MyCity » Ambulanta -> Arhiva Ambulante » Gasi se mali Acer

Gasi se mali Acer

Napisano na dan: 4.1.2016

Strana:
1
2

Gasi se mali Acer

Sledeća strana

Pagination

Odgovori

Strana:
1
2

rennsport Poslao: 04 Jan 2016 19:06 Idi na vrh
offline rennsport Građanin Pridružio: 01 Sep 2007 Poruke: 137	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 04 Jan 2016 18:45 Odjednom u toku rada se ugasi,ne restartuje se vec se ugasi. Poceo sam da pratim temperaturu da vidim jel zbog toga,al jos uvek nisam siguran jer se nekad ugasi i na oko 70 stepeni.Reklo bi se da mu ventilator ne radi,jer se ne cuje a temp polako samo raste. Ne znam jos jel moguce ako se preoptereti posto on ima samo giga rama. Jel moguce nesto trece Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-12-2015 Ran by vasilija (administrator) on VASILIJA-PC (04-01-2016 18:40:52) Running from C:\Users\vasilija\Desktop Loaded Profiles: vasilija (Available Profiles: vasilija & test) Platform: Microsoft Windows 7 Ultimate (X86) Language: English (United States) Internet Explorer Version 8 (Default browser not detected!) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe (Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe (ClientConnect Ltd.) C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe () C:\Program Files\T-Mobile Internet Manager\AssistantServices.exe () C:\Program Files\ASP\AdvancedSystemProtector.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Program Files\T-Mobile Internet Manager\UIExec.exe (Visicom Media Inc. (Powered by Panda Security)) C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (iMesh, Inc) C:\Program Files\iMesh Applications\Mediabar\Datamngr\datamngrUI.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Ask) C:\Program Files\Ask.com\Updater\Updater.exe (ooVoo LLC) C:\Program Files\ooVoo\ooVoo.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (CPUID) C:\Program Files\CPUID\PC Wizard 2012\pcwizard.dll (Google Inc.) C:\Users\vasilija\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\vasilija\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\vasilija\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\vasilija\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\vasilija\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576 2011-02-11] (Realtek Semiconductor) HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1812264 2010-11-12] (ELAN Microelectronics Corp.) HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2014-01-22] (AVAST Software) HKLM\...\Run: [UIExec] => C:\Program Files\T-Mobile Internet Manager\UIExec.exe [136328 2010-03-02] () HKLM\...\Run: [Anti-phishing Domain Advisor] => C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [217256 2012-05-03] (Visicom Media Inc. (Powered by Panda Security)) HKLM\...\Run: [DATAMNGR] => C:\Program Files\iMesh Applications\Mediabar\Datamngr\datamngrUI.exe [1898960 2012-09-20] (iMesh, Inc) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM\...\Run: [ApnUpdater] => C:\Program Files\Ask.com\Updater\Updater.exe [1646216 2013-01-24] (Ask) HKLM\...\Run: [] => [X] HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\Run: [Google Update] => C:\Users\vasilija\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2016-01-03] (Google Inc.) HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\Run: [ooVoo.exe] => C:\Program Files\ooVoo\oovoo.exe [22465104 2012-02-07] (ooVoo LLC) HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\Run: [Facebook Update] => C:\Users\vasilija\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-27] (Facebook Inc.) HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: D - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {0b3ee111-6468-11e1-a74a-e89a8fe846b6} - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {20706f29-5e77-11e1-b200-e89a8fe846b6} - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {20706f53-5e77-11e1-b200-e89a8fe846b6} - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {4f87e4cc-83c4-11e1-9ebf-e89a8fe846b6} - D:\AutoRun.exe AppInit_DLLs: C:\PROGRA~1\IMESHA~1\Mediabar\Datamngr\datamngr.dll => C:\Program Files\iMesh Applications\Mediabar\Datamngr\datamngr.dll [1747408 2012-09-20] (iMesh, Inc) AppInit_DLLs: C:\PROGRA~1\IMESHA~1\Mediabar\Datamngr\IEBHO.dll => C:\Program Files\iMesh Applications\Mediabar\Datamngr\IEBHO.dll [1185192 2012-09-20] (iMesh, Inc) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-01-22] (AVAST Software) CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{51027081-28E7-4803-88F8-E9906617CA46}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] URLSearchHook: HKLM - Mario Forever Toolbar - {707db484-2428-402d-afb5-d85b387544c7} - C:\Users\vasilija\AppData\LocalLow\Mario_Forever\prxtbMar0.dll (ClientConnect Ltd.) URLSearchHook: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) URLSearchHook: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 - Mario Forever Toolbar - {707db484-2428-402d-afb5-d85b387544c7} - C:\Users\vasilija\AppData\LocalLow\Mario_Forever\prxtbMar0.dll (ClientConnect Ltd.) SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT2247187 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT2247187 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}?babsrc=SP_ss&affID=101292&mntrId=56b671e100000000000078929c6c1650 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {8C41F12B-CD63-4BF0-A552-FCC36034CF60} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&locale=&apn_ptnrs=^WZ&apn_dtid=^YYYYYY^YY^RS&apn_uid=446aa9cc-40e6-4616-a6b8-09e1b5e2e265&apn_sauid=110558C8-42A8-4651-9B2B-FBC20E2A51E0 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT2247187 BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated) BHO: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14] (Babylon BHO) BHO: Mario Forever Toolbar -> {707db484-2428-402d-afb5-d85b387544c7} -> C:\Users\vasilija\AppData\LocalLow\Mario_Forever\prxtbMar0.dll [2014-03-26] (ClientConnect Ltd.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-14] (Oracle Corporation) BHO: blekko search bar -> {8769adce-dba5-48e9-afb5-67b12cdf2e61} -> C:\Program Files\blekkotb_031\blekkotb_019X.dll [2012-06-29] () BHO: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-22] (AVAST Software) BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.) BHO: DataMngr -> {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} -> C:\Program Files\iMesh Applications\Mediabar\Datamngr\BrowserConnection.dll [2012-09-20] (iMesh, Inc) BHO: Search-Results Toolbar -> {bff6b2ca-366c-4a90-b685-d87776deb0d2} -> C:\Program Files\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll [2012-09-06] (APN LLC) BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-01-24] (Ask) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-14] (Oracle Corporation) Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-22] (AVAST Software) Toolbar: HKLM - Mario Forever Toolbar - {707db484-2428-402d-afb5-d85b387544c7} - C:\Users\vasilija\AppData\LocalLow\Mario_Forever\prxtbMar0.dll [2014-03-26] (ClientConnect Ltd.) Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14] (Babylon Ltd.) Toolbar: HKLM - blekko search bar - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files\blekkotb_031\blekkotb_019X.dll [2012-06-29] () Toolbar: HKLM - Search-Results Toolbar - {bff6b2ca-366c-4a90-b685-d87776deb0d2} - C:\Program Files\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll [2012-09-06] (APN LLC) Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-01-24] (Ask) Toolbar: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> Mario Forever Toolbar - {707DB484-2428-402D-AFB5-D85B387544C7} - C:\Users\vasilija\AppData\LocalLow\Mario_Forever\prxtbMar0.dll [2014-03-26] (ClientConnect Ltd.) Toolbar: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-01-24] (Ask) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2012-02-23] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll [2013-01-14] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.11.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-01-14] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-03] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-03] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2946554868-1151644839-2587055040-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\vasilija\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-2946554868-1151644839-2587055040-1000: @tools.google.com/Google Update;version=3 -> C:\Users\vasilija\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-03] (Google Inc.) FF Plugin HKU\S-1-5-21-2946554868-1151644839-2587055040-1000: @tools.google.com/Google Update;version=9 -> C:\Users\vasilija\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-03] (Google Inc.) FF Plugin HKU\S-1-5-21-2946554868-1151644839-2587055040-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\vasilija\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-08-20] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-09-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2011-10-26] (Nullsoft, Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-04-04] FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\search.xml [2012-07-22] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-02-23] [not signed] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-04] [not signed] FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile Internet Manager\addon FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile Internet Manager\addon [2012-02-25] [not signed] Chrome: ======= CHR Plugin: (Native Client) - C:\Users\vasilija\AppData\Local\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File CHR Plugin: (Chrome PDF Viewer) - C:\Users\vasilija\AppData\Local\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File CHR Plugin: (Shockwave Flash) - C:\Users\vasilija\AppData\Local\Google\Chrome\Application\47.0.2526.106\gcswf32.dll => No File CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.) CHR Plugin: (Google Update) - C:\Users\vasilija\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File CHR Profile: C:\Users\vasilija\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Mario Forever) - C:\Users\vasilija\AppData\Local\Google\Chrome\User Data\Default\Extensions\jllpjckabhalgdienlngoikeehalibei [2016-01-03] [UpdateUrl: [Link mogu videti samo ulogovani korisnici] <==== ATTENTION CHR Extension: (Skype) - C:\Users\vasilija\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-04] CHR Extension: (Chrome Web Store Payments) - C:\Users\vasilija\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-03] CHR HKLM\...\Chrome\Extension: [jllpjckabhalgdienlngoikeehalibei] - C:\Users\vasilija\AppData\Local\CRE\jllpjckabhalgdienlngoikeehalibei.crx [2012-04-03] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17] CHR HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jllpjckabhalgdienlngoikeehalibei] - C:\Users\vasilija\AppData\Local\CRE\jllpjckabhalgdienlngoikeehalibei.crx [2012-04-03] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2014-01-22] (AVAST Software) R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.) [File not signed] R2 TBSrv; C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe [350496 2014-03-26] (ClientConnect Ltd.) R2 UI Assistant Service; C:\Program Files\T-Mobile Internet Manager\AssistantServices.exe [245384 2010-03-02] () [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [29816 2014-01-22] (AVAST Software) R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [20624 2012-10-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2014-01-22] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2014-01-22] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49376 2014-01-22] () R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [770344 2014-01-22] (AVAST Software) R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [369584 2014-01-22] (AVAST Software) R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2014-01-22] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [175176 2014-01-22] () U0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [22528 2010-02-10] (Bytemobile, Inc.) [File not signed] R3 cpuz135; C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys [24880 2012-08-11] (CPUID) R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [116008 2010-11-12] (ELAN Microelectronics Corp.) R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7435264 2011-01-04] (Intel Corporation) R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [252520 2011-03-07] (Realtek Semiconductor Corp.) U5 aswMon2; C:\Windows\System32\Drivers\aswMon2.sys [110920 2014-01-22] (AVAST Software) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-04 18:40 - 2016-01-04 18:41 - 00020186 _____ C:\Users\vasilija\Desktop\FRST.txt 2016-01-04 18:26 - 2016-01-04 18:40 - 00000000 ____D C:\FRST 2016-01-04 18:25 - 2016-01-04 18:25 - 01721856 _____ (Farbar) C:\Users\vasilija\Desktop\FRST.exe 2016-01-04 12:37 - 2016-01-04 12:37 - 00000000 ____D C:\Users\test\AppData\LocalLow\Sun 2016-01-04 12:33 - 2016-01-04 12:33 - 00000000 ____D C:\Users\test\AppData\LocalLow\imeshtoolbar2 2016-01-04 12:32 - 2016-01-04 12:32 - 00000000 ____D C:\Users\test\AppData\Roaming\Adobe 2016-01-04 12:32 - 2016-01-04 12:32 - 00000000 ____D C:\Users\test\AppData\LocalLow\AskToolbar 2016-01-04 12:31 - 2016-01-04 12:31 - 00062696 _____ C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT 2016-01-04 12:31 - 2016-01-04 12:31 - 00000000 ____D C:\Users\test\AppData\Local\blekkotb_031 2016-01-04 12:30 - 2016-01-04 12:30 - 00001419 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-01-04 12:29 - 2016-01-04 12:29 - 00000000 ____D C:\Users\test\AppData\Local\VirtualStore 2016-01-04 12:28 - 2016-01-04 12:30 - 00000000 ____D C:\Users\test 2016-01-04 12:28 - 2016-01-04 12:28 - 00000020 ___SH C:\Users\test\ntuser.ini 2016-01-04 12:28 - 2016-01-04 12:28 - 00000000 _SHDL C:\Users\test\My Documents 2016-01-04 12:28 - 2016-01-04 12:28 - 00000000 _SHDL C:\Users\test\Documents\My Videos 2016-01-04 12:28 - 2016-01-04 12:28 - 00000000 _SHDL C:\Users\test\Documents\My Pictures 2016-01-04 12:28 - 2016-01-04 12:28 - 00000000 _SHDL C:\Users\test\Documents\My Music 2016-01-04 12:28 - 2009-07-14 08:48 - 00000000 ____D C:\Users\test\AppData\Roaming\Media Center Programs 2016-01-04 02:19 - 2014-01-22 15:52 - 00110920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmon2.sys 2016-01-04 02:19 - 2014-01-22 15:52 - 00102936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmon.sys 2016-01-04 02:19 - 2014-01-22 15:52 - 00025696 _____ (AVAST Software) C:\Windows\system32\Drivers\aavmker4.sys 2016-01-04 01:52 - 2016-01-04 01:52 - 00000000 ____D C:\Program Files\Tbccint 2016-01-04 01:45 - 2016-01-04 01:45 - 00000000 ____D C:\Users\vasilija\AppData\Roaming\Systweak 2016-01-04 01:44 - 2016-01-04 01:44 - 00001005 _____ C:\Users\Public\Desktop\Advanced System~Protector.lnk 2016-01-04 01:44 - 2016-01-04 01:44 - 00000000 ____D C:\Users\vasilija\AppData\Local\Systweak 2016-01-04 01:44 - 2016-01-04 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector 2016-01-04 01:43 - 2016-01-04 01:45 - 00000000 ____D C:\Program Files\ASP ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-04 18:28 - 2009-07-14 05:34 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-01-04 18:28 - 2009-07-14 05:34 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-01-04 18:26 - 2009-07-14 03:37 - 00000000 ____D C:\Windows 2016-01-04 18:17 - 2012-08-17 19:19 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-04 18:16 - 2012-02-23 22:54 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-04 18:16 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf 2016-01-04 18:10 - 2012-08-17 19:19 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-04 18:10 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-04 13:53 - 2012-02-23 23:40 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946554868-1151644839-2587055040-1000UA.job 2016-01-04 13:32 - 2012-02-23 23:40 - 00000000 ____D C:\Users\vasilija\AppData\Local\Google 2016-01-04 12:51 - 2012-08-27 14:46 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2946554868-1151644839-2587055040-1000UA.job 2016-01-04 02:12 - 2012-02-23 22:56 - 00000000 ____D C:\ProgramData\AVAST Software 2016-01-04 02:10 - 2009-07-14 03:04 - 00002577 _____ C:\Windows\system32\config.nt 2016-01-04 01:52 - 2012-04-04 03:43 - 00000000 ____D C:\Users\vasilija\AppData\Local\Conduit 2016-01-04 01:50 - 2012-04-04 03:43 - 00000000 ____D C:\Users\vasilija\AppData\LocalLow\Mario_Forever 2016-01-04 01:49 - 2012-04-04 03:43 - 00000000 ____D C:\Users\vasilija\AppData\LocalLow\Conduit 2016-01-04 01:48 - 2012-04-04 03:45 - 00000000 ____D C:\Users\vasilija\AppData\LocalLow\PriceGong 2016-01-04 01:47 - 2013-04-02 19:35 - 00000000 ____D C:\ProgramData\Systweak 2016-01-04 01:46 - 2012-10-09 17:43 - 00000000 ____D C:\Users\vasilija\AppData\LocalLow\DataMngr 2016-01-03 20:45 - 2012-08-27 14:46 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2946554868-1151644839-2587055040-1000Core.job 2016-01-03 13:56 - 2012-02-23 23:43 - 00002390 _____ C:\Users\vasilija\Desktop\Google Chrome.lnk 2016-01-03 13:48 - 2012-02-23 23:40 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946554868-1151644839-2587055040-1000Core.job ==================== Files in the root of some directories ======= 2012-04-15 11:09 - 2013-05-10 10:13 - 0047104 _____ () C:\Users\vasilija\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Some files in TEMP: ==================== C:\Users\vasilija\AppData\Local\Temp\.exe C:\Users\vasilija\AppData\Local\Temp\672D.exe C:\Users\vasilija\AppData\Local\Temp\ApnStub.exe C:\Users\vasilija\AppData\Local\Temp\DataCard_Setup.exe C:\Users\vasilija\AppData\Local\Temp\iMesh_setup.exe C:\Users\vasilija\AppData\Local\Temp\Installhelper.dll C:\Users\vasilija\AppData\Local\Temp\ResetDevice.exe C:\Users\vasilija\AppData\Local\Temp\SkypeSetup.exe C:\Users\vasilija\AppData\Local\Temp\SRAssetsHelper.dll C:\Users\vasilija\AppData\Local\Temp\_is9AC8.exe C:\Users\vasilija\AppData\Local\Temp\_isD854.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-01-03 14:21 ==================== End of FRST.txt ============================ Dopuna: 04 Jan 2016 18:47 [Link mogu videti samo ulogovani korisnici] Dopuna: 04 Jan 2016 18:55 ps Od kad se upali njemu stoji memory na oko 700+mb a RAM je od 1GB.Sad dal je normalno da je od samog startovanja on toliko opterecen jer je mali ili ga neki programi muce Dopuna: 04 Jan 2016 19:06 Radi se o malom Acer ASPIRE ONE laptopu ili NOTEBOOKU

Profil

Sass Drake Poslao: 04 Jan 2016 20:10 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 04 Jan 2016 20:08 S obzirom da je najvjerovatnije u pitanju pregrevanje i da se zbog toga gasi laptop savjetujem ti da isti očistiš od prašine. Ako ne znaš sam da rastaviš laptop preporučujem ti da isti odneseš u servis da ga očiste od prašine. Kada to uradiš iako to riješi problem sa gašenjem vrati se ovdje da uklonimo neke nepoželjne aplikacije. Dopuna: 04 Jan 2016 20:10 I ak oje ikako moguće, dodaj u njega još barem 1GiB RAM-a.

Profil

rennsport Poslao: 05 Jan 2016 15:43 Idi na vrh
offline rennsport Građanin Pridružio: 01 Sep 2007 Poruke: 137	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 05 Jan 2016 15:41 Evo odradio ciscenje prasine i za sad je ok. Ocemo sad ciscenje od nepozeljnih programa? Dopuna: 05 Jan 2016 15:43 ...ipak mu treba neko vreme da ne koci kad se upali,pa ako mozemo i to sredit da bude malo sveziji od pocetka

Profil

Sass Drake Poslao: 05 Jan 2016 16:11 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe. Ako neki odbije deinstalaciju preskoči ga i pređi na sljedeći. Ask Toolbar Ask Toolbar Updater Babylon toolbar on IE blekko search bar iMesh Mario Forever Toolbar Search-Results Toolbar Ponovo pokreni FRST, označi opciju Addition.txt i postavi mi nove izvještaje.

Profil

rennsport Poslao: 05 Jan 2016 19:31 Idi na vrh
offline rennsport Građanin Pridružio: 01 Sep 2007 Poruke: 137	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-12-2015 Ran by vasilija (administrator) on VASILIJA-PC (05-01-2016 19:22:10) Running from C:\Users\vasilija\Desktop Loaded Profiles: vasilija (Available Profiles: vasilija & test) Platform: Microsoft Windows 7 Ultimate (X86) Language: English (United States) Internet Explorer Version 8 (Default browser not detected!) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe (Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe (ClientConnect Ltd.) C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe () C:\Program Files\T-Mobile Internet Manager\AssistantServices.exe () C:\Program Files\ASP\AdvancedSystemProtector.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Program Files\T-Mobile Internet Manager\UIExec.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Visicom Media Inc. (Powered by Panda Security)) C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (ooVoo LLC) C:\Program Files\ooVoo\ooVoo.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (CPUID) C:\Program Files\CPUID\PC Wizard 2012\pcwizard.dll (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576 2011-02-11] (Realtek Semiconductor) HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1812264 2010-11-12] (ELAN Microelectronics Corp.) HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2014-01-22] (AVAST Software) HKLM\...\Run: [UIExec] => C:\Program Files\T-Mobile Internet Manager\UIExec.exe [136328 2010-03-02] () HKLM\...\Run: [Anti-phishing Domain Advisor] => C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [217256 2012-05-03] (Visicom Media Inc. (Powered by Panda Security)) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM\...\RunOnce: [removeiMeshdatamngr] => cmd.exe /c RD /S /Q "C:\Program Files\iMesh Applications\Mediabar" HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\Run: [Google Update] => C:\Users\vasilija\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2016-01-03] (Google Inc.) HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\Run: [ooVoo.exe] => C:\Program Files\ooVoo\oovoo.exe [22465104 2012-02-07] (ooVoo LLC) HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\Run: [Facebook Update] => C:\Users\vasilija\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-27] (Facebook Inc.) HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: D - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {0b3ee111-6468-11e1-a74a-e89a8fe846b6} - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {20706f29-5e77-11e1-b200-e89a8fe846b6} - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {20706f53-5e77-11e1-b200-e89a8fe846b6} - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {4f87e4cc-83c4-11e1-9ebf-e89a8fe846b6} - D:\AutoRun.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-01-22] (AVAST Software) CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{51027081-28E7-4803-88F8-E9906617CA46}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT2247187 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT2247187 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}?babsrc=SP_ss&affID=101292&mntrId=56b671e100000000000078929c6c1650 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {8C41F12B-CD63-4BF0-A552-FCC36034CF60} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&locale=&apn_ptnrs=^WZ&apn_dtid=^YYYYYY^YY^RS&apn_uid=446aa9cc-40e6-4616-a6b8-09e1b5e2e265&apn_sauid=110558C8-42A8-4651-9B2B-FBC20E2A51E0 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT2247187 BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-14] (Oracle Corporation) BHO: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-22] (AVAST Software) BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-14] (Oracle Corporation) Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-22] (AVAST Software) Toolbar: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2012-02-23] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll [2013-01-14] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.11.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-01-14] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-03] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-03] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2946554868-1151644839-2587055040-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\vasilija\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-2946554868-1151644839-2587055040-1000: @tools.google.com/Google Update;version=3 -> C:\Users\vasilija\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-03] (Google Inc.) FF Plugin HKU\S-1-5-21-2946554868-1151644839-2587055040-1000: @tools.google.com/Google Update;version=9 -> C:\Users\vasilija\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-03] (Google Inc.) FF Plugin HKU\S-1-5-21-2946554868-1151644839-2587055040-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\vasilija\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-08-20] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-09-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2011-10-26] (Nullsoft, Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-04-04] FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\search.xml [2012-07-22] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-02-23] [not signed] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-04] [not signed] FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile Internet Manager\addon FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile Internet Manager\addon [2012-02-25] [not signed] Chrome: ======= CHR Plugin: (Native Client) - C:\Users\vasilija\AppData\Local\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File CHR Plugin: (Chrome PDF Viewer) - C:\Users\vasilija\AppData\Local\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File CHR Plugin: (Shockwave Flash) - C:\Users\vasilija\AppData\Local\Google\Chrome\Application\47.0.2526.106\gcswf32.dll => No File CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.) CHR Plugin: (Google Update) - C:\Users\vasilija\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File CHR Profile: C:\Users\vasilija\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Mario Forever) - C:\Users\vasilija\AppData\Local\Google\Chrome\User Data\Default\Extensions\jllpjckabhalgdienlngoikeehalibei [2016-01-03] [UpdateUrl: [Link mogu videti samo ulogovani korisnici] <==== ATTENTION CHR Extension: (Chrome Web Store Payments) - C:\Users\vasilija\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-03] CHR HKLM\...\Chrome\Extension: [jllpjckabhalgdienlngoikeehalibei] - C:\Users\vasilija\AppData\Local\CRE\jllpjckabhalgdienlngoikeehalibei.crx [2012-04-03] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17] CHR HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jllpjckabhalgdienlngoikeehalibei] - C:\Users\vasilija\AppData\Local\CRE\jllpjckabhalgdienlngoikeehalibei.crx [2012-04-03] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2014-01-22] (AVAST Software) R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.) [File not signed] R2 TBSrv; C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe [350496 2014-03-26] (ClientConnect Ltd.) R2 UI Assistant Service; C:\Program Files\T-Mobile Internet Manager\AssistantServices.exe [245384 2010-03-02] () [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [29816 2014-01-22] (AVAST Software) R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [20624 2012-10-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2014-01-22] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2014-01-22] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49376 2014-01-22] () R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [770344 2014-01-22] (AVAST Software) R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [369584 2014-01-22] (AVAST Software) R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2014-01-22] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [175176 2014-01-22] () U0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [22528 2010-02-10] (Bytemobile, Inc.) [File not signed] R3 cpuz135; C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys [24880 2012-08-11] (CPUID) R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [116008 2010-11-12] (ELAN Microelectronics Corp.) R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7435264 2011-01-04] (Intel Corporation) R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [252520 2011-03-07] (Realtek Semiconductor Corp.) U5 aswMon2; C:\Windows\System32\Drivers\aswMon2.sys [110920 2014-01-22] (AVAST Software) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-05 19:04 - 2016-01-05 19:04 - 00000000 ____D C:\Windows\system32\appmgmt 2016-01-04 18:48 - 2016-01-04 18:48 - 00032404 _____ C:\Users\vasilija\Desktop\69251_15183446_Addition.txt 2016-01-04 18:42 - 2016-01-04 18:44 - 00032404 _____ C:\Users\vasilija\Desktop\Addition.txt 2016-01-04 18:40 - 2016-01-05 19:22 - 00016409 _____ C:\Users\vasilija\Desktop\FRST.txt 2016-01-04 18:26 - 2016-01-05 19:22 - 00000000 ____D C:\FRST 2016-01-04 18:25 - 2016-01-04 18:25 - 01721856 _____ (Farbar) C:\Users\vasilija\Desktop\FRST.exe 2016-01-04 12:37 - 2016-01-04 12:37 - 00000000 ____D C:\Users\test\AppData\LocalLow\Sun 2016-01-04 12:33 - 2016-01-04 12:33 - 00000000 ____D C:\Users\test\AppData\LocalLow\imeshtoolbar2 2016-01-04 12:32 - 2016-01-04 12:32 - 00000000 ____D C:\Users\test\AppData\Roaming\Adobe 2016-01-04 12:32 - 2016-01-04 12:32 - 00000000 ____D C:\Users\test\AppData\LocalLow\AskToolbar 2016-01-04 12:31 - 2016-01-04 12:31 - 00062696 _____ C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT 2016-01-04 12:31 - 2016-01-04 12:31 - 00000000 ____D C:\Users\test\AppData\Local\blekkotb_031 2016-01-04 12:30 - 2016-01-04 12:30 - 00001419 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-01-04 12:29 - 2016-01-04 12:29 - 00000000 ____D C:\Users\test\AppData\Local\VirtualStore 2016-01-04 12:28 - 2016-01-04 12:30 - 00000000 ____D C:\Users\test 2016-01-04 12:28 - 2016-01-04 12:28 - 00000020 ___SH C:\Users\test\ntuser.ini 2016-01-04 12:28 - 2016-01-04 12:28 - 00000000 _SHDL C:\Users\test\My Documents 2016-01-04 12:28 - 2016-01-04 12:28 - 00000000 _SHDL C:\Users\test\Documents\My Videos 2016-01-04 12:28 - 2016-01-04 12:28 - 00000000 _SHDL C:\Users\test\Documents\My Pictures 2016-01-04 12:28 - 2016-01-04 12:28 - 00000000 _SHDL C:\Users\test\Documents\My Music 2016-01-04 12:28 - 2009-07-14 08:48 - 00000000 ____D C:\Users\test\AppData\Roaming\Media Center Programs 2016-01-04 02:19 - 2014-01-22 15:52 - 00110920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmon2.sys 2016-01-04 02:19 - 2014-01-22 15:52 - 00102936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmon.sys 2016-01-04 02:19 - 2014-01-22 15:52 - 00025696 _____ (AVAST Software) C:\Windows\system32\Drivers\aavmker4.sys 2016-01-04 01:52 - 2016-01-04 01:52 - 00000000 ____D C:\Program Files\Tbccint 2016-01-04 01:45 - 2016-01-04 01:45 - 00000000 ____D C:\Users\vasilija\AppData\Roaming\Systweak 2016-01-04 01:44 - 2016-01-04 01:44 - 00001005 _____ C:\Users\Public\Desktop\Advanced System~Protector.lnk 2016-01-04 01:44 - 2016-01-04 01:44 - 00000000 ____D C:\Users\vasilija\AppData\Local\Systweak 2016-01-04 01:44 - 2016-01-04 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector 2016-01-04 01:43 - 2016-01-04 01:45 - 00000000 ____D C:\Program Files\ASP ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-05 19:20 - 2012-10-09 17:43 - 00000000 ____D C:\Users\vasilija\AppData\LocalLow\DataMngr 2016-01-05 19:19 - 2012-10-09 17:34 - 00000000 ____D C:\Program Files\iMesh Applications 2016-01-05 19:19 - 2012-10-09 17:32 - 00000000 __HDC C:\ProgramData\~0 2016-01-05 19:17 - 2012-08-17 19:19 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-05 19:17 - 2012-02-23 22:54 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-05 19:17 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf 2016-01-05 19:16 - 2012-07-22 14:31 - 00000000 ____D C:\ProgramData\blekko toolbars 2016-01-05 19:12 - 2012-08-17 19:19 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-05 19:12 - 2009-07-14 05:53 - 00032552 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-01-05 19:12 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-05 19:06 - 2012-04-04 03:45 - 00000000 ____D C:\Users\vasilija\AppData\LocalLow\PriceGong 2016-01-05 18:58 - 2012-08-27 14:46 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2946554868-1151644839-2587055040-1000UA.job 2016-01-05 18:57 - 2012-02-23 23:40 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946554868-1151644839-2587055040-1000UA.job 2016-01-05 15:51 - 2012-08-27 14:46 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2946554868-1151644839-2587055040-1000Core.job 2016-01-05 15:25 - 2012-04-15 11:09 - 00047616 _____ C:\Users\vasilija\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-01-04 18:28 - 2009-07-14 05:34 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-01-04 18:28 - 2009-07-14 05:34 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-01-04 18:26 - 2009-07-14 03:37 - 00000000 ____D C:\Windows 2016-01-04 13:32 - 2012-02-23 23:40 - 00000000 ____D C:\Users\vasilija\AppData\Local\Google 2016-01-04 02:12 - 2012-02-23 22:56 - 00000000 ____D C:\ProgramData\AVAST Software 2016-01-04 02:10 - 2009-07-14 03:04 - 00002577 _____ C:\Windows\system32\config.nt 2016-01-04 01:52 - 2012-04-04 03:43 - 00000000 ____D C:\Users\vasilija\AppData\Local\Conduit 2016-01-04 01:49 - 2012-04-04 03:43 - 00000000 ____D C:\Users\vasilija\AppData\LocalLow\Conduit 2016-01-04 01:47 - 2013-04-02 19:35 - 00000000 ____D C:\ProgramData\Systweak 2016-01-03 13:56 - 2012-02-23 23:43 - 00002390 _____ C:\Users\vasilija\Desktop\Google Chrome.lnk 2016-01-03 13:48 - 2012-02-23 23:40 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946554868-1151644839-2587055040-1000Core.job ==================== Files in the root of some directories ======= 2012-04-15 11:09 - 2016-01-05 15:25 - 0047616 _____ () C:\Users\vasilija\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Some files in TEMP: ==================== C:\Users\vasilija\AppData\Local\Temp\.exe C:\Users\vasilija\AppData\Local\Temp\672D.exe C:\Users\vasilija\AppData\Local\Temp\ApnStub.exe C:\Users\vasilija\AppData\Local\Temp\DataCard_Setup.exe C:\Users\vasilija\AppData\Local\Temp\iMesh_setup.exe C:\Users\vasilija\AppData\Local\Temp\Installhelper.dll C:\Users\vasilija\AppData\Local\Temp\ResetDevice.exe C:\Users\vasilija\AppData\Local\Temp\SkypeSetup.exe C:\Users\vasilija\AppData\Local\Temp\SRAssetsHelper.dll C:\Users\vasilija\AppData\Local\Temp\tbMar2.dll C:\Users\vasilija\AppData\Local\Temp\_is9AC8.exe C:\Users\vasilija\AppData\Local\Temp\_isD854.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-01-03 14:21 ==================== End of FRST.txt ============================ [Link mogu videti samo ulogovani korisnici]

Profil

Sass Drake Poslao: 05 Jan 2016 23:50 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Deinstaliraj Advanced-System Protector. Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. CreateRestorePoint: CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?l=dis&o=14737 SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=393&systemid=1&apn_dtid=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=1078800265974044&q={searchTerms} SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=393&systemid=1&apn_dtid=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=1078800265974044&q={searchTerms} SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101292&mntrId=56b671e100000000000078929c6c1650 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://blekko.com/ws/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb_031&u=70961F83F331E0592925A2500C00A064&q={searchTerms} SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {8C41F12B-CD63-4BF0-A552-FCC36034CF60} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=PCW&o=14734&src=crm&q={searchTerms}&locale=&apn_ptnrs=^WZ&apn_dtid=^YYYYYY^YY^RS&apn_uid=446aa9cc-40e6-4616-a6b8-09e1b5e2e265&apn_sauid=110558C8-42A8-4651-9B2B-FBC20E2A51E0 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=393&systemid=1&apn_dtid=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=1078800265974044&q={searchTerms} SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187 CHR Extension: (Mario Forever) - C:\Users\vasilija\AppData\Local\Google\Chrome\User Data\Default\Extensions\jllpjckabhalgdienlngoikeehalibei [2016-01-03] [UpdateUrl: hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT2247187&extensionData=<extension_data>] <==== ATTENTION CHR HKLM\...\Chrome\Extension: [jllpjckabhalgdienlngoikeehalibei] - C:\Users\vasilija\AppData\Local\CRE\jllpjckabhalgdienlngoikeehalibei.crx [2012-04-03] CHR HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jllpjckabhalgdienlngoikeehalibei] - C:\Users\vasilija\AppData\Local\CRE\jllpjckabhalgdienlngoikeehalibei.crx [2012-04-03] R2 TBSrv; C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe [350496 2014-03-26] (ClientConnect Ltd.) CustomCLSID: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000_Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}\InprocServer32 -> C:\Users\vasilija\AppData\Local\Conduit\Community Alerts\Alert.dll (ClientConnect Ltd.) Task: {2C092464-352F-4BB5-8F31-2D00A3EAFE6C} - System32\Tasks\Advanced System~Protector_startup => C:\Program Files\ASP\AdvancedSystemProtector.exe [2015-11-03] () <==== ATTENTION Task: {98B6B9F5-4727-46F9-A7F8-EA4DDCBF3A68} - System32\Tasks\Advanced System~Protector => C:\Program Files\ASP\AspManager.exe [2015-11-03] () FirewallRules: [{7918FF14-0C74-4CE6-8496-06874DAEEEE4}] => (Allow) C:\Program Files\iMesh Applications\iMesh\iMesh.exe FirewallRules: [{AC6C536B-7218-4846-BDF2-674F3A67F183}] => (Allow) C:\Program Files\iMesh Applications\iMesh\iMesh.exe FirewallRules: [TCP Query User{5022081C-A55E-4454-B595-1B64018F1AF3}C:\program files\imesh applications\imesh\imesh.exe] => (Allow) C:\program files\imesh applications\imesh\imesh.exe FirewallRules: [UDP Query User{3BE5F251-AB1E-493B-8135-C18E1F503960}C:\program files\imesh applications\imesh\imesh.exe] => (Allow) C:\program files\imesh applications\imesh\imesh.exe FirewallRules: [{60F92014-CBAC-4891-98A9-E0BA9997F4EE}] => (Allow) C:\Program Files\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\dtUser.exe FirewallRules: [{A4CEB31E-7677-4D03-9760-4B0C7E374478}] => (Allow) C:\Program Files\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\dtUser.exe C:\Program Files\Tbccint C:\Program Files\iMesh Applications C:\Users\vasilija\AppData\Local\CRE C:\Users\test\AppData\LocalLow\imeshtoolbar2 C:\Users\test\AppData\LocalLow\AskToolbar C:\Users\test\AppData\Local\blekkotb_031 C:\Users\vasilija\AppData\LocalLow\DataMngr C:\ProgramData\~0 C:\ProgramData\blekko toolbars C:\Users\vasilija\AppData\LocalLow\PriceGong C:\Users\vasilija\AppData\Local\Conduit C:\Users\vasilija\AppData\LocalLow\Conduit C:\Program Files\ASP HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: D - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {0b3ee111-6468-11e1-a74a-e89a8fe846b6} - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {20706f29-5e77-11e1-b200-e89a8fe846b6} - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {20706f53-5e77-11e1-b200-e89a8fe846b6} - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {4f87e4cc-83c4-11e1-9ebf-e89a8fe846b6} - D:\AutoRun.exe EmptyTemp: U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. U EULA prozoru klikni na I agree. U Options isključi Reset Winsock settings ako je uključen. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Cleaning i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C1].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Profil

rennsport Poslao: 06 Jan 2016 16:26 Idi na vrh
offline rennsport Građanin Pridružio: 01 Sep 2007 Poruke: 137	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 06 Jan 2016 16:13 Fix result of Farbar Recovery Scan Tool (x86) Version:31-12-2015 Ran by vasilija (2016-01-06 15:57:25) Run:1 Running from C:\Users\vasilija\Desktop Loaded Profiles: vasilija (Available Profiles: vasilija & test) Boot Mode: Normal ============================================== fixlist content: *************** CreateRestorePoint: CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT2247187 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT2247187 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}?babsrc=SP_ss&affID=101292&mntrId=56b671e100000000000078929c6c1650 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {8C41F12B-CD63-4BF0-A552-FCC36034CF60} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&locale=&apn_ptnrs=^WZ&apn_dtid=^YYYYYY^YY^RS&apn_uid=446aa9cc-40e6-4616-a6b8-09e1b5e2e265&apn_sauid=110558C8-42A8-4651-9B2B-FBC20E2A51E0 SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT2247187 CHR Extension: (Mario Forever) - C:\Users\vasilija\AppData\Local\Google\Chrome\User Data\Default\Extensions\jllpjckabhalgdienlngoikeehalibei [2016-01-03] [UpdateUrl: [Link mogu videti samo ulogovani korisnici] <==== ATTENTION CHR HKLM\...\Chrome\Extension: [jllpjckabhalgdienlngoikeehalibei] - C:\Users\vasilija\AppData\Local\CRE\jllpjckabhalgdienlngoikeehalibei.crx [2012-04-03] CHR HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jllpjckabhalgdienlngoikeehalibei] - C:\Users\vasilija\AppData\Local\CRE\jllpjckabhalgdienlngoikeehalibei.crx [2012-04-03] R2 TBSrv; C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe [350496 2014-03-26] (ClientConnect Ltd.) CustomCLSID: HKU\S-1-5-21-2946554868-1151644839-2587055040-1000_Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}\InprocServer32 -> C:\Users\vasilija\AppData\Local\Conduit\Community Alerts\Alert.dll (ClientConnect Ltd.) Task: {2C092464-352F-4BB5-8F31-2D00A3EAFE6C} - System32\Tasks\Advanced System~Protector_startup => C:\Program Files\ASP\AdvancedSystemProtector.exe [2015-11-03] () <==== ATTENTION Task: {98B6B9F5-4727-46F9-A7F8-EA4DDCBF3A68} - System32\Tasks\Advanced System~Protector => C:\Program Files\ASP\AspManager.exe [2015-11-03] () FirewallRules: [{7918FF14-0C74-4CE6-8496-06874DAEEEE4}] => (Allow) C:\Program Files\iMesh Applications\iMesh\iMesh.exe FirewallRules: [{AC6C536B-7218-4846-BDF2-674F3A67F183}] => (Allow) C:\Program Files\iMesh Applications\iMesh\iMesh.exe FirewallRules: [TCP Query User{5022081C-A55E-4454-B595-1B64018F1AF3}C:\program files\imesh applications\imesh\imesh.exe] => (Allow) C:\program files\imesh applications\imesh\imesh.exe FirewallRules: [UDP Query User{3BE5F251-AB1E-493B-8135-C18E1F503960}C:\program files\imesh applications\imesh\imesh.exe] => (Allow) C:\program files\imesh applications\imesh\imesh.exe FirewallRules: [{60F92014-CBAC-4891-98A9-E0BA9997F4EE}] => (Allow) C:\Program Files\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\dtUser.exe FirewallRules: [{A4CEB31E-7677-4D03-9760-4B0C7E374478}] => (Allow) C:\Program Files\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\dtUser.exe C:\Program Files\Tbccint C:\Program Files\iMesh Applications C:\Users\vasilija\AppData\Local\CRE C:\Users\test\AppData\LocalLow\imeshtoolbar2 C:\Users\test\AppData\LocalLow\AskToolbar C:\Users\test\AppData\Local\blekkotb_031 C:\Users\vasilija\AppData\LocalLow\DataMngr C:\ProgramData\~0 C:\ProgramData\blekko toolbars C:\Users\vasilija\AppData\LocalLow\PriceGong C:\Users\vasilija\AppData\Local\Conduit C:\Users\vasilija\AppData\LocalLow\Conduit C:\Program Files\ASP HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: D - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {0b3ee111-6468-11e1-a74a-e89a8fe846b6} - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {20706f29-5e77-11e1-b200-e89a8fe846b6} - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {20706f53-5e77-11e1-b200-e89a8fe846b6} - D:\AutoRun.exe HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\...\MountPoints2: {4f87e4cc-83c4-11e1-9ebf-e89a8fe846b6} - D:\AutoRun.exe EmptyTemp: ************* Restore point was successfully created. "HKLM\SOFTWARE\Policies\Google" => key removed successfully. HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}" => key removed successfully. HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} => key not found. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => key removed successfully. HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key not found. HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully. "HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => key removed successfully. HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found. "HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}" => key removed successfully. HKCR\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => key not found. "HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8C41F12B-CD63-4BF0-A552-FCC36034CF60}" => key removed successfully. HKCR\CLSID\{8C41F12B-CD63-4BF0-A552-FCC36034CF60} => key not found. "HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}" => key removed successfully. HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} => key not found. "HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => key removed successfully. HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key not found. C:\Users\vasilija\AppData\Local\Google\Chrome\User Data\Default\Extensions\jllpjckabhalgdienlngoikeehalibei <==== ATTENTION => not found. "HKLM\SOFTWARE\Google\Chrome\Extensions\jllpjckabhalgdienlngoikeehalibei" => key removed successfully. C:\Users\vasilija\AppData\Local\CRE\jllpjckabhalgdienlngoikeehalibei.crx => moved successfully "HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Google\Chrome\Extensions\jllpjckabhalgdienlngoikeehalibei" => key removed successfully. "C:\Users\vasilija\AppData\Local\CRE\jllpjckabhalgdienlngoikeehalibei.crx" => not found. TBSrv => Service stopped successfully. TBSrv => service removed successfully. "HKU\S-1-5-21-2946554868-1151644839-2587055040-1000_Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C092464-352F-4BB5-8F31-2D00A3EAFE6C} => key not found. C:\Windows\System32\Tasks\Advanced System~Protector_startup => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System~Protector_startup => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98B6B9F5-4727-46F9-A7F8-EA4DDCBF3A68} => key not found. C:\Windows\System32\Tasks\Advanced System~Protector => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System~Protector => key not found. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7918FF14-0C74-4CE6-8496-06874DAEEEE4} => value removed successfully. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AC6C536B-7218-4846-BDF2-674F3A67F183} => value removed successfully. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5022081C-A55E-4454-B595-1B64018F1AF3}C:\program files\imesh applications\imesh\imesh.exe => value removed successfully. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3BE5F251-AB1E-493B-8135-C18E1F503960}C:\program files\imesh applications\imesh\imesh.exe => value removed successfully. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60F92014-CBAC-4891-98A9-E0BA9997F4EE} => value removed successfully. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4CEB31E-7677-4D03-9760-4B0C7E374478} => value removed successfully. C:\Program Files\Tbccint => moved successfully C:\Program Files\iMesh Applications => moved successfully C:\Users\vasilija\AppData\Local\CRE => moved successfully C:\Users\test\AppData\LocalLow\imeshtoolbar2 => moved successfully C:\Users\test\AppData\LocalLow\AskToolbar => moved successfully C:\Users\test\AppData\Local\blekkotb_031 => moved successfully C:\Users\vasilija\AppData\LocalLow\DataMngr => moved successfully C:\ProgramData\~0 => moved successfully C:\ProgramData\blekko toolbars => moved successfully C:\Users\vasilija\AppData\LocalLow\PriceGong => moved successfully C:\Users\vasilija\AppData\Local\Conduit => moved successfully C:\Users\vasilija\AppData\LocalLow\Conduit => moved successfully "C:\Program Files\ASP" => not found. "HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D" => key removed successfully. "HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0b3ee111-6468-11e1-a74a-e89a8fe846b6}" => key removed successfully. HKCR\CLSID\{0b3ee111-6468-11e1-a74a-e89a8fe846b6} => key not found. "HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{20706f29-5e77-11e1-b200-e89a8fe846b6}" => key removed successfully. HKCR\CLSID\{20706f29-5e77-11e1-b200-e89a8fe846b6} => key not found. "HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{20706f53-5e77-11e1-b200-e89a8fe846b6}" => key removed successfully. HKCR\CLSID\{20706f53-5e77-11e1-b200-e89a8fe846b6} => key not found. "HKU\S-1-5-21-2946554868-1151644839-2587055040-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f87e4cc-83c4-11e1-9ebf-e89a8fe846b6}" => key removed successfully. HKCR\CLSID\{4f87e4cc-83c4-11e1-9ebf-e89a8fe846b6} => key not found. EmptyTemp: => 1019.5 MB temporary data Removed. The system needed a reboot. ==== End of Fixlog 16:02:59 ==== Vec se vidi razlika,kad se restartovao nije mu mnogo trebalo da bude spreman za rad. Dopuna: 06 Jan 2016 16:26 [Link mogu videti samo ulogovani korisnici]**

Profil

Sass Drake Poslao: 06 Jan 2016 16:31 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da obavimo još jednu provjeru. Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

rennsport Poslao: 06 Jan 2016 22:20 Idi na vrh
offline rennsport Građanin Pridružio: 01 Sep 2007 Poruke: 137	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Malwarebytes Anti-Rootkit BETA 1.9.3.1001 [Link mogu videti samo ulogovani korisnici] Database version: main: v2016.01.06.04 rootkit: v2016.01.05.01 Windows 7 x86 NTFS Internet Explorer 8.0.7600.16385 vasilija :: VASILIJA-PC [administrator] 6.1.2016 17:58:27 mbar-log-2016-01-06 (17-58-27).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 326050 Time elapsed: 28 minute(s), 51 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\vasilija\Desktop\desktop\etype_setuppib.exe (Adware.InstallBrain) -> Delete on reboot. [f17bd95d07928aacecfb85ed14ec7b85] Physical Sectors Detected: 0 (No malicious items detected) (end) [Link mogu videti samo ulogovani korisnici]

Profil

Sass Drake Poslao: 06 Jan 2016 22:30 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: bobo 75 Registruj se da bi pohvalio/la poruku! To bi bilo to. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja. Pozdrav.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Gasi se mali Acer

Ko je trenutno na forumu

Ukupno su 940 korisnika na forumu :: 74 registrovanih, 8 sakrivenih i 858 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 4. Ozrenska, 6aurora9, _stipa_, AndrejPetar, Areal84, bato_banjaluka, boromir, BUDDAR70, celik, cifra, Cigi, cojapop, darkojbn, Desmond, Dimitrise93, djboj, Emanuel Arsenijevič, Gheljda, Goran_, goranjovic, hyla, icemilos, jalos, janezek67, jarovitt, Kalem, Koča, lacko, ladro, Lazarus, Lester Freamon, Lotus, Magnum_956, MarkoD, Mi lao shu, Mig 29, mikidragi, mile.ilic75, Mineral, minmatar34957, mir, mrav pesadinac, nelezele, nevjerna beba, operniki, Orijen, panzerwaffe, Parker, Pero, PO1974, PrincipL, procesor, samo opusteno, septembar, Shadow soldier, Simonsen23, Sky diver 29, Srpska zauvjek, starlights, strn, Su 57, tachinni, Tanasko, tmanda323, Tribal, troki1971, ujke, varda, zafon031, Zeljo980, zlatkoa987, zrno, Zvlade, Đurđevdan

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by