015-01-06 02:07 - 2015-01-05 01:09 - 00000585 _____ () C:\Users\momo\Documents\5.1.15 O,U.txt
2015-01-05 00:39 - 2015-01-04 05:02 - 00015360 _____ () C:\Users\momo\Documents\4.1.15 ODD,EVEN.xls
2015-01-05 00:39 - 2015-01-04 05:00 - 00000683 _____ () C:\Users\momo\Documents\4.1.15 O,U.txt
2015-01-04 10:59 - 2015-01-03 02:15 - 00000682 _____ () C:\Users\momo\Documents\3.1.15 O,U.txt
2015-01-04 05:57 - 2015-01-03 02:04 - 00015360 _____ () C:\Users\momo\Documents\3.1.15 ODD,EVEN.xls
2015-01-03 01:57 - 2015-01-02 04:58 - 00000399 _____ () C:\Users\momo\Documents\2.1.15 O,U.txt
2015-01-03 01:57 - 2015-01-02 04:55 - 00014848 _____ () C:\Users\momo\Documents\2.1.15 ODD,EVEN.xls
2015-01-02 04:43 - 2015-01-01 01:56 - 00014848 _____ () C:\Users\momo\Documents\1.1.15 ODD,EVEN.xls
2015-01-02 04:42 - 2015-01-01 11:44 - 00000285 _____ () C:\Users\momo\Documents\1.1.15 O,U.txt
2015-01-02 04:39 - 2009-07-14 05:53 - 00032482 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-01 11:44 - 2014-12-31 01:01 - 00000511 _____ () C:\Users\momo\Documents\31.12.14 O,U.txt
2015-01-01 01:40 - 2014-12-31 00:55 - 00014848 _____ () C:\Users\momo\Documents\31.12.14 ODD,EVEN.xls
2014-12-31 00:39 - 2014-12-30 00:53 - 00000566 _____ () C:\Users\momo\Documents\TEST GOLOVA UNDER 2.5.txt
2014-12-31 00:19 - 2014-12-30 00:37 - 00014848 _____ () C:\Users\momo\Documents\30.12.14 ODD,EVEN.xls
2014-12-30 22:24 - 2014-12-30 09:43 - 00000409 _____ () C:\Users\momo\Documents\30.12.14 O,U.txt
2014-12-30 00:14 - 2014-12-29 12:51 - 00000290 _____ () C:\Users\momo\Documents\29.12.14 O,U.txt
2014-12-30 00:08 - 2014-12-28 23:00 - 00014848 _____ () C:\Users\momo\Documents\29.12.14 ODD,EVEN.xls
2014-12-29 12:51 - 2014-12-28 01:01 - 00000551 _____ () C:\Users\momo\Documents\28.12.14 O,U.txt
2014-12-28 22:29 - 2014-12-28 00:35 - 00014848 _____ () C:\Users\momo\Documents\28.12.14 ODD,EVEN.xls
2014-12-28 22:11 - 2014-01-02 01:11 - 00000000 ____D () C:\Users\momo\AppData\Roaming\Apple Computer
2014-12-28 22:11 - 2014-01-02 01:11 - 00000000 ____D () C:\Users\momo\AppData\Local\Apple Computer
2014-12-28 22:10 - 2014-12-28 22:10 - 00002491 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2014-12-28 22:10 - 2014-12-28 22:10 - 00002479 _____ () C:\Users\Public\Desktop\Safari.lnk
2014-12-28 22:10 - 2014-12-28 22:10 - 00000000 ____D () C:\Program Files\Safari
2014-12-28 22:08 - 2014-12-28 22:01 - 38494576 _____ (Apple Inc.) C:\Users\momo\Desktop\SafariSetup.exe
2014-12-28 01:01 - 2014-12-27 12:46 - 00000350 _____ () C:\Users\momo\Documents\27.12.14 O,U.txt
2014-12-28 00:33 - 2014-12-26 22:36 - 00014848 _____ () C:\Users\momo\Documents\27.12.14 ODD,EVEN.xls
2014-12-28 00:26 - 2014-12-05 18:17 - 00000000 ____D () C:\Users\momo\Documents\DOKUMENTA
2014-12-27 12:45 - 2014-12-25 23:34 - 00000281 _____ () C:\Users\momo\Documents\26.12.14 O,U.txt
2014-12-26 22:28 - 2014-12-25 23:16 - 00014848 _____ () C:\Users\momo\Documents\26.12.14 ODD,EVEN.xls
2014-12-25 22:54 - 2014-12-24 23:56 - 00014336 _____ () C:\Users\momo\Documents\25.12.14 oDD.xls
2014-12-25 19:28 - 2014-12-24 23:52 - 00000196 _____ () C:\Users\momo\Documents\25.12.14 O,U.txt
2014-12-25 15:24 - 2014-12-25 15:23 - 00000000 ____D () C:\Users\momo\Desktop\Horrible.Bosses.2.2014.HC.WEBRip.x264-RARBG
2014-12-25 15:15 - 2013-09-19 14:53 - 01660386 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-24 23:44 - 2014-12-24 01:02 - 00000293 _____ () C:\Users\momo\Documents\24.12.14 O,U.txt
2014-12-24 20:35 - 2014-12-24 01:00 - 00015872 _____ () C:\Users\momo\Documents\24.12.14 ODD,EVEN.xls
2014-12-23 23:11 - 2014-12-23 00:17 - 00000374 _____ () C:\Users\momo\Documents\23.12.14 O,U.txt
2014-12-23 23:03 - 2014-12-22 12:51 - 00014848 _____ () C:\Users\momo\Documents\22.12.14 ODD,EVEN.xls
2014-12-23 22:51 - 2014-12-23 00:36 - 00014848 _____ () C:\Users\momo\Documents\23.12.14 ODD,EVEN.xls
2014-12-23 00:16 - 2014-12-22 12:49 - 00000434 _____ () C:\Users\momo\Documents\22.12.14 O,U.txt
2014-12-22 00:40 - 2014-12-21 00:12 - 00001044 _____ () C:\Users\momo\Documents\21.12.14 O,U.txt
2014-12-22 00:14 - 2014-12-21 00:05 - 00014848 _____ () C:\Users\momo\Documents\21.12.14 ODD,EVEN.xls
2014-12-21 14:56 - 2014-12-20 02:01 - 00015360 _____ () C:\Users\momo\Documents\20.12.14 ODD,EVEN.xls
2014-12-20 23:32 - 2014-12-18 20:28 - 00004031 _____ () C:\Users\momo\Documents\TEST GOLOVA O,U.txt
2014-12-20 12:41 - 2014-12-19 09:28 - 00014848 _____ () C:\Users\momo\Documents\19.12.14 ODD,EVEN.xls
2014-12-19 23:44 - 2014-12-17 23:46 - 00017920 _____ () C:\Users\momo\Documents\18.12.14 ODD,EVEN.xls
2014-12-18 14:46 - 2014-12-17 01:23 - 00015872 _____ () C:\Users\momo\Documents\17.12.14 ODD,EVEN.xls
2014-12-16 23:21 - 2014-12-07 00:25 - 00002067 _____ () C:\Users\momo\Documents\TEST TOTAL CORNERS O8.5 ILI O9.txt
2014-12-16 23:02 - 2014-12-16 03:56 - 00015360 _____ () C:\Users\momo\Documents\16.12.14 ODD,EVEN.xls
2014-12-16 15:22 - 2014-12-12 21:07 - 00000561 _____ () C:\Users\momo\Documents\SUREBETS.txt
2014-12-16 15:10 - 2014-12-15 17:45 - 00000340 _____ () C:\Users\momo\Documents\16.12.14 ODD,EVEN.txt
2014-12-15 00:17 - 2014-12-14 11:55 - 00014336 _____ () C:\Users\momo\Documents\14.12.14 FIKS.xls
2014-12-14 20:52 - 2014-12-14 18:09 - 00000471 _____ () C:\Users\momo\Documents\RAZNO RAZNI NIZOVI.txt
2014-12-14 17:21 - 2014-12-14 11:01 - 00014848 _____ () C:\Users\momo\Documents\14.12.14 ODD,EVEN.xls
2014-12-14 11:48 - 2014-12-13 17:42 - 00014336 _____ () C:\Users\momo\Documents\13.12.14 FIKS.xls
2014-12-14 10:39 - 2014-12-13 12:58 - 00015360 _____ () C:\Users\momo\Documents\13.12.14 ODD,EVEN.xls
2014-12-13 19:35 - 2014-12-12 13:29 - 00014848 _____ () C:\Users\momo\Documents\12.12.14 FIKS.xls
2014-12-13 19:25 - 2014-12-12 12:59 - 00015360 _____ () C:\Users\momo\Documents\12.12.14 ODD,EVEN.xls
2014-12-12 21:52 - 2014-12-12 21:52 - 00001091 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-12 21:52 - 2014-04-15 10:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-12 21:52 - 2014-04-03 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-12 21:52 - 2014-04-03 19:08 - 00000000 ____D () C:\Program Files\Avira
2014-12-12 15:40 - 2014-12-11 13:22 - 00014848 _____ () C:\Users\momo\Documents\11.12.14 FIKS.xls
2014-12-12 15:24 - 2014-12-11 12:29 - 00015360 _____ () C:\Users\momo\Documents\11.12.14 ODD,EVEN.xls
2014-12-12 12:59 - 2013-09-29 13:42 - 00002127 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 12:53 - 2013-09-19 14:53 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-12 12:47 - 2013-12-22 02:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Users\momo\AppData\Local\temp\avgnt.exe
C:\Users\momo\AppData\Local\temp\FreemakeAudioConverter_1.1.0.66.exe
C:\Users\momo\AppData\Local\temp\jre-7u67-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-08 01:39

==================== End Of Log ============================

Dopuna: 11 Jan 2015 22:49

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ovo izgleda prilično čisto. Riješićemo sad neke sitnice.


Arrow Korak 1

Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe:

Boxore Client
YeahBit PC SpeedUp 2.1.5



Arrow Korak 2

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

FF SelectedSearchEngine: StartWeb
CHR Extension: (Iminent) - C:\Users\momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2014-09-01]
Task: {25835656-28B4-4BCB-B768-362CB97BDF52} - System32\Tasks\{E132DC9D-BDA7-4A6E-AAD2-88E1C7AC4D1D} => E:\(zabranjeno)\pes6-keygen.exe


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).





Arrow Korak 3

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

offline
  • Pridružio: 01 Sep 2007
  • Poruke: 137

Napisano: 12 Jan 2015 13:33

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-01-2015 01
Ran by momo at 2015-01-12 13:30:12 Run:1
Running from C:\Users\momo\Desktop
Loaded Profile: momo (Available profiles: momo)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
FF SelectedSearchEngine: StartWeb
CHR Extension: (Iminent) - C:\Users\momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2014-09-01]
Task: {25835656-28B4-4BCB-B768-362CB97BDF52} - System32\Tasks\{E132DC9D-BDA7-4A6E-AAD2-88E1C7AC4D1D} => E:\(zabranjeno)\pes6-keygen.exe
*****************

Firefox SelectedSearchEngine deleted successfully.
C:\Users\momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25835656-28B4-4BCB-B768-362CB97BDF52}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25835656-28B4-4BCB-B768-362CB97BDF52}" => Key deleted successfully.
C:\Windows\System32\Tasks\{E132DC9D-BDA7-4A6E-AAD2-88E1C7AC4D1D} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E132DC9D-BDA7-4A6E-AAD2-88E1C7AC4D1D}" => Key deleted successfully.

==== End of Fixlog 13:30:15 ====

Dopuna: 12 Jan 2015 13:47

mycity.rs/must-login.png

Dopuna: 12 Jan 2015 13:51

Nisam uspio izbrisat Boxore Client

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Nema veze. Idemo dalje:

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

process;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.

offline
  • Pridružio: 01 Sep 2007
  • Poruke: 137

Zoek.exe v5.0.0.0 Updated 09-January-2015
Tool run by momo on pon 12.01.2015. at 17:51:13,08.
Microsoft Windows 7 Édition Starter 6.1.7600 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\momo\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12.1.2015. 17:53:00 Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\Program Files\SFR\Gestionnaire de Connexion\SFR.Dashboard.Service.exe
C:\Program Files\Telenor Internet\BackgroundService\ServiceManager.exe
C:\Program Files\T-Mobile Internet Manager\AssistantServices.exe
C:\Program Files\Unchecky\bin\unchecky_svc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Unchecky\bin\unchecky_bg.exe
C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Windows\Explorer.EXE
C:\Program Files\T-Mobile Internet Manager\UIExec.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\NetWorx\networx.exe
C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\sppsvc.exe
C:\Users\momo\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k swprv

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\momo\AppData\Local\Temp ====
2015-01-11 20:01:29 F832B7D1E8B44A4CD3300748803F2120 148480 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\quazip.dll
2015-01-11 20:01:29 E720052CAA95D8AB9F962CEE9C95DD5D 270848 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\ssleay32.dll
2015-01-11 20:01:29 A57A0607EA95FFC967B368315030E117 105416 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\soundbackends\windowsaudiosession_win32.dll
2015-01-11 20:01:29 99208051F3BDDC922D1E7C19EEBCF2EE 9238472 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\ts3client_win32.exe
2015-01-11 20:01:29 718A9E7420948C7A8979465DE3D4452D 677376 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\sqldrivers\qsqlite.dll
2015-01-11 20:01:29 6FAB056F8149474E2BEE13C444DB11C7 92104 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\soundbackends\directsound_win32.dll
2015-01-11 20:01:28 E2BD52C727446F11E906C706140728AA 35272 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\plugins\ts3g15.dll
2015-01-11 20:01:28 E03AF0B833F0216A3B5E2FBA615BE0BF 200648 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\error_report.exe
2015-01-11 20:01:28 BD500CD7B4B9FE6E370FED9EDC094D1F 206792 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\plugins\lua_plugin.dll
2015-01-11 20:01:28 9397ACEBC841BDCC22BD2E28F06A382B 27080 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\plugins\test_plugin.dll
2015-01-11 20:01:28 8ED52CF391455E09197B55D1ED3ACF93 232392 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\package_inst.exe
2015-01-11 20:01:28 7F9F9E144E28AB260E420C4742A701C0 171008 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\Qt5Sql.dll
2015-01-11 20:01:28 60FCD33BC532CCBE04B245E52C9F17DD 117704 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\plugins\appscanner_plugin.dll
2015-01-11 20:01:28 5AB3085A85FCE6C348FA9E263DA3158F 477128 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\plugins\clientquery_plugin.dll
2015-01-11 20:01:28 301A385231AF91EA6AEBB973DB9F2850 110106 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\createfileassoc.exe
2015-01-11 20:01:28 221EA264040FA66BEC2C483A2EAC34CA 484808 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\plugins\teamspeak_control_plugin.dll
2015-01-11 20:01:28 0E853643F6C6E1B6A3D9D06E5CA934A8 1176064 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\libeay32.dll
2015-01-11 20:01:28 0CBD72EE9FA2383E441E758A0F91854A 1313056 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\OverwolfTeamSpeakInstaller.exe
2015-01-11 20:00:53 6C02AA82F235B36952E3520B0BA3DA5F 685032 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\update.exe
2015-01-11 20:00:52 DFB2CB16BA7605CF30F6DF2DA72B9831 864768 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\platforms\qwindows.dll
2015-01-11 20:00:52 4BA25D2CBE1587A841DCFB8C8C4A6EA6 875472 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\msvcr110.dll
2015-01-11 20:00:51 B0DE009E8EFD6E21BC0E73E356084590 4602880 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\Qt5Core.dll
2015-01-11 20:00:51 601212B1136BA53229A5BBCC9F346DF0 4380160 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\Qt5Widgets.dll
2015-01-11 20:00:51 3E29914113EC4B968BA5EB1F6D194A0A 535008 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\msvcp110.dll
2015-01-11 20:00:51 388D9E4FDD4E430525A6C08E8052D547 123904 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\accessible\qtaccessiblewidgets.dll
2015-01-11 20:00:51 2DF561B4293785267C40134EF3726E1E 25600 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\imageformats\qgif.dll
2015-01-11 20:00:51 229ED86EF4F14979CE2DC365F2243AFB 830976 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\Qt5Network.dll
2015-01-11 20:00:51 0EBF01A0DF03086077155C5C63B09753 242688 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\imageformats\qjpeg.dll
2015-01-11 20:00:51 0BD368B2C20613D00FCE0D06CD175325 2860032 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\Qt5Gui.dll
====== Java Cache =====
====== C:\Windows\system32 =====
2015-01-12 12:50:15 B9F9FD6188CC732F19DB69CAE5CC597C 272808 ----a-w- C:\Windows\System32\javaws.exe
2015-01-12 12:49:47 3594C0ABBFFE10B3CF95714B8B3C89A4 175528 ----a-w- C:\Windows\System32\javaw.exe
2015-01-12 12:49:47 279C281689A48D1CAF37338CAB312C06 96680 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll
2015-01-12 12:49:47 095826BCBBFA5C09C72463A82612B23C 175528 ----a-w- C:\Windows\System32\java.exe
====== C:\Windows\system32\drivers =====
====== C:\Windows\Tasks ======
2014-12-25 10:50:00 F64A2D5E9C1762DEAFBEB4978044D22B 3874 ----a-w- C:\Windows\system32\Tasks\Adobe Acrobat Update Task
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-01-12 12:50:35 -------- d-----w- C:\Program Files\Common Files\Java
2014-12-28 21:10:04 -------- d-----w- C:\Program Files\Safari
======= C: =====
====== C:\Users\momo\AppData\Roaming ======
====== C:\Users\momo ======
2015-01-12 12:49:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-12 12:32:16 61CA40317EBF1254770BF8B495B3F8DA 2191360 ----a-w- C:\Users\momo\Desktop\AdwCleaner.exe

====== C: exe-files ==
2015-01-12 12:50:15 B9F9FD6188CC732F19DB69CAE5CC597C 272808 ----a-w- C:\Windows\System32\javaws.exe
2015-01-12 12:49:47 3594C0ABBFFE10B3CF95714B8B3C89A4 175528 ----a-w- C:\Windows\System32\javaw.exe
2015-01-12 12:49:47 095826BCBBFA5C09C72463A82612B23C 175528 ----a-w- C:\Windows\System32\java.exe
2015-01-12 12:49:34 EEFD7F935D944118FED39D3041352990 16296 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe
2015-01-12 12:49:34 EAFDA2D17FF6CC0B2AFEE21E9134EBF8 145832 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe
2015-01-12 12:49:34 E04E87CDF6CA797BA7C8EA45228FE9E0 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe
2015-01-12 12:49:34 DD8E9CE0BDF8CE1131004673D9C5444D 16296 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe
2015-01-12 12:49:34 DBDB1A25291B2D18C614F5CA963156A8 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe
2015-01-12 12:49:34 DB769E9AE525963168BD4B60BFBF55EB 16296 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe
2015-01-12 12:49:34 D3BC8953C21770FC147064B0BAE78063 68008 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe
2015-01-12 12:49:34 CBE8C6FAEDBA9A2C2577133F0321CBD8 16808 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe
2015-01-12 12:49:34 C935769C537A94BC026BD813015DA450 16296 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe
2015-01-12 12:49:34 BFEC01FEA21A749C43DE15F1644E7900 16296 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe
2015-01-12 12:49:34 BDB4ABB929ADBC7B98E1087830809564 16808 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe
2015-01-12 12:49:34 B9F9FD6188CC732F19DB69CAE5CC597C 272808 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe
2015-01-12 12:49:34 9FF29AE2E75939EFF8A390AD51F5FEFF 50088 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe
2015-01-12 12:49:34 9D9A28606B59C3D8D8FD1F7704AAAD81 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe
2015-01-12 12:49:34 93F297984DB0561694F6454A3066D542 16296 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe
2015-01-12 12:49:34 93CFE0C1473D2220FBDA2A9C08848F34 75688 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe
2015-01-12 12:49:34 74222EDB01CF2D9865D8AC1EEE7C5B63 16296 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe
2015-01-12 12:49:34 6DCF8B667B6C9AD851B2B5CB256521ED 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe
2015-01-12 12:49:34 6A4970A237A9FE01A36C4181E2A8C1B0 16296 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe
2015-01-12 12:49:34 3594C0ABBFFE10B3CF95714B8B3C89A4 175528 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe
2015-01-12 12:49:34 095826BCBBFA5C09C72463A82612B23C 175528 ----a-w- C:\Program Files\Java\jre7\bin\java.exe
2015-01-12 12:46:05 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\momo\AppData\LocalLow\Sun\Java\jre1.7.0_71\lzma.exe
2015-01-12 12:32:16 61CA40317EBF1254770BF8B495B3F8DA 2191360 ----a-w- C:\Users\momo\Desktop\AdwCleaner.exe
2015-01-12 12:30:00 628AF13EE4BEF969ABFED5A5E2979A5B 1115648 ----a-w- C:\Users\momo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WDZCANIM\FRST[1].exe
2015-01-11 20:01:29 99208051F3BDDC922D1E7C19EEBCF2EE 9238472 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\ts3client_win32.exe
2015-01-11 20:01:28 E03AF0B833F0216A3B5E2FBA615BE0BF 200648 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\error_report.exe
2015-01-11 20:01:28 8ED52CF391455E09197B55D1ED3ACF93 232392 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\package_inst.exe
2015-01-11 20:01:28 301A385231AF91EA6AEBB973DB9F2850 110106 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\createfileassoc.exe
2015-01-11 20:01:28 0CBD72EE9FA2383E441E758A0F91854A 1313056 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\OverwolfTeamSpeakInstaller.exe
2015-01-11 20:00:53 6C02AA82F235B36952E3520B0BA3DA5F 685032 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\update.exe
=== C: other files ==
2015-01-12 12:49:34 EC9D939B904C3A942484AFB3293AA413 18714 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip
2015-01-11 20:01:29 FA9DF90256BDCB455C0F1E6BE306571B 410886 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\gfx\default_mono_2014.zip
2015-01-11 20:01:29 3C7C9C315813A905FD5515EABB4584FB 152690 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\gfx\countries.zip
2015-01-11 20:01:29 2E7D70FF42808B8E0CA8404C6B114098 281810 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\gfx\default.zip
2015-01-11 20:01:29 11DE6338B9F76593F25A0DC83E6701B0 329371 ----a-w- C:\Users\momo\AppData\Local\temp\teamspeak_temp_0\gfx\default_colored_2014.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2198749600-2772488607-3266564224-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UIExec"="C:\Program Files\T-Mobile Internet Manager\UIExec.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"Telenor_Montenegro Imola ModemListener"="C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe start"
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"NetWorx"="C:\Program Files\NetWorx\networx.exe /auto"
"Avira Systray"="C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

==== Startup Folders ======================

2014-11-27 17:59:47 1969 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11.12.2014. 15:06]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29.09.2013. 13:23]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29.09.2013. 13:23]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\{242225A7-E228-48FD-9E2E-A66220869BF8}" ["c:\program files\google\chrome\application\chrome.exe"]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\momo\AppData\Roaming\Mozilla\Firefox\Profiles\om3flhal.default
user_pref("browser.startup.homepage", "google.com");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"ff-bmboc@bytemobile.com"="C:\Program Files\T-Mobile Internet Manager\addon" [14.02.2014. 19:25]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\momo\AppData\Roaming\Mozilla\Firefox\Profiles\om3flhal.default
BBF0479C2D30519A2E746D12CAE54B43 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U71
1ED046D972B98E0ADEC4D4D61BF37695 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.710.14
9860727E477F17B88E39AF8B69B0407A - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll - Shockwave Flash
0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
D2377C9458EFEB094E38B8C874AA214C - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update
EAF918D324861CD742AB9E3EC71861BA - C:\Users\momo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
9D4A0B314CB9CF134CA27E1E0217E51E - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
D40B9183C149CE2CBBE93AC1A275BDA9 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
99F97C9FE748C37528C338A423577FCB - C:\Users\momo\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin
28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight


==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)


Poppit - momo\AppData\Local\Chromium\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi
Google Wallet - momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Last updated at time on date - momo\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp

==== Chromium Startpages ======================

C:\Users\momo\AppData\Local\Chromium\User Data\Default\Preferences
"homepage": "http://www.google.com/",


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on pon 12.01.2015. at 17:56:37,64 ======================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Zoek izvještaj mi izgleda čisto. Kakvo je sada stanje?

offline
  • Pridružio: 01 Sep 2007
  • Poruke: 137

OK je za sad.videcemo kako ce se ponasat.
hvala.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

rennsport ::OK je za sad.videcemo kako ce se ponasat.
hvala.


Imamo još i ARK provjeru da obavimo.


Arrow

Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;



• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.





>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.





Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

offline
  • Pridružio: 01 Sep 2007
  • Poruke: 137

Napisano: 12 Jan 2015 23:24

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
malwarebytes.org

Database version: v2015.01.12.09

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
momo :: MOMO-PC [administrator]

12.1.2015. 22:35:16
mbar-log-2015-01-12 (22-35-16).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 323170
Time elapsed: 35 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\momo\Downloads\RocketPDFSetup.exe (Adware.InstallBrain) -> Delete on reboot. [5d2c876f2e5bab8bdeac45e49d644ab6]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Dopuna: 12 Jan 2015 23:24

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U redu. To bi trebalo biti sve.

Arrow

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.



MBAR-ov folder možeš ručno obrisati sa Desktopa.



Idea

Preporučujem ti da instaliraš Service Pack 1 za tvoj Windows 7 operativni sistem.
Možeš ga preuzeti sa ovog linka:

Windows 7 SP1 x86

Ko je trenutno na forumu
 

Ukupno su 848 korisnika na forumu :: 55 registrovanih, 11 sakrivenih i 782 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., aboris, airsuba, babaroga, Bane san, blackjack, Boris BM, Botovac, branko7, dejina811, edman, Ehinacea, FOX, francis begbie, Frunze, goran.vvv, goxin, HDMI, hyla, ikan, ivica976, Izraziti favorit, Još malo pa deda, Komentator, laurusri, Leonov, ljuba, Majstorr, Marko Marković, mean_machine, Mitraljeta, mocnijogurt, nenad81, Nixon, ObelixSRB, panzerwaffe, Parker, pceklic, pvoman, repac, Rocker, ruso, S2M, SerbFlippy, Shinobi, Smajser, Srle993, Stanlio, stegonosa, TITAN DUDIN JARAN, Toni, Vlada1389, vladetije, wulfy, yufighter