Koci mi internet

1

Koci mi internet

offline
  • Pridružio: 26 Mar 2013
  • Poruke: 33
  • Gde živiš: Valjevo

Pozz. Imam problem sa internetom zakoci mi i ja moram da restartujem. Skenirala sam ali nema nikakav virus. Skenirala sam i sa malwarebytes i posle nadjenih greski opet isto, ne znam sta je problem. Internet mi je ADSL 10 Mbps. Bebee Dol
mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:26-08-2014
Ran by Administrator (administrator) on ASUS on 29-08-2014 18:35:00
Running from C:\Documents and Settings\Administrator\My Documents\Downloads
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKU\S-1-5-21-515967899-1214440339-1644491937-500\...\Run: [Google Update] => c:\documents and settings\administrator\local settings\application data\google\update\googleupdate.exe [116648 2014-07-27] (Google Inc.)
HKU\S-1-5-21-515967899-1214440339-1644491937-500\...\MountPoints2: {cbfa0ee6-01eb-11e4-8759-0017314523d1} - E:\AutoRun.exe
HKU\S-1-5-21-515967899-1214440339-1644491937-500\...\MountPoints2: {fdc36a9a-01ea-11e4-8758-0017314523d1} - E:\AutoRun.exe
SecurityProviders: schannel.dll, credssp.dll, digest.dll
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC0DA4F2431CCCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM - {6B528F7B-1290-4F85-BA27-8515B393FF4B} URL = google.com/search?q={searchTerms}
SearchScopes: HKLM - {6BA4BBC5-3A34-465E-A7AD-CA216AD72022} URL = en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
SearchScopes: HKCU - {2DBE4039-37A1-4C7B-8C8C-6BFAEF3426B6} URL = search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=f4d7dca60000000000000017314523d1&toi=16022&r=906
SearchScopes: HKCU - {4A5C0142-8514-4FA6-8BA1-EE29E1BA678D} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3225826&CUI=UN92668696911274713&UM=1
SearchScopes: HKCU - {6B528F7B-1290-4F85-BA27-8515B393FF4B} URL =
SearchScopes: HKCU - {6BA4BBC5-3A34-465E-A7AD-CA216AD72022} URL =
SearchScopes: HKCU - {A8105727-97B2-4B68-8BA5-57150A17B1B3} URL = eseeky.com/ws/?source=728386ab?tbp=rbox&.....7e9&q={searchTerms}
BHO: Groove GFS Browser Helper -> {390C7E87-153C-12DB-2EA6-0BB301EB26E9} -> C:\WINDOWS\system32\dpcdlll.dll ()
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5l8rhokh.default-1409132587171
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKCU: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files\OnLive\Plugin\npolgdet.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Lost Friends Notifier - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5l8rhokh.default-1409132587171\Extensions\jid1-s0hS918atYzRdw@jetpack.xpi [2014-08-28]
FF Extension: YesScript - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5l8rhokh.default-1409132587171\Extensions\yesscript@userstyles.org.xpi [2014-08-27]
FF Extension: Adblock Plus - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5l8rhokh.default-1409132587171\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-28]
FF HKLM\...\Firefox\Extensions: [ext@flash-Enhancer.com] - C:\Program Files\AmiExt\flashEnhancer\ff
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-20]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-09-17]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-12]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-12] (AVAST Software)
S4 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [20680 2009-03-19] (ESET)
S4 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [731840 2009-03-19] (ESET)
S3 idsvc; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [864256 2007-10-11] (Microsoft Corporation) [File not signed]
S4 NetTcpPortSharing; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [122880 2007-10-11] (Microsoft Corporation) [File not signed]
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AEAudioService; C:\WINDOWS\System32\drivers\AEAudio.sys [127872 2005-03-04] (Andrea Electronics Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-12] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-12] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-12] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-12] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171520 2005-09-24] (Pinnacle Systems GmbH) [File not signed]
R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [13616 2011-11-09] (Marvell Semiconductor Inc.)
R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2011-11-09] (Marvell Semiconductor Inc.) [File not signed]
R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [13616 2011-11-09] (Marvell Semiconductor Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [393088 2005-08-11] (Sensaura)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [15808 2014-06-04] (IObit)
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [230400 2005-03-30] (Marvell)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-29 18:34 - 2014-08-29 18:35 - 00000000 ____D () C:\FRST
2014-08-27 15:48 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-08-27 15:46 - 2014-08-27 15:48 - 00000000 ____D () C:\AdwCleaner
2014-08-27 15:45 - 2014-08-27 15:46 - 01364531 _____ () C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.308.exe
2014-08-27 12:43 - 2014-08-27 12:43 - 00000000 ____D () C:\Program Files\AIMP3
2014-08-27 11:43 - 2014-08-27 11:43 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\Old Firefox Data
2014-08-23 12:16 - 2014-08-27 15:20 - 00000000 ____D () C:\Program Files\Common Files\Chameleon Manager
2014-08-23 12:16 - 2014-08-23 12:52 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Chameleon files
2014-08-22 20:25 - 2014-08-22 20:25 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-20 12:32 - 2014-08-20 12:32 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Bluestacks
2014-08-18 12:27 - 2014-08-18 12:27 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Kiloo Games
2014-08-02 10:35 - 2014-08-29 16:43 - 00003380 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-08-01 22:46 - 2014-08-22 20:08 - 00000000 ____D () C:\Program Files\Stand O Food 2
2014-08-01 22:46 - 2014-08-05 22:00 - 00000000 ____D () C:\WINDOWS\Stand O Food 2
2014-08-01 22:46 - 2014-08-01 22:46 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Gaijin Ent
2014-08-01 13:44 - 2014-08-01 13:44 - 00000000 ____D () C:\WINDOWS\Tasks\TaskDisabled
2014-08-01 12:38 - 2014-08-01 12:38 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2014-08-01 11:58 - 2008-04-13 22:10 - 00005504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\intelide.sys
2014-08-01 11:58 - 2008-04-13 22:10 - 00005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2014-08-01 11:56 - 2014-08-01 11:56 - 01098236 _____ () C:\WINDOWS\system32\nvdrsdb1.bin
2014-08-01 11:56 - 2014-08-01 11:56 - 01098236 _____ () C:\WINDOWS\system32\nvdrsdb0.bin
2014-08-01 11:56 - 2014-08-01 11:56 - 00000001 _____ () C:\WINDOWS\system32\nvdrssel.bin
2014-08-01 11:56 - 2014-08-01 11:56 - 00000000 _____ () C:\WINDOWS\system32\nvdrswr.lk
2014-08-01 11:55 - 2014-08-01 11:54 - 06320128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-08-01 11:55 - 2014-08-01 11:54 - 02289288 _____ () C:\WINDOWS\system32\nvdata.data
2014-08-01 11:55 - 2014-08-01 11:54 - 01024288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3232049.dll
2014-08-01 11:55 - 2014-08-01 11:54 - 00893728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3232049.dll
2014-08-01 11:55 - 2014-08-01 11:54 - 00017134 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-08-01 11:30 - 2014-08-01 11:30 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\ProductData
2014-08-01 11:28 - 2014-08-22 20:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ProductData
2014-08-01 11:28 - 2014-08-16 11:30 - 00000296 _____ () C:\WINDOWS\Tasks\SmartDefrag3_Startup.job
2014-08-01 11:28 - 2014-08-16 11:30 - 00000294 _____ () C:\WINDOWS\Tasks\SmartDefrag3_Update.job
2014-08-01 11:28 - 2014-08-01 11:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-08-01 11:28 - 2014-06-04 15:17 - 00031008 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2014-08-01 11:27 - 2014-08-01 11:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IObit
2014-08-01 11:27 - 2014-06-04 15:17 - 00109856 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2014-08-01 11:26 - 2014-08-01 18:30 - 00000000 ____D () C:\Program Files\IObit
2014-08-01 11:26 - 2014-08-01 11:54 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IObit
2014-08-01 11:26 - 2014-08-01 11:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Smart Defrag 3
2014-08-01 11:26 - 2014-06-04 15:17 - 00015808 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-29 18:35 - 2014-08-29 18:34 - 00000000 ____D () C:\FRST
2014-08-29 18:35 - 2013-09-17 08:36 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2014-08-29 17:48 - 2013-11-24 19:10 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-29 17:29 - 2013-09-17 08:16 - 01241723 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-29 16:43 - 2014-08-02 10:35 - 00003380 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-08-29 14:10 - 2013-09-17 10:11 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-08-29 14:10 - 2013-09-17 10:11 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-08-29 14:10 - 2013-09-17 08:27 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-29 11:58 - 2013-09-17 08:36 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-08-29 11:58 - 2013-09-17 08:27 - 00032434 _____ () C:\WINDOWS\SchedLgU.Txt
2014-08-29 11:57 - 2013-09-17 08:36 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-08-29 10:29 - 2008-04-14 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-27 18:58 - 2014-03-04 12:28 - 00000000 __SHD () C:\WINDOWS\CSC
2014-08-27 15:50 - 2014-04-20 19:36 - 00000378 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-08-27 15:48 - 2014-08-27 15:46 - 00000000 ____D () C:\AdwCleaner
2014-08-27 15:46 - 2014-08-27 15:45 - 01364531 _____ () C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.308.exe
2014-08-27 15:42 - 2013-09-17 10:03 - 00000211 ___SH () C:\boot.ini
2014-08-27 15:42 - 2008-04-14 13:00 - 00000491 _____ () C:\WINDOWS\win.ini
2014-08-27 15:42 - 2008-04-14 13:00 - 00000246 _____ () C:\WINDOWS\system.ini
2014-08-27 15:20 - 2014-08-23 12:16 - 00000000 ____D () C:\Program Files\Common Files\Chameleon Manager
2014-08-27 14:35 - 2013-10-08 11:03 - 00258560 ___SH () C:\Documents and Settings\Administrator\Desktop\Thumbs.db
2014-08-27 13:07 - 2013-09-17 08:18 - 00316640 _____ () C:\WINDOWS\WMSysPr9.prx
2014-08-27 13:06 - 2014-07-29 12:33 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb
2014-08-27 13:06 - 2014-07-29 12:33 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb
2014-08-27 13:06 - 2013-09-17 10:04 - 00337848 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-27 13:03 - 2014-06-04 13:57 - 00000000 ____D () C:\Program Files\OpenOffice 4
2014-08-27 12:43 - 2014-08-27 12:43 - 00000000 ____D () C:\Program Files\AIMP3
2014-08-27 11:43 - 2014-08-27 11:43 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\Old Firefox Data
2014-08-23 12:52 - 2014-08-23 12:16 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Chameleon files
2014-08-22 20:25 - 2014-08-22 20:25 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-22 20:08 - 2014-08-01 22:46 - 00000000 ____D () C:\Program Files\Stand O Food 2
2014-08-22 20:08 - 2014-07-27 00:55 - 00001010 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1214440339-1644491937-500UA.job
2014-08-22 20:08 - 2014-07-27 00:55 - 00000958 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1214440339-1644491937-500Core.job
2014-08-22 20:07 - 2014-08-01 11:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ProductData
2014-08-20 12:32 - 2014-08-20 12:32 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Bluestacks
2014-08-18 12:27 - 2014-08-18 12:27 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Kiloo Games
2014-08-16 15:05 - 2013-11-24 19:10 - 00699568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-08-16 15:05 - 2013-11-24 19:10 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-08-16 11:30 - 2014-08-01 11:28 - 00000296 _____ () C:\WINDOWS\Tasks\SmartDefrag3_Startup.job
2014-08-16 11:30 - 2014-08-01 11:28 - 00000294 _____ () C:\WINDOWS\Tasks\SmartDefrag3_Update.job
2014-08-15 11:10 - 2013-09-18 11:49 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Skype
2014-08-14 13:34 - 2014-01-22 12:44 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-14 13:25 - 2011-11-09 15:12 - 96303304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt.exe
2014-08-14 13:24 - 2014-07-18 14:30 - 00000000 ____D () C:\Program Files\Operation Mania
2014-08-14 13:22 - 2014-06-15 11:55 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\Unused Desktop Shortcuts
2014-08-07 15:47 - 2013-10-29 21:00 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-05 22:00 - 2014-08-01 22:46 - 00000000 ____D () C:\WINDOWS\Stand O Food 2
2014-08-05 21:59 - 2013-12-12 15:27 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Преузимања
2014-08-02 00:04 - 2013-10-23 18:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TEMP
2014-08-01 22:46 - 2014-08-01 22:46 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Gaijin Ent
2014-08-01 18:30 - 2014-08-01 11:26 - 00000000 ____D () C:\Program Files\IObit
2014-08-01 13:44 - 2014-08-01 13:44 - 00000000 ____D () C:\WINDOWS\Tasks\TaskDisabled
2014-08-01 12:38 - 2014-08-01 12:38 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2014-08-01 12:04 - 2013-09-17 08:52 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-08-01 11:56 - 2014-08-01 11:56 - 01098236 _____ () C:\WINDOWS\system32\nvdrsdb1.bin
2014-08-01 11:56 - 2014-08-01 11:56 - 01098236 _____ () C:\WINDOWS\system32\nvdrsdb0.bin
2014-08-01 11:56 - 2014-08-01 11:56 - 00000001 _____ () C:\WINDOWS\system32\nvdrssel.bin
2014-08-01 11:56 - 2014-08-01 11:56 - 00000000 _____ () C:\WINDOWS\system32\nvdrswr.lk
2014-08-01 11:56 - 2013-09-17 18:47 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-01 11:54 - 2014-08-01 11:55 - 06320128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-08-01 11:54 - 2014-08-01 11:55 - 02289288 _____ () C:\WINDOWS\system32\nvdata.data
2014-08-01 11:54 - 2014-08-01 11:55 - 01024288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3232049.dll
2014-08-01 11:54 - 2014-08-01 11:55 - 00893728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3232049.dll
2014-08-01 11:54 - 2014-08-01 11:55 - 00017134 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-08-01 11:54 - 2014-08-01 11:26 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IObit
2014-08-01 11:54 - 2013-09-17 18:46 - 20197376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglnt.dll
2014-08-01 11:54 - 2013-09-17 18:46 - 17551360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-08-01 11:54 - 2013-09-17 18:46 - 10973504 ____C (NVIDIA Corporation) C:\WINDOWS\system32\dllcache\nv4_mini.sys
2014-08-01 11:54 - 2013-09-17 18:46 - 10973504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nv4_mini.sys
2014-08-01 11:54 - 2013-09-17 18:46 - 07663616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-08-01 11:54 - 2013-09-17 18:46 - 04014592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv4_disp.dll
2014-08-01 11:54 - 2013-09-17 18:46 - 02783008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-08-01 11:54 - 2013-09-17 18:46 - 02548736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2014-08-01 11:54 - 2013-09-17 18:46 - 02002720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-08-01 11:46 - 2014-08-01 11:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IObit
2014-08-01 11:30 - 2014-08-01 11:30 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\ProductData
2014-08-01 11:28 - 2014-08-01 11:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-08-01 11:26 - 2014-08-01 11:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Smart Defrag 3
2014-08-01 11:10 - 2014-01-22 15:04 - 00000000 ____D () C:\Program Files\WinRAR
2014-08-01 11:10 - 2014-01-22 15:04 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
2014-08-01 11:10 - 2014-01-22 15:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\WinRAR
2014-08-01 10:39 - 2010-01-11 22:17 - 00271490 _____ () C:\WINDOWS\system32\NvApps.xml

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

SearchScopes: HKCU - {2DBE4039-37A1-4C7B-8C8C-6BFAEF3426B6} URL = http://search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=f4d7dca60000000000000017314523d1&toi=16022&r=906
SearchScopes: HKCU - {4A5C0142-8514-4FA6-8BA1-EE29E1BA678D} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3225826&CUI=UN92668696911274713&UM=1
SearchScopes: HKCU - {A8105727-97B2-4B68-8BA5-57150A17B1B3} URL = http://eseeky.com/ws/?source=728386ab?tbp=rbox&.....7e9&q={searchTerms}
FF HKLM\...\Firefox\Extensions: [ext@flash-Enhancer.com] - C:\Program Files\AmiExt\flashEnhancer\ff
C:\Program Files\AmiExt
AlternateDataStreams: C:\Documents and Settings\Administrator:gs5sys
AlternateDataStreams: C:\Documents and Settings\Administrator\Cookies:gs5sys
AlternateDataStreams: C:\Documents and Settings\Administrator\Desktop:gs5sys
AlternateDataStreams: C:\Documents and Settings\Administrator\Templates:gs5sys
AlternateDataStreams: C:\Documents and Settings\Administrator\Application Data\desktop.ini:gs5sys
AlternateDataStreams: C:\Documents and Settings\Administrator\Local Settings\Application Data:gs5sys
AlternateDataStreams: C:\Documents and Settings\Administrator\Local Settings\History:gs5sys
AlternateDataStreams: C:\Documents and Settings\Administrator\My Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Documents and Settings\All Users\Templates:gs5sys
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\desktop.ini:gs5sys
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:122B409D
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:19C3BC3A
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2CB9631F
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2CDB9CA3
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:7F4DB476
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DBC416F8
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:E412AAF2
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:EC7C9796


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum




Arrow Korak 2

Imaš ostatke, ESET antivirusnog programa na sistemu. Isptati ovo uputstvo za njihovo uklanjanje:
http://kb.eset.com/esetkb/index?page=content&id=SOLN2289#win_vist_un

Uputstvo za ulazak u Safe Mode se nalazi ovdje:
http://www.mycity.rs/MyCity-Laboratorija/Kako-uci-u-Safe-Mode-2.html

offline
  • Pridružio: 26 Mar 2013
  • Poruke: 33
  • Gde živiš: Valjevo

Napisano: 29 Avg 2014 19:10

Kad sam pokusala da popravim izaslo mi da Fixlist.txt nije pronadjen i da bi trebao da bude u istom folderu gde se alat nalazi.

Dopuna: 29 Avg 2014 19:15

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

OK. Sada pokušaj da ispratiš uputstvo za uklanjanje ostataka ESET AV programa.

offline
  • Pridružio: 26 Mar 2013
  • Poruke: 33
  • Gde živiš: Valjevo

OK. Da li da kliknem safe mode sa konekcijom na internet?

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Možeš izabrati tu opciju ako želiš.

offline
  • Pridružio: 26 Mar 2013
  • Poruke: 33
  • Gde živiš: Valjevo

Ok hvala puno! Smile

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kada to završiš, pokreni Windows u normalnom režimu rada i psotavi mi novi FRST izvještaj.

offline
  • Pridružio: 26 Mar 2013
  • Poruke: 33
  • Gde živiš: Valjevo

Napisano: 29 Avg 2014 19:39

Evo pokusala sam da radim po upustvu i cim krenem da kucam meni se zatvori prozor

Dopuna: 29 Avg 2014 19:46

Evo sta mi se pojavi
mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Treba da pristisneš "Y" kada ti napiše "Are you really sure to continue? (y/n):". Ako "Y" ne radi onda pritisni "Z".

Ko je trenutno na forumu
 

Ukupno su 1092 korisnika na forumu :: 18 registrovanih, 4 sakrivenih i 1070 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: ccoogg123, cenejac111, darkojbn, hyla, ikan, Istman, jukeboxer, ladro, lord sir giga, Mendonca, Mi lao shu, Milan A. Nikolic, Oscar2, procesor, Skywhaler, SlaKoj, Tvrtko I, voja64