Internet konekcija me zeza

1

Internet konekcija me zeza

offline
  • Pridružio: 24 Avg 2014
  • Poruke: 29

Vec ranije sam imala ovaj problem i Vi ste mi ga rijesili,ali se opet vratio.
Internet konekcija me izbacuje svagog casa,taj problem imam samo na laptopu,na desktop racunaru i telefoni veza je odlicna,nema nikakvih smetnji.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Pozdrav. Potrebno je da ispratiš uputstvo i postaviš tražene izvještaje.

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

offline
  • Pridružio: 24 Avg 2014
  • Poruke: 29

Napisano: 03 Dec 2014 22:20

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
Ran by Vedrana (administrator) on VEDRANA-PC on 03-12-2014 22:06:43
Running from C:\Users\Vedrana\Downloads
Loaded Profile: Vedrana (Available profiles: Vedrana)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
() C:\Users\Vedrana\AppData\Local\Viber\Viber.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-23] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3060248 2014-11-06] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1286541474-720517845-2220903366-1000\...\Run: [Facebook Update] => C:\Users\Vedrana\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-31] (Facebook Inc.)
HKU\S-1-5-21-1286541474-720517845-2220903366-1000\...\Run: [Viber] => C:\Users\Vedrana\AppData\Local\Viber\Viber.exe [936656 2014-09-02] ()
HKU\S-1-5-21-1286541474-720517845-2220903366-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1286541474-720517845-2220903366-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22067296 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1286541474-720517845-2220903366-1000\...\Run: [TornTv Downloader] => C:\Users\Vedrana\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
HKU\S-1-5-21-1286541474-720517845-2220903366-1000\...\Run: [BitTorrent] => C:\Users\Vedrana\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-13] (BitTorrent Inc.)
HKU\S-1-5-21-1286541474-720517845-2220903366-1000\...\Run: [GoogleChromeAutoLaunch_9FDC93BDAC6774F542EDDFA48CFDC112] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-11-25] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Vedrana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Users\Vedrana\AppData\Roaming\TornTV.com\Torntv Downloader.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-1286541474-720517845-2220903366-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = mysearch.avg.com/search?cid={6F4F390F-16FB-4AEB-8C0F-179919DE17B6}&mid=8d8238432eec47d2806c0d47e7f06d7f-e4c03fcff421707c9e35a635eb878c40bcd37fc8&lang=sr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 15:20:25&v=4.0.0.19&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll (AVG)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Vedrana\AppData\Roaming\Mozilla\Firefox\Profiles\vfz3qalt.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: mysearch.avg.com?cid={6F4F390F-16FB-4AEB-8C0F-179919DE17B6}&mid=8d8238432eec47d2806c0d47e7f06d7f-e4c03fcff421707c9e35a635eb878c40bcd37fc8&lang=sr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 15:20:25&v=4.0.0.19&pid=wtu&sg=&sap=hp
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1286541474-720517845-2220903366-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Vedrana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Vedrana\AppData\Roaming\Mozilla\Firefox\Profiles\vfz3qalt.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wtu-secure-search.xml
FF Extension: AVG Web TuneUp - C:\Users\Vedrana\AppData\Roaming\Mozilla\Firefox\Profiles\vfz3qalt.default\Extensions\avg@toolbar [2014-11-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

Chrome:
=======
CHR DefaultSuggestURL: Profile 1 -> toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-21]
CHR Extension: (Google Drive) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-21]
CHR Extension: (YouTube) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-21]
CHR Extension: (Adblock Plus) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-21]
CHR Extension: (Google Search) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-21]
CHR Extension: (Skype Click to Call) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-06-21]
CHR Extension: (Google Wallet) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-21]
CHR Extension: (Gmail) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-21]
CHR Profile: C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Ancient Map) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bjcjaemihddenoopkkhaamlcoliiiain [2014-11-11]
CHR Extension: (AVG Secure Search) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-11-06]
CHR Extension: (Vrijeme) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad [2014-11-06]
CHR Extension: (Skype Click to Call) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-06-22]
CHR Extension: (Ask Search) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [2014-11-23]
CHR Extension: (iLivid) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2014-11-23]
CHR Extension: (Google Novčanik) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2014-06-20] () [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [1849368 2014-11-06] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-11-06] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-04] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [31648 2014-08-24] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
S4 Nunmgrkd; C:\Windows\system32\drivers\wimmount.sys [22096 2009-07-14] (Microsoft Corporation)
S4 Nunmgrkd; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-14] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-03 22:06 - 2014-12-03 22:06 - 02117632 _____ (Farbar) C:\Users\Vedrana\Downloads\FRST64.exe
2014-12-03 22:06 - 2014-12-03 22:06 - 00017667 _____ () C:\Users\Vedrana\Downloads\FRST.txt
2014-12-03 22:06 - 2014-12-03 22:06 - 00000000 ____D () C:\FRST
2014-12-02 22:49 - 2014-12-02 22:49 - 00044015 _____ () C:\Users\Vedrana\Downloads\15736-bang-bang-CD1-2014-srb.rar
2014-12-02 22:49 - 2014-12-02 22:49 - 00013348 _____ () C:\Users\Vedrana\Downloads\16714F3B96137152162FE153E21BCA059C47A92D.torrent
2014-11-27 12:13 - 2014-11-27 12:13 - 00000000 ____D () C:\Users\Vedrana\Desktop\Ruski CD
2014-11-26 10:42 - 2014-11-26 10:42 - 00371712 _____ () C:\Users\Vedrana\Downloads\http---dl.iu-travnik.com-uploads-340-6841-VJEŽBA_BR.1_ISO_14001.ppt
2014-11-26 10:42 - 2014-11-26 10:42 - 00250368 _____ () C:\Users\Vedrana\Downloads\http---dl.iu-travnik.com-uploads-340-6698-Prezentacija_0_Okolinsko_upravljanje_PS_seminarski_rad.ppt
2014-11-06 15:20 - 2014-11-07 16:51 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-11-06 15:20 - 2014-11-06 19:20 - 00000000 ____D () C:\Users\Vedrana\AppData\Local\AVG Web TuneUp
2014-11-06 15:20 - 2014-11-06 15:20 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-11-06 15:20 - 2014-11-06 15:20 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-11-06 15:20 - 2014-11-06 15:20 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-11-06 15:20 - 2014-11-06 15:19 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-03 22:07 - 2014-06-21 00:12 - 01007399 _____ () C:\Windows\WindowsUpdate.log
2014-12-03 22:06 - 2014-06-21 01:00 - 00000000 ____D () C:\Users\Vedrana\AppData\Roaming\Skype
2014-12-03 20:23 - 2014-06-21 00:19 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-03 18:34 - 2014-07-31 23:28 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1286541474-720517845-2220903366-1000UA.job
2014-12-03 18:32 - 2014-08-21 23:37 - 00000000 ____D () C:\Users\Vedrana\AppData\Local\Viber
2014-12-03 17:11 - 2014-06-20 17:31 - 00000000 ____D () C:\Users\Vedrana\AppData\Roaming\BitTorrent
2014-12-03 15:54 - 2014-08-21 23:38 - 00000000 ____D () C:\Users\Vedrana\AppData\Roaming\ViberPC
2014-12-03 15:17 - 2014-06-21 00:48 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-03 15:12 - 2009-07-14 06:13 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-03 15:06 - 2014-09-01 10:41 - 00016184 _____ () C:\Windows\setupact.log
2014-12-03 15:06 - 2014-06-21 00:19 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-03 15:05 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-03 00:33 - 2014-07-31 23:28 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1286541474-720517845-2220903366-1000Core.job
2014-11-27 16:23 - 2014-08-24 15:18 - 00000000 ____D () C:\Users\Vedrana\Desktop\Muzika
2014-11-26 16:00 - 2014-06-21 00:19 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-20 22:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-16 00:17 - 2014-06-21 00:19 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 00:17 - 2014-06-21 00:19 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 10:45 - 2014-10-20 10:28 - 00000977 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-11-14 10:45 - 2014-06-21 00:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-12 13:19 - 2014-06-21 00:52 - 00000000 ___HD () C:\$AVG
2014-11-06 20:48 - 2014-06-28 22:32 - 00000000 ____D () C:\Users\Vedrana\Desktop\DECANSKI ODRED,1913 GOD,FASCIKLA BR 1

Some content of TEMP:
====================
C:\Users\Vedrana\AppData\Local\Temp\utt62C2.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

Dopuna: 03 Dec 2014 22:25

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe:

AVG Web TuneUp



Arrow Korak 2

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3060248 2014-11-06] ()
HKU\S-1-5-21-1286541474-720517845-2220903366-1000\...\Run: [TornTv Downloader] => C:\Users\Vedrana\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
Startup: C:\Users\Vedrana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Users\Vedrana\AppData\Roaming\TornTV.com\Torntv Downloader.exe (No File)
SearchScopes: HKU\S-1-5-21-1286541474-720517845-2220903366-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={6F4F390F-16FB-4AEB-8C0F-179919DE17B6}&mid=8d8238432eec47d2806c0d47e7f06d7f-e4c03fcff421707c9e35a635eb878c40bcd37fc8&lang=sr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 15:20:25&v=4.0.0.19&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll (AVG)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll (AVG Secure Search)
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: https://mysearch.avg.com?cid={6F4F390F-16FB-4AEB-8C0F-179919DE17B6}&mid=8d8238432eec47d2806c0d47e7f06d7f-e4c03fcff421707c9e35a635eb878c40bcd37fc8&lang=sr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 15:20:25&v=4.0.0.19&pid=wtu&sg=&sap=hp
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll No File
FF SearchPlugin: C:\Users\Vedrana\AppData\Roaming\Mozilla\Firefox\Profiles\vfz3qalt.default\searchplugins\avg-secure-search.xml
FF Extension: AVG Web TuneUp - C:\Users\Vedrana\AppData\Roaming\Mozilla\Firefox\Profiles\vfz3qalt.default\Extensions\avg@toolbar [2014-11-06]
CHR DefaultSuggestURL: Profile 1 -> http://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Extension: (AVG Secure Search) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-11-06]
CHR Extension: (Ask Search) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [2014-11-23]
CHR Extension: (iLivid) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2014-11-23]
R2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [1849368 2014-11-06] (AVG Secure Search)
C:\Program Files (x86)\Common Files\AVG Secure Search
C:\Program Files (x86)\AVG Web TuneUp
C:\Users\Vedrana\AppData\Roaming\TornTV.com
C:\ProgramData\AVG Security Toolbar
C:\Users\Vedrana\AppData\Local\AVG Web TuneUp
C:\ProgramData\AVG Web TuneUp
C:\ProgramData\AVG Secure Search
EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).




Arrow Korak 3

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

offline
  • Pridružio: 24 Avg 2014
  • Poruke: 29

Napisano: 04 Dec 2014 12:38

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2014
Ran by Vedrana at 2014-12-04 12:14:17 Run:2
Running from C:\Users\Vedrana\Desktop
Loaded Profile: Vedrana (Available profiles: Vedrana)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3060248 2014-11-06] ()
HKU\S-1-5-21-1286541474-720517845-2220903366-1000\...\Run: [TornTv Downloader] => C:\Users\Vedrana\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
Startup: C:\Users\Vedrana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Users\Vedrana\AppData\Roaming\TornTV.com\Torntv Downloader.exe (No File)
SearchScopes: HKU\S-1-5-21-1286541474-720517845-2220903366-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = mysearch.avg.com/search?cid={6F4F390F-16FB-4AEB-8C0F-179919DE17B6}&mid=8d8238432eec47d2806c0d47e7f06d7f-e4c03fcff421707c9e35a635eb878c40bcd37fc8&lang=sr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 15:20:25&v=4.0.0.19&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll (AVG)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll (AVG Secure Search)
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: mysearch.avg.com?cid={6F4F390F-16FB-4AEB-8C0F-179919DE17B6}&mid=8d8238432eec47d2806c0d47e7f06d7f-e4c03fcff421707c9e35a635eb878c40bcd37fc8&lang=sr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 15:20:25&v=4.0.0.19&pid=wtu&sg=&sap=hp
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll No File
FF SearchPlugin: C:\Users\Vedrana\AppData\Roaming\Mozilla\Firefox\Profiles\vfz3qalt.default\searchplugins\avg-secure-search.xml
FF Extension: AVG Web TuneUp - C:\Users\Vedrana\AppData\Roaming\Mozilla\Firefox\Profiles\vfz3qalt.default\Extensions\avg@toolbar [2014-11-06]
CHR DefaultSuggestURL: Profile 1 -> toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Extension: (AVG Secure Search) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-11-06]
CHR Extension: (Ask Search) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [2014-11-23]
CHR Extension: (iLivid) - C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2014-11-23]
R2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [1849368 2014-11-06] (AVG Secure Search)
C:\Program Files (x86)\Common Files\AVG Secure Search
C:\Program Files (x86)\AVG Web TuneUp
C:\Users\Vedrana\AppData\Roaming\TornTV.com
C:\ProgramData\AVG Security Toolbar
C:\Users\Vedrana\AppData\Local\AVG Web TuneUp
C:\ProgramData\AVG Web TuneUp
C:\ProgramData\AVG Secure Search
EmptyTemp:
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => Value not found.
HKU\S-1-5-21-1286541474-720517845-2220903366-1000\Software\Microsoft\Windows\CurrentVersion\Run\\TornTv Downloader => Value not found.
C:\Users\Vedrana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk not found.
C:\Users\Vedrana\AppData\Roaming\TornTV.com\Torntv Downloader.exe not found.
"HKU\S-1-5-21-1286541474-720517845-2220903366-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\viprotocol" => Key not found.
"HKCR\Wow6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}" => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin" => Key not found.
"C:\Users\Vedrana\AppData\Roaming\Mozilla\Firefox\Profiles\vfz3qalt.default\searchplugins\avg-secure-search.xml" => not found.
C:\Users\Vedrana\AppData\Roaming\Mozilla\Firefox\Profiles\vfz3qalt.default\Extensions\avg@toolbar not found.
Chrome DefaultSuggestURL not detected.
C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chfdnecihphmhljaaejmgoiahnihplgn directory not found.
C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl directory not found.
C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nafaimnnclfjfedmmabolbppcngeolgf directory not found.
vToolbarUpdater18.1.10 => Service not found.
"C:\Program Files (x86)\Common Files\AVG Secure Search" => File/Directory not found.
"C:\Program Files (x86)\AVG Web TuneUp" => File/Directory not found.
"C:\Users\Vedrana\AppData\Roaming\TornTV.com" => File/Directory not found.
"C:\ProgramData\AVG Security Toolbar" => File/Directory not found.
"C:\Users\Vedrana\AppData\Local\AVG Web TuneUp" => File/Directory not found.
"C:\ProgramData\AVG Web TuneUp" => File/Directory not found.
"C:\ProgramData\AVG Secure Search" => File/Directory not found.
EmptyTemp: => Removed 17.1 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

Dopuna: 04 Dec 2014 12:51

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

process;
startupall;
drivers-services-list;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.

offline
  • Pridružio: 24 Avg 2014
  • Poruke: 29

Zoek.exe v5.0.0.0 Updated 03-December-2014
Tool run by Vedrana on Thu 12/04/2014 at 20:59:11.86.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vedrana\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12/4/2014 9:00:24 PM Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Users\Vedrana\AppData\Local\Viber\Viber.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Vedrana\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Services(whitelist) ======================
Powered by E Dev

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\avg2015\avgidsagent.exe
R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\avg2015\avgwdsvc.exe
R2 - [c2cautoupdatesvc] - Skype Click to Call Updater - c:\program files (x86)\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe
R2 - [c2cpnrsvc] - Skype Click to Call PNR Service - c:\program files (x86)\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe
R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe
R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Google Update Service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe
S3 - [Adobe LM Service] - Adobe LM Service - c:\program files (x86)\common files\adobe systems shared\service\adobelmsvc.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe
S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [Microsoft Office Groove Audit Service] - Microsoft Office Groove Audit Service - c:\program files (x86)\microsoft office\office12\grooveauditservice.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [odserv] - Microsoft Office Diagnostics Service - c:\program files (x86)\common files\microsoft shared\office12\odserv.exe
S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [WatAdminSvc] - Windows Activation Technologies Service - c:\windows\system32\wat\watadminsvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe

==== Drivers(whitelist) ======================
Powered by E Dev

R0 - [AVGIDSHA] - AVGIDSHA - C:\Windows\system32\Drivers\AVGIDSHA.sys
R0 - [Avgloga] - AVG Logging Driver - C:\Windows\system32\Drivers\Avgloga.sys
R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\Windows\system32\Drivers\Avgmfx64.sys
R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\Windows\system32\Drivers\Avgrkx64.sys
R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
R3 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys
R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys
R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys
R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys
R0 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys
R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]
R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\Windows\system32\Drivers\Compbatt.sys
R0 - [Disk] - Disk Driver - C:\Windows\system32\Drivers\Disk.sys
R0 - [fvevol] - Bitlocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys
R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
R0 - [iaStorA] - iaStorA - C:\Windows\system32\Drivers\iaStorA.sys
R0 - [iaStorF] - iaStorF - C:\Windows\system32\Drivers\iaStorF.sys
R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys
R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys
R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys
R0 - [nvpciflt] - nvpciflt - C:\Windows\system32\Drivers\nvpciflt.sys
R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys
R0 - [storflt] - Disk Virtual Machine Bus Acceleration Filter Driver - C:\Windows\system32\Drivers\storflt.sys [x]
R0 - [Tcpip] - TCP/IP Protocol Driver - C:\Windows\system32\Drivers\Tcpip.sys
R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys
R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys
R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
R1 - [tdx] - NetIO Legacy TDI Support Driver - C:\Windows\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Vedrana\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Vedrana\AppData\Roaming ======
2014-11-06 14:20:13 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\AVG Web TuneUp
====== C:\Users\Vedrana ======
2014-12-04 11:33:36 CBDDB6C4BCD895F8879FD6AC588007A0 2154496 ----a-w- C:\Users\Vedrana\Desktop\AdwCleaner.exe
2014-12-03 21:06:04 AEED85060B2A31847910E7FE2A27F433 2117632 ----a-w- C:\Users\Vedrana\Desktop\FRST64.exe

====== C: exe-files ==
2014-12-04 11:33:36 CBDDB6C4BCD895F8879FD6AC588007A0 2154496 ----a-w- C:\Users\Vedrana\Desktop\AdwCleaner.exe
2014-12-03 21:06:04 AEED85060B2A31847910E7FE2A27F433 2117632 ----a-w- C:\Users\Vedrana\Desktop\FRST64.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1286541474-720517845-2220903366-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\Vedrana\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"Viber"="C:\Users\Vedrana\AppData\Local\Viber\Viber.exe StartMinimized"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"BitTorrent"="C:\Users\Vedrana\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED"
"GoogleChromeAutoLaunch_9FDC93BDAC6774F542EDDFA48CFDC112"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\Vedrana\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"Viber"="C:\Users\Vedrana\AppData\Local\Viber\Viber.exe StartMinimized"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"BitTorrent"="C:\Users\Vedrana\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED"
"GoogleChromeAutoLaunch_9FDC93BDAC6774F542EDDFA48CFDC112"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GrooveMonitor"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office12\\GrooveMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvBackend"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ShadowPlay]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ShadowPlay"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\rundll32.exe C:\\Windows\\system32\\nvspcap64.dll,ShadowPlayOnSystemStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"


==== Startup Folders ======================

2014-06-20 16:40:31 2305 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1286541474-720517845-2220903366-1000Core.job --a------ C:\Users\Vedrana\AppData\Local\Facebook\Update\FacebookUpdate.exe [07/31/2014 11:27 PM]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1286541474-720517845-2220903366-1000UA.job --a------ C:\Users\Vedrana\AppData\Local\Facebook\Update\FacebookUpdate.exe [07/31/2014 11:27 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/21/2014 12:19 AM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/21/2014 12:19 AM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\84e73df3-b881-448b-a701-7e31aa0425b1 15 0" [C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBCore.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1286541474-720517845-2220903366-1000Core" [C:\Users\Vedrana\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1286541474-720517845-2220903366-1000UA" [C:\Users\Vedrana\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Vedrana\AppData\Roaming\Mozilla\Firefox\Profiles\vfz3qalt.default
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Vedrana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin


==== Chromium Look ======================

Google Docs - Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Vedrana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Ancient Map - Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bjcjaemihddenoopkkhaamlcoliiiain
Weather - Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad
Google Wallet - Vedrana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Startpages ======================

C:\Users\Vedrana\AppData\Local\Google\Chrome\User Data\Default\Preferences
{"apps":{"shortcuts_have_been_created":true},"bookmark_bar":{"show_on_all_tabs":true},"browser":{"clear_lso_data_enabled":true,"last_known_google_url":"https://www.google.ba/","last_prompted_google_url":"https://www.google.ba/","pepper_flash_settings_enabled":true,"show_home_button":true,"window_placement":{"bottom":540,"left":-20,"maximized":true,"right":760,"top":0,"work_area_bottom":728,"work_area_left":0,"work_area_right":1366,"work_area_top":0}},"cloud_print":{"email":""},"countryid_at_install":21843,"default_apps_install_state":3,"default_search_provider":{"alternate_urls":null},"session":{"restore_on_startup":null,"startup_urls":null}}


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Thu 12/04/2014 at 21:02:11.81 ======================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ovo izgleda čisto. Kakvo je sada stanje?

offline
  • Pridružio: 24 Avg 2014
  • Poruke: 29

I dalje imam isti problem.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Odradićemo još jednu provjeru.

Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;



• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.





>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.





Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Ko je trenutno na forumu
 

Ukupno su 1022 korisnika na forumu :: 29 registrovanih, 7 sakrivenih i 986 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: airsuba, bigfoot, Boris90, dankisha, DPera, Georgius, ILGromovnik, Lieutenant, ljuba, LUDI, MB120mm, mercedesamg, Mercury, Metanoja, Milos ZA, moldway, Niko Bitan, Panter, pein, ruma, SlaKoj, Snorks, Steeeefan, stegonosa, vathra, Vlada78, vukdra, Žrnov, 79693