MyCity » Ambulanta -> Arhiva Ambulante » Deinstalacija Tencent Tecgnology QQ

Deinstalacija Tencent Tecgnology QQ

Napisano na dan: 27.6.2015

Strana:
1
2

Deinstalacija Tencent Tecgnology QQ

Sledeća strana

Pagination

Odgovori

Strana:
1
2

S2M Poslao: 27 Jun 2015 00:08 Idi na vrh
offline S2M Građanin life developer Pridružio: 21 Nov 2009 Poruke: 66 Gde živiš: Stuttgart	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Kako i kolega Amar i ja imam identičan problem na laptopu.Kineza sam pokupio kad sam pokušao instalirati nekakav program za projektovanje namještaja "Mr.Diker". Uglavnom,pratio sam dešavanja sa kolegom Amarom i pokušao se riješiti kineza.Mislio sam da sam uspjeo,međutim kad sam otvorio Control panel-adm.tools-sistem,vidio sam da se još nalazi tamo. Koristim bezžični internet,Blic Net. Dok je bilo podrške za XP koristio sam MS Essential AV,a sad sam instalirao AVG AV. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-06-2015 Ran by User (administrator) on ASDFGH-12FC382F on 26-06-2015 23:43:02 Running from C:\Documents and Settings\User\Desktop Loaded Profiles: User (Available Profiles: User) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States) Internet Explorer Version 6 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-02-07] (Intel Corporation) HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [1368064 2009-02-27] (Intel(R) Corporation) HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1202448 2009-02-27] (Intel(R) Corporation) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [33648 2007-08-24] (Microsoft Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM\...\Run: [baidusdTray] => "C:\Program Files\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe" -stmd=3 HKLM\...\Run: [ QQPCTray] => "C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCTRAY.EXE" /regrun /qqrepair HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3727824 2015-06-16] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [Advanced System~Protector_startup] => "C:\Program Files\ASP\AdvancedSystemProtector.exe" autolaunch HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\Run: [ZedgeToneSync] => C:\Documents and Settings\User\Local Settings\Apps\2.0\Data\APG42VTA.LY5\9MD6EM9Y.LOV\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms -startup HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\Run: [IRNeroReboot] => "C:\Documents and Settings\User\Desktop\Nero_BurningROM2015_setup-16.4c_softonic_trial.exe" /reboot="1" HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\Run: [AvgUpdater0215pit] => C:\Documents and Settings\All Users\Application Data\Avg_Update_0215pit\0215pit_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0215pit /INFORETRY=2 HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\MountPoints2: {3c3f7ad6-282c-11e2-bbf8-00059a3c7800} - degildir/cunku.exe HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\MountPoints2: {a96d2f06-2152-11e3-bce1-00e0910853cd} - F:\LGAutoRun.exe HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\MountPoints2: {f2980a51-53ba-11e3-bced-00e0910853cd} - F:\wuaakk\maharoko.exe HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-08-24] (Microsoft Corporation) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk [2012-11-01] ShortcutTarget: VPN Client.lnk -> C:\WINDOWS\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico () Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-05] ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Microsoft Office Groove.lnk [2013-08-11] ShortcutTarget: Microsoft Office Groove.lnk -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE (Microsoft Corporation) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.) BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-1220945662-789336058-842925246-1003\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] URLSearchHook: HKU\S-1-5-21-1220945662-789336058-842925246-1003 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://Vosteran.com/?f=2&a=vst_aw_14_48_ch&cd=2XzuyEtN2Y1L1QzutDtD0EtDzytCtDzzyDtA0C0D0AyE0FyCtN0D0Tzu0StCtDyDzztN1L2XzutAtFyCtFtBtFtDtN1L1Czu0C0I0S0V0E0R1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCtAyCyD0CtB0DtGzyyCtDyDtG0BzyyD0BtGtC0ByB0AtGyBzy0ByB0A0FyCtByD0CyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0DtBtDzztC0D0CtG0EtAyE0DtGyE0E0EyDtG0ByEyC0CtGyEyCtC0Dzy0AtDtD0F0FtAtA2Q&cr=208105147&ir=" <ATTENTION> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1220945662-789336058-842925246-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Link mogu videti samo ulogovani korisnici] Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2007-08-24] (Microsoft Corporation) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2009-02-03] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll No File FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @qq.com/npAndroidAssistant -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll No File FF Plugin: @qq.com/QQPCMgr -> C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\npQMExtensionsMozilla.dll No File FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-26] CHR Extension: (Google Wallet) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ATTENTION: => Could not perform signature verification. Cryptographic Service is not running. R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3461072 2015-06-16] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [312816 2015-06-16] (AVG Technologies CZ, s.r.o.) R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation) R2 S24EventMonitor; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [909312 2009-02-27] (Intel(R) Corporation) S4 QQPCRTP; "C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCRTP.exe" -r [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AndNetDiag; C:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [23168 2013-04-18] (LG Electronics Inc.) S3 ANDNetModem; C:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [27776 2013-06-28] (LG Electronics Inc.) R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [213472 2015-05-19] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [190944 2015-05-12] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [29664 2015-05-14] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [206816 2015-04-15] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [169440 2015-05-12] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [213984 2015-05-12] (AVG Technologies CZ, s.r.o.) S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.) R2 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.) R3 DNE; C:\WINDOWS\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.) R3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [77463 2003-09-14] (3Com Corporation) R1 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [165264 2010-10-24] (Microsoft Corporation) R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [11904 2008-08-13] (Intel Corporation) S3 tifm; C:\WINDOWS\System32\drivers\tifm.sys [67072 2004-05-21] (Texas Instruments) R3 tifmsony; C:\WINDOWS\System32\drivers\tifmsony.sys [80896 2007-02-28] (Texas Instruments) R3 VIAudio; C:\WINDOWS\System32\drivers\vinyl97.sys [207488 2007-06-27] (VIA Technologies, Inc.) S3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [394952 2007-11-14] (Zone Labs, LLC) R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2216064 2008-01-07] (Intel® Corporation) U5 BDMWrench; C:\Windows\System32\Drivers\BDMWrench.sys [229712 2015-04-08] (Baidu) S1 BdSandBox; system32\DRIVERS\BdSandBox.sys [X] S2 QQSysMon; \??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQSysMon.sys [X] S0 TsFltMgr; system32\drivers\TsFltMgr.sys [X] S1 TSKSP; \??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TSKsp.sys [X] S1 TSSysKit; \??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TSSysKit.sys [X] U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-26 23:43 - 2015-06-26 23:43 - 00016475 _____ C:\Documents and Settings\User\Desktop\FRST.txt 2015-06-26 23:42 - 2015-06-26 23:43 - 00000000 ____D C:\FRST 2015-06-26 23:40 - 2015-06-26 23:40 - 01636352 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe 2015-06-25 23:36 - 2015-06-25 23:36 - 00000000 ____D C:\WINDOWS\ERUNT 2015-06-25 23:35 - 2015-06-25 23:36 - 00001479 _____ C:\DelFix.txt 2015-06-25 20:48 - 2015-06-25 23:49 - 00000020 _____ C:\Documents and Settings\User\Application Data\appdataFr2.bin 2015-06-25 20:44 - 2015-06-25 20:44 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Apple Computer 2015-06-25 14:41 - 2015-06-25 22:38 - 05529472 _____ (Advanced System Protector ) C:\Documents and Settings\User\My Documents\aspsetup.exe 2015-06-25 08:14 - 2015-06-26 23:43 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Temp 2015-06-25 08:14 - 2015-06-25 08:14 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp 2015-06-25 08:14 - 2015-06-25 08:14 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp 2015-06-25 08:14 - 2015-06-25 08:14 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\Temp 2015-06-25 08:14 - 2015-06-24 22:26 - 00024064 _____ C:\WINDOWS\zoek-delete.exe 2015-06-25 08:13 - 2015-06-25 08:13 - 00000202 _____ C:\files.log 2015-06-25 05:51 - 2015-06-25 20:40 - 00000269 _____ C:\folders.log 2015-06-24 21:33 - 2015-05-27 00:03 - 136900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-06-24 18:02 - 2015-06-24 18:02 - 00000000 ____D C:\Program Files\ESET 2015-06-24 00:46 - 2015-06-24 00:46 - 00000000 ____D C:\Documents and Settings\User\Application Data\AVG2015 2015-06-24 00:41 - 2015-06-24 00:41 - 00000714 _____ C:\Documents and Settings\All Users\Desktop\AVG 2015.lnk 2015-06-24 00:41 - 2015-06-24 00:41 - 00000000 ____D C:\Documents and Settings\User\Application Data\TuneUp Software 2015-06-24 00:41 - 2015-06-24 00:41 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2015-06-23 23:50 - 2015-06-23 23:50 - 00090112 _____ C:\WINDOWS\Minidump\Mini062315-01.dmp 2015-06-23 23:46 - 2015-06-24 19:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2015 2015-06-23 23:46 - 2015-06-23 23:46 - 00000000 ___HD C:\$AVG 2015-06-23 23:43 - 2015-06-23 23:43 - 00000000 ____D C:\Program Files\AVG 2015-06-23 23:37 - 2015-06-26 22:46 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData 2015-06-23 23:37 - 2015-06-24 19:39 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Avg2015 2015-06-23 23:37 - 2015-06-23 23:37 - 04635400 _____ (AVG Technologies) C:\Documents and Settings\User\My Documents\avg_avct_stb_all_2015_5577_ppc-avc-welcomecmp4.exe 2015-06-23 23:37 - 2015-06-23 23:37 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\MFAData 2015-06-23 23:21 - 2015-06-25 23:09 - 00000000 ____D C:\Documents and Settings\All Users\TXQMPC 2015-06-23 23:21 - 2015-06-25 20:59 - 00000065 _____ C:\WINDOWS\QMNetworkMgr.ini 2015-06-23 18:19 - 2015-06-23 18:19 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Tencent 2015-06-23 18:16 - 2015-06-25 23:11 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Tencent 2015-06-23 18:15 - 2015-06-23 23:15 - 00000004 _____ C:\WINDOWS\system32\029B560A371F4E00AB32838EBC01B9E7 2015-06-23 18:08 - 2015-06-24 20:35 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Baidu 2015-06-23 18:08 - 2015-06-24 19:04 - 00000000 ____D C:\Documents and Settings\User\Application Data\Baidu 2015-06-23 18:08 - 2015-04-08 09:17 - 00229712 _____ (Baidu) C:\WINDOWS\system32\Drivers\BDMWrench.sys 2015-06-23 18:08 - 2015-04-08 09:17 - 00026824 _____ (Baidu) C:\WINDOWS\system32\Drivers\BDFileDefend.sys 2015-06-23 18:05 - 2015-06-23 18:05 - 00000218 _____ C:\Documents and Settings\User\Local Settings\Application Data\recently-used.xbel 2015-06-23 18:05 - 2015-06-23 18:05 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Rising 2015-06-23 18:04 - 2015-06-24 21:06 - 00000000 ____D C:\Program Files\Rising 2015-06-23 18:04 - 2015-06-23 18:04 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Rising 2015-06-23 17:40 - 2015-06-23 17:40 - 00001745 _____ C:\Documents and Settings\User\Desktop\Internet Explorer.lnk 2015-06-23 17:40 - 2015-06-23 17:40 - 00001745 _____ C:\Documents and Settings\NetworkService\Desktop\Internet Explorer.lnk 2015-06-23 17:40 - 2015-06-23 17:40 - 00001745 _____ C:\Documents and Settings\LocalService\Desktop\Internet Explorer.lnk 2015-06-23 17:31 - 2015-06-23 17:31 - 00001551 _____ C:\Documents and Settings\User\Desktop\ALNO AG Kitchen Planner.lnk 2015-06-23 17:31 - 2015-06-23 17:31 - 00000000 ____D C:\Program Files\ALNO 2015-06-23 17:31 - 2015-06-23 17:31 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\ALNO AG Kitchen Planner 2015-06-23 17:27 - 2015-06-23 17:31 - 18141860 _____ (ALNO AG ) C:\Documents and Settings\User\My Documents\alno_kplsetup.exe 2015-06-18 22:35 - 2015-06-18 22:35 - 00000000 ____D C:\Documents and Settings\User\Application Data\SketchUp 2015-06-18 22:29 - 2015-06-18 22:29 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SketchUp 2015-06-14 22:51 - 2015-06-18 22:07 - 83487800 _____ (Trimble Navigation Limited) C:\Documents and Settings\User\My Documents\SketchUpPro-2014-1-1282-61130-en.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-26 23:19 - 2013-11-10 19:14 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-06-26 23:14 - 2012-10-31 16:19 - 00000211 __RSH C:\boot.ini 2015-06-26 23:14 - 2012-10-31 14:32 - 00000000 __RSH C:\CONFIG.SYS 2015-06-26 23:10 - 2012-10-31 14:39 - 00032408 _____ C:\WINDOWS\SchedLgU.Txt 2015-06-26 23:10 - 2012-10-31 14:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-06-26 23:10 - 2012-10-31 14:31 - 01318779 _____ C:\WINDOWS\WindowsUpdate.log 2015-06-26 23:04 - 2012-10-31 16:24 - 00000159 _____ C:\WINDOWS\wiadebug.log 2015-06-26 23:04 - 2012-10-31 16:24 - 00000049 _____ C:\WINDOWS\wiaservc.log 2015-06-26 23:03 - 2013-11-10 13:35 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Deployment 2015-06-26 22:50 - 2012-10-31 14:48 - 00000148 ___SH C:\Documents and Settings\User\ntuser.ini 2015-06-26 22:37 - 2013-07-17 20:42 - 00002187 _____ C:\Documents and Settings\All Users\Desktop\Safari.lnk 2015-06-25 23:29 - 2012-11-01 16:29 - 00000000 ____D C:\WINDOWS\Microsoft.NET 2015-06-25 22:52 - 2012-10-31 16:20 - 00386865 _____ C:\WINDOWS\setupapi.log 2015-06-25 20:40 - 2014-02-02 21:42 - 00000008 __RSH C:\Documents and Settings\All Users\ntuser.pol 2015-06-25 07:53 - 2015-05-11 23:16 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Comodo 2015-06-25 07:53 - 2015-05-11 23:16 - 00000000 ____D C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google 2015-06-25 07:53 - 2015-05-11 23:16 - 00000000 ____D C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo 2015-06-25 07:53 - 2015-05-11 23:16 - 00000000 ____D C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google 2015-06-25 07:53 - 2015-05-11 23:16 - 00000000 ____D C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo 2015-06-25 07:53 - 2015-05-11 23:16 - 00000000 ____D C:\Documents and Settings\Guest\Local Settings\Application Data\Google 2015-06-25 07:53 - 2015-05-11 23:16 - 00000000 ____D C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo 2015-06-25 07:53 - 2015-05-11 23:16 - 00000000 ____D C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google 2015-06-25 07:53 - 2015-05-11 23:16 - 00000000 ____D C:\Documents and Settings\ASPNET\Local Settings\Application Data\Comodo 2015-06-25 07:53 - 2015-05-11 23:16 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Google 2015-06-25 07:53 - 2015-05-11 23:16 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo 2015-06-25 07:53 - 2012-11-01 09:40 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Google 2015-06-25 07:37 - 2014-02-02 21:42 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2015-06-24 21:55 - 2014-11-24 20:40 - 00002559 _____ C:\Documents and Settings\User\Desktop\Sophos Virus Removal Tool.lnk 2015-06-24 21:47 - 2008-04-14 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2015-06-24 19:35 - 2012-11-01 10:40 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Temp 2015-06-24 18:21 - 2013-11-10 19:14 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-06-24 18:21 - 2013-11-10 19:14 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-06-24 17:37 - 2013-06-24 21:50 - 00000000 ___RD C:\Documents and Settings\User\My Documents\Dropbox 2015-06-24 17:35 - 2013-06-24 21:44 - 00000000 ____D C:\Documents and Settings\User\Application Data\Dropbox 2015-06-23 23:55 - 2013-09-18 20:42 - 00000000 ____D C:\WINDOWS\Minidump 2015-06-23 23:33 - 2013-07-11 20:46 - 00056488 ____H C:\WINDOWS\system32\mlfcache.dat 2015-06-23 23:09 - 2012-11-01 08:30 - 00069256 _____ C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2015-06-23 23:06 - 2012-10-31 16:20 - 00267800 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-06-23 17:40 - 2015-05-11 23:48 - 00001815 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk 2015-06-23 17:40 - 2012-10-31 14:39 - 00000000 __SHD C:\Documents and Settings\LocalService 2015-06-23 17:40 - 2012-10-31 14:37 - 00000000 __SHD C:\Documents and Settings\NetworkService 2015-06-18 22:43 - 2015-05-21 18:05 - 00000024 _____ C:\Documents and Settings\User\Application Data\appdataFr25.bin 2015-06-18 22:19 - 2012-10-31 16:21 - 00584298 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-06-18 22:11 - 2013-05-03 16:26 - 00000000 ____D C:\Program Files\Microsoft.NET 2015-06-18 21:47 - 2013-07-27 11:45 - 00000000 ____D C:\Documents and Settings\User\My Documents\namjestaj 2015-05-31 13:57 - 2013-08-17 18:41 - 00000000 ____D C:\Documents and Settings\User\My Documents\OneNote Notebooks 2015-05-31 13:57 - 2013-05-03 16:06 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help 2015-05-31 13:50 - 2013-05-03 17:17 - 00000000 ____D C:\Faktura ==================== Files in the root of some directories ======= 2015-06-25 20:48 - 2015-06-25 23:49 - 0000020 _____ () C:\Documents and Settings\User\Application Data\appdataFr2.bin 2015-05-21 18:05 - 2015-06-18 22:43 - 0000024 _____ () C:\Documents and Settings\User\Application Data\appdataFr25.bin 2013-12-23 18:30 - 2013-12-23 18:30 - 0000890 _____ () C:\Documents and Settings\User\Local Settings\Application Data\Crashlog.txt 2014-07-13 15:05 - 2014-07-13 15:05 - 0003584 _____ () C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-11-01 17:13 - 2012-11-01 17:13 - 0000127 _____ () C:\Documents and Settings\User\Local Settings\Application Data\fusioncache.dat 2015-06-23 18:05 - 2015-06-23 18:05 - 0000218 _____ () C:\Documents and Settings\User\Local Settings\Application Data\recently-used.xbel 2015-06-25 23:12 - 2015-06-25 23:12 - 0001335 _____ () C:\Documents and Settings\User\Local Settings\Application Data\ZedgeLog.txt Some files in TEMP: ==================== C:\Documents and Settings\User\Local Settings\Temp\pyl2.tmp.exe C:\Documents and Settings\User\Local Settings\Temp\pyl3.tmp.exe C:\Documents and Settings\User\Local Settings\Temp\pyl4.tmp.exe C:\Documents and Settings\User\Local Settings\Temp\Quarantine.exe C:\Documents and Settings\User\Local Settings\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => MD5 is legit C:\WINDOWS\system32\winlogon.exe => MD5 is legit C:\WINDOWS\system32\svchost.exe => MD5 is legit C:\WINDOWS\system32\services.exe => MD5 is legit C:\WINDOWS\system32\User32.dll => MD5 is legit C:\WINDOWS\system32\userinit.exe => MD5 is legit C:\WINDOWS\system32\rpcss.dll => MD5 is legit C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit ==================== End of log ============================ [Link mogu videti samo ulogovani korisnici]

Profil

Sass Drake Poslao: 27 Jun 2015 19:13 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Idi u Start -> Control Panel -> Add or Remove Programs i deinstaliraj sljedeće programe ako ti nisu potrebni: Advanced-System Protector DriverMax 5 globalupdate Helper Infusionsoft Sync for Gmail Korak 2 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. HKLM\...\Run: [baidusdTray] => "C:\Program Files\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe" -stmd=3 HKLM\...\Run: [ QQPCTray] => "C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCTRAY.EXE" /regrun /qqrepair HKLM\...\Run: [Advanced System~Protector_startup] => "C:\Program Files\ASP\AdvancedSystemProtector.exe" autolaunch HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\Run: [AvgUpdater0215pit] => C:\Documents and Settings\All Users\Application Data\Avg_Update_0215pit\0215pit_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0215pit /INFORETRY=2 HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\MountPoints2: {3c3f7ad6-282c-11e2-bbf8-00059a3c7800} - degildir/cunku.exe HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\MountPoints2: {a96d2f06-2152-11e3-bce1-00e0910853cd} - F:\LGAutoRun.exe HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\MountPoints2: {f2980a51-53ba-11e3-bced-00e0910853cd} - F:\wuaakk\maharoko.exe HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91284697_hao_pg HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://Vosteran.com/?f=2&a=vst_aw_14_48_ch&cd=2XzuyEtN2Y1L1QzutDtD0EtDzytCtDzzyDtA0C0D0AyE0FyCtN0D0Tzu0StCtDyDzztN1L2XzutAtFyCtFtBtFtDtN1L1Czu0C0I0S0V0E0R1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCtAyCyD0CtB0DtGzyyCtDyDtG0BzyyD0BtGtC0ByB0AtGyBzy0ByB0A0FyCtByD0CyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0DtBtDzztC0D0CtG0EtAyE0DtGyE0E0EyDtG0ByEyC0CtGyEyCtC0Dzy0AtDtD0F0FtAtA2Q&cr=208105147&ir=" <ATTENTION> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll No File F Plugin: @qq.com/npAndroidAssistant -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll No File FF Plugin: @qq.com/QQPCMgr -> C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\npQMExtensionsMozilla.dll No File S4 QQPCRTP; "C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCRTP.exe" -r [X] U5 BDMWrench; C:\Windows\System32\Drivers\BDMWrench.sys [229712 2015-04-08] (Baidu) S1 BdSandBox; system32\DRIVERS\BdSandBox.sys [X] S2 QQSysMon; \??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQSysMon.sys [X] S0 TsFltMgr; system32\drivers\TsFltMgr.sys [X] S1 TSKSP; \??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TSKsp.sys [X] S1 TSSysKit; \??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TSSysKit.sys [X] C:\Program Files\Baidu C:\Program Files\Tencent C:\Program Files\ASP C:\Documents and Settings\User\My Documents\aspsetup.exe 2015-06-23 18:08 - 2015-06-24 20:35 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Baidu 2015-06-23 18:08 - 2015-06-24 19:04 - 00000000 ____D C:\Documents and Settings\User\Application Data\Baidu 2015-06-23 18:08 - 2015-04-08 09:17 - 00229712 _____ (Baidu) C:\WINDOWS\system32\Drivers\BDMWrench.sys 2015-06-23 18:08 - 2015-04-08 09:17 - 00026824 _____ (Baidu) C:\WINDOWS\system32\Drivers\BDFileDefend.sys EmptyTemp: U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Korak 3 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. u EULA prozoru klikni na I agree. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Cleaning i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl" Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

Profil

S2M Poslao: 28 Jun 2015 00:57 Idi na vrh
offline S2M Građanin life developer Pridružio: 21 Nov 2009 Poruke: 66 Gde živiš: Stuttgart	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Evo ga Fixlog: Fix result of Farbar Recovery Scan Tool (x86) Version: 24-06-2015 Ran by User at 2015-06-28 00:23:02 Run:1 Running from C:\Documents and Settings\User\Desktop Loaded Profiles: User (Available Profiles: User) Boot Mode: Normal ============================================== fixlist content: *************** HKLM\...\Run: [baidusdTray] => "C:\Program Files\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe" -stmd=3 HKLM\...\Run: [ QQPCTray] => "C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCTRAY.EXE" /regrun /qqrepair HKLM\...\Run: [Advanced System~Protector_startup] => "C:\Program Files\ASP\AdvancedSystemProtector.exe" autolaunch HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\Run: [AvgUpdater0215pit] => C:\Documents and Settings\All Users\Application Data\Avg_Update_0215pit\0215pit_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0215pit /INFORETRY=2 HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\MountPoints2: {3c3f7ad6-282c-11e2-bbf8-00059a3c7800} - degildir/cunku.exe HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\MountPoints2: {a96d2f06-2152-11e3-bce1-00e0910853cd} - F:\LGAutoRun.exe HKU\S-1-5-21-1220945662-789336058-842925246-1003\...\MountPoints2: {f2980a51-53ba-11e3-bced-00e0910853cd} - F:\wuaakk\maharoko.exe HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://Vosteran.com/?f=2&a=vst_aw_14_48_ch&cd=2XzuyEtN2Y1L1QzutDtD0EtDzytCtDzzyDtA0C0D0AyE0FyCtN0D0Tzu0StCtDyDzztN1L2XzutAtFyCtFtBtFtDtN1L1Czu0C0I0S0V0E0R1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCtAyCyD0CtB0DtGzyyCtDyDtG0BzyyD0BtGtC0ByB0AtGyBzy0ByB0A0FyCtByD0CyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0DtBtDzztC0D0CtG0EtAyE0DtGyE0E0EyDtG0ByEyC0CtGyEyCtC0Dzy0AtDtD0F0FtAtA2Q&cr=208105147&ir=" <ATTENTION> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll No File F Plugin: @qq.com/npAndroidAssistant -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll No File FF Plugin: @qq.com/QQPCMgr -> C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\npQMExtensionsMozilla.dll No File S4 QQPCRTP; "C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCRTP.exe" -r [X] U5 BDMWrench; C:\Windows\System32\Drivers\BDMWrench.sys [229712 2015-04-08] (Baidu) S1 BdSandBox; system32\DRIVERS\BdSandBox.sys [X] S2 QQSysMon; \??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQSysMon.sys [X] S0 TsFltMgr; system32\drivers\TsFltMgr.sys [X] S1 TSKSP; \??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TSKsp.sys [X] S1 TSSysKit; \??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TSSysKit.sys [X] C:\Program Files\Baidu C:\Program Files\Tencent C:\Program Files\ASP C:\Documents and Settings\User\My Documents\aspsetup.exe 2015-06-23 18:08 - 2015-06-24 20:35 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Baidu 2015-06-23 18:08 - 2015-06-24 19:04 - 00000000 ____D C:\Documents and Settings\User\Application Data\Baidu 2015-06-23 18:08 - 2015-04-08 09:17 - 00229712 _____ (Baidu) C:\WINDOWS\system32\Drivers\BDMWrench.sys 2015-06-23 18:08 - 2015-04-08 09:17 - 00026824 _____ (Baidu) C:\WINDOWS\system32\Drivers\BDFileDefend.sys EmptyTemp: ************* HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\baidusdTray => value removed successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ QQPCTray => value removed successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced System~Protector_startup => value removed successfully. HKU\S-1-5-21-1220945662-789336058-842925246-1003\Software\Microsoft\Windows\CurrentVersion\Run\\AvgUpdater0215pit => value removed successfully. "HKU\S-1-5-21-1220945662-789336058-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c3f7ad6-282c-11e2-bbf8-00059a3c7800}" => key removed successfully. HKCR\CLSID\{3c3f7ad6-282c-11e2-bbf8-00059a3c7800} => key not found. "HKU\S-1-5-21-1220945662-789336058-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a96d2f06-2152-11e3-bce1-00e0910853cd}" => key removed successfully. HKCR\CLSID\{a96d2f06-2152-11e3-bce1-00e0910853cd} => key not found. "HKU\S-1-5-21-1220945662-789336058-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f2980a51-53ba-11e3-bced-00e0910853cd}" => key removed successfully. HKCR\CLSID\{f2980a51-53ba-11e3-bced-00e0910853cd} => key not found. "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully "HKLM\Software\MozillaPlugins\@baidu.com/BaidusdDetectNPPlugin" => key removed successfully. F Plugin: @qq.com/npAndroidAssistant -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll No File => Error: No automatic fix found for this entry. "HKLM\Software\MozillaPlugins\@qq.com/QQPCMgr" => key removed successfully. QQPCRTP => Service removed successfully. BDMWrench => Service removed successfully. BdSandBox => Service removed successfully. QQSysMon => Service removed successfully. TsFltMgr => Service removed successfully. TSKSP => Service removed successfully. TSSysKit => Service removed successfully. "C:\Program Files\Baidu" => File/Folder not found. "C:\Program Files\Tencent" => File/Folder not found. "C:\Program Files\ASP" => File/Folder not found. C:\Documents and Settings\User\My Documents\aspsetup.exe => moved successfully. C:\Documents and Settings\All Users\Application Data\Baidu => moved successfully. C:\Documents and Settings\User\Application Data\Baidu => moved successfully. C:\WINDOWS\system32\Drivers\BDMWrench.sys => moved successfully. C:\WINDOWS\system32\Drivers\BDFileDefend.sys => moved successfully. EmptyTemp: => 1.1 GB temporary data Removed. The system needed a reboot. ==== End of Fixlog 00:23:59 ==== I izvještaj AdwCleaner u prilogu [Link mogu videti samo ulogovani korisnici]**

Profil

Sass Drake Poslao: 28 Jun 2015 01:07 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi ESET services repair tool na Desktop. Pokreni ServicesRepair.exe Klikni Yes kada se pojavi prozor Kada alat zavrsi, zatrazice ti da restartujes racunar. Klikni na Yes Nakon restarta, na Desktop-u ce se nalaziti CC Support folder, a u okviru njega folder Logs Unutar foldera Logs se nalazi SvcRepair.txt fajl ciji sadrzaj treba da kopiras u temu.

Profil

S2M Poslao: 28 Jun 2015 01:19 Idi na vrh
offline S2M Građanin life developer Pridružio: 21 Nov 2009 Poruke: 66 Gde živiš: Stuttgart	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo ga log: Log Opened: 2015-06-28 @ 01:10:55 01:10:55 - ----------------- 01:10:55 - \| Begin Logging \| 01:10:55 - ----------------- 01:10:55 - Fix started on a WIN_XP X86 computer 01:10:55 - Prep in progress. Please Wait. 01:10:59 - Prep complete 01:10:59 - Repairing Services Now. Please wait... The operation completed successfully INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\XP\BITS.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Enum> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS> SetACL finished successfully. The operation completed successfully INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\XP\SharedAccess.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Enum> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Setup> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess> SetACL finished successfully. The operation completed successfully INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\XP\wscsvc.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Enum> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc> SetACL finished successfully. The operation completed successfully INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\XP\wuauserv.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Enum> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv> SetACL finished successfully. 01:11:01 - Services Repair Complete. 01:11:09 - Reboot Initiated

Profil

Sass Drake Poslao: 28 Jun 2015 01:34 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje sistema? Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

S2M Poslao: 28 Jun 2015 10:18 Idi na vrh
offline S2M Građanin life developer Pridružio: 21 Nov 2009 Poruke: 66 Gde živiš: Stuttgart	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Malware nije detektovan. Malwarebytes Anti-Rootkit BETA 1.09.1.1004 [Link mogu videti samo ulogovani korisnici] Database version: main: v2015.06.27.07 rootkit: v2015.06.26.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 6.0.2900.5512 User :: ASDFGH-12FC382F [administrator] 28.06.2015 09:45:10 mbar-log-2015-06-28 (09-45-10).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 386205 Time elapsed: 27 minute(s), 37 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) I evo loga --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.09.1.1004 (c) Malwarebytes Corporation 2011-2012 OS version: 5.1.2600 Windows XP Service Pack 3 x86 Account is Administrative Internet Explorer version: 6.0.2900.5512 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 1.594000 GHz Memory total: 1055309824, free: 302964736 Downloaded database version: v2015.06.27.07 Downloaded database version: v2015.06.26.01 Downloaded database version: v2015.06.26.01 ======================================= Initializing... ------------ Kernel report ------------ 06/28/2015 09:43:55 ------------ Loaded modules ----------- \WINDOWS\system32\ntoskrnl.exe \WINDOWS\system32\hal.dll \WINDOWS\system32\KDCOM.DLL \WINDOWS\system32\BOOTVID.dll ACPI.sys \WINDOWS\system32\DRIVERS\WMILIB.SYS pci.sys isapnp.sys ohci1394.sys \WINDOWS\system32\DRIVERS\1394BUS.SYS compbatt.sys \WINDOWS\system32\DRIVERS\BATTC.SYS PCIIde.sys \WINDOWS\System32\Drivers\PCIIDEX.SYS intelide.sys pcmcia.sys MountMgr.sys ftdisk.sys dmload.sys dmio.sys ACPIEC.sys \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS PartMgr.sys VolSnap.sys atapi.sys disk.sys \WINDOWS\system32\DRIVERS\CLASSPNP.SYS fltMgr.sys sr.sys PxHelp20.sys KSecDD.sys WudfPf.sys Ntfs.sys NDIS.sys Mup.sys avgrkx86.sys avglogx.sys avgmfx86.sys avgidshx.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS\CmBatt.sys \SystemRoot\system32\DRIVERS\ialmnt5.sys \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS \SystemRoot\system32\DRIVERS\usbuhci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\nic1394.sys \SystemRoot\system32\drivers\tifmsony.sys \SystemRoot\system32\DRIVERS\w29n51.sys \SystemRoot\system32\DRIVERS\el90xbc5.sys \SystemRoot\system32\DRIVERS\parport.sys \SystemRoot\system32\DRIVERS\i8042prt.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\imapi.sys \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\system32\DRIVERS\redbook.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\system32\drivers\vinyl97.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\DRIVERS\AGRSM.sys \SystemRoot\System32\Drivers\Modem.SYS \SystemRoot\system32\DRIVERS\dne2000.sys \SystemRoot\system32\DRIVERS\audstub.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\DRIVERS\psched.sys \SystemRoot\system32\DRIVERS\msgpc.sys \SystemRoot\system32\DRIVERS\ptilink.sys \SystemRoot\system32\DRIVERS\raspti.sys \SystemRoot\system32\DRIVERS\rdpdr.sys \SystemRoot\system32\DRIVERS\termdd.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\update.sys \SystemRoot\system32\DRIVERS\mssmbios.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\system32\DRIVERS\MpFilter.sys \SystemRoot\System32\Drivers\Fs_Rec.SYS \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\Drivers\mnmdd.SYS \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\rasacd.sys \SystemRoot\system32\DRIVERS\ipsec.sys \SystemRoot\system32\DRIVERS\tcpip.sys \SystemRoot\system32\DRIVERS\avgtdix.sys \SystemRoot\system32\DRIVERS\netbt.sys \SystemRoot\System32\drivers\afd.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\System32\Drivers\Fips.SYS \SystemRoot\system32\DRIVERS\ipnat.sys \SystemRoot\system32\DRIVERS\avgldx86.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS\arp1394.sys \SystemRoot\system32\DRIVERS\avgidsshimx.sys \SystemRoot\system32\DRIVERS\avgidsdriverlx.sys \SystemRoot\system32\DRIVERS\avgdiskx.sys \SystemRoot\System32\Drivers\Cdfs.SYS \SystemRoot\System32\Drivers\dump_atapi.sys \SystemRoot\System32\Drivers\dump_WMILIB.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\watchdog.sys \SystemRoot\System32\drivers\dxg.sys \SystemRoot\System32\drivers\dxgthk.sys \SystemRoot\System32\ialmdnt5.dll \SystemRoot\System32\ialmrnt5.dll \SystemRoot\System32\ialmdev5.DLL \SystemRoot\System32\ialmdd5.DLL \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\DRIVERS\s24trans.sys \SystemRoot\system32\drivers\wdmaud.sys \SystemRoot\system32\drivers\sysaudio.sys \SystemRoot\System32\Drivers\ParVdm.SYS \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys \SystemRoot\system32\DRIVERS\srv.sys \SystemRoot\System32\Drivers\HTTP.sys \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys \WINDOWS\system32\ntdll.dll ----------- End ----------- Done! Scan started Database versions: main: v2015.06.27.07 rootkit: v2015.06.26.01 <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffffff86b69ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff86b31900, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff86b69ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff86b32520, DeviceName: \Device\00000082\, DriverName: \Driver\ACPI\ DevicePointer: 0xffffffff86b86940, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... Done! Drive 0 This is a System drive Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: C2F0C2F0 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 102398247 Partition file system is NTFS Partition is bootable Partition 1 type is Extended with LBA (0xf) Partition is NOT ACTIVE. Partition starts at LBA: 102398310 Numsec = 166015710 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 137438952960 bytes Sector size: 512 bytes Done! Physical Sector Size: 0 Drive: 1, DevicePointer: 0xffffffff86202ab8, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff86202890, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff86202ab8, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff861b8d70, DeviceName: \Device\0000008b\, DriverName: \Driver\tifmsony\ ------------ End ---------- File "c:\documents and settings\all users\application data\avg2015\chjw\8cd4560dd455f9c2.dat:565b9829-4969-4a0c-be1c-1111895fee28" is sparse (flags = 32768) File "c:\documents and settings\all users\application data\avg2015\chjw\8cd4560dd455f9c2.dat:bc718c1d-ffee-4d38-978a-10457cffac4f" is sparse (flags = 32768) File "c:\documents and settings\all users\application data\avg2015\chjw\a054dbce54dba4f6.dat:10004137-7841-4452-89ba-f52c7f54745e" is sparse (flags = 32768) File "c:\documents and settings\all users\application data\avg2015\chjw\a054dbce54dba4f6.dat:ba5b815b-1966-4574-970f-da1b4fcaf67e" is sparse (flags = 32768) File "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2015\log\avgcore.log.1" is compressed (flags = 1) Scan finished ======================================= Removal queue found; removal started Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam... Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-i.mbam... Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam... Removal finished

Profil

Sass Drake Poslao: 28 Jun 2015 11:42 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OK. Nisi mi odgovorio kakvo je sad stanje.

Profil

S2M Poslao: 28 Jun 2015 11:53 Idi na vrh
offline S2M Građanin life developer Pridružio: 21 Nov 2009 Poruke: 66 Gde živiš: Stuttgart	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uh,izvini.Sad radi dobro.CPU ne ide preko 25%,a prije na 100% čim uključim Chrome.Još nisam probao VPN client da se nakačim na server od firme,rekoh kad ti odobriš

Profil

Sass Drake Poslao: 28 Jun 2015 12:09 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To bi bilo to. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Deinstalacija Tencent Tecgnology QQ

Ko je trenutno na forumu

Ukupno su 1397 korisnika na forumu :: 52 registrovanih, 4 sakrivenih i 1341 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: amaterSRB, Bojan198527, boro975, darkkran, darkojbn, darkojovxp, DavidA, DejanCG, eagle.rs, EXIT78, Georgius, hyla, Igor Antonic, istina, kendzo-andzo-boni-fju, knutveliki, Koridor, Kubovac, kybonacci, Lazokobra, Lino, macak44, Marko Marković, MIG-3, milenko crazy north, mladen.zovko, Mrav Obrad, novator, Papadubi, Petarvu, Pohovani_00, PrincipL, prle122, reader, Sarmat, sekretar, Shajlok, Stanlio, Stoilkovic, Tas011, The Boss, theNedjeljko, US_Rank_0, VJ, vjekosuki, vjetar, voja64, vrlenija, vukan0799, zhuki8, Zoca, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by