MyCity » Ambulanta -> Arhiva Ambulante » Počeo mi kočiti kompjuter posle probanja deinstalacije FB Messenger-a

Počeo mi kočiti kompjuter posle probanja deinstalacije FB Messenger-a

Napisano na dan: 12.1.2016

Strana:
1
2

Počeo mi kočiti kompjuter posle probanja deinstalacije FB Messenger-a

Sledeća strana

Pagination

Odgovori

Strana:
1
2

dejanod Poslao: 12 Jan 2016 21:40 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Probao sam da deinstaliram messenger fb, nisam ga nasao u control panele/uninstall program, već sam video da se otvori pa na propertis / open file location pa se mora ući u Rgistry, ja sam ušao, i pratio slike i sta piše, ali nisam nasao neke opcije što pisu i prekinuo nisam nista cackao u registri-ju. I sad odjednom komp sporo mi otvara stranice , kliknem na obavestenje na fb otvara minut-restartovao sam dva puta ali nista. Imama adsl 10 mb/s, you tube secka na svakih 3 sek. A nista nisam pipnuo u registriju! Sa ovog linka http://howto-uninstall.windowsuninstaller.org/how-.....r-windows/ sam pratio deinstalaciju treća opcija. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-01-2015 01 Ran by dejan (administrator) on DEJAN-PC (12-01-2016 21:33:03) Running from C:\Users\dejan\Desktop Loaded Profiles: dejan (Available Profiles: dejan) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Kingsoft Corporation) C:\Program Files\kingsoft\ksdef\ksdefserver.exe (Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Users\dejan\AppData\Local\Viber\Viber.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe (Symantec Corporation) C:\Program Files\Norton Security\Engine\22.5.5.15\ns.exe () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe (Symantec Corporation) C:\Program Files\Norton Security\Engine\22.5.5.15\ns.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe () C:\Program Files\Messenger for Desktop\Messenger.exe () C:\Program Files\Messenger for Desktop\Messenger.exe () C:\Program Files\Messenger for Desktop\Messenger.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\Run: [Viber] => C:\Users\dejan\AppData\Local\Viber\Viber.exe [51657424 2015-11-09] () HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3907152 2015-09-23] (Tonec Inc.) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2965C6DE-563C-4504-945D-221BB2EAC7BE}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=U301 SearchScopes: HKU\S-1-5-21-1668144661-2884591123-2203260530-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1668144661-2884591123-2203260530-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-08-28] (Internet Download Manager, Tonec Inc.) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-12-24] (DVDVideoSoft Ltd.) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) FireFox: ======== FF ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1mq1do1l.default-1451739043875 FF Homepage: hxxp://www.google.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-02] () FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1mq1do1l.default-1451739043875\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-12-24] [not signed] FF Extension: Adblock Plus - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1mq1do1l.default-1451739043875\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-07] FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon [2016-01-10] FF HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015-09-23] FF HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\dejan\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\dejan\AppData\Roaming\IDM\idmmzcc5 [2016-01-12] [not signed] Chrome: ======= CHR HomePage: Default -> bing.com/?mkt=en-US&pc=__PARAM__ CHR DefaultSearchURL: Default -> hxxp://gomovix.searchalgo.com/search/?category=web&s=rvds&q={searchTerms} CHR DefaultSearchKeyword: Default -> goMovix CHR DefaultSuggestURL: Default -> hxxp://sug.searchalgo.com/search/index_sg.php?q={searchTerms} CHR Profile: C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-19] CHR Extension: (Google Docs) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-19] CHR Extension: (Google Drive) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-19] CHR Extension: (YouTube) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-19] CHR Extension: (Defender (Verified)) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmepcljigboafeklamepgcdaiebdnagp [2016-01-05] CHR Extension: (Norton Security Toolbar) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-01-12] CHR Extension: (Google Search) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-19] CHR Extension: (Google Sheets) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-19] CHR Extension: (Google Docs Offline) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-20] CHR Extension: (goMovix) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiogeidobnphbnjmnlcjpopgfghcnebf [2016-01-05] CHR Extension: (Bing) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho [2016-01-02] CHR Extension: (IDM Integration Module) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-12-19] CHR Extension: (Chrome Web Store Payments) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-19] CHR Extension: (Gmail) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-19] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-05] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-07-10] CHR HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 DefSrv; C:\Program Files\kingsoft\ksdef\ksdefserver.exe [1667856 2016-01-06] (Kingsoft Corporation) R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.) R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [383640 2015-11-25] () R2 FileZilla Server; C:\Program Files\FileZilla Server\FileZilla Server.exe [794584 2015-06-12] (FileZilla Project) R2 NS; C:\Program Files\Norton Security\Engine\22.5.5.15\NS.exe [282016 2015-11-20] (Symantec Corporation) R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [112792 2015-11-25] () R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [383640 2015-11-25] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx86; C:\Program Files\Norton Security\NortonData\22.5.4.24\Definitions\BASHDefs\20160104.001\BHDrvx86.sys [1193032 2015-12-18] (Symantec Corporation) R1 ccSet_NS; C:\Windows\system32\drivers\NS\1605050.00F\ccSetx86.sys [137456 2015-09-23] (Symantec Corporation) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389968 2016-01-05] (Symantec Corporation) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [15968 2014-11-18] () R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [125264 2016-01-05] (Symantec Corporation) S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2014-11-18] () R1 IDSVix86; C:\Program Files\Norton Security\NortonData\22.5.4.24\Definitions\IPSDefs\20160111.001\IDSvix86.sys [580344 2016-01-04] (Symantec Corporation) R2 KSSafe; C:\Windows\system32\drivers\KSSafe.sys [232296 2015-08-18] (Kingsoft Corporation) R3 NAVENG; C:\Program Files\Norton Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160112.001\NAVENG.SYS [104440 2016-01-05] (Symantec Corporation) R3 NAVEX15; C:\Program Files\Norton Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160112.001\NAVEX15.SYS [1647216 2016-01-05] (Symantec Corporation) R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2011-06-15] (Realtek ) S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam60.sys [50280 2011-06-15] (Realtek Corporation) S3 RTVLANPT; C:\Windows\System32\DRIVERS\RtVlan620.sys [27752 2011-09-16] (Realtek Corporation) R3 SRTSP; C:\Windows\System32\Drivers\NS\1605050.00F\SRTSP.SYS [712944 2015-11-12] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NS\1605050.00F\SRTSPX.SYS [44792 2015-09-23] (Symantec Corporation) R0 SymEFASI; C:\Windows\System32\drivers\NS\1605050.00F\SYMEFASI.SYS [1287408 2015-11-12] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [103152 2016-01-05] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NS\1605050.00F\Ironx86.SYS [234744 2015-09-23] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NS\1605050.00F\SYMNETS.SYS [431328 2015-11-12] (Symantec Corporation) S3 TEAM; C:\Windows\System32\DRIVERS\RtTeam60.sys [50280 2011-06-15] (Realtek Corporation) S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-12 19:27 - 2016-01-12 19:27 - 00000000 ____D C:\Program Files\Messenger for Desktop 2016-01-07 15:29 - 2016-01-07 15:30 - 00000000 ____D C:\Program Files\DVDVideoSoft 2016-01-07 15:29 - 2016-01-07 15:29 - 00000000 ____D C:\Program Files\FreeCodecPack 2016-01-07 15:29 - 2016-01-07 15:29 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft 2016-01-07 15:23 - 2016-01-12 13:36 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-01-05 18:48 - 2016-01-05 19:13 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared 2016-01-05 18:48 - 2016-01-05 18:48 - 00103152 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS 2016-01-05 18:48 - 2016-01-05 18:48 - 00008178 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT 2016-01-05 18:44 - 2016-01-09 22:37 - 00000000 ____D C:\Windows\system32\Drivers\NS 2016-01-05 18:44 - 2016-01-05 18:44 - 00000000 ____D C:\Program Files\Norton Security 2016-01-05 18:31 - 2016-01-05 18:31 - 00000000 ____D C:\MSI99d3e.tmp 2016-01-05 18:29 - 2016-01-05 18:29 - 00000000 ____D C:\MSI99c12.tmp 2016-01-05 17:54 - 2016-01-05 17:54 - 00000000 ____D C:\MSI3b63c.tmp 2016-01-05 17:50 - 2016-01-05 17:50 - 00000000 ____D C:\MSI79f74.tmp 2016-01-05 17:50 - 2016-01-05 17:50 - 00000000 ____D C:\MSI3b63a.tmp 2016-01-05 17:48 - 2016-01-05 17:48 - 00000000 ____D C:\MSI3b638.tmp 2016-01-05 17:47 - 2016-01-05 17:47 - 00000000 ____D C:\MSI3b636.tmp 2016-01-05 17:34 - 2016-01-05 17:34 - 00000000 ____D C:\MSI79d87.tmp 2016-01-05 17:33 - 2016-01-05 17:33 - 00000000 ____D C:\MSI7146c.tmp 2016-01-04 22:04 - 2016-01-04 22:04 - 00000000 ____D C:\MSI83415.tmp 2016-01-04 21:54 - 2016-01-04 21:55 - 00000991 _____ C:\DelFix.txt 2016-01-04 21:54 - 2016-01-04 21:54 - 00000000 ____D C:\Windows\ERUNT 2016-01-03 02:51 - 2016-01-03 02:51 - 00000000 ____D C:\_197561_ 2015-12-30 22:09 - 2015-12-30 22:09 - 00000000 ____D C:\MSIc0b77.tmp 2015-12-30 22:09 - 2015-12-30 22:09 - 00000000 ____D C:\MSIc0b70.tmp 2015-12-30 22:08 - 2015-12-30 22:08 - 00000000 ____D C:\26b8e462-6b97-4b4a-8b0f-a91fd9329e9f 2015-12-30 01:43 - 2015-12-30 01:43 - 00000000 ____D C:\zoek 2015-12-29 14:27 - 2015-12-30 01:47 - 00002672 _____ C:\runcheck.txt 2015-12-28 14:59 - 2015-12-28 14:59 - 00000000 ____D C:\zoek_backup 2015-12-27 04:39 - 2015-12-27 04:39 - 00000000 ____D C:\_638128_ 2015-12-27 00:30 - 2016-01-03 03:19 - 00000000 ____D C:\Program Files\Free YouTube Downloader 2015-12-27 00:30 - 2015-12-27 00:30 - 00000000 ____D C:\Program Files\Vitzo 2015-12-26 16:15 - 2015-12-26 16:15 - 00014800 _____ C:\Windows\system32\results.xml 2015-12-26 15:34 - 2009-10-02 14:34 - 08198680 _____ (Intel(R) Corporation) C:\Windows\system32\TVWSetup.exe 2015-12-26 15:34 - 2009-10-02 14:34 - 00672792 _____ (Intel Corporation) C:\Windows\system32\igfxcfg.exe 2015-12-26 15:34 - 2009-10-02 14:34 - 00252952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2015-12-26 15:34 - 2009-10-02 14:34 - 00173592 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2015-12-26 15:34 - 2009-10-02 14:34 - 00173080 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2015-12-26 15:34 - 2009-10-02 14:34 - 00150552 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2015-12-26 15:34 - 2009-10-02 14:34 - 00141848 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2015-12-25 14:01 - 2015-12-25 14:01 - 00000000 ____D C:\Program Files\Intel Driver Update Utility 2015-12-25 14:01 - 2015-12-25 14:01 - 00000000 ____D C:\MSIbda9a.tmp 2015-12-25 13:54 - 2015-12-25 13:54 - 00000000 ____D C:\MSI23ff5.tmp 2015-12-25 13:53 - 2015-12-25 13:53 - 00000000 ____D C:\MSI23eaa.tmp 2015-12-25 13:50 - 2015-12-25 13:50 - 00000000 ____D C:\MSI23ce5.tmp 2015-12-25 13:49 - 2015-12-25 13:49 - 00000000 ____D C:\4c039f83-08eb-4b25-b14b-c6149684e581 2015-12-25 13:46 - 2016-01-02 14:12 - 00000000 ____D C:\Program Files\realtech VR 2015-12-23 15:26 - 2015-12-23 15:26 - 00000000 ____D C:\ldrscan 2015-12-22 20:50 - 2015-12-24 21:12 - 00000000 ____D C:\FRST 2015-12-20 19:17 - 2014-06-17 13:13 - 00718552 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys 2015-12-20 19:17 - 2014-06-17 13:13 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll 2015-12-20 19:17 - 2014-06-17 13:13 - 00076872 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll 2015-12-20 19:12 - 2015-12-20 19:17 - 00000000 ____D C:\Program Files\Realtek 2015-12-20 19:12 - 2011-09-16 08:12 - 00027752 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtVlan620.sys 2015-12-20 19:12 - 2011-06-15 14:11 - 00050280 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam60.sys 2015-12-20 19:12 - 2011-06-15 14:11 - 00027648 _____ (Realtek ) C:\Windows\system32\Drivers\RtNdPt60.sys 2015-12-20 17:48 - 2015-12-20 17:48 - 00000000 ____D C:\Intel 2015-12-20 17:48 - 2010-03-02 09:04 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll 2015-12-20 03:54 - 2015-12-20 03:54 - 00000000 ____D C:\_332656_ 2015-12-19 20:04 - 2015-12-19 20:04 - 00000000 ____D C:\MSI3df1.tmp 2015-12-19 19:48 - 2015-12-19 19:48 - 00000000 ____D C:\MSI10526.tmp 2015-12-19 19:46 - 2015-12-19 19:49 - 00000000 ____D C:\Program Files\Enigma Software Group 2015-12-19 15:32 - 2015-12-19 15:32 - 00000000 ____D C:\Windows\pss 2015-12-17 15:56 - 2016-01-05 18:43 - 00000000 ____D C:\Program Files\NortonInstaller 2015-12-17 15:56 - 2015-12-19 13:22 - 00000000 ____D C:\Program Files\Norton Internet Security 2015-12-17 14:14 - 2015-12-17 20:49 - 00001660 _____ C:\Windows\system32\ASOROSet.bin 2015-12-17 14:14 - 2015-12-17 14:14 - 00000000 ____D C:\Windows\system32\config\RCCBakup 2015-12-16 21:08 - 2015-12-16 21:08 - 00000000 ____D C:\MSI828b9.tmp 2015-12-16 21:05 - 2015-12-16 21:05 - 00000000 ____D C:\MSI8279c.tmp 2015-12-16 19:49 - 2015-12-16 19:49 - 00000000 ____D C:\MSI91dee.tmp 2015-12-16 19:46 - 2015-12-16 19:46 - 00000000 ____D C:\MSI91dec.tmp 2015-12-16 19:31 - 2015-12-16 19:28 - 05619784 _____ (Microsoft Corporation) C:\Windows\system32\mfc110u.dll 2015-12-16 18:58 - 2015-12-16 18:58 - 00000000 ____D C:\MSI870d9.tmp 2015-12-16 18:57 - 2015-12-16 18:57 - 00000000 ____D C:\MSI870d2.tmp 2015-12-14 18:12 - 2015-12-14 18:12 - 00000000 ____D C:\MSI60cfb.tmp 2015-12-14 17:53 - 2015-12-14 17:53 - 00000000 ____D C:\MSI4ede6.tmp 2015-12-14 16:54 - 2015-12-14 16:54 - 00000000 ____D C:\Program Files\kingsoft 2015-12-14 16:54 - 2015-08-18 17:30 - 00232296 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\KSSafe.sys 2015-12-14 16:44 - 2015-12-14 16:44 - 00000000 ____D C:\MSIc7b15.tmp 2015-12-14 16:42 - 2015-12-20 13:17 - 00000000 ____D C:\Program Files\Windows 7 Activator ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-12 21:31 - 2009-07-14 03:37 - 00000000 ____D C:\Windows 2016-01-12 21:22 - 2015-10-14 18:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-12 20:55 - 2015-10-31 17:12 - 00000000 ____D C:\Program Files\Internet Download Manager 2016-01-12 20:45 - 2015-10-22 13:34 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-12 19:42 - 2009-07-14 05:34 - 00020192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-01-12 19:42 - 2009-07-14 05:34 - 00020192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-01-12 19:33 - 2015-10-22 13:34 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-12 19:33 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-09 22:37 - 2015-10-14 18:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-01-06 14:46 - 2015-10-19 21:59 - 00000000 ____D C:\Program Files\Common Files\AV 2016-01-06 14:43 - 2015-10-19 21:52 - 00000000 ____D C:\Program Files\AVG 2016-01-05 18:30 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf 2016-01-02 21:28 - 2015-10-14 18:29 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-01-02 21:28 - 2015-10-14 18:29 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-01-02 14:15 - 2015-10-25 22:41 - 00000000 ____D C:\Program Files\Common Files\AVSMedia 2016-01-02 14:15 - 2015-10-25 22:41 - 00000000 ____D C:\Program Files\AVS4YOU 2016-01-01 13:58 - 2015-10-14 18:23 - 00780436 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-26 15:35 - 2015-10-15 13:36 - 00000000 ____D C:\Windows\system32\Lang 2015-12-25 14:01 - 2015-10-15 13:36 - 00000000 ____D C:\Program Files\Intel 2015-12-22 18:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\L2Schemas 2015-12-20 19:17 - 2015-10-24 17:55 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-12-19 15:28 - 2015-12-12 10:55 - 00000000 ____D C:\Windows\Minidump 2015-12-19 15:27 - 2015-10-20 14:51 - 00000000 ____D C:\Program Files\CCleaner 2015-12-18 01:21 - 2015-10-29 15:02 - 00000000 ____D C:\Program Files\7-Zip 2015-12-17 20:50 - 2015-10-14 18:18 - 00000000 ____D C:\Users\dejan 2015-12-17 20:49 - 2009-07-14 03:03 - 43253760 _____ C:\Windows\system32\config\SOFTWARE.bak 2015-12-17 20:49 - 2009-07-14 03:03 - 13107200 _____ C:\Windows\system32\config\SYSTEM.bak 2015-12-17 20:49 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak 2015-12-17 20:46 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SAM.bak 2015-12-14 17:52 - 2015-11-28 23:51 - 00000000 ____D C:\Program Files\Common Files\Topaz Labs 2015-12-14 17:49 - 2009-07-14 05:33 - 00269880 _____ C:\Windows\system32\FNTCACHE.DAT ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-01-09 03:52 ==================== End of FRST.txt ============================ https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 12 Jan 2016 22:24 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. CreateRestorePoint: CHR HomePage: Default -> bing.com/?mkt=en-US&pc=__PARAM__ CHR DefaultSearchURL: Default -> hxxp://gomovix.searchalgo.com/search/?category=web&s=rvds&q={searchTerms} CHR DefaultSearchKeyword: Default -> goMovix CHR DefaultSuggestURL: Default -> hxxp://sug.searchalgo.com/search/index_sg.php?q={searchTerms} CHR Extension: (Defender (Verified)) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmepcljigboafeklamepgcdaiebdnagp [2016-01-05] CHR Extension: (goMovix) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiogeidobnphbnjmnlcjpopgfghcnebf [2016-01-05] CHR Extension: (Bing) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho [2016-01-02] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx IE trusted site: HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\webcompanion.com -> hxxp://webcompanion.com EmptyTemp: U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Korak 2 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. U EULA prozoru klikni na I agree. U Options isključi Reset Winsock settings ako je uključen. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Cleaning i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C1].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Profil

dejanod Poslao: 13 Jan 2016 13:18 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! CreateRestorePoint: CHR HomePage: Default -> bing.com/?mkt=en-US&pc=__PARAM__ CHR DefaultSearchURL: Default -> hxxp://gomovix.searchalgo.com/search/?category=web&s=rvds&q={searchTerms} CHR DefaultSearchKeyword: Default -> goMovix CHR DefaultSuggestURL: Default -> hxxp://sug.searchalgo.com/search/index_sg.php?q={searchTerms} CHR Extension: (Defender (Verified)) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmepcljigboafeklamepgcdaiebdnagp [2016-01-05] CHR Extension: (goMovix) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiogeidobnphbnjmnlcjpopgfghcnebf [2016-01-05] CHR Extension: (Bing) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho [2016-01-02] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx IE trusted site: HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\webcompanion.com -> hxxp://webcompanion.com EmptyTemp: Od ADW CLEAN-era posle restarta računara nikakav izveštaj nije izašao, a i video sam po završetku Cleaning da je izbacio NO FOUND MALICIOUS PROGRAM.

Profil

Sass Drake Poslao: 13 Jan 2016 17:51 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisi mi kopirao kompletan fixlog.txt.

Profil

dejanod Poslao: 14 Jan 2016 01:47 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Scan Tool (x86) Version:10-01-2015 01 Ran by dejan (2016-01-14 01:39:40) Run:1 Running from C:\Users\dejan\Desktop Loaded Profiles: dejan (Available Profiles: dejan) Boot Mode: Normal ============================================== fixlist content: *************** CreateRestorePoint: CHR HomePage: Default -> bing.com/?mkt=en-US&pc=__PARAM__ CHR DefaultSearchURL: Default -> hxxp://gomovix.searchalgo.com/search/?category=web&s=rvds&q={searchTerms} CHR DefaultSearchKeyword: Default -> goMovix CHR DefaultSuggestURL: Default -> hxxp://sug.searchalgo.com/search/index_sg.php?q={searchTerms} CHR Extension: (Defender (Verified)) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmepcljigboafeklamepgcdaiebdnagp [2016-01-05] CHR Extension: (goMovix) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiogeidobnphbnjmnlcjpopgfghcnebf [2016-01-05] CHR Extension: (Bing) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho [2016-01-02] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx IE trusted site: HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\webcompanion.com -> hxxp://webcompanion.com EmptyTemp: *************** Restore point was successfully created. Chrome HomePage => not found. Chrome DefaultSearchURL => not found. Chrome DefaultSearchKeyword => not found. Chrome DefaultSuggestURL => not found. C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmepcljigboafeklamepgcdaiebdnagp => not found. C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiogeidobnphbnjmnlcjpopgfghcnebf => not found. C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho => not found. "HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => key removed successfully. HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\SOFTWARE\Google\Chrome\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho => key not found. HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => key not found. EmptyTemp: => 970.6 MB temporary data Removed. ==== End of Fixlog 01:45:33 ====

Profil

Sass Drake Poslao: 14 Jan 2016 17:50 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Postavi mi nove FRST.txt i Addition.txt izvještaje.

Profil

dejanod Poslao: 14 Jan 2016 21:59 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 14 Jan 2016 20:09 Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-01-2015 01 Ran by dejan (administrator) on DEJAN-PC (14-01-2016 20:02:09) Running from C:\Users\dejan\Desktop Loaded Profiles: dejan (Available Profiles: dejan) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Kingsoft Corporation) C:\Program Files\kingsoft\ksdef\ksdefserver.exe (Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe (FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Users\dejan\AppData\Local\Viber\Viber.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (Google, Inc) C:\Users\dejan\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe (Symantec Corporation) C:\Program Files\Norton Security\Engine\22.5.5.15\ns.exe (Symantec Corporation) C:\Program Files\Norton Security\Engine\22.5.5.15\ns.exe () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe () C:\Program Files\Messenger for Desktop\Messenger.exe () C:\Program Files\Messenger for Desktop\Messenger.exe () C:\Program Files\Messenger for Desktop\Messenger.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\Run: [Viber] => C:\Users\dejan\AppData\Local\Viber\Viber.exe [51657424 2015-11-09] () HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3907152 2015-09-23] (Tonec Inc.) HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\Run: [Google Update] => C:\Users\dejan\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2016-01-13] (Google Inc.) HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\Run: [Google Photos Backup] => C:\Users\dejan\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3791176 2015-12-11] (Google, Inc) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2965C6DE-563C-4504-945D-221BB2EAC7BE}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=U301 SearchScopes: HKU\S-1-5-21-1668144661-2884591123-2203260530-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1668144661-2884591123-2203260530-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-08-28] (Internet Download Manager, Tonec Inc.) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) FireFox: ======== FF ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1mq1do1l.default-1451739043875 FF Homepage: hxxp://www.google.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-02] () FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin HKU\S-1-5-21-1668144661-2884591123-2203260530-1001: @tools.google.com/Google Update;version=3 -> C:\Users\dejan\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-13] (Google Inc.) FF Plugin HKU\S-1-5-21-1668144661-2884591123-2203260530-1001: @tools.google.com/Google Update;version=9 -> C:\Users\dejan\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-13] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Extension: Adblock Plus - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1mq1do1l.default-1451739043875\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-07] FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon [2016-01-13] FF HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015-09-23] FF HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\dejan\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\dejan\AppData\Roaming\IDM\idmmzcc5 [2016-01-14] [not signed] Chrome: ======= CHR Profile: C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-19] CHR Extension: (Google Docs) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-19] CHR Extension: (Google Drive) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-19] CHR Extension: (YouTube) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-19] CHR Extension: (Norton Security Toolbar) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-01-12] CHR Extension: (Google Search) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-19] CHR Extension: (Google Sheets) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-19] CHR Extension: (Google Docs Offline) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-20] CHR Extension: (IDM Integration Module) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-12-19] CHR Extension: (Chrome Web Store Payments) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-19] CHR Extension: (Gmail) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-19] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-05] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-07-10] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 DefSrv; C:\Program Files\kingsoft\ksdef\ksdefserver.exe [1667856 2016-01-06] (Kingsoft Corporation) R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.) R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [383640 2015-11-25] () R2 FileZilla Server; C:\Program Files\FileZilla Server\FileZilla Server.exe [794584 2015-06-12] (FileZilla Project) R2 NS; C:\Program Files\Norton Security\Engine\22.5.5.15\NS.exe [282016 2015-11-20] (Symantec Corporation) R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [112792 2015-11-25] () R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [383640 2015-11-25] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx86; C:\Program Files\Norton Security\NortonData\22.5.4.24\Definitions\BASHDefs\20160104.001\BHDrvx86.sys [1193032 2015-12-18] (Symantec Corporation) R1 ccSet_NS; C:\Windows\system32\drivers\NS\1605050.00F\ccSetx86.sys [137456 2015-09-23] (Symantec Corporation) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389968 2016-01-05] (Symantec Corporation) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [15968 2014-11-18] () R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [125264 2016-01-05] (Symantec Corporation) S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2014-11-18] () R1 IDSVix86; C:\Program Files\Norton Security\NortonData\22.5.4.24\Definitions\IPSDefs\20160113.001\IDSvix86.sys [580344 2016-01-04] (Symantec Corporation) R2 KSSafe; C:\Windows\system32\drivers\KSSafe.sys [232296 2015-08-18] (Kingsoft Corporation) R3 NAVENG; C:\Program Files\Norton Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160113.067\NAVENG.SYS [104440 2016-01-05] (Symantec Corporation) R3 NAVEX15; C:\Program Files\Norton Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160113.067\NAVEX15.SYS [1647216 2016-01-05] (Symantec Corporation) R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2011-06-15] (Realtek ) S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam60.sys [50280 2011-06-15] (Realtek Corporation) S3 RTVLANPT; C:\Windows\System32\DRIVERS\RtVlan620.sys [27752 2011-09-16] (Realtek Corporation) R3 SRTSP; C:\Windows\System32\Drivers\NS\1605050.00F\SRTSP.SYS [712944 2015-11-12] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NS\1605050.00F\SRTSPX.SYS [44792 2015-09-23] (Symantec Corporation) R0 SymEFASI; C:\Windows\System32\drivers\NS\1605050.00F\SYMEFASI.SYS [1287408 2015-11-12] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [103152 2016-01-05] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NS\1605050.00F\Ironx86.SYS [234744 2015-09-23] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NS\1605050.00F\SYMNETS.SYS [431328 2015-11-12] (Symantec Corporation) S3 TEAM; C:\Windows\System32\DRIVERS\RtTeam60.sys [50280 2011-06-15] (Realtek Corporation) S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-13 20:10 - 2016-01-14 19:56 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1668144661-2884591123-2203260530-1001UA.job 2016-01-13 20:10 - 2016-01-13 20:20 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1668144661-2884591123-2203260530-1001Core.job 2016-01-13 13:33 - 2016-01-13 13:33 - 00000000 ____D C:\MSI2f1ec.tmp 2016-01-12 23:51 - 2016-01-12 23:54 - 00000000 ____D C:\AdwCleaner 2016-01-12 19:27 - 2016-01-12 23:01 - 00000000 ____D C:\Program Files\Messenger for Desktop 2016-01-07 15:29 - 2016-01-07 15:30 - 00000000 ____D C:\Program Files\DVDVideoSoft 2016-01-07 15:29 - 2016-01-07 15:29 - 00000000 ____D C:\Program Files\FreeCodecPack 2016-01-07 15:29 - 2016-01-07 15:29 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft 2016-01-07 15:23 - 2016-01-14 00:35 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-01-05 18:48 - 2016-01-05 19:13 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared 2016-01-05 18:48 - 2016-01-05 18:48 - 00103152 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS 2016-01-05 18:48 - 2016-01-05 18:48 - 00008178 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT 2016-01-05 18:44 - 2016-01-09 22:37 - 00000000 ____D C:\Windows\system32\Drivers\NS 2016-01-05 18:44 - 2016-01-05 18:44 - 00000000 ____D C:\Program Files\Norton Security 2016-01-05 18:31 - 2016-01-05 18:31 - 00000000 ____D C:\MSI99d3e.tmp 2016-01-05 18:29 - 2016-01-05 18:29 - 00000000 ____D C:\MSI99c12.tmp 2016-01-05 17:54 - 2016-01-05 17:54 - 00000000 ____D C:\MSI3b63c.tmp 2016-01-05 17:50 - 2016-01-05 17:50 - 00000000 ____D C:\MSI79f74.tmp 2016-01-05 17:50 - 2016-01-05 17:50 - 00000000 ____D C:\MSI3b63a.tmp 2016-01-05 17:48 - 2016-01-05 17:48 - 00000000 ____D C:\MSI3b638.tmp 2016-01-05 17:47 - 2016-01-05 17:47 - 00000000 ____D C:\MSI3b636.tmp 2016-01-05 17:34 - 2016-01-05 17:34 - 00000000 ____D C:\MSI79d87.tmp 2016-01-05 17:33 - 2016-01-05 17:33 - 00000000 ____D C:\MSI7146c.tmp 2016-01-04 22:04 - 2016-01-04 22:04 - 00000000 ____D C:\MSI83415.tmp 2016-01-04 21:54 - 2016-01-04 21:55 - 00000991 _____ C:\DelFix.txt 2016-01-04 21:54 - 2016-01-04 21:54 - 00000000 ____D C:\Windows\ERUNT 2016-01-03 02:51 - 2016-01-03 02:51 - 00000000 ____D C:\_197561_ 2015-12-30 22:09 - 2015-12-30 22:09 - 00000000 ____D C:\MSIc0b77.tmp 2015-12-30 22:09 - 2015-12-30 22:09 - 00000000 ____D C:\MSIc0b70.tmp 2015-12-30 22:08 - 2015-12-30 22:08 - 00000000 ____D C:\26b8e462-6b97-4b4a-8b0f-a91fd9329e9f 2015-12-30 01:43 - 2015-12-30 01:43 - 00000000 ____D C:\zoek 2015-12-29 14:27 - 2015-12-30 01:47 - 00002672 _____ C:\runcheck.txt 2015-12-28 14:59 - 2015-12-28 14:59 - 00000000 ____D C:\zoek_backup 2015-12-27 04:39 - 2015-12-27 04:39 - 00000000 ____D C:\_638128_ 2015-12-27 00:30 - 2016-01-03 03:19 - 00000000 ____D C:\Program Files\Free YouTube Downloader 2015-12-27 00:30 - 2015-12-27 00:30 - 00000000 ____D C:\Program Files\Vitzo 2015-12-26 16:15 - 2015-12-26 16:15 - 00014800 _____ C:\Windows\system32\results.xml 2015-12-26 15:34 - 2009-10-02 14:34 - 08198680 _____ (Intel(R) Corporation) C:\Windows\system32\TVWSetup.exe 2015-12-26 15:34 - 2009-10-02 14:34 - 00672792 _____ (Intel Corporation) C:\Windows\system32\igfxcfg.exe 2015-12-26 15:34 - 2009-10-02 14:34 - 00252952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2015-12-26 15:34 - 2009-10-02 14:34 - 00173592 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2015-12-26 15:34 - 2009-10-02 14:34 - 00173080 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2015-12-26 15:34 - 2009-10-02 14:34 - 00150552 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2015-12-26 15:34 - 2009-10-02 14:34 - 00141848 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2015-12-25 14:01 - 2015-12-25 14:01 - 00000000 ____D C:\Program Files\Intel Driver Update Utility 2015-12-25 14:01 - 2015-12-25 14:01 - 00000000 ____D C:\MSIbda9a.tmp 2015-12-25 13:54 - 2015-12-25 13:54 - 00000000 ____D C:\MSI23ff5.tmp 2015-12-25 13:53 - 2015-12-25 13:53 - 00000000 ____D C:\MSI23eaa.tmp 2015-12-25 13:50 - 2015-12-25 13:50 - 00000000 ____D C:\MSI23ce5.tmp 2015-12-25 13:49 - 2015-12-25 13:49 - 00000000 ____D C:\4c039f83-08eb-4b25-b14b-c6149684e581 2015-12-25 13:46 - 2016-01-02 14:12 - 00000000 ____D C:\Program Files\realtech VR 2015-12-23 15:26 - 2015-12-23 15:26 - 00000000 ____D C:\ldrscan 2015-12-22 20:50 - 2015-12-24 21:12 - 00000000 ____D C:\FRST 2015-12-20 19:17 - 2014-06-17 13:13 - 00718552 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys 2015-12-20 19:17 - 2014-06-17 13:13 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll 2015-12-20 19:17 - 2014-06-17 13:13 - 00076872 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll 2015-12-20 19:12 - 2015-12-20 19:17 - 00000000 ____D C:\Program Files\Realtek 2015-12-20 19:12 - 2011-09-16 08:12 - 00027752 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtVlan620.sys 2015-12-20 19:12 - 2011-06-15 14:11 - 00050280 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam60.sys 2015-12-20 19:12 - 2011-06-15 14:11 - 00027648 _____ (Realtek ) C:\Windows\system32\Drivers\RtNdPt60.sys 2015-12-20 17:48 - 2015-12-20 17:48 - 00000000 ____D C:\Intel 2015-12-20 17:48 - 2010-03-02 09:04 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll 2015-12-20 03:54 - 2015-12-20 03:54 - 00000000 ____D C:\_332656_ 2015-12-19 20:04 - 2015-12-19 20:04 - 00000000 ____D C:\MSI3df1.tmp 2015-12-19 19:48 - 2015-12-19 19:48 - 00000000 ____D C:\MSI10526.tmp 2015-12-19 19:46 - 2015-12-19 19:49 - 00000000 ____D C:\Program Files\Enigma Software Group 2015-12-19 15:32 - 2015-12-19 15:32 - 00000000 ____D C:\Windows\pss 2015-12-17 15:56 - 2016-01-05 18:43 - 00000000 ____D C:\Program Files\NortonInstaller 2015-12-17 15:56 - 2015-12-19 13:22 - 00000000 ____D C:\Program Files\Norton Internet Security 2015-12-17 14:14 - 2015-12-17 20:49 - 00001660 _____ C:\Windows\system32\ASOROSet.bin 2015-12-17 14:14 - 2015-12-17 14:14 - 00000000 ____D C:\Windows\system32\config\RCCBakup 2015-12-16 21:08 - 2015-12-16 21:08 - 00000000 ____D C:\MSI828b9.tmp 2015-12-16 21:05 - 2015-12-16 21:05 - 00000000 ____D C:\MSI8279c.tmp 2015-12-16 19:49 - 2015-12-16 19:49 - 00000000 ____D C:\MSI91dee.tmp 2015-12-16 19:46 - 2015-12-16 19:46 - 00000000 ____D C:\MSI91dec.tmp 2015-12-16 19:31 - 2015-12-16 19:28 - 05619784 _____ (Microsoft Corporation) C:\Windows\system32\mfc110u.dll 2015-12-16 18:58 - 2015-12-16 18:58 - 00000000 ____D C:\MSI870d9.tmp 2015-12-16 18:57 - 2015-12-16 18:57 - 00000000 ____D C:\MSI870d2.tmp ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-14 20:02 - 2009-07-14 03:37 - 00000000 ____D C:\Windows 2016-01-14 19:56 - 2015-10-22 13:34 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-14 19:56 - 2015-10-14 18:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-14 14:09 - 2015-10-31 17:12 - 00000000 ____D C:\Program Files\Internet Download Manager 2016-01-14 13:54 - 2009-07-14 05:34 - 00020192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-01-14 13:54 - 2009-07-14 05:34 - 00020192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-01-14 13:45 - 2015-10-22 13:34 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-14 13:45 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-13 18:50 - 2015-10-22 13:34 - 00000000 ____D C:\Program Files\Google 2016-01-09 22:37 - 2015-10-14 18:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-01-06 14:46 - 2015-10-19 21:59 - 00000000 ____D C:\Program Files\Common Files\AV 2016-01-06 14:43 - 2015-10-19 21:52 - 00000000 ____D C:\Program Files\AVG 2016-01-05 18:30 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf 2016-01-02 21:28 - 2015-10-14 18:29 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-01-02 21:28 - 2015-10-14 18:29 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-01-02 14:15 - 2015-10-25 22:41 - 00000000 ____D C:\Program Files\Common Files\AVSMedia 2016-01-02 14:15 - 2015-10-25 22:41 - 00000000 ____D C:\Program Files\AVS4YOU 2016-01-01 13:58 - 2015-10-14 18:23 - 00780436 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-26 15:35 - 2015-10-15 13:36 - 00000000 ____D C:\Windows\system32\Lang 2015-12-25 14:01 - 2015-10-15 13:36 - 00000000 ____D C:\Program Files\Intel 2015-12-22 18:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\L2Schemas 2015-12-20 19:17 - 2015-10-24 17:55 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-12-20 13:17 - 2015-12-14 16:42 - 00000000 ____D C:\Program Files\Windows 7 Activator 2015-12-19 15:28 - 2015-12-12 10:55 - 00000000 ____D C:\Windows\Minidump 2015-12-19 15:27 - 2015-10-20 14:51 - 00000000 ____D C:\Program Files\CCleaner 2015-12-18 01:21 - 2015-10-29 15:02 - 00000000 ____D C:\Program Files\7-Zip 2015-12-17 20:50 - 2015-10-14 18:18 - 00000000 ____D C:\Users\dejan 2015-12-17 20:49 - 2009-07-14 03:03 - 43253760 _____ C:\Windows\system32\config\SOFTWARE.bak 2015-12-17 20:49 - 2009-07-14 03:03 - 13107200 _____ C:\Windows\system32\config\SYSTEM.bak 2015-12-17 20:49 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak 2015-12-17 20:46 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SAM.bak ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-01-09 03:52 ==================== End of FRST.txt ============================ https://www.mycity.rs/must-login.png Dopuna: 14 Jan 2016 21:59 Sass da znaš ja hoću da ga obrišem i ponovo instaliram jer nešto sam klinuo i sad ne stoji dobro.Treba ovako A ono mi stoji ovako Ne vidi ga Registry, ni Uninstall programs.

Profil

Sass Drake Poslao: 14 Jan 2016 22:21 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Prvo da uklonimo ostatke Kingsofta i AVG-a. Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. `CreateRestorePoint: R2 DefSrv; C:\Program Files\kingsoft\ksdef\ksdefserver.exe [1667856 2016-01-06] (Kingsoft Corporation) R2 KSSafe; C:\Windows\system32\drivers\KSSafe.sys [232296 2015-08-18] (Kingsoft Corporation) C:\Program Files\kingsoft C:\Windows\system32\drivers\KSSafe.sys C:\Program Files\AVG` U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Što se apliakcije tiče, mislim da će biti dovoljno da istu opet instaliraš pa da je onda reinstaliraš ako bude potrebe.

Profil

dejanod Poslao: 15 Jan 2016 19:51 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 15 Jan 2016 13:11 Hocu, nesta mi struja, a ne vidim ga. Čim dođe odrađujem Dopuna: 15 Jan 2016 19:51 Fix result of Farbar Recovery Scan Tool (x86) Version:10-01-2015 01 Ran by dejan (2016-01-15 19:45:47) Run:1 Running from C:\Users\dejan\Desktop Loaded Profiles: dejan (Available Profiles: dejan) Boot Mode: Normal ============================================== fixlist content: *************** CreateRestorePoint: R2 DefSrv; C:\Program Files\kingsoft\ksdef\ksdefserver.exe [1667856 2016-01-06] (Kingsoft Corporation) R2 KSSafe; C:\Windows\system32\drivers\KSSafe.sys [232296 2015-08-18] (Kingsoft Corporation) C:\Program Files\kingsoft C:\Windows\system32\drivers\KSSafe.sys C:\Program Files\AVG *************** Restore point was successfully created. DefSrv => Service stopped successfully. DefSrv => service removed successfully. KSSafe => Unable to stop service. KSSafe => service removed successfully. "C:\Program Files\kingsoft" folder move: Could not move "C:\Program Files\kingsoft" => Scheduled to move on reboot. C:\Windows\system32\drivers\KSSafe.sys => moved successfully "C:\Program Files\AVG" folder move: Could not move "C:\Program Files\AVG" => Scheduled to move on reboot. ==== End of Fixlog 19:47:43 ====

Profil

Sass Drake Poslao: 15 Jan 2016 20:25 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da li i dalje koči? Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Počeo mi kočiti kompjuter posle probanja deinstalacije FB Messenger-a

Ko je trenutno na forumu

Ukupno su 1483 korisnika na forumu :: 28 registrovanih, 3 sakrivenih i 1452 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bokisha253, cikadeda, comi_pfc, dekan.m, dragan_mig31, Dukelander, Haris, HogarStrashni, Istman, Lazarus, m0nstrum_, M1los, mane123, mercedesamg, Metanoja, milenko crazy north, mkukoleca, nextyamb, opt1, perko91, Prometeus, Romibrat, sabros, Srki94, vaso1, wizzardone, zastavnik, |_MeD_|

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by