Problem sa vurusima

2

Problem sa vurusima

offline
  • Pridružio: 02 Okt 2007
  • Poruke: 50

Dobar dan evo mene opet



Zoek.exe Version 4.0.0.4 Updated 31-08-2013
Tool run by Home on 31.08.2013 at 17:09:23,32.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Home\Desktop\New folder\New folder\zoek.exe [Script inserted]

==== System Restore Info ======================

31.08.2013 17:10:26 Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-08-30 18:07:10 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2013-08-30 18:07:10 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2013-08-30 18:07:10 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2013-08-30 18:07:10 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2013-08-30 18:07:10 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
====== C:\Users\Home\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
2013-08-27 12:05:55 E6C2F1D8B667DDC04CB55B9F0159EF97 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_39.dll
2013-08-27 12:05:55 C4F1972497FE2CEB7D900938C97FCF91 1493528 ----a-w- C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-08-27 12:05:53 8CB3DEFB8887C4F0846DB1FC1304D6D2 3851784 ----a-w- C:\Windows\SysWOW64\D3DX9_39.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
2013-08-31 05:14:16 73AF6523C9A3E8EA38ECC72F2E075EE2 3336 ----a-w- C:\Windows\Sysnative\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-448369867-836560375-4160285859-1000
2013-08-23 19:21:51 287C13F7430257E730230851898D582E 2982 ----a-w- C:\Windows\Sysnative\Tasks\AutoKMS
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\Program Files (x86) =====
2013-08-27 11:56:13 -------- d-----w- C:\Program Files (x86)\Pando Networks
2013-08-17 23:49:14 -------- d-----w- C:\Program Files (x86)\Counter-Strike 1.6
2013-08-10 19:25:53 -------- d-----w- C:\Program Files (x86)\hosts
2013-08-10 17:56:02 -------- d-----w- C:\Program Files (x86)\CS-RELOAD Final Edition
======= C: =====
====== C:\Users\Home\AppData\Roaming ======
2013-08-30 19:58:12 -------- d-----w- C:\users\Public\AppData\Local\temp
2013-08-30 19:58:12 -------- d-----w- C:\users\Default\AppData\Local\temp
2013-08-30 19:58:12 -------- d-----w- C:\users\Default User\AppData\Local\temp
2013-08-27 15:12:33 -------- d-----w- C:\users\Home\AppData\Roaming\LolClient
2013-08-27 11:56:26 -------- d-----w- C:\users\Home\AppData\Local\PMB Files
2013-08-27 11:55:46 -------- d-----w- C:\users\Home\AppData\Roaming\Riot Games
2013-08-10 17:58:05 -------- d-----w- C:\users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CS-RELOAD Final Edition
2013-08-09 17:18:00 6CCF6CA531D15486D6134C20DEC45A45 4255034 ----a-w- C:\users\Home\AppData\Locallow\wbk79C9.tmp
====== C:\Users\Home ======
2013-08-30 18:15:09 -------- d-----w- C:\Users\Public\AppData
2013-08-27 11:56:22 -------- d-----w- C:\ProgramData\PMB Files
2013-08-20 13:37:21 -------- d-----w- C:\ProgramData\4shared Desktop
2013-08-10 17:58:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CS-RELOAD Final Edition

====== C: exe-files ==
2013-08-31 08:56:29 DC5C3A2292D011EF3BBF9D17BD28A54C 1194848 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.62\29.0.1547.62_29.0.1547.57_chrome_updater.exe
2013-08-30 18:07:10 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2013-08-30 18:07:10 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2013-08-30 18:07:10 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2013-08-30 18:07:10 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2013-08-30 18:07:10 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
2013-08-30 17:08:50 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Home\Desktop\New folder\xzqezlkv.exe
2013-08-30 17:01:46 F7AF924D0D951FF8F7B05AD2E4FF50D3 994642 ----a-w- C:\Users\Home\Desktop\New folder\adwcleaner.exe
2013-08-27 15:10:42 2A6A71AA906A23BBE10BFEC5BE66F542 23966560 ----a-w- C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.240\deploy\League of Legends.exe
2013-08-27 15:10:33 DC580A2795D3E39E006A3D708291822F 264272 ----a-w- C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.240\deploy\BsSndRpt.exe
2013-08-27 14:31:17 2A6A71AA906A23BBE10BFEC5BE66F542 23966560 ----a-w- C:\Riot Games\League of Legends\RADS\projects\lol_game_client\releases\0.0.0.173\deploy\League of Legends.exe
2013-08-27 12:30:43 DC580A2795D3E39E006A3D708291822F 264272 ----a-w- C:\Riot Games\League of Legends\RADS\projects\lol_game_client\releases\0.0.0.173\deploy\BsSndRpt.exe
2013-08-27 12:30:07 5B93A9C1BB894EFA4D6429EEADA5007C 74752 ----a-w- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.38\deploy\LolClient.exe
2013-08-27 12:27:59 9FF9636041491F41439D766F846F53C0 59392 ----a-w- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.38\deploy\Adobe AIR\Versions\1.0\Resources\CaptiveAppEntry.exe
2013-08-27 12:06:29 0527F857191589BB616DD1209CA0C96D 139264 ----a-w- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.177\deploy\Riot_SafetyCheck.exe
2013-08-27 12:06:28 6F1BCEEE10680B4FC12808AF497D867A 2686976 ----a-w- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.177\deploy\LoLLauncher.exe
2013-08-27 11:56:13 C22AEED3FFA5E4BD289175531B8C5C3E 3089488 ----a-w- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2013-08-27 11:56:13 4BDCAA2E278F9171EA4357F5DA582B90 277696 ----a-w- C:\Program Files (x86)\Pando Networks\Media Booster\BsSndRpt.exe
2013-08-27 11:56:13 3299CF9F952485991C7968BEBE7018F1 300528 ----a-w- C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCSSync"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RTHDVCPL"
"hkey"="HKLM"
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TkBellExe"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\update\\realsched.exe\" -osboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WebCake Desktop]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WebCake Desktop"
"hkey"="HKCU"
"command"="C:\\Users\\Home\\AppData\\Roaming\\Web Cake\\WebCakeDesktop.exe"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [20.08.2013 22:15]
C:\Windows\tasks\AutoKMS.job --a------ C:\Windows\AutoKMS\AutoKMS.exe [01.11.2012 21:00]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15.03.2013 16:34]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15.03.2013 16:34]
C:\Windows\tasks\{8DF8F1D7-10DB-41A9-B9E0-2058F647D207}.job --ah----- C:\ProgramData\CloudSoft\OptimizerPro\OptimizerPro.exe [07.01.2013 21:53]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default
- hosts - %ProfilePath%\extensions\05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com
- 4shared Desktop Plugin - %ProfilePath%\extensions\4sharedCopyLinks
- Stylish - %ProfilePath%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
- Smartest Bookmarks Bar - %ProfilePath%\extensions\{b442f4c0-c292-4998-aabe-48608a73ba75}
- Stylish - %ProfilePath%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\msmq2oxw.default
0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash
D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit)
0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit)
06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit)
558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
hgojaaaiddhmiiakpejiklijbalpckih - C:\Users\Home\AppData\Roaming\StatusWinks\statuswinks.crx[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29.11.2012 21:35]
nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files (x86)\TornTV.com\torn2_10.crx[]

Google Docs - Home - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Home - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Home - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Home - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Stylish - Home - Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe
RealDownloader - Home - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
\u0414\u043E\u0431\u0440\u0435\u0434\u043E\u0458\u0434\u0435 \u043D\u0430 Facebook - \u043B\u043E\u0433\u0438\u0440\u0430\u0458 \u0441\u0435 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0430\u0458 \u0441\u0435 \u0438\u043B\u0438 \u0434\u043E\u0437\u043D\u0430\u0458 \u043F\u043E\u0432\u0435\u045C\u0435 - Home - Default\Extensions\jpdllnbeebedejhjagflkopmhedmcfpo
Card number - Home - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
hosts - Home - Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa
Gmail - Home - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=2937"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=2937"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=2937"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=2937"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=2937"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=2937"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=2937"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=2937"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"

==== EOF on 31.08.2013 at 17:13:54,62 ======================
POZDRAV,

offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Ponovo pokreni zoek ;


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;


U beli okvir prozora iskopiraj sledeći tekst:

C:\users\Home\AppData\Locallow\wbk79C9.tmp;f
C:\\Users\\Home\\AppData\\Roaming\\Web Cake;fs
C:\ProgramData\CloudSoft\OptimizerPro;fs
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WebCake Desktop];r
C:\Windows\tasks\{8DF8F1D7-10DB-41A9-B9E0-2058F647D207}.job;f
nbmafkdmkkckhggblphicnnhlgljnoje;chr
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main];r
"Start Page"="http://www.google.com";r
"Start Default_Page_URL"="http://www.google.com";r
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main];r
"Start Page"="http://www.google.com";r
"Start Default_Page_URL"="http://www.google.com";r
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl];r
"(Default)"="http://www.google.com";r
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI];r
"(Default)"="http://www.google.com";r
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl];r
"(Default)"="http://www.google.com";r
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI];r
"(Default)"="http://www.google.com";r
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI];r
"(Default)"="http://www.google.com";r
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search];r
"Start Page"="http://www.google.com";r
"Start Default_Page_URL"="http://www.google.com";r
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search];r
"Start Page"="http://www.google.com";r
"Start Default_Page_URL"="http://www.google.com";r
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes];r
"DefaultScope"="http://www.google.com";r
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}];r
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}];r




Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.

offline
  • Pridružio: 02 Okt 2007
  • Poruke: 50

Zoek.exe Version 4.0.0.4 Updated 31-08-2013
Tool run by Home on 31.08.2013 at 18:16:26,72.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Home\Desktop\New folder\New folder\zoek.exe [Script inserted]

==== Older Logs ======================

C:\zoek-results31.08.2013-1713.log 16846 bytes

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WebCake Desktop]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="http://www.google.com"
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}]

==== Deleting Files \ Folders ======================

"C:\\Users\\Home\\AppData\\Roaming\\Web Cake" not found
"C:\users\Home\AppData\Locallow\wbk79C9.tmp" deleted
"C:\Windows\tasks\{8DF8F1D7-10DB-41A9-B9E0-2058F647D207}.job" deleted
"C:\ProgramData\CloudSoft\OptimizerPro\OptimizerPro.exe" deleted
"C:\ProgramData\CloudSoft\OptimizerPro" not deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
hgojaaaiddhmiiakpejiklijbalpckih - C:\Users\Home\AppData\Roaming\StatusWinks\statuswinks.crx[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29.11.2012 21:35]
nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files (x86)\TornTV.com\torn2_10.crx[]

Google Docs - Home - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Home - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Home - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Home - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Stylish - Home - Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe
RealDownloader - Home - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
\u0414\u043E\u0431\u0440\u0435\u0434\u043E\u0458\u0434\u0435 \u043D\u0430 Facebook - \u043B\u043E\u0433\u0438\u0440\u0430\u0458 \u0441\u0435 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0430\u0458 \u0441\u0435 \u0438\u043B\u0438 \u0434\u043E\u0437\u043D\u0430\u0458 \u043F\u043E\u0432\u0435\u045C\u0435 - Home - Default\Extensions\jpdllnbeebedejhjagflkopmhedmcfpo
Card number - Home - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
hosts - Home - Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa
Gmail - Home - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage deleted successfully
C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage-journal deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\ProgramData\CloudSoft\OptimizerPro" not found

==== EOF on 31.08.2013 at 18:19:39,96 ======================

offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Kakvo je sada stanje?

offline
  • Pridružio: 02 Okt 2007
  • Poruke: 50

OPET SE POJAVJUJE

Infection Details
URL: http://kgvzz.exclusive-rewards.ciropract...
Process: C:\Program Files (x86)\Mozilla Firefox\f...
Infection: URL:Mal

Recite mi sta je ova dosadna poruka

Pozdrav

offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Avast prijavljuje da je neki sajt ili link maliciozan kada koristis pretrazivac. Imamo jos ideja da probamo to da resimo:


Ponovo pokreni zoek ;


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;


U beli okvir prozora iskopiraj sledeći tekst:

hosts;ff
hosts;chr
emptyclsid;
emptyalltemp;
autoclean;




Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.




Preuzmi Farbar Recovery Scan Tool i sacuvaj ga na Desktop

Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom.
Tvoj Windows je 64-bitna verzija.


Dvoklikom pokreni FRST;
Kada se alat startuje, klikni Yes na disclaimer.
Klikni na dugme Scan;
Alat ce kreirati izvestaj (FRST.txt) u isti direktorijum gde je i FRST.exe sacuvan.
Iskopiraj sadrzaj tog loga u poruku.
Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvestaj (Addition.txt). Taj izvestaj okaci u poruku koristeci opciju "Prikaci file".

Ko je trenutno na forumu
 

Ukupno su 1074 korisnika na forumu :: 31 registrovanih, 4 sakrivenih i 1039 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 8u47, Ben Roj, Bickoooo, bojcistv, BraneS, dragoljub11987, Georgius, gomago, havoc995, Koja79, Kruger, Kubovac, kybonacci, Matija, mercedesamg, milenko crazy north, MILO-VAN, misa1xx, mrav pesadinac, nebojsag, opt1, Panter, pedjolino76, Primus17, raptorsi, SD izvidjac, Steeeefan, Tila Painen, trajkoni018, W123, zlatkoa987