zamrzavanje racunara

1

zamrzavanje racunara

offline
  • Pridružio: 06 Feb 2013
  • Poruke: 104
  • Gde živiš: Zajecar

Povremeno mi se zamrzne racunar,imao sam problema prilikom rutovanja telefona sa drajverima,pa se na sugestiju jednog Vaseg clana javljam.
Koristim win 7 ultimate,ADSL telekom brzine Net5.Koristio sam dva antivirusna programa sa zeljom da izaberem bolji ,ali su ostali duze vreme.Sada sam obrisao Microsoft Security Essentials,a ostao je AVG.

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.13.2
Run by Miodrag at 17:22:35 on 2013-02-15
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.674 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\AVG\AVG2012\avgidsagent.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Windows\system32\taskeng.exe
D:\Programs\System\Cleanmem\mini_monitor.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\WUDFHost.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchbrowsing.com
mStart Page = hxxp://www.searchbrowsing.com
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: {8984B388-A5BB-4DF7-B274-77B879E179DB} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {ACC01A56-70E3-472E-9C4F-83B1DA817DD8} - <orphaned>
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - d:\programs\internet\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - LocalServer32 - <no file>
uRun: [Skype] "d:\programs\internet\phone\Skype.exe" /minimized /regrun
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - <no file>
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - d:\programs\internet\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {73848533-39E1-49F1-9363-28054268C094} - hxxps://rol.raiffeisenbank.rs/RetailDLL/FSINT9.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://ebankweb.kombank.com/webbank/swf/swflash.cab
DPF: {F6FFAC18-CAD4-4054-9D49-D610286CE323} - hxxps://rol.raiffeisenbank.rs/RetailDLL/EBCSCC2a.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{E0284369-5F59-47BA-B740-8DB3F3BF76D9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E0284369-5F59-47BA-B740-8DB3F3BF76D9}\847453230336 : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - d:\programs\internet\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
STS: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-11-8 250080]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-8-24 301920]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-11-2 5174392]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-14 20992]
R2 HTCMonitorService;HTCMonitorService;c:\program files\htc\htc sync manager\HSMServiceEntry.exe [2012-12-12 87368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2012-9-29 13336]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2011-3-31 80896]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-12-10 142176]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2012-4-4 7168]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187B.sys [2009-6-10 379904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2012-12-7 23040]
S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\drivers\jrdusbser.sys [2012-5-5 106112]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [2009-4-29 25088]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2013-2-6 15576]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2013-2-6 10200]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-3-7 15872]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [2012-4-8 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [2012-4-8 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [2012-4-8 123648]
S3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);c:\windows\system32\drivers\ssceserd.sys [2012-4-8 100352]
SUnknown TsUsbFlt;TsUsbFlt; [x]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-02-15 13:24:13 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{1e7865a9-2ba5-45b1-9ee5-ffdb0c8b36c0}\offreg.dll
2013-02-15 12:14:56 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{1e7865a9-2ba5-45b1-9ee5-ffdb0c8b36c0}\mpengine.dll
2013-02-13 19:07:52 -------- d-----w- c:\users\miodrag\appdata\roaming\HTC
2013-02-13 16:43:19 -------- d-----w- c:\programdata\BrowserProtect
2013-02-13 16:43:15 -------- d-----w- c:\users\miodrag\appdata\roaming\BabSolution
2013-02-13 16:42:40 -------- d-----w- c:\programdata\Babylon
2013-02-13 16:42:33 -------- d-----w- c:\users\miodrag\appdata\roaming\YourFileDownloader
2013-02-13 16:09:31 315904 ----a-w- c:\windows\IsUninst.exe
2013-02-13 16:07:56 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-13 16:07:55 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 16:07:54 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 16:07:54 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 16:07:53 760320 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-13 16:07:52 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-12 16:21:39 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2013-02-11 19:08:46 -------- d-----w- c:\users\miodrag\appdata\roaming\TeamViewer
2013-02-11 15:24:30 6991832 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{fae538e9-ae36-4c32-b611-5fc8b8dc3a54}\mpengine.dll
2013-02-10 20:49:34 -------- d-----w- c:\program files\TeamViewer
2013-02-10 17:57:52 -------- d-----w- c:\users\miodrag\appdata\roaming\Google Chrome Backup
2013-02-10 17:43:45 -------- d-----w- c:\users\miodrag\appdata\roaming\HTC Sync
2013-02-10 15:39:11 -------- d-----w- c:\users\miodrag\appdata\local\HTC MediaHub
2013-02-09 22:11:25 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-09 12:21:38 34216 ----a-w- c:\windows\system32\drivers\wsadb.sys
2013-02-08 18:24:34 -------- d-----w- c:\users\miodrag\appdata\local\Wondershare
2013-02-08 18:24:32 -------- d-----w- c:\program files\common files\Wondershare
2013-02-08 18:24:23 -------- d-----w- c:\users\miodrag\.android
2013-02-07 23:45:06 -------- d-----w- c:\users\miodrag\appdata\roaming\Outlook
2013-02-07 23:29:59 -------- d-----w- c:\users\miodrag\appdata\local\Apple Computer
2013-02-07 23:29:58 -------- d-----w- c:\programdata\HTC
2013-02-07 23:29:53 -------- d-----w- c:\programdata\Motorola
2013-02-07 19:14:44 -------- d-----w- c:\program files\Spirent Communications
2013-02-07 17:40:27 -------- d-----w- c:\programdata\Guard.Mail.Ru
2013-02-07 16:56:59 -------- d-----w- c:\program files\HTC
2013-02-06 17:17:10 2822336 ----a-w- c:\windows\system32\pwNative.exe
2013-02-06 17:17:09 15576 ------w- c:\windows\system32\pwdrvio.sys
2013-02-06 17:16:24 10200 ------w- c:\windows\system32\pwdspio.sys
2013-02-05 16:47:12 -------- d-----w- c:\users\miodrag\appdata\roaming\{DCD48218-E972-4D0C-9E5F-43462BC13E3B}
2013-02-05 16:46:53 -------- d-----w- c:\users\miodrag\appdata\local\Mail.Ru
2013-02-05 16:46:33 -------- d-----w- c:\users\miodrag\appdata\local\Xpom
2013-02-02 17:07:34 -------- d-----w- c:\users\miodrag\Sifre
2013-01-21 15:59:41 -------- d-----w- c:\users\miodrag\appdata\roaming\Azureus
.
==================== Find3M ====================
.
2013-02-09 22:10:50 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-02-09 22:10:49 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-09 20:24:44 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-09 20:24:44 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-04 03:00:29 2347008 ----a-w- c:\windows\system32\win32k.sys
2012-12-20 12:53:51 981504 ----a-w- c:\windows\system32\wininet.dll
2012-12-20 11:20:29 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-10 02:28:36 142176 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-12-07 17:27:50 23040 ----a-w- c:\windows\system32\drivers\htcnprot.sys
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe
2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll
2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll
.
============= FINISH: 17:23:56,72 ===============

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Pozdrav,



Korak 1.

Arrow Preuzmi Microsoft Security Essentials installer na Desktop:

http://mse.dlservice.microsoft.com/download/A/3/8/.....nstall.exe

Arrow Pritisni dugme i R, otvoriće se ovakav prozor:



Arrow Prevuci fajl koji je predhodno preuzet u Open sekciju:





Arrow Potrebno je da dodati na kraju " /U"(bez navodnika, i sa razmakom između putanje i /U).




Arrow U prozoru koji se otvori, klikni na Uninstall.



Korak 2.

Pokreni Control Panel --> Programs and Features i obrisi sledece:
- Babylon Chrome Toolbar
- Java(TM) 6 Update 37
- Java(TM) SE Runtime Environment 6 Update 1

Restartuj racunar!



Korak 3.

Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop
Dvoklikom pokreni program i klikni na dugme [Search] .
Kada program zavrsi analizu otvorice notepad sa izvestajem. Zatvori taj notepad.

Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt

offline
  • Pridružio: 06 Feb 2013
  • Poruke: 104
  • Gde živiš: Zajecar

Napisano: 15 Feb 2013 21:18

Nisam deinstalirao MSI ,nece jer ne dobijam opciju deinstaliraj.Probao i preko regedita,nema ga nigde.Ostalo uradio.
mycity.rs/must-login.png

Dopuna: 15 Feb 2013 21:19

Evo skrin sotova.




Dopuna: 15 Feb 2013 21:24

Greska ponovio istu sliku.

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Nisi nesto dobro uradio...

Ovako treba da pise(donji prozor), nakon cega dobijes gornji prozor gde imas Uninstall...


offline
  • Pridružio: 06 Feb 2013
  • Poruke: 104
  • Gde živiš: Zajecar

Deinstaliran MSI ,da li da ponovim test sa AdwCleaner?

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Arrow Kakvo je sada stanje, zamrzava li kompjuter?



Arrow Ponovo pokreni DDS i dostavi novi DDS.txt izvestaj.

offline
  • Pridružio: 06 Feb 2013
  • Poruke: 104
  • Gde živiš: Zajecar

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.13.2
Run by Miodrag at 16:09:06 on 2013-02-16
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.896 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
D:\Programs\System\Cleanmem\mini_monitor.exe
C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
D:\SAMSUNG\MobileGo for Android\MobileGoService.exe
C:\PROGRA~1\COMMON~1\WONDER~1\WONDER~1\WSHelper.exe
C:\Program Files\AVG\AVG2012\avgidsagent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: {8984B388-A5BB-4DF7-B274-77B879E179DB} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - d:\programs\internet\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre7\bin\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mobile~1.lnk - d:\samsung\mobilego for android\MobileGoService.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - <no file>
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - d:\programs\internet\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {73848533-39E1-49F1-9363-28054268C094} - hxxps://rol.raiffeisenbank.rs/RetailDLL/FSINT9.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://ebankweb.kombank.com/webbank/swf/swflash.cab
DPF: {F6FFAC18-CAD4-4054-9D49-D610286CE323} - hxxps://rol.raiffeisenbank.rs/RetailDLL/EBCSCC2a.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{E0284369-5F59-47BA-B740-8DB3F3BF76D9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E0284369-5F59-47BA-B740-8DB3F3BF76D9}\847453230336 : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - d:\programs\internet\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
STS: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-11-8 250080]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-8-24 301920]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-11-2 5174392]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-14 20992]
R2 HTCMonitorService;HTCMonitorService;c:\program files\htc\htc sync manager\HSMServiceEntry.exe [2012-12-12 87368]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2011-3-31 80896]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-1-31 3289208]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-2-10 3467768]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-12-10 142176]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2012-4-4 7168]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187B.sys [2009-6-10 379904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2012-9-29 13336]
S2 SkypeUpdate;Skype Updater;d:\programs\internet\updater\Updater.exe [2013-2-7 161384]
S2 VIP_Serbia Wave Modem Device Helper;VIP_Serbia Wave Modem Device Helper; [x]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2012-12-7 23040]
S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\drivers\jrdusbser.sys [2012-5-5 106112]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [2009-4-29 25088]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2013-2-6 15576]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2013-2-6 10200]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-3-7 15872]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [2012-4-8 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [2012-4-8 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [2012-4-8 123648]
S3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);c:\windows\system32\drivers\ssceserd.sys [2012-4-8 100352]
SUnknown TsUsbFlt;TsUsbFlt; [x]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-02-15 12:14:56 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{1e7865a9-2ba5-45b1-9ee5-ffdb0c8b36c0}\mpengine.dll
2013-02-13 19:07:52 -------- d-----w- c:\users\miodrag\appdata\roaming\HTC
2013-02-13 16:09:31 315904 ----a-w- c:\windows\IsUninst.exe
2013-02-13 16:07:56 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-13 16:07:55 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 16:07:54 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 16:07:54 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 16:07:53 760320 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-13 16:07:52 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-12 16:21:39 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2013-02-11 19:08:46 -------- d-----w- c:\users\miodrag\appdata\roaming\TeamViewer
2013-02-11 15:24:30 6991832 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{fae538e9-ae36-4c32-b611-5fc8b8dc3a54}\mpengine.dll
2013-02-10 20:49:34 -------- d-----w- c:\program files\TeamViewer
2013-02-10 17:57:52 -------- d-----w- c:\users\miodrag\appdata\roaming\Google Chrome Backup
2013-02-10 17:43:45 -------- d-----w- c:\users\miodrag\appdata\roaming\HTC Sync
2013-02-10 15:39:11 -------- d-----w- c:\users\miodrag\appdata\local\HTC MediaHub
2013-02-09 22:11:25 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-09 12:21:38 34216 ----a-w- c:\windows\system32\drivers\wsadb.sys
2013-02-08 18:24:34 -------- d-----w- c:\users\miodrag\appdata\local\Wondershare
2013-02-08 18:24:32 -------- d-----w- c:\program files\common files\Wondershare
2013-02-08 18:24:23 -------- d-----w- c:\users\miodrag\.android
2013-02-07 23:45:06 -------- d-----w- c:\users\miodrag\appdata\roaming\Outlook
2013-02-07 23:29:59 -------- d-----w- c:\users\miodrag\appdata\local\Apple Computer
2013-02-07 23:29:58 -------- d-----w- c:\programdata\HTC
2013-02-07 23:29:53 -------- d-----w- c:\programdata\Motorola
2013-02-07 19:14:44 -------- d-----w- c:\program files\Spirent Communications
2013-02-07 17:40:27 -------- d-----w- c:\programdata\Guard.Mail.Ru
2013-02-07 16:56:59 -------- d-----w- c:\program files\HTC
2013-02-06 17:17:10 2822336 ----a-w- c:\windows\system32\pwNative.exe
2013-02-06 17:17:09 15576 ------w- c:\windows\system32\pwdrvio.sys
2013-02-06 17:16:24 10200 ------w- c:\windows\system32\pwdspio.sys
2013-02-05 16:47:12 -------- d-----w- c:\users\miodrag\appdata\roaming\{DCD48218-E972-4D0C-9E5F-43462BC13E3B}
2013-02-05 16:46:33 -------- d-----w- c:\users\miodrag\appdata\local\Xpom
2013-02-02 17:07:34 -------- d-----w- c:\users\miodrag\Sifre
2013-01-21 15:59:41 -------- d-----w- c:\users\miodrag\appdata\roaming\Azureus
.
==================== Find3M ====================
.
2013-02-09 22:10:50 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-02-09 22:10:49 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-09 20:24:44 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-09 20:24:44 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-04 03:00:29 2347008 ----a-w- c:\windows\system32\win32k.sys
2012-12-20 12:53:51 981504 ----a-w- c:\windows\system32\wininet.dll
2012-12-20 11:20:29 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-10 02:28:36 142176 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-12-07 17:27:50 23040 ----a-w- c:\windows\system32\drivers\htcnprot.sys
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe
2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll
2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll
.
============= FINISH: 16:10:27,02 ===============

mycity.rs/must-login.png
Evo novih rezultata.Sta dalje?

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Nije dobro obrisan MSE

Preuzmi AppRemover i pokreni ga.

Kada se pokrene izaberi opciju No Installation - I only wish to run AppRemover, a zatim klikni na Next.

Na sledecem prozoru cekiraj I agree, pa potvrdi sa Start, nakon cega ce skeniranje otpoceti.

Kada se skeniranje zavrsi, dobices listu aplikacija koje je moguce deinstalirati. Obelezi samo Microsoft Security Essentials, pa klikni na Remove selected applications kao na slici.



Kada program zavrsi brisanje, klikni na Reboot Now.

Nakon ovoga mi dostavi svez DDS izvestaj.

offline
  • Pridružio: 06 Feb 2013
  • Poruke: 104
  • Gde živiš: Zajecar

Napisano: 16 Feb 2013 18:06

Nema MSE.Sta dalje?


Dopuna: 17 Feb 2013 12:15

Ovo su izvestaji posle deinstalacije AVG-a.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.13.2
Run by Miodrag at 12:13:04 on 2013-02-17
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.1140 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\Explorer.EXE
D:\Programs\System\Cleanmem\mini_monitor.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
D:\SAMSUNG\MobileGo for Android\MobileGoService.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\PROGRA~1\COMMON~1\WONDER~1\WONDER~1\WSHelper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miodrag\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - <orphaned>
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: {8984B388-A5BB-4DF7-B274-77B879E179DB} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - d:\programs\internet\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre7\bin\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mobile~1.lnk - d:\samsung\mobilego for android\MobileGoService.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - <no file>
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - d:\programs\internet\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {73848533-39E1-49F1-9363-28054268C094} - hxxps://rol.raiffeisenbank.rs/RetailDLL/FSINT9.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://ebankweb.kombank.com/webbank/swf/swflash.cab
DPF: {F6FFAC18-CAD4-4054-9D49-D610286CE323} - hxxps://rol.raiffeisenbank.rs/RetailDLL/EBCSCC2a.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{E0284369-5F59-47BA-B740-8DB3F3BF76D9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E0284369-5F59-47BA-B740-8DB3F3BF76D9}\847453230336 : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - d:\programs\internet\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
STS: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-14 20992]
R2 HTCMonitorService;HTCMonitorService;c:\program files\htc\htc sync manager\HSMServiceEntry.exe [2012-12-12 87368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2012-9-29 13336]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2011-3-31 80896]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-1-31 3289208]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-2-10 3467768]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2012-4-4 7168]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187B.sys [2009-6-10 379904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;d:\programs\internet\updater\Updater.exe [2013-2-7 161384]
S2 VIP_Serbia Wave Modem Device Helper;VIP_Serbia Wave Modem Device Helper; [x]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2012-12-7 23040]
S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\drivers\jrdusbser.sys [2012-5-5 106112]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [2009-4-29 25088]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2013-2-6 15576]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2013-2-6 10200]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-3-7 15872]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [2012-4-8 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [2012-4-8 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [2012-4-8 123648]
S3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);c:\windows\system32\drivers\ssceserd.sys [2012-4-8 100352]
SUnknown TsUsbFlt;TsUsbFlt; [x]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-02-16 18:24:24 -------- d-----w- c:\users\miodrag\appdata\roaming\AVG2012
2013-02-16 18:05:19 -------- d-----w- c:\users\miodrag\appdata\roaming\TuneUp Software
2013-02-15 12:14:56 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{1e7865a9-2ba5-45b1-9ee5-ffdb0c8b36c0}\mpengine.dll
2013-02-13 19:07:52 -------- d-----w- c:\users\miodrag\appdata\roaming\HTC
2013-02-13 16:09:31 315904 ----a-w- c:\windows\IsUninst.exe
2013-02-13 16:07:56 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-13 16:07:55 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 16:07:54 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 16:07:54 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 16:07:53 760320 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-13 16:07:52 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-12 16:21:39 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2013-02-11 19:08:46 -------- d-----w- c:\users\miodrag\appdata\roaming\TeamViewer
2013-02-11 15:24:30 6991832 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{fae538e9-ae36-4c32-b611-5fc8b8dc3a54}\mpengine.dll
2013-02-10 20:49:34 -------- d-----w- c:\program files\TeamViewer
2013-02-10 17:57:52 -------- d-----w- c:\users\miodrag\appdata\roaming\Google Chrome Backup
2013-02-10 17:43:45 -------- d-----w- c:\users\miodrag\appdata\roaming\HTC Sync
2013-02-10 15:39:11 -------- d-----w- c:\users\miodrag\appdata\local\HTC MediaHub
2013-02-09 22:11:25 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-09 12:21:38 34216 ----a-w- c:\windows\system32\drivers\wsadb.sys
2013-02-08 18:24:34 -------- d-----w- c:\users\miodrag\appdata\local\Wondershare
2013-02-08 18:24:32 -------- d-----w- c:\program files\common files\Wondershare
2013-02-08 18:24:23 -------- d-----w- c:\users\miodrag\.android
2013-02-07 23:45:06 -------- d-----w- c:\users\miodrag\appdata\roaming\Outlook
2013-02-07 23:29:59 -------- d-----w- c:\users\miodrag\appdata\local\Apple Computer
2013-02-07 23:29:58 -------- d-----w- c:\programdata\HTC
2013-02-07 23:29:53 -------- d-----w- c:\programdata\Motorola
2013-02-07 19:14:44 -------- d-----w- c:\program files\Spirent Communications
2013-02-07 17:40:27 -------- d-----w- c:\programdata\Guard.Mail.Ru
2013-02-07 16:56:59 -------- d-----w- c:\program files\HTC
2013-02-06 17:17:10 2822336 ----a-w- c:\windows\system32\pwNative.exe
2013-02-06 17:17:09 15576 ------w- c:\windows\system32\pwdrvio.sys
2013-02-06 17:16:24 10200 ------w- c:\windows\system32\pwdspio.sys
2013-02-05 16:47:12 -------- d-----w- c:\users\miodrag\appdata\roaming\{DCD48218-E972-4D0C-9E5F-43462BC13E3B}
2013-02-05 16:46:33 -------- d-----w- c:\users\miodrag\appdata\local\Xpom
2013-02-02 17:07:34 -------- d-----w- c:\users\miodrag\Sifre
2013-01-21 15:59:41 -------- d-----w- c:\users\miodrag\appdata\roaming\Azureus
.
==================== Find3M ====================
.
2013-02-09 22:10:50 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-02-09 22:10:49 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-09 20:24:44 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-09 20:24:44 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-04 03:00:29 2347008 ----a-w- c:\windows\system32\win32k.sys
2012-12-20 12:53:51 981504 ----a-w- c:\windows\system32\wininet.dll
2012-12-20 11:20:29 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 17:27:50 23040 ----a-w- c:\windows\system32\drivers\htcnprot.sys
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe
2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll
2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll
.
============= FINISH: 12:13:46,44 ===============

mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Arrow To bi bilo to, ostaci koji su pravili problem su uklonjeni...



Arrow Ponovo pokreni AdwCleaner
Klikni na dugme [Uninstall] i pricekaj da se postupak uninstallacije završi.



Arrow Sada je potrebno da instaliras neki Antivirus. Izaberi neku od besplatnih varijanti:

Microsoft Security Essentials
avast! Free Antivirus
Avira Free Antivirus
Panda Antivirus Free
AVG Free
Bitdefender Free Antivirus

Takodje prelistaj malo i ove teme...

Aplikacija-za-sigurno-surfovanje-Vas-mozak Arrow
http://www.mycity.rs/Zastita/Aplikacija-za-sigurno-surfovanje-Vas-mozak.html


Izbor besplatnog antivirusa Arrow
http://www.mycity.rs/Zastitni-programi/Izbor-besplatnog-antivirusa.html


Najbolji-antivirus-po-vasem-misljenju Arrow
http://www.mycity.rs/Zastitni-programi/Najbolji-an.....jenju.html


Najbolji besplatni zastitni softver Arrow
http://www.mycity.rs/Zastitni-programi/Najbolji-besplatni-zastitni-softver.html



Arrow Preporučujem da za zaštitu USB memorijskih uredjaja koristiš MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad, a pokazao se kao jedan od najboljih vidova zaštite od malware-a koji se prenosi putem USB mem. uređaja. Skineš, instaliraš, ubodeš USB mem. uređaj, izvrši se skeniranje nakon čega dobiješ obaveštenje da je uređaj čist (ukoliko je stvarno tako); ili dobiješ log u kome vidiš informacije o malware-u koji je nađen i obrisan.


Home Page MCShield-a ::Anti-Malware Tool:: v2: http://amf.mycity.rs/mcshield/

Više o MCShield-u možeš saznati u ovim temama:
v1: http://www.mycity.rs/MyCity-Laboratorija/MCShield.html
v2: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html




Arrow Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj.
Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html



Arrow Takode, isprati i temu "Kako izbeci i ukloniti toolbar-ove" , procitaj i isprati korake u njoj. Link do teme je: http://www.mycity.rs/Zastita/Kako-izbeci-i-ukloniti-toolbar-ove.html



TwinHeadedEagle (AMF Tim)

Ko je trenutno na forumu
 

Ukupno su 1359 korisnika na forumu :: 29 registrovanih, 3 sakrivenih i 1327 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: aleksandarbl, Alibaba1981, Bane san, Boris BM, djboj, Dorcolac, draganca, Fabius, FileFinder, ILGromovnik, Istman, Ivica1102, jackreacher011011, janbo, Joja2, kovinacc, kraJo, Krusarac, Mi lao shu, raketaš, S2M, sasakrajina, shaja1, Srky Boy, suton, vasa.93, Vlada1389, vladulns, zlatkoa987