MyCity » Ambulanta -> Arhiva Ambulante » Provera zbog decijih igrica

Provera zbog decijih igrica

Napisano na dan: 9.9.2013

Strana:
1
2

Provera zbog decijih igrica

Sledeća strana

Pagination

Odgovori

Strana:
1
2

smz Poslao: 09 Sep 2013 23:45 Idi na vrh
offline smz Građanin Pridružio: 18 Mar 2008 Poruke: 57	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Na cerkinom laptopu bile su instalirane igrice koje sam iz straha od virusa i usporenog rada uglanom izbrisao no sada i po ovom log fajlu vidim da jos ima tragova, U mozili se stalno otvaraju prozori sa reklamama za pojedine igrice pa bi da se resim toga. Evo log fajla DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 Run by ANA at 23:29:23 on 2013-09-09 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3691.2047 [GMT 2:00] . AV: avast! Antivirus Enabled/Updated {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus Enabled/Updated {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\ANA\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe C:\Program Files (x86)\MCShield\MCShieldRTM.exe C:\Windows\STK02N\STK02NM.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Windows\SysWOW64\TDSupportApp\cdrom_mon.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.bing.com uSearch Bar = hxxp://www.bing.com uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=DE&userid=f2836f4f-5f6d-419b-85a7-15ad02a0fa80&searchtype=ds&q={searchTerms}&installDate=26/04/2013 mWinlogon: Userinit = userinit.exe, BHO: {2EECD738-5844-4a99-B4B6-146BF802613B} - <orphaned> BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file> uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [uTorrent] "C:\Users\ANA\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED uRun: [UpdateMyDrivers] C:\Program Files (x86)\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss uRun: [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STK02N~1.LNK - C:\Windows\STK02N\STK02NM.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: EnableShellExecuteHooks = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: HideFastUserSwitching = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 TCP: NameServer = 192.168.2.1 TCP: Interfaces\{2F789DE8-E7DE-456B-8C3D-82B087D05024} : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{2F789DE8-E7DE-456B-8C3D-82B087D05024}\075627F6 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{2F789DE8-E7DE-456B-8C3D-82B087D05024}\2427967656C6 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{2F789DE8-E7DE-456B-8C3D-82B087D05024}\46C696E6B6 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{2F789DE8-E7DE-456B-8C3D-82B087D05024}\75C414E4 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{B5597286-F737-4CAC-A952-2FB1F1D8B297} : DHCPNameServer = 192.168.0.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file> x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\ANA\AppData\Roaming\Mozilla\Firefox\Profiles\5fdh7f8m.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - t-online.de FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=2&CUI=UN84233379327100294&UM=1&q= FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\ANA\AppData\Roaming\Mozilla\Firefox\Profiles\5fdh7f8m.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\plugins\np-mswmp.dll FF - plugin: C:\Users\ANA\AppData\Roaming\Mozilla\Firefox\Profiles\5fdh7f8m.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\plugins\npConduitFirefoxPlugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.shownSelectionUI - true . . FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 88cd5e540000000000003859f971988b FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15821 FF - user.js: extensions.delta.vrsn - 1.8.16.16 FF - user.js: extensions.delta.vrsni - 1.8.16.16 FF - user.js: extensions.delta.vrsnTs - 1.8.16.1623:03:40 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false FF - user.js: extensions.mixidj.tlbrSrchUrl - FF - user.js: extensions.mixidj.id - 88cd5e540000000000003859f971988b FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916} FF - user.js: extensions.mixidj.instlDay - 15821 FF - user.js: extensions.mixidj.vrsn - 1.8.4.1 FF - user.js: extensions.mixidj.vrsni - 1.8.4.1 FF - user.js: extensions.mixidj_i.vrsnTs - 1.8.4.123:11:13 FF - user.js: extensions.mixidj.prtnrId - mixidj FF - user.js: extensions.mixidj.prdct - mixidj FF - user.js: extensions.mixidj.aflt - babsst FF - user.js: extensions.mixidj_i.smplGrp - none FF - user.js: extensions.mixidj.tlbrId - base FF - user.js: extensions.mixidj.instlRef - sst FF - user.js: extensions.mixidj.dfltLng - en FF - user.js: extensions.mixidj_i.excTlbr - false FF - user.js: extensions.mixidj.excTlbr - false FF - user.js: extensions.mixidj.admin - false . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488] R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064] R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-20 65336] R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-20 189936] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-4-14 1030952] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-4-14 378944] R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-1 39768] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-8-18 98208] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-6-17 204288] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-6-16 365568] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-4-14 33400] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-4-14 80816] R2 Autorun CDROM Monitor;Autorun CDROM Monitor;C:\Windows\System32\TDSupportApp\cdrom_mon.exe --> C:\Windows\System32\TDSupportApp\cdrom_mon.exe [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-23 46808] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-6-16 103992] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-8-18 1817088] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-28 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-28 701512] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-8-18 46136] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-4-14 25928] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-12-6 2350176] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-8-18 335464] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-18 436840] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-8-18 44672] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-16 682040] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408] S3 EC168x64;EC168BDA service;C:\Windows\System32\drivers\EC168x64.sys [2007-9-11 132096] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-8-6 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-09-09 20:30:28 -------- d-----w- C:\ProgramData\MCShield 2013-09-09 20:30:27 -------- d-----w- C:\Program Files (x86)\MCShield 2013-09-06 20:26:37 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{41CEEF04-266E-48E3-A7AE-225D25E45E59}\mpengine.dll 2013-08-16 19:43:26 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-08-16 19:42:59 1084928 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-08-16 19:42:56 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-08-16 19:42:54 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-08-16 19:29:12 -------- d-----w- C:\Windows\System32\MRT 2013-08-16 14:38:29 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-08-16 14:38:25 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-08-16 14:38:24 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-08-16 14:38:23 1732032 ----a-w- C:\Windows\System32\ntdll.dll 2013-08-16 14:38:22 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-08-16 14:38:21 243712 ----a-w- C:\Windows\System32\wow64.dll 2013-08-16 14:38:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-08-16 14:38:14 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-08-16 14:38:13 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-08-16 14:38:13 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-08-16 14:38:12 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-08-16 13:59:50 -------- d-----w- C:\Users\ANA\AppData\Roaming\Ashampoo 2013-08-16 13:59:42 -------- d-----w- C:\Users\ANA\AppData\Local\ashampoo 2013-08-16 13:59:40 -------- d-----w- C:\ProgramData\Ashampoo 2013-08-16 13:59:29 -------- d-----w- C:\Program Files (x86)\Ashampoo 2013-08-16 06:51:58 1472512 ----a-w- C:\Windows\System32\crypt32.dll 2013-08-16 06:51:57 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-08-16 06:51:56 224256 ----a-w- C:\Windows\System32\wintrust.dll 2013-08-16 06:51:56 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll 2013-08-16 06:51:54 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-08-16 06:51:54 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-08-16 06:51:54 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-08-16 06:51:54 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-08-16 06:48:18 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-08-16 06:48:18 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-08-16 06:47:50 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-08-16 06:47:49 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-08-16 06:47:45 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll 2013-08-16 06:47:43 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll 2013-08-16 06:35:13 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2013-08-16 06:35:08 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ==================== Find3M ==================== . 2013-08-07 02:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-07-27 20:54:00 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-07-27 20:54:00 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-06-27 19:10:14 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-06-27 19:10:14 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys . ============= FINISH: 23:31:03,32 =============== mycity.rs/must-login.png

Profil

Sass Drake Poslao: 10 Sep 2013 01:08 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dole navedene korake radi jedan po jedan i nakon svakog urađenog koraka, postavi izvještaje ako se traže. Forum će automatski spojiti poruke ukoliko budu pisane jedna za drugom tako da se ne moraš brinuti oko tzv. "duplog postovanja". Takođe, ako se negdje ne snađeš ili ako nešto pođe naopako obavezno to prijavi. Korak 1 Imaš ostatke AVG antivirusa na sistemu. Otvori Notepad i kopiraj sljedeći tekst: `sc stop avgtp >> log.txt 2>&1 sc delete avgtp >> log.txt 2>&1 del /F /Q "C:\Windows\System32\drivers\avgtpx64.sys" >> log.txt 2>&1 notepad log.txt` Snimi ga na Desktop pod imenom shellscript.bat Obrati pažnju na ekstenziju .bat Klikni desnim tasterom miša na shellscript.bat i klikni na Run as Administrator. Klikni na Yes u prozoru koji će ti iskočiti. Kopiraj u poruku tekst koji će ti se otvoriti u Notepad-u. Ako se u Notepad-u ne pojavi nikakav tekst to znači da je sve prošlo kako treba i potrebno je samo da to napomeneš u poruci. Ukoliko ti se Notepad ne otvori, otvori ručno fajl log.txt i postavi njegov sadržaj na forum. Korak 2 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Clean i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S1].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl" Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[0].txt Korak 3 Preuzmite program GMER sa donjeg linka na Desktop: GMER download Kliknite dati link; Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save. Dvoklikom pokrenite GMER. Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No; kliknite Scan i sačekajte da skeniranje bude završeno; kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1); kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan; po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2); kliknite taster >>> i odaberite Autostart karticu; po završetku kratkotrajnog skeniranja, kliknite Copy; otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3); Slikoviti prikaz postupka Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl. Korak 4 Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: `startupall; skipfix-iedefaults; firefoxlook; chromelook; filesrcm;` Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku.

Profil

smz Poslao: 10 Sep 2013 18:14 Idi na vrh
offline smz Građanin Pridružio: 18 Mar 2008 Poruke: 57	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: korak 1. sc stop avgtp >> log.txt 2>&1 sc delete avgtp >> log.txt 2>&1 del /F /Q "C:\Windows\System32\drivers\avgtpx64.sys" >> log.txt 2>&1 notepad log.txt mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png Zoek.exe Version 4.0.0.4 Updated 07-September-2013 Tool run by ANA on 10.09.2013 at 17:53:05,96. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\ANA\AppData\Local\Temp\Rar$EX14.848\zoek.exe [Script inserted] ==== System Restore Info ====================== 10.09.2013 17:54:57 Zoek.exe System Restore Point Created Succesfully. ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\ANA\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-08-16 06:35:13 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys 2013-08-16 06:35:08 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\Program Files (x86) ===== 2013-09-09 20:30:27 -------- d-----w- C:\Program Files (x86)\MCShield 2013-08-16 13:59:29 -------- d-----w- C:\Program Files (x86)\Ashampoo ======= C: ===== ====== C:\Users\ANA\AppData\Roaming ====== 2013-08-16 13:59:50 -------- d-----w- C:\users\ANA\AppData\Roaming\Ashampoo 2013-08-16 13:59:42 -------- d-----w- C:\users\ANA\AppData\Local\ashampoo ====== C:\Users\ANA ====== 2013-09-10 14:45:07 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\ANA\Desktop\q74x9l09.exe 2013-09-10 14:25:06 720CBF9C4E60540122BED3EA8CC0EAAC 1037278 ----a-w- C:\Users\ANA\Desktop\AdwCleaner.exe 2013-09-10 14:08:29 0BC1044E949B7F57F991073EC67C4D85 150 ----a-w- C:\Users\ANA\Desktop\shellscript.bat 2013-09-09 20:52:21 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\ANA\Downloads\dds.com 2013-09-09 20:30:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield 2013-09-09 20:30:28 -------- d-----w- C:\ProgramData\MCShield 2013-09-09 20:28:57 66D34DFC0DD76A7D506360309755F183 2626304 ----a-w- C:\Users\ANA\Downloads\MCShield-Setup.exe 2013-08-31 17:54:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus 2013-08-31 17:42:06 0EA95F1E762494B5D928ED4D5B5DA29B 117478104 ----a-w- C:\Users\ANA\Downloads\avast_free_antivirus_setup.exe 2013-08-16 13:59:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2013-08-16 13:59:40 -------- d-----w- C:\ProgramData\Ashampoo ====== C: exe-files == 2013-09-10 14:45:07 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\ANA\Desktop\q74x9l09.exe 2013-09-10 14:25:06 720CBF9C4E60540122BED3EA8CC0EAAC 1037278 ----a-w- C:\Users\ANA\Desktop\AdwCleaner.exe 2013-09-09 20:30:33 6995543E9F1E86F7571FAD7B5AF7F376 212148 ----a-w- C:\Program Files (x86)\MCShield\MCS-uninstall.exe 2013-09-09 20:30:31 66D34DFC0DD76A7D506360309755F183 2626304 ----a-w- C:\ProgramData\MCShield\MCShield-Setup.exe 2013-09-09 20:28:57 66D34DFC0DD76A7D506360309755F183 2626304 ----a-w- C:\Users\ANA\Downloads\MCShield-Setup.exe 2013-09-06 21:02:55 69078D1A8E8BADFCD2B2EA9B66AB1FD8 6950240 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.66\29.0.1547.66_28.0.1500.95_chrome_updater.exe 2013-09-05 18:40:40 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\ANA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUUP0HD0\SkypeSetupFull[1].exe === C: other files == 2013-09-10 14:08:29 0BC1044E949B7F57F991073EC67C4D85 150 ----a-w- C:\Users\ANA\Desktop\shellscript.bat 2013-09-09 20:52:21 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\ANA\Downloads\dds.com ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3300908418-3802915229-2868254740-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "uTorrent"="C:\Users\ANA\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "UpdateMyDrivers"="C:\Program Files (x86)\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss" "MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "HPQuickWebProxy"="C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "uTorrent"="C:\Users\ANA\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "UpdateMyDrivers"="C:\Program Files (x86)\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss" "MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "SetDefault"="C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2013-03-20 22:09:54 1556 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\STK02N 2.3 PNP Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [27.07.2013 22:54] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28.01.2012 14:52] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28.01.2012 14:52] C:\Windows\tasks\HPCeeScheduleForANA-HP$.job --a------ C:\Program Files (x86)\Hewlett-PaC:kard\HP C:eement\HPC:EE.exe [] C:\Windows\tasks\HPCeeScheduleForANA.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13.09.2010 22:15] ==== Firefox Extensions ====================== ProfilePath: C:\Users\ANA\AppData\Roaming\Mozilla\Firefox\Profiles\5fdh7f8m.default - Cool Smiley Bar for Facebook - %ProfilePath%\extensions\pluswinks@PlusWinks.xpi - Speed Analysis 2 - %ProfilePath%\extensions\speedanalysis02@SpeedAnalysis.com.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\ANA\AppData\Roaming\Mozilla\Firefox\Profiles\5fdh7f8m.default 0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash 855B79451ECF62602F20EB4D5C71F99B - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director ==== Chrome Look ====================== Google Drive - ANA - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - ANA - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Gmail - ANA - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.bing.com" "Start Page Restore"="http://www.google.com" "BrowserMngr Start Page"="http://www.google.com" "Search Bar"="http://www.bing.com" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com" "SearchAssistant"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox" {D944BB61-2E34-4DBF-A683-47E505C587DC} Unknown Url="Not_Found" ==== EOF on 10.09.2013 at 18:05:43,56 ======================

Profil

Sass Drake Poslao: 10 Sep 2013 19:01 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: `autoclean; pluswinks@PlusWinks.xpi;ff speedanalysis02@SpeedAnalysis.com.xpi;ff startupall; emptyalltemp;` Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku. Kakvo je sada stanje?

Profil

smz Poslao: 10 Sep 2013 19:48 Idi na vrh
offline smz Građanin Pridružio: 18 Mar 2008 Poruke: 57	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe Version 4.0.0.4 Updated 07-September-2013 Tool run by ANA on 10.09.2013 at 19:42:58,66. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\ANA\AppData\Local\Temp\Rar$EX37.112\zoek.exe [Script inserted] ==== Older Logs ====================== C:\zoek-results10.09.2013-1805.log 9258 bytes

Profil

Sass Drake Poslao: 10 Sep 2013 19:50 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisi dobro ispratio uputstvo.

Profil

smz Poslao: 10 Sep 2013 21:34 Idi na vrh
offline smz Građanin Pridružio: 18 Mar 2008 Poruke: 57	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nije mi jasno u cemu gresim. Prenesem tekst,sa Run Script startujem i obavesti me da sacekam i da ne pokrecem browser da ce restartovati i otvoriti log u editoru i nista dalje nakon 20tak minuta niti javlja da je zavrsio niti restartuje niti otvara editor...na C nadjem zoe-results sledece Zoek.exe Version 4.0.0.4 Updated 07-September-2013 Tool run by ANA on 10.09.2013 at 20:53:23,40. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\ANA\Desktop\zoek\zoek.exe [Script inserted] ==== Older Logs ====================== C:\zoek-results10.09.2013-1805.log 9258 bytes C:\zoek-results10.09.2013-1943.log 389 bytes C:\zoek-results10.09.2013-2031.log 435 bytes Isprobao sam malo i vdim da je brze i da nema u ovom trenutku vise velikih prozora sa reklamama za igrice. Gotovo da cu i na mom racunaru isto pokusati jer i tamo ima tragova od igrica vec poduze vreme. Ako nije problem samo da nastavimo u ovoj temi

Profil

Sass Drake Poslao: 10 Sep 2013 21:43 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Onda Zoek nešto zeza. Za tvoj drugi računar otvori novu temu, ali tek nakon što završimo sa ovim. Ponovi prethodni korak samo sa ovom skriptom: `pluswinks@PlusWinks.xpi;ff speedanalysis02@SpeedAnalysis.com.xpi;ff startupall; emptyalltemp;`

Profil

smz Poslao: 10 Sep 2013 22:33 Idi na vrh
offline smz Građanin Pridružio: 18 Mar 2008 Poruke: 57	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe Version 4.0.0.4 Updated 07-September-2013 Tool run by ANA on 10.09.2013 at 22:19:37,64. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\ANA\Desktop\zoek\zoek.exe [Script inserted] ==== Older Logs ====================== C:\zoek-results10.09.2013-1805.log 9258 bytes C:\zoek-results10.09.2013-1943.log 389 bytes C:\zoek-results10.09.2013-2031.log 435 bytes C:\zoek-results10.09.2013-2054.log 462 bytes ==== FireFox Fix ====================== ProfilePath: C:\Users\ANA\AppData\Roaming\Mozilla\Firefox\Profiles\5fdh7f8m.default user.js not found ---- Lines pluswinks@PlusWinks.xpi removed from prefs.js ---- ---- Lines pluswinks@PlusWinks.xpi modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":1369327569118,\"rdfTime\":1368089726000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1376773614625,\"rdfTime\":1376773614625}}},{\"name\":\"app-profile\",\"addons\":{\"pluswinks@PlusWinks\":{\"descriptor\":\"C:\\\\Users\\\\ANA\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\5fdh7f8m.default\\\\extensions\\\\pluswinks@PlusWinks.xpi\",\"mtime\":1374330355092},\"speedanalysis02@SpeedAnalysis.com\":{\"descriptor\":\"C:\\\\Users\\\\ANA\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\5fdh7f8m.default\\\\extensions\\\\speedanalysis02@SpeedAnalysis.com.xpi\",\"mtime\":1370726555610}}}]"); ---- Lines speedanalysis02@SpeedAnalysis.com.xpi removed from prefs.js ---- ---- Lines speedanalysis02@SpeedAnalysis.com.xpi modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":1369327569118,\"rdfTime\":1368089726000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1376773614625,\"rdfTime\":1376773614625}}},{\"name\":\"app-profile\",\"addons\":{\"pluswinks@PlusWinks\":{\"descriptor\":\"C:\\\\Users\\\\ANA\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\5fdh7f8m.default\\\\extensions\\\\disabled\",\"mtime\":1374330355092},\"speedanalysis02@SpeedAnalysis.com\":{\"descriptor\":\"C:\\\\Users\\\\ANA\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\5fdh7f8m.default\\\\extensions\\\\speedanalysis02@SpeedAnalysis.com.xpi\",\"mtime\":1370726555610}}}]"); ---- FireFox user.js and prefs.js backups ---- prefs__2222_.backup ProfilePath: C:\Users\ANA\AppData\Roaming\Mozilla\Firefox\Profiles\bg0wswdz.default user.js not found ---- Lines pluswinks@PlusWinks.xpi removed from prefs.js ---- ---- Lines pluswinks@PlusWinks.xpi modified from prefs.js ---- ---- Lines speedanalysis02@SpeedAnalysis.com.xpi removed from prefs.js ---- ---- Lines speedanalysis02@SpeedAnalysis.com.xpi modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs__2222_.backup ProfilePath: C:\Users\ANA\AppData\Roaming\Mozilla\Firefox\Profiles\cyivnnxl.default user.js not found ---- Lines pluswinks@PlusWinks.xpi removed from prefs.js ---- ---- Lines pluswinks@PlusWinks.xpi modified from prefs.js ---- ---- Lines speedanalysis02@SpeedAnalysis.com.xpi removed from prefs.js ---- ---- Lines speedanalysis02@SpeedAnalysis.com.xpi modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs__2222_.backup ProfilePath: C:\Users\ANA\AppData\Roaming\Mozilla\Firefox\Profiles\inz1r9eh.default-1347088815518 user.js not found ---- Lines pluswinks@PlusWinks.xpi removed from prefs.js ---- ---- Lines pluswinks@PlusWinks.xpi modified from prefs.js ---- ---- Lines speedanalysis02@SpeedAnalysis.com.xpi removed from prefs.js ---- ---- Lines speedanalysis02@SpeedAnalysis.com.xpi modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs__2222_.backup ==== Deleting Files \ Folders ====================== "C:\user.js" deleted "C:\Users\ANA\AppData\Roaming\Mozilla\Firefox\Profiles\5fdh7f8m.default\extensions\pluswinks@PlusWinks.xpi" deleted "C:\Users\ANA\AppData\Roaming\Mozilla\Firefox\Profiles\5fdh7f8m.default\extensions\speedanalysis02@SpeedAnalysis.com.xpi" deleted "C:\Users\ANA\AppData\Roaming\Mozilla\Firefox\Profiles\5fdh7f8m.default\extensions\pluswinks@PlusWinks.xpi" deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3300908418-3802915229-2868254740-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "uTorrent"="C:\Users\ANA\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "UpdateMyDrivers"="C:\Program Files (x86)\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss" "MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "HPQuickWebProxy"="C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "uTorrent"="C:\Users\ANA\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "UpdateMyDrivers"="C:\Program Files (x86)\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss" "MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "SetDefault"="C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2013-03-20 22:09:54 1556 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\STK02N 2.3 PNP Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10.09.2013 21:50] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28.01.2012 14:52] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28.01.2012 14:52] C:\Windows\tasks\HPCeeScheduleForANA-HP$.job --a------ C:\Program Files (x86)\Hewlett-PaC:kard\HP C:eement\HPC:EE.exe [] C:\Windows\tasks\HPCeeScheduleForANA.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13.09.2010 22:15] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== Profilepath: C:\Users\ANA\AppData\Roaming\Mozilla\Firefox\Profiles\5fdh7f8m.default 0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash 855B79451ECF62602F20EB4D5C71F99B - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E54729E8-BB3D-4270-9D49-7389EA579090} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{E54729E8-BB3D-4270-9D49-7389EA579090} deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\ANA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\ANA\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\ANA\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\ANA\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\ANA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\47PLL36K will be deleted at reboot C:\Users\ANA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUUP0HD0 will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\ANA\AppData\Local\Mozilla\Firefox\Profiles\5fdh7f8m.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\ANA\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ANA\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\ANA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\47PLL36K" not found "C:\Users\ANA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUUP0HD0" not found ==== EOF on 10.09.2013 at 22:30:07,61 ======================

Profil

Sass Drake Poslao: 10 Sep 2013 22:37 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To bi bilo to. S obzirom da ti više reklame ne iskaču, ostaje ti još da uradiš sljedeće i time smo završili: Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop Dvoklikom pokreni program. Štikliraj sledeće opcije: Remove disinfection tools Purge System Restore Reset system settings Klikni na dugme "Run" i pričekaj da program završi rad. Kada alat završi, otvoriće izvestaj u notepadu. Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt Taj izvještaj ne mroaš da postavljaš ovdje. Posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj. Preporučujem da za zaštitu USB memorijskih uređaja koristiš MCShield. Nema nikakve veze sa antivirus-om tj. neće ometati njegov rad, a pokazao se kao jedan od najboljih vida zaštite od malware-a koji se prenosi putem USB mem. uređaja. Home Page MCShield-a: http://www.mcshield.net Više o MCShield-u možeš saznati u ovoj temi: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html Facebook stranica MCShield-a: http://www.facebook.com/MCShield Za drugi računar koji si spomenuo otvori novu temu u ovom potforumu.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provera zbog decijih igrica

Ko je trenutno na forumu

Ukupno su 1198 korisnika na forumu :: 47 registrovanih, 5 sakrivenih i 1146 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: babaroga, bestguarder, bojan_t, Boris90, boske81, BraneS, bufanje, Centauro, Denaya, djordje92sm, doloress, Dorcolac, goranperović66, Karla, Kazablankasrb, Koridor, kybonacci, lcc, Leonov, lord sir giga, maiden6657, mean_machine, Mi lao shu, mikrimaus, mile23, milos.cbr, minmatar34957, MiroslavD, mkukoleca, nebojsag, nextyamb, Panter, sabros, Sir Budimir, stankolich, StefanNBG90, Tvrtko I, UAV operator, Valter071, vathra, Vatreni Zmaj, Viktor Petrenko, vladaa012, vukovi, wolverined4, Žrnov, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by