MyCity » Ambulanta -> Arhiva Ambulante » Brzina interneta drastično usporena.

Brzina interneta drastično usporena.

Napisano na dan: 20.11.2013

Brzina interneta drastično usporena.

Sledeća strana

Pagination

Odgovori

Phil Ivey Poslao: 20 Nov 2013 02:09 Idi na vrh
offline Phil Ivey Građanin Pridružio: 19 Apr 2012 Poruke: 33	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Dobra večer mycity-evci. Naslov teme je sve rekao.Ne znam jel u pitanju nekakav virus,jel mi netko krade internet ili nesto treće. Pomagajte DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.45.2 Run by JACOB at 2:05:26 on 2013-11-20 Microsoft Windows 7 Professional 6.1.7601.1.1250.385.1033.18.2934.1490 [GMT 1:00] . AV: ESET NOD32 Antivirus 4.2 Enabled/Updated {77DEAFED-8149-104B-25A1-21771CA47CD1} SP: ESET NOD32 Antivirus 4.2 Enabled/Updated {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe C:\Windows\Explorer.EXE C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\SysWOW64\PnkBstrB.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files (x86)\MCShield\MCShieldRTM.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\SysWOW64\RunDll32.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe C:\Program Files\Realtek\RtVOsd\RtVOsd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.search.ask.com/?l=dis&o=APN10014&gct=hp mStart Page = hxxp://startsear.ch/?aff=2&cf=12765e67-e6ce-11e0-8a3a-70f3952c7ad5 uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned> uURLSearchHooks: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - <orphaned> uURLSearchHooks: {51a86bb3-6602-4c85-92a5-130ee4864f13} - <orphaned> uURLSearchHooks: {013a635f-e3aa-4371-b682-ece95ca974b0} - <orphaned> mWinlogon: Userinit = userinit.exe BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - <orphaned> BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.1.1 TCP: Interfaces\{77A1D742-16FE-4F64-BAC5-2873CE900643} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{77A1D742-16FE-4F64-BAC5-2873CE900643}\34F6E6E6563647966697D26756462716E613 : DHCPNameServer = 192.168.161.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\JACOB\AppData\Roaming\Mozilla\Firefox\Profiles\319msx25.default\ FF - prefs.js: browser.startup.homepage - google.hr FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll . ============= SERVICES / DRIVERS =============== . R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-11-6 98208] R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2012-11-22 65024] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-8-3 203264] R2 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2010-9-3 170104] R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-11-4 810144] R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2010-7-29 126320] R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-17 315392] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-7-15 116240] R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2010-11-6 344616] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-12-17 39464] R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-8-3 158976] R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2010-8-3 10342240] S2 .EsetTrialReset;Eset Trial Reset; [x] S2 AdvancedSystemCareService5;AdvancedSystemCareService5; [x] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-19 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-6 1255736] S3 XFDriver64;XFDriver64;C:\Program Files (x86)\Xfire2\XFDriver64.sys [2013-11-11 17160] S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408] . =============== Created Last 30 ================ . 2013-11-14 14:17:28 214520 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-11-14 14:17:16 214520 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2013-11-14 14:17:11 75064 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2013-11-14 14:17:11 -------- d-----w- C:\Users\JACOB\AppData\Local\PunkBuster 2013-11-11 22:24:01 -------- d-----w- C:\Users\JACOB\AppData\Roaming\Xfire 2013-11-11 22:24:00 -------- d-----w- C:\Program Files (x86)\Common Files\Xfire 2013-11-11 22:23:35 -------- d-----w- C:\ProgramData\Xfire 2013-11-11 22:23:35 -------- d-----w- C:\Program Files (x86)\Xfire2 2013-11-11 22:13:33 -------- d-sh--w- C:\Windows\ftpcache 2013-11-07 19:42:39 -------- d-----w- C:\Users\JACOB\AppData\Roaming\Unity 2013-11-07 19:41:47 -------- d-----w- C:\Users\JACOB\AppData\Local\Unity 2013-11-01 04:14:54 -------- d-----w- C:\Users\JACOB\AppData\Local\Macromedia 2013-11-01 03:52:11 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-10-23 12:58:27 -------- d-----w- C:\ProgramData\Oracle 2013-10-23 10:59:45 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-10-22 18:18:50 -------- d-----w- C:\Users\JACOB\AppData\Roaming\foobar2000 2013-10-22 18:18:17 -------- d-----w- C:\Program Files (x86)\foobar2000 . ==================== Find3M ==================== . 2013-11-01 04:03:07 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl . ============= FINISH: 2:05:57,40 =============== mycity.rs/must-login.png

Profil

magna86 Poslao: 20 Nov 2013 03:30 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	1Ovo se svidja korisniku: Phil Ivey Registruj se da bi pohvalio/la poruku! Pozdrav, Zoek ce izmedju ostalog izvrsiti ciscenje nekih praznih kljuceva, ispraznice temp i cache, a takodje ce i precesljati tvoje internet pretrazivace (koji su najverovatnije i uzrok tvojih simptoma). Potom izvrsavamo dodatnu (citaj: dublju) proveru sa FRST64 i Gmer alatima na ostali moguc malware. Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: `createsrpoint; emptyfolderscheck; ipconfig /flushdns >> %temp%\log.txt;b emptyclsid; autoclean;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Prilozi izvestaj koriscenjem opcije Prikaci fajl. ----- ----- ----- ----- ----- ----- Potom dodatne provere ... Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop: Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom. Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija. dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor; klikni na dugme Scan; po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj FRST.txt izveštaja u poruku; po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt); okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl ----- ----- ----- ----- ----- ----- Zatim... Preuzmite program GMER sa donjeg linka na Desktop: GMER download Kliknite dati link; Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save. Dvoklikom pokrenite GMER. Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No; kliknite Scan i sačekajte da skeniranje bude završeno; kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom ARK); Priložite izveštaj uz poruku korišćenjem opcije Prikači fajl.

Profil

Phil Ivey Poslao: 20 Nov 2013 12:06 Idi na vrh
offline Phil Ivey Građanin Pridružio: 19 Apr 2012 Poruke: 33	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013 Ran by JACOB (administrator) on JACOB-PC on 20-11-2013 11:44:45 Running from D:\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Windows\SysWOW64\PnkBstrB.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2919168 2010-11-04] (ESET) HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6234144 2010-03-13] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated) Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [MCShield Monitor] - C:\Program Files (x86)\MCShield\MCShieldRTM.exe [583680 2012-03-12] (MyCity) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-03] (Advanced Micro Devices, Inc.) HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.ask.com/?l=dis&o=APN10014&gct=hp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5236234EBED3CB01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = startsear.ch/?aff=2&cf=12765e67-e6ce-11e0-8a3a-70f3952c7ad5 URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File URLSearchHook: HKCU - (No Name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - No File URLSearchHook: HKCU - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File URLSearchHook: HKCU - (No Name) - {013a635f-e3aa-4371-b682-ece95ca974b0} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431400 SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431400 SearchScopes: HKLM-x32 - {DD1B7858-F96E-4625-A6A1-5A2012D1B471} URL = startsear.ch/?aff=1&src=sp&cf=12765e67-e6ce-11e0-8a3a-70f3952c7ad5&q={searchTerms} SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = startsear.ch/?aff=2&src=sp&cf=12765e67-e6ce-11e0-8a3a-70f3952c7ad5&q={searchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = startsear.ch/?aff=2&src=sp&cf=12765e67-e6ce-11e0-8a3a-70f3952c7ad5&q={searchTerms} SearchScopes: HKCU - {8F9B906E-C00A-4E32-973E-E96EE7D79AF9} URL = websearch.ask.com/redirect?client=ie&tb=NCH2&o=APN10014&src=crm&q={searchTerms}&locale=&apn_ptnrs=^ACD&apn_dtid=^YYYYYY^YY^HR&apn_uid=dd3e1b55-2272-4490-a9af-debb6e9c66e9&apn_sauid=D25EF4AD-4856-4AE7-9882-36FBDDD0A080 SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431400 SearchScopes: HKCU - {DD1B7858-F96E-4625-A6A1-5A2012D1B471} URL = startsear.ch/?aff=1&src=sp&cf=12765e67-e6ce-11e0-8a3a-70f3952c7ad5&q={searchTerms} SearchScopes: HKCU - {DE7C02B2-A36E-40E9-A77C-2F4C09479A77} URL = startsear.ch/?aff=1&q={searchTerms} BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: No Name - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - No File BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - No Name - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File Toolbar: HKCU - No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No File Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No File Toolbar: HKCU - No Name - {013A635F-E3AA-4371-B682-ECE95CA974B0} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\JACOB\AppData\Roaming\Mozilla\Firefox\Profiles\319msx25.default FF Homepage: google.hr FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eudict.xml FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR HomePage: hxxp://www.google.hr/ CHR RestoreOnStartup: "hxxp://www.google.hr/" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll No File CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll No File CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll No File CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File CHR Extension: (reddit companion) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe\1.1.2_0 CHR Extension: (Google Drive) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (AdBlock) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0 CHR Extension: (Reddit Enhancement Suite) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.1.1_0 CHR Extension: (Skype Click to Call) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0 CHR Extension: (Google Wallet) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [ablnpmdakdiclnimkjfcaibpgjhapkbl] - C:\Users\JACOB\AppData\Local\CRE\ablnpmdakdiclnimkjfcaibpgjhapkbl.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2010-11-04] (ESET) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810144 2010-11-04] (ESET) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75064 2013-11-14] () R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [214520 2013-11-17] () S2 .EsetTrialReset; S2 AdvancedSystemCareService5; ==================== Drivers (Whitelisted) ==================== R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170104 2010-09-03] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-07-29] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [126320 2010-07-29] (ESET) S3 RSUSBSTOR; C:\Windows\SysWow64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-02-11] () S3 XFDriver64; C:\Program Files (x86)\Xfire2\XFDriver64.sys [17160 2013-03-14] (XFire) S3 ALSysIO; \??\C:\Users\JACOB\AppData\Local\Temp\ALSysIO64.sys [x] S3 massfilter; system32\drivers\massfilter.sys [x] S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-20 11:44 - 2013-11-20 11:44 - 00000000 ____D C:\FRST 2013-11-20 11:42 - 2013-11-20 11:42 - 00003048 _____ C:\Windows\System32\Tasks\{B6857967-AB95-49A5-9BA5-6D4F20CB41F6} 2013-11-20 11:40 - 2013-11-20 11:40 - 00000021 _____ C:\folders.log 2013-11-20 11:31 - 2013-11-20 11:33 - 00000991 _____ C:\zoek-results.log 2013-11-20 11:30 - 2013-11-20 11:30 - 00000000 ____D C:\zoek_backup 2013-11-20 11:29 - 2013-11-20 11:40 - 00000000 ____D C:\zoek 2013-11-20 11:27 - 2013-11-20 11:27 - 00377856 _____ C:\Users\JACOB\Desktop\pcvx9y69.exe 2013-11-20 11:02 - 2013-11-20 11:04 - 04182609 _____ C:\zoek.rar 2013-11-20 03:00 - 2013-11-20 03:00 - 00000056 _____ C:\Windows\setupact.log 2013-11-20 03:00 - 2013-11-20 03:00 - 00000000 _____ C:\Windows\setuperr.log 2013-11-20 02:06 - 2013-11-20 02:06 - 00007895 _____ C:\Users\JACOB\Desktop\attach.txt 2013-11-20 02:06 - 2013-11-20 02:05 - 00013186 _____ C:\Users\JACOB\Desktop\dds.txt 2013-11-19 18:06 - 2013-11-19 18:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-11-19 18:06 - 2013-11-19 18:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-11-14 15:17 - 2013-11-17 13:35 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2013-11-14 15:17 - 2013-11-17 13:35 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-11-14 15:17 - 2013-11-14 15:17 - 00075064 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2013-11-14 15:17 - 2013-11-14 15:17 - 00000000 ____D C:\Users\JACOB\AppData\Local\PunkBuster 2013-11-11 23:24 - 2013-11-17 13:36 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Xfire 2013-11-11 23:23 - 2013-11-17 13:36 - 00000000 ____D C:\ProgramData\Xfire 2013-11-11 23:23 - 2013-11-17 13:35 - 00000000 ____D C:\Program Files (x86)\Xfire2 2013-11-11 23:23 - 2013-11-11 23:23 - 00000976 _____ C:\Users\Public\Desktop\Xfire.lnk 2013-11-11 23:13 - 2013-11-11 23:13 - 00000000 __SHD C:\Windows\ftpcache 2013-11-11 23:10 - 2013-11-11 23:10 - 00000273 _____ C:\Windows\game.ini 2013-11-07 20:42 - 2013-11-07 20:42 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Unity 2013-11-07 20:41 - 2013-11-12 02:15 - 00000000 ____D C:\Users\JACOB\AppData\Local\Unity 2013-11-04 02:13 - 2013-11-04 02:13 - 00000029 _____ C:\Users\JACOB\Desktop\ll.txt 2013-11-01 05:14 - 2013-11-01 05:14 - 00000000 ____D C:\Users\JACOB\AppData\Local\Macromedia 2013-11-01 04:52 - 2013-11-20 11:02 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-01 04:52 - 2013-11-01 05:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-11-01 04:52 - 2013-11-01 05:03 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-11-01 04:52 - 2013-11-01 04:52 - 00000000 ____D C:\ProgramData\McAfee 2013-10-30 22:28 - 2013-11-19 14:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-30 22:28 - 2013-11-17 13:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-23 13:58 - 2013-10-23 13:58 - 00000000 ____D C:\ProgramData\Oracle 2013-10-23 11:59 - 2013-10-23 11:59 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-10-23 11:59 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-23 11:59 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-23 11:59 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-23 11:59 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-22 19:18 - 2013-11-19 00:19 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\foobar2000 2013-10-22 19:18 - 2013-10-22 19:18 - 00000000 ____D C:\Program Files (x86)\foobar2000 ==================== One Month Modified Files and Folders ======= 2013-11-20 11:44 - 2013-11-20 11:44 - 00000000 ____D C:\FRST 2013-11-20 11:42 - 2013-11-20 11:42 - 00003048 _____ C:\Windows\System32\Tasks\{B6857967-AB95-49A5-9BA5-6D4F20CB41F6} 2013-11-20 11:40 - 2013-11-20 11:40 - 00000021 _____ C:\folders.log 2013-11-20 11:40 - 2013-11-20 11:29 - 00000000 ____D C:\zoek 2013-11-20 11:33 - 2013-11-20 11:31 - 00000991 _____ C:\zoek-results.log 2013-11-20 11:30 - 2013-11-20 11:30 - 00000000 ____D C:\zoek_backup 2013-11-20 11:27 - 2013-11-20 11:27 - 00377856 _____ C:\Users\JACOB\Desktop\pcvx9y69.exe 2013-11-20 11:04 - 2013-11-20 11:02 - 04182609 _____ C:\zoek.rar 2013-11-20 11:02 - 2013-11-01 04:52 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-20 10:58 - 2012-11-18 22:27 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-20 03:00 - 2013-11-20 03:00 - 00000056 _____ C:\Windows\setupact.log 2013-11-20 03:00 - 2013-11-20 03:00 - 00000000 _____ C:\Windows\setuperr.log 2013-11-20 02:41 - 2009-07-14 05:45 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-20 02:41 - 2009-07-14 05:45 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-20 02:38 - 2009-07-14 06:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-20 02:34 - 2012-04-01 16:26 - 00000000 ____D C:\ProgramData\MCShield 2013-11-20 02:33 - 2013-09-25 20:53 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2013-11-20 02:33 - 2012-11-18 22:27 - 00000942 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-20 02:33 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-20 02:06 - 2013-11-20 02:06 - 00007895 _____ C:\Users\JACOB\Desktop\attach.txt 2013-11-20 02:05 - 2013-11-20 02:06 - 00013186 _____ C:\Users\JACOB\Desktop\dds.txt 2013-11-19 18:07 - 2013-11-19 18:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-11-19 18:07 - 2013-11-19 18:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-11-19 17:02 - 2010-11-06 21:00 - 00116440 _____ C:\Users\JACOB\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-19 14:51 - 2013-10-30 22:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-19 14:51 - 2009-07-14 05:45 - 05003200 _____ C:\Windows\system32\FNTCACHE.DAT 2013-11-19 14:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing 2013-11-19 00:19 - 2013-10-22 19:18 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\foobar2000 2013-11-18 19:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2013-11-17 13:36 - 2013-11-11 23:24 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Xfire 2013-11-17 13:36 - 2013-11-11 23:23 - 00000000 ____D C:\ProgramData\Xfire 2013-11-17 13:35 - 2013-11-14 15:17 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2013-11-17 13:35 - 2013-11-14 15:17 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-11-17 13:35 - 2013-11-11 23:23 - 00000000 ____D C:\Program Files (x86)\Xfire2 2013-11-17 13:31 - 2013-10-30 22:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-15 00:21 - 2012-02-29 10:51 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Skype 2013-11-14 15:17 - 2013-11-14 15:17 - 00075064 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2013-11-14 15:17 - 2013-11-14 15:17 - 00000000 ____D C:\Users\JACOB\AppData\Local\PunkBuster 2013-11-12 02:15 - 2013-11-07 20:41 - 00000000 ____D C:\Users\JACOB\AppData\Local\Unity 2013-11-12 02:08 - 2011-02-26 22:07 - 00000000 ____D C:\Users\JACOB\AppData\Local\CrashDumps 2013-11-12 02:08 - 2010-11-13 19:52 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\uTorrent 2013-11-11 23:50 - 2010-11-06 20:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-11 23:23 - 2013-11-11 23:23 - 00000976 _____ C:\Users\Public\Desktop\Xfire.lnk 2013-11-11 23:13 - 2013-11-11 23:13 - 00000000 __SHD C:\Windows\ftpcache 2013-11-11 23:10 - 2013-11-11 23:10 - 00000273 _____ C:\Windows\game.ini 2013-11-08 02:09 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2013-11-07 20:42 - 2013-11-07 20:42 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Unity 2013-11-07 03:01 - 2010-11-06 21:49 - 00000000 ____D C:\Users\JACOB\AppData\Local\Mozilla 2013-11-06 17:28 - 2012-12-28 13:19 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices 2013-11-04 02:13 - 2013-11-04 02:13 - 00000029 _____ C:\Users\JACOB\Desktop\ll.txt 2013-11-01 05:14 - 2013-11-01 05:14 - 00000000 ____D C:\Users\JACOB\AppData\Local\Macromedia 2013-11-01 05:03 - 2013-11-01 04:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-11-01 05:03 - 2013-11-01 04:52 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-11-01 05:03 - 2011-05-24 10:18 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-11-01 04:55 - 2011-10-05 22:58 - 00000000 ____D C:\Users\JACOB\AppData\Local\Adobe 2013-11-01 04:52 - 2013-11-01 04:52 - 00000000 ____D C:\ProgramData\McAfee 2013-10-30 22:29 - 2012-06-10 20:48 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Mozilla 2013-10-23 13:58 - 2013-10-23 13:58 - 00000000 ____D C:\ProgramData\Oracle 2013-10-23 11:59 - 2013-10-23 11:59 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-10-23 11:59 - 2010-11-06 22:58 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-22 19:18 - 2013-10-22 19:18 - 00000000 ____D C:\Program Files (x86)\foobar2000 Some content of TEMP: ==================== C:\Users\JACOB\AppData\Local\Temp\7za.exe C:\Users\JACOB\AppData\Local\Temp\hijackthis.exe C:\Users\JACOB\AppData\Local\Temp\NirCmd.exe C:\Users\JACOB\AppData\Local\Temp\PEVZ.EXE C:\Users\JACOB\AppData\Local\Temp\remove.exe C:\Users\JACOB\AppData\Local\Temp\sed.exe C:\Users\JACOB\AppData\Local\Temp\shortcut.exe C:\Users\JACOB\AppData\Local\Temp\swreg.exe C:\Users\JACOB\AppData\Local\Temp\swxcacls.exe C:\Users\JACOB\AppData\Local\Temp\wget.exe C:\Users\JACOB\AppData\Local\Temp\zoek-delete.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-20 03:18 ==================== End Of Log ============================ mycity.rs/must-login.png mycity.rs/must-login.png

Profil

magna86 Poslao: 20 Nov 2013 16:23 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	1Ovo se svidja korisniku: Phil Ivey Registruj se da bi pohvalio/la poruku! Hajde jos jednom da ponovimo ovo sa zoek-om jer log nije kompletan sto moze reci da je ili prerano kopiran ili da zoek nije zavrsio rad do kraja. Ovaj put pokrecemo zoek preko text document (notepad) koji ce sadrzati njegovu scriptu i bice nazvan kao 'zoekscript'. Otvoriti Notepad i iskopirati sledeci tekst: `emptyclsid; ipconfig /flushdns >> %temp%\log.txt;b autoclean;` Snimiti na Desktop fajl iz Notepada kao "zoekscript" (zoekscript.txt) Ponovo pokreni zoek.exe i klikni na dugme LoadScript. Kada zoek zavrsi rad, zatrazice restart sistema a potom mi okaci svez zoek-results.txt log koji alat napravi. Potom mi iskopiraj svez FRST.txt izvestaj pokretajuci FRST64 alat i kliktajuci na dugme Scan.

Profil

Phil Ivey Poslao: 20 Nov 2013 17:12 Idi na vrh
offline Phil Ivey Građanin Pridružio: 19 Apr 2012 Poruke: 33	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013 Ran by JACOB (administrator) on JACOB-PC on 20-11-2013 17:10:05 Running from D:\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Windows\SysWOW64\PnkBstrB.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6234144 2010-03-13] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated) HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6330568 2013-03-21] (ESET) Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [MCShield Monitor] - C:\Program Files (x86)\MCShield\MCShieldRTM.exe [583680 2012-03-12] (MyCity) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-03] (Advanced Micro Devices, Inc.) HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5236234EBED3CB01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\JACOB\AppData\Roaming\Mozilla\Firefox\Profiles\319msx25.default FF Homepage: google.hr FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eudict.xml FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR HomePage: hxxp://www.google.hr/ CHR RestoreOnStartup: "hxxp://www.google.hr/" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll No File CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll No File CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll No File CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File CHR Extension: (reddit companion) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe\1.1.2_0 CHR Extension: (Google Drive) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (AdBlock) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0 CHR Extension: (Reddit Enhancement Suite) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.1.1_0 CHR Extension: (Skype Click to Call) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0 CHR Extension: (Google Wallet) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - C:\Users\JACOB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1341664 2013-03-21] (ESET) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75064 2013-11-14] () R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [214520 2013-11-17] () S2 .EsetTrialReset; S2 AdvancedSystemCareService5; ==================== Drivers (Whitelisted) ==================== R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-20] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET) S3 RSUSBSTOR; C:\Windows\SysWow64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-02-11] () S3 XFDriver64; C:\Program Files (x86)\Xfire2\XFDriver64.sys [17160 2013-03-14] (XFire) S3 ALSysIO; \??\C:\Users\JACOB\AppData\Local\Temp\ALSysIO64.sys [x] S3 massfilter; system32\drivers\massfilter.sys [x] S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-20 17:09 - 2013-11-20 17:09 - 00017081 _____ C:\Users\JACOB\Desktop\zoek-results.txt 2013-11-20 17:05 - 2013-11-20 17:05 - 00001310 _____ C:\Windows\PFRO.log 2013-11-20 17:05 - 2013-11-20 17:05 - 00000056 _____ C:\Windows\setupact.log 2013-11-20 17:05 - 2013-11-20 17:05 - 00000000 _____ C:\Windows\setuperr.log 2013-11-20 17:01 - 2013-10-18 01:11 - 00024064 _____ C:\Windows\zoek-delete.exe 2013-11-20 16:39 - 2013-11-20 17:05 - 00017081 _____ C:\zoek-results.log 2013-11-20 15:29 - 2013-11-20 17:04 - 00176729 _____ C:\Windows\WindowsUpdate.log 2013-11-20 12:00 - 2013-11-20 12:00 - 00010536 _____ C:\Users\JACOB\Desktop\gmer.log 2013-11-20 11:44 - 2013-11-20 11:44 - 00000000 ____D C:\FRST 2013-11-20 11:42 - 2013-11-20 11:42 - 00003048 _____ C:\Windows\System32\Tasks\{B6857967-AB95-49A5-9BA5-6D4F20CB41F6} 2013-11-20 11:30 - 2013-11-20 16:56 - 00000000 ____D C:\zoek_backup 2013-11-20 11:27 - 2013-11-20 11:27 - 00377856 _____ C:\Users\JACOB\Desktop\pcvx9y69.exe 2013-11-20 11:02 - 2013-11-20 11:04 - 04182609 _____ C:\zoek.rar 2013-11-20 02:06 - 2013-11-20 02:06 - 00007895 _____ C:\Users\JACOB\Desktop\attach.txt 2013-11-20 02:06 - 2013-11-20 02:05 - 00013186 _____ C:\Users\JACOB\Desktop\dds.txt 2013-11-19 18:06 - 2013-11-19 18:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-11-19 18:06 - 2013-11-19 18:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-11-14 15:17 - 2013-11-17 13:35 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2013-11-14 15:17 - 2013-11-17 13:35 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-11-14 15:17 - 2013-11-14 15:17 - 00075064 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2013-11-14 15:17 - 2013-11-14 15:17 - 00000000 ____D C:\Users\JACOB\AppData\Local\PunkBuster 2013-11-11 23:24 - 2013-11-17 13:36 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Xfire 2013-11-11 23:23 - 2013-11-17 13:36 - 00000000 ____D C:\ProgramData\Xfire 2013-11-11 23:23 - 2013-11-17 13:35 - 00000000 ____D C:\Program Files (x86)\Xfire2 2013-11-11 23:23 - 2013-11-11 23:23 - 00000976 _____ C:\Users\Public\Desktop\Xfire.lnk 2013-11-11 23:13 - 2013-11-11 23:13 - 00000000 __SHD C:\Windows\ftpcache 2013-11-11 23:10 - 2013-11-11 23:10 - 00000273 _____ C:\Windows\game.ini 2013-11-07 20:42 - 2013-11-07 20:42 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Unity 2013-11-07 20:41 - 2013-11-12 02:15 - 00000000 ____D C:\Users\JACOB\AppData\Local\Unity 2013-11-04 02:13 - 2013-11-04 02:13 - 00000029 _____ C:\Users\JACOB\Desktop\ll.txt 2013-11-01 05:14 - 2013-11-01 05:14 - 00000000 ____D C:\Users\JACOB\AppData\Local\Macromedia 2013-11-01 04:52 - 2013-11-20 17:02 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-01 04:52 - 2013-11-01 05:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-11-01 04:52 - 2013-11-01 05:03 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-11-01 04:52 - 2013-11-01 04:52 - 00000000 ____D C:\ProgramData\McAfee 2013-10-30 22:28 - 2013-11-19 14:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-30 22:28 - 2013-11-17 13:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-23 13:58 - 2013-10-23 13:58 - 00000000 ____D C:\ProgramData\Oracle 2013-10-23 11:59 - 2013-10-23 11:59 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-10-23 11:59 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-23 11:59 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-23 11:59 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-23 11:59 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-22 19:18 - 2013-11-20 12:48 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\foobar2000 2013-10-22 19:18 - 2013-10-22 19:18 - 00000000 ____D C:\Program Files (x86)\foobar2000 ==================== One Month Modified Files and Folders ======= 2013-11-20 17:09 - 2013-11-20 17:09 - 00017081 _____ C:\Users\JACOB\Desktop\zoek-results.txt 2013-11-20 17:09 - 2009-07-14 06:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-20 17:06 - 2012-04-01 16:26 - 00000000 ____D C:\ProgramData\MCShield 2013-11-20 17:05 - 2013-11-20 17:05 - 00001310 _____ C:\Windows\PFRO.log 2013-11-20 17:05 - 2013-11-20 17:05 - 00000056 _____ C:\Windows\setupact.log 2013-11-20 17:05 - 2013-11-20 17:05 - 00000000 _____ C:\Windows\setuperr.log 2013-11-20 17:05 - 2013-11-20 16:39 - 00017081 _____ C:\zoek-results.log 2013-11-20 17:05 - 2013-09-25 20:53 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2013-11-20 17:05 - 2012-11-18 22:27 - 00000942 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-20 17:05 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-20 17:04 - 2013-11-20 15:29 - 00176729 _____ C:\Windows\WindowsUpdate.log 2013-11-20 17:02 - 2013-11-01 04:52 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-20 16:58 - 2012-11-18 22:27 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-20 16:56 - 2013-11-20 11:30 - 00000000 ____D C:\zoek_backup 2013-11-20 15:34 - 2009-07-14 05:45 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-20 15:34 - 2009-07-14 05:45 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-20 15:16 - 2010-11-06 22:27 - 00000000 ____D C:\ProgramData\ESET 2013-11-20 12:48 - 2013-10-22 19:18 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\foobar2000 2013-11-20 12:00 - 2013-11-20 12:00 - 00010536 _____ C:\Users\JACOB\Desktop\gmer.log 2013-11-20 11:44 - 2013-11-20 11:44 - 00000000 ____D C:\FRST 2013-11-20 11:42 - 2013-11-20 11:42 - 00003048 _____ C:\Windows\System32\Tasks\{B6857967-AB95-49A5-9BA5-6D4F20CB41F6} 2013-11-20 11:27 - 2013-11-20 11:27 - 00377856 _____ C:\Users\JACOB\Desktop\pcvx9y69.exe 2013-11-20 11:04 - 2013-11-20 11:02 - 04182609 _____ C:\zoek.rar 2013-11-20 02:06 - 2013-11-20 02:06 - 00007895 _____ C:\Users\JACOB\Desktop\attach.txt 2013-11-20 02:05 - 2013-11-20 02:06 - 00013186 _____ C:\Users\JACOB\Desktop\dds.txt 2013-11-19 18:07 - 2013-11-19 18:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-11-19 18:07 - 2013-11-19 18:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-11-19 17:02 - 2010-11-06 21:00 - 00116440 _____ C:\Users\JACOB\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-19 14:51 - 2013-10-30 22:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-19 14:51 - 2009-07-14 05:45 - 05003200 _____ C:\Windows\system32\FNTCACHE.DAT 2013-11-19 14:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing 2013-11-18 19:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2013-11-17 13:36 - 2013-11-11 23:24 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Xfire 2013-11-17 13:36 - 2013-11-11 23:23 - 00000000 ____D C:\ProgramData\Xfire 2013-11-17 13:35 - 2013-11-14 15:17 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2013-11-17 13:35 - 2013-11-14 15:17 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-11-17 13:35 - 2013-11-11 23:23 - 00000000 ____D C:\Program Files (x86)\Xfire2 2013-11-17 13:31 - 2013-10-30 22:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-15 00:21 - 2012-02-29 10:51 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Skype 2013-11-14 15:17 - 2013-11-14 15:17 - 00075064 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2013-11-14 15:17 - 2013-11-14 15:17 - 00000000 ____D C:\Users\JACOB\AppData\Local\PunkBuster 2013-11-12 02:15 - 2013-11-07 20:41 - 00000000 ____D C:\Users\JACOB\AppData\Local\Unity 2013-11-12 02:08 - 2011-02-26 22:07 - 00000000 ____D C:\Users\JACOB\AppData\Local\CrashDumps 2013-11-12 02:08 - 2010-11-13 19:52 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\uTorrent 2013-11-11 23:50 - 2010-11-06 20:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-11 23:23 - 2013-11-11 23:23 - 00000976 _____ C:\Users\Public\Desktop\Xfire.lnk 2013-11-11 23:13 - 2013-11-11 23:13 - 00000000 __SHD C:\Windows\ftpcache 2013-11-11 23:10 - 2013-11-11 23:10 - 00000273 _____ C:\Windows\game.ini 2013-11-08 02:09 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2013-11-07 20:42 - 2013-11-07 20:42 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Unity 2013-11-07 03:01 - 2010-11-06 21:49 - 00000000 ____D C:\Users\JACOB\AppData\Local\Mozilla 2013-11-06 17:28 - 2012-12-28 13:19 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices 2013-11-04 02:13 - 2013-11-04 02:13 - 00000029 _____ C:\Users\JACOB\Desktop\ll.txt 2013-11-01 05:14 - 2013-11-01 05:14 - 00000000 ____D C:\Users\JACOB\AppData\Local\Macromedia 2013-11-01 05:03 - 2013-11-01 04:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-11-01 05:03 - 2013-11-01 04:52 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-11-01 05:03 - 2011-05-24 10:18 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-11-01 04:55 - 2011-10-05 22:58 - 00000000 ____D C:\Users\JACOB\AppData\Local\Adobe 2013-11-01 04:52 - 2013-11-01 04:52 - 00000000 ____D C:\ProgramData\McAfee 2013-10-30 22:29 - 2012-06-10 20:48 - 00000000 ____D C:\Users\JACOB\AppData\Roaming\Mozilla 2013-10-23 13:58 - 2013-10-23 13:58 - 00000000 ____D C:\ProgramData\Oracle 2013-10-23 11:59 - 2013-10-23 11:59 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-10-23 11:59 - 2010-11-06 22:58 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-22 19:18 - 2013-10-22 19:18 - 00000000 ____D C:\Program Files (x86)\foobar2000 ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-20 03:18 ==================== End Of Log ============================

Profil

magna86 Poslao: 20 Nov 2013 18:25 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! E sad dobro izgleda. Idemo jos samo da postavimo GoogleChrome na default podesavanja ... Otvoriti Notepad i iskopirati sledeci tekst: `chrdefaults;` Snimiti na Desktop fajl iz Notepada kao "zoekscript" (zoekscript.txt) Ponovo pokreni zoek.exe i klikni na dugme LoadScript. Kada zoek zavrsi rad, ako zatrazi restart sistema dozvoli mu a potom mi okaci svez zoek-results.txt log koji alat napravi. Reci mi ima li napretka?

Profil

Phil Ivey Poslao: 21 Nov 2013 10:13 Idi na vrh
offline Phil Ivey Građanin Pridružio: 19 Apr 2012 Poruke: 33	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Sinoć nisam stigao pa ti sad moram javit da skoro pa nikakvoga napretka nema. Ovo je zadnji zoek mycity.rs/must-login.png

Profil

magna86 Poslao: 21 Nov 2013 13:23 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ugasi ruter, saceka dva-tri minuta pa ga ponovo upali te ponovo sacekaj dva-tri minuta i proveri sad kako ti radi net? Mozda ovo resi problem. Ukoliko i dalje imas problem sa sporim internetom, preporucujem ti da otvoris temu u odgovarajucem forumu (ili da kontaktiras provajdera) jer ovde iskljucivo radimo na detekciji i uklanjanju malware-a. Ono sto sam ja mogao da uradim sa softverske strane ja sam uradio. Uglavnom su to bili ostatci koji takodje znaju da prave problem. A kako problem nije prouzrokovan malware-om, ja cu sada ukloniti moje alate. Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop Dvoklikom pokreni program. Štikliraj sledeće opcije: Remove disinfection tools Purge System Restore Reset system settings Klikni na dugme "Run" i pričekaj da program završi rad. Alat ce ukloniti sve koriscene alate u ovoj temi... Kada alat završi, otvoriće izvestaj u notepadu. Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt Postavi mi izvestaj cisto da potvrdim da li je sve uklonjeno.

Profil

Phil Ivey Poslao: 21 Nov 2013 14:25 Idi na vrh
offline Phil Ivey Građanin Pridružio: 19 Apr 2012 Poruke: 33	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Hvala ti na trudu, stari. Moram prvo pronać odgovarajuci forum pa cu otvorit temu. mycity.rs/must-login.png

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Brzina interneta drastično usporena.

Ko je trenutno na forumu

Ukupno su 844 korisnika na forumu :: 7 registrovanih, 1 sakriven i 836 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: comi_pfc, ILGromovnik, Krusarac, Metanoja, opt1, ruseskij, VJ

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by