usporen kompjuter

usporen kompjuter

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

Napisano: 15 Jun 2015 21:15

vec neko vreme kompjuter se naglo uspori, pa opet pocne. pre 2 nedelje ili vec je malwareb. detektovao neki virus/viruse:

Malwarebytes Anti-Malware
malwarebytes.org

Scan Date: 05.04.2014
Scan Time: 16:11:42
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database:
Rootkit Database:
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: M

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 270457
Time Elapsed: 21 min, 26 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics:
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, Quarantined, [b9fe61c5522965d12826fd88937048b8],
PUP.Optional.Amonetize.A, HKU\S-1-5-21-432700491-4017870644-2687449469-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\AMIEXT\IE plugin, Quarantined, [8235071f8deedc5ab12f82ed29d9e020],

Registry Values: 1
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, 90786180246527344513194301165297545212, Quarantined, [b9fe61c5522965d12826fd88937048b8]

Registry Data: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[a51248de502b191d48a9a76d3dc7847c]

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


medjutim opet kompjuter usporava. kao i internet. u jednom trenutku kao da ne radi, a onda opet proradi. wlan.

Dopuna: 15 Jun 2015 21:17

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by M (administrator) on MIKI on 15-06-2015 20:29:31
Running from C:\Users\M\Desktop
Loaded Profiles: M (Available Profiles: M)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\M\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-10-29] (Synaptics Incorporated)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT Corporation)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2012-09-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2014-01-30] (ABBYY Production LLC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4370976 2014-12-12] (Fitbit, Inc.)
HKU\S-1-5-21-432700491-4017870644-2687449469-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-432700491-4017870644-2687449469-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-432700491-4017870644-2687449469-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-432700491-4017870644-2687449469-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2012-09-19] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2013-10-11] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1209149.dll [2014-01-29] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-04-03] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-04-03] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2013-10-11] (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-432700491-4017870644-2687449469-1002: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2013-10-12]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn [2014-04-05]

Chrome:
=======
CHR Profile: C:\Users\M\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-11]
CHR Extension: (Google Drive) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-11]
CHR Extension: (YouTube) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-11]
CHR Extension: (Adblock Plus) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-16]
CHR Extension: (Google Search) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-11]
CHR Extension: (Google+) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2013-11-03]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-10-11]
CHR Extension: (Dropbox) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-10-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2013-11-17]
CHR Extension: (Google Wallet) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-11]
CHR Extension: (Awesome Speed Dial) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijkglihmcefogkmgibpajfaiekekllk [2013-10-27]
CHR Extension: (Gmail) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5738528 2014-12-12] (Fitbit, Inc.)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-27] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
S3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Corporation)
S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation) [File not signed]
S3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140404.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140404.008\ENG64.SYS [126040 2014-01-24] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140404.008\EX64.SYS [2099288 2014-01-24] (Symantec Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
S3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-10-12] (Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
S3 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 STHDA; \SystemRoot\system32\DRIVERS\stwrt64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-15 20:29 - 2015-06-15 20:30 - 00020118 _____ C:\Users\M\Desktop\FRST.txt
2015-06-15 20:28 - 2015-06-15 20:29 - 00000000 ____D C:\FRST
2015-06-15 20:26 - 2015-06-15 20:26 - 02109952 _____ (Farbar) C:\Users\M\Desktop\FRST64.exe
2015-06-14 18:41 - 2015-06-14 18:41 - 00001657 _____ C:\Users\M\Downloads\RHHBF Cash Flow.csv
2015-06-14 18:40 - 2015-06-14 18:40 - 00001979 _____ C:\Users\M\Downloads\RHHBF Balance Sheet.csv
2015-06-14 18:37 - 2015-06-14 18:37 - 00001104 _____ C:\Users\M\Downloads\RHHBF Income Statement.csv
2015-06-14 18:06 - 2015-06-14 18:06 - 00083471 _____ C:\Users\M\Downloads\rog_vx_.xlsx
2015-06-14 14:10 - 2015-06-14 14:10 - 00123452 _____ C:\Users\M\Downloads\celg.xlsx
2015-06-13 14:33 - 2015-06-13 14:35 - 00000000 ____D C:\Users\M\Downloads\Kingsman The Secret Service (2014)
2015-06-11 21:18 - 2015-06-11 21:18 - 02685922 _____ C:\Users\M\Downloads\quaterly_updated_charts.xlsx
2015-06-11 21:17 - 2015-06-11 21:17 - 00022266 _____ C:\Users\M\Downloads\bar_chart_sort_dates_by_months_testing_2 (1).xlsx
2015-06-11 21:17 - 2015-06-11 21:17 - 00011753 _____ C:\Users\M\Downloads\april.xlsx
2015-06-11 21:16 - 2015-06-11 21:16 - 00022266 _____ C:\Users\M\Downloads\bar_chart_sort_dates_by_months_testing_2.xlsx
2015-06-11 18:49 - 2015-06-11 18:50 - 193046740 ____R C:\Users\M\Downloads\Pretty.Little.Liars.S06E02.HDTV.x264-LOL.mp4
2015-06-05 20:23 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-05 20:23 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-05 20:23 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-05 20:23 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-05 20:23 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-05 20:23 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-05 20:23 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-05 20:23 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-02 21:53 - 2015-06-02 21:53 - 00000000 ____D C:\Users\M\AppData\Local\GWX
2015-05-31 22:47 - 2015-06-07 00:53 - 00000000 ____D C:\Users\M\Downloads\Hell on Wheels S04E06 HDTV x264-KILLERS[ettv]
2015-05-31 20:41 - 2015-05-31 22:48 - 00000000 ____D C:\Users\M\Downloads\Hell on Wheels S03E06 HDTV x264-EVOLVE[ettv]
2015-05-30 22:51 - 2015-05-30 23:20 - 00000000 ____D C:\Users\M\Downloads\StreetDance 3 All Stars (2013) Dutch-PAL-DVDR-NLU002
2015-05-30 20:30 - 2015-05-30 20:30 - 00089096 _____ C:\Users\M\Downloads\bmy_us.xlsx
2015-05-26 20:34 - 2015-05-26 20:34 - 00000165 ____H C:\Users\M\Downloads\~$pfe_us.xlsx
2015-05-26 19:39 - 2015-05-26 19:39 - 00000165 ____H C:\Users\M\Downloads\~$bava_dc.xlsx
2015-05-26 19:38 - 2015-05-26 20:32 - 00091397 _____ C:\Users\M\Downloads\bava_dc.xlsx
2015-05-24 15:04 - 2015-05-24 17:23 - 00000000 ____D C:\Users\M\Downloads\STREETDANCE 3D [2010] DVD Rip Xvid [StB]
2015-05-24 15:04 - 2015-05-24 15:04 - 00016840 _____ C:\Users\M\Downloads\STREETDANCE_3D_[2010]_DVD_Rip_Xvid_[StB]_o-demonoid.pw-o_4668133.0966.TORRENT
2015-05-24 15:03 - 2015-05-24 15:03 - 00009480 _____ C:\Users\M\Downloads\StreetDance_3D_2010_DVDRip_Xvid_XTM-[demonoid.pw]_4668133.0966.TORRENT
2015-05-24 11:58 - 2015-05-28 21:52 - 00000000 ____D C:\Users\M\Downloads\StreetDance 2 (2012)
2015-05-24 11:12 - 2015-05-24 11:28 - 00000000 ____D C:\Users\M\Downloads\Step Up All In (2014)
2015-05-17 14:09 - 2015-05-30 10:32 - 00000000 ____D C:\Users\M\Downloads\CSI Cyber S01E07 HDTV XviD-FUM[ettv]
2015-05-17 14:09 - 2015-05-17 14:11 - 00000000 ____D C:\Users\M\Downloads\CSI.Cyber.S01E05.HDTV.x264-LOL[ettv]
2015-05-17 14:08 - 2015-05-17 14:18 - 348646113 ____R C:\Users\M\Downloads\CSI.Cyber.S01E03.HDTV.x264-LOL.mp4
2015-05-17 14:08 - 2015-05-17 14:15 - 362419438 ____R C:\Users\M\Downloads\CSI.Cyber.S01E04.HDTV.x264-LOL.mp4
2015-05-17 14:08 - 2015-05-17 14:12 - 364443918 ____R C:\Users\M\Downloads\CSI.Cyber.S01E06.HDTV.x264-LOL.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-15 20:31 - 2013-10-11 20:11 - 00000000 ____D C:\Users\M\AppData\Roaming\uTorrent
2015-06-15 20:18 - 2015-03-06 22:48 - 01488009 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-15 20:14 - 2014-07-08 19:49 - 00038400 _____ C:\Users\M\Downloads\Primer.xls
2015-06-15 20:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-15 19:48 - 2013-10-11 19:49 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-14 20:48 - 2013-10-11 19:49 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-14 20:23 - 2013-10-26 21:10 - 00000000 ____D C:\Users\M\Downloads\Editgrid
2015-06-14 13:44 - 2013-10-11 19:24 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-432700491-4017870644-2687449469-1002
2015-06-14 12:41 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-13 13:09 - 2013-10-11 21:48 - 00214585 _____ C:\Users\M\Desktop\Mappe1.xlsx
2015-06-13 10:54 - 2013-05-13 17:57 - 00000272 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-06-13 10:54 - 2013-05-13 17:57 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-06-13 10:54 - 2012-09-26 09:53 - 00000950 _____ C:\WINDOWS\SysWOW64\bscs.ini
2015-06-13 10:53 - 2014-04-01 20:36 - 00000000 __RDO C:\Users\M\SkyDrive
2015-06-13 10:53 - 2013-10-27 23:46 - 00000000 ____D C:\Users\M
2015-06-13 10:53 - 2013-10-14 21:48 - 01219584 ___SH C:\Users\M\Desktop\Thumbs.db
2015-06-13 10:52 - 2015-03-10 21:24 - 00006648 _____ C:\WINDOWS\setupact.log
2015-06-13 10:52 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-13 10:51 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-06-13 10:48 - 2014-12-13 11:34 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-13 10:48 - 2014-07-09 20:56 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-10 22:00 - 2013-10-11 19:51 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-09 20:19 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-07 00:46 - 2014-08-22 18:17 - 00000000 ___RD C:\Users\M\Dropbox
2015-06-07 00:46 - 2014-08-22 18:15 - 00000000 ____D C:\Users\M\AppData\Roaming\Dropbox
2015-05-31 20:23 - 2014-05-08 21:05 - 00000000 ____D C:\Users\M\Downloads\2. Serije
2015-05-30 10:33 - 2014-12-13 13:16 - 00000000 ____D C:\Users\M\Downloads\1. Filmovi
2015-05-29 20:29 - 2013-09-30 06:14 - 00339314 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-29 20:29 - 2013-09-30 05:56 - 03021704 _____ C:\WINDOWS\system32\perfh007.dat
2015-05-29 20:29 - 2013-09-30 05:56 - 00844620 _____ C:\WINDOWS\system32\perfc007.dat
2015-05-24 14:21 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-05-24 13:14 - 2014-12-31 16:46 - 00001144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2015-05-24 13:14 - 2014-12-31 16:46 - 00001138 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2015-05-24 11:10 - 2014-04-05 07:22 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-22 19:11 - 2015-04-04 16:44 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-22 19:11 - 2015-04-04 16:44 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-20 20:43 - 2013-10-11 19:49 - 00004100 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-20 20:43 - 2013-10-11 19:49 - 00003864 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-18 17:53 - 2014-08-22 18:17 - 00001051 _____ C:\Users\M\Desktop\Dropbox.lnk
2015-05-18 17:53 - 2014-08-22 18:16 - 00000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-17 14:36 - 2014-04-05 07:22 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-17 14:36 - 2014-04-05 07:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-17 14:36 - 2014-04-05 07:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-16 22:41 - 2015-05-15 19:07 - 00000000 ____D C:\Users\M\Downloads\Scandal.US.S04E22.HDTV.x264-LOL[ettv]

==================== Files in the root of some directories =======

2014-02-02 13:56 - 2014-02-02 13:56 - 0000017 _____ () C:\Users\M\AppData\Local\resmon.resmoncfg
2013-10-11 19:12 - 2013-10-11 19:12 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some files in TEMP:
====================
C:\Users\M\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6dwxle.dll
C:\Users\M\AppData\Local\Temp\ExPromo.exe
C:\Users\M\AppData\Local\Temp\Foxit PhantomPDF Updater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-14 13:44

==================== End of log ============================

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ne vidim u izvjeptaju ništa sporno sem toga što imaš jako spor procesor.

Arrow

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Cleaning i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

Napisano: 15 Jun 2015 21:39

mycity.rs/must-login.png

Dopuna: 15 Jun 2015 21:40

kako da iskljucim ovo automatsko skidanje windows 10. stalno mi se dole pojavljuje instaliraj, rezervisi windows 10.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.




Arrow

Deinstaliraj update KB3035583.

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

i jos jedno pitanje: da li postoji neki program koji bi mi rekao da li je neki fajl/process .exe ok i cemu sluzi ili moram svaki (kao do sad) online da trazim?

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Nema. Lokalni AV program, MBAM i VirusTotal će ti biti dovoljni.

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

evo uradila sam sve ovo. i sad mi neuporedivo brze radi kompjuter. sad cu da vidim jos hoce li mi internet opet prekidati.

hvala na ovako brzom resenju !!! wordless indeed.

Ko je trenutno na forumu
 

Ukupno su 841 korisnika na forumu :: 43 registrovanih, 6 sakrivenih i 792 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: amstel2, Apok, Bane san, bankulen, Battlehammer, branko7, Brankoni, caesar, crnitrn, Cufo, darkangel, Despot1, Doca, dragon986, dule clio, gorozup, GreenMan, havoc995, helen1, Hoegaarden, ILGromovnik, Insan, Joja, kalca65, KS, kuntalo, m0nstrum_, mane123, Mercury, milos.cbr, mrkanidja, Nekicoveculjak, Nikoloff, Panter, Recce, rovac, ruso, Snorks, sovanova95, USSVoyager, vathra, zixmix, Živković