MyCity » Ambulanta -> Arhiva Ambulante » Provera kompa.

Provera kompa.

Napisano na dan: 19.11.2014

Provera kompa.

Sledeća strana

Pagination

Odgovori

ivanbeljinac Poslao: 19 Nov 2014 22:47 Idi na vrh
offline ivanbeljinac Novi MyCity građanin Pridružio: 19 Nov 2014 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 19 Nov 2014 22:44 Poz...Kocio mi je kompjuter ... imao sam antivirus avast koji je nasao 1 malware ... obrisao sam ga ... zatim sam obrisao avast posto mi je usporavao komp. skinuo sam adwcleaner obrisao sta je naslo , zatim skinuo malwarebytes skenirao naslo 12 malware-a i 1010 adware-a. Instalirao sam unchecky i adblock ...Sad je stanje mnogo bolje ...(obrisao sam google chrome instalirao o5) samo imam jedan problem ...kliknem u google chrome "show bookmarks bar" i svaki put kad zatvorim google i o5 ga otvorim nestanu mi bookmarks-ovi (fb , yt , google itd.) 11neco11 mi je drug sa cs-a i rekao mi da se javim ovde. AV nisam instalirao ... kad zavrsimo sa proverom instaliracu. Dopuna: 19 Nov 2014 22:47 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-11-2014 Ran by ABC (administrator) on ABC-PC on 19-11-2014 22:44:06 Running from C:\Users\ABC\Downloads Loaded Profile: ABC (Available profiles: ABC & GVBH & Guest) Platform: Windows 7 Ultimate (X64) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-09-13] (Realtek Semiconductor) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [InCD] => C:\Program Files (x86)\Ahead\InCD\InCD.exe [1400944 2004-06-04] (Ahead Software AG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKU\S-1-5-21-2734324262-2305933730-3698300640-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30526056 2014-11-06] (Skype Technologies S.A.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [S-1-5-21-2734324262-2305933730-3698300640-1000] => Internet Explorer proxy is enabled. HKU\S-1-5-21-2734324262-2305933730-3698300640-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = search.us.com/?guid={7AEBAC17-DDF9-49AB-9ADD-AB0562816522} HKU\S-1-5-21-2734324262-2305933730-3698300640-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = search.us.com/?guid={7AEBAC17-DDF9-49AB-9ADD-AB0562816522} StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKU\S-1-5-21-2734324262-2305933730-3698300640-1000 -> 77B550B5E80E4EABBA6ECF3178D54651 URL = search.us.com/serp?guid={9665EDA4-A73F-46FF-8A99-1EA2E23EC31B}&k={searchTerms} SearchScopes: HKU\S-1-5-21-2734324262-2305933730-3698300640-1000 -> {82802DC1-9F04-4228-B18F-85494A3B231D} URL = search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10513 SearchScopes: HKU\S-1-5-21-2734324262-2305933730-3698300640-1000 -> {A4FE0C0C-E1B3-44D4-ADB4-07D1CD49AC39} URL = search.us.com/serp?guid={7AEBAC17-DDF9-49AB-9ADD-AB0562816522}&k={searchTerms} BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx () BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-2734324262-2305933730-3698300640-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5A1E051C-73AB-41AF-92C1-D8F3BFE37DDB}: [NameServer] 195.252.98.76 194.106.178.3 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKU\S-1-5-21-2734324262-2305933730-3698300640-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ABC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKU\S-1-5-21-2734324262-2305933730-3698300640-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ABC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.rs/" CHR Profile: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google презентације) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-19] CHR Extension: (Google документи) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-19] CHR Extension: (Google диск) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-19] CHR Extension: (YouTube) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-19] CHR Extension: (Google претрага) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-19] CHR Extension: (Google табеле) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-19] CHR Extension: (AdBlock) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-19] CHR Extension: (SweetTunes1) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\giolhomkcooifelkdfpejhidfidaahlc [2014-11-19] CHR Extension: (Freemake Video Converter) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2014-11-19] CHR Extension: (Google новчаник) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-19] CHR Extension: (Gmail) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-19] CHR HKLM-x32\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Users\ABC\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx [2013-11-03] CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-11-28] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-28] (Advanced Micro Devices, Inc.) [File not signed] S2 InCDsrv; C:\Program Files (x86)\Ahead\InCD\InCDsrv.exe [1151090 2004-06-04] (Ahead Software AG) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [143416 2012-10-25] (MSI) S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-08-22] (Overwolf Ltd) R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2014-11-19] (RaMMicHaeL) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices) R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2014-01-22] (AVAST Software) S4 InCDfs; C:\Windows\SysWow64\Drivers\InCDfs.sys [91136 2004-06-04] (Ahead Software AG) [File not signed] S1 InCDPass; C:\Windows\SysWOW64\DRIVERS\InCDPass.sys [28544 2004-06-04] (Ahead Software AG) [File not signed] U1 InCDrec; C:\Windows\SysWow64\Drivers\InCDrec.sys [5760 2004-06-04] (Ahead Software AG) [File not signed] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-19] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) S3 MSICDSetup; \??\E:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-19 22:44 - 2014-11-19 22:44 - 00011817 _____ () C:\Users\ABC\Downloads\FRST.txt 2014-11-19 22:30 - 2014-11-19 22:44 - 00000000 ____D () C:\FRST 2014-11-19 22:29 - 2014-11-19 22:30 - 02117120 _____ (Farbar) C:\Users\ABC\Downloads\FRST64.exe 2014-11-19 21:24 - 2014-11-19 21:24 - 00002255 _____ () C:\Users\ABC\Desktop\Cs 1.6 [2013] by PKN.lnk 2014-11-19 18:47 - 2014-11-19 18:47 - 00000000 ____D () C:\Program Files (x86)\Pucajte Kod Nas 2014-11-19 18:10 - 2014-11-19 18:47 - 160480747 _____ (Pucajte Kod Nas ) C:\Users\ABC\Downloads\Cs 1.6 [2013] by PKN.exe 2014-11-19 06:35 - 2014-11-19 06:35 - 00000000 ____D () C:\Users\ABC\Desktop\milica 2014-11-19 01:56 - 2014-11-19 01:56 - 00000000 ____D () C:\Windows\Sun 2014-11-19 01:53 - 2014-11-19 01:53 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-11-19 01:53 - 2014-11-19 01:53 - 00000000 ____D () C:\ProgramData\Sun 2014-11-19 01:53 - 2014-11-19 01:53 - 00000000 ____D () C:\ProgramData\Oracle 2014-11-19 01:53 - 2014-11-19 01:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-19 01:53 - 2014-11-19 01:53 - 00000000 ____D () C:\Program Files (x86)\Java 2014-11-19 01:50 - 2014-11-19 01:50 - 00000947 _____ () C:\Users\ABC\Desktop\Muzika - Shortcut.lnk 2014-11-19 01:47 - 2014-11-19 01:47 - 00001023 _____ () C:\Users\Public\Desktop\Unchecky.lnk 2014-11-19 01:47 - 2014-11-19 01:47 - 00000000 ____D () C:\Users\ABC\AppData\Local\Unity 2014-11-19 01:47 - 2014-11-19 01:47 - 00000000 ____D () C:\ProgramData\Unchecky 2014-11-19 01:47 - 2014-11-19 01:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky 2014-11-19 01:47 - 2014-11-19 01:47 - 00000000 ____D () C:\Program Files (x86)\Unchecky 2014-11-19 01:43 - 2014-11-19 22:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-19 01:43 - 2014-11-19 01:43 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-19 01:43 - 2014-11-19 01:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-19 01:43 - 2014-11-19 01:43 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-11-19 01:43 - 2014-11-19 01:43 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-11-19 01:43 - 2014-11-19 01:43 - 00000000 ____D () C:\Windows\system32\Macromed 2014-11-19 01:38 - 2014-11-19 01:44 - 00000000 ____D () C:\Users\ABC\AppData\Local\Adobe 2014-11-19 01:24 - 2014-11-19 01:24 - 00002261 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-11-19 01:24 - 2014-11-19 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-11-19 01:17 - 2014-11-19 22:22 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-19 01:17 - 2014-11-19 06:24 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-19 01:17 - 2014-11-19 01:17 - 00003922 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-19 01:17 - 2014-11-19 01:17 - 00003670 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-19 01:16 - 2014-11-19 01:17 - 00000000 ____D () C:\Users\ABC\AppData\Local\Deployment 2014-11-19 01:16 - 2014-11-19 01:16 - 00000000 ____D () C:\Users\ABC\AppData\Local\Apps\2.0 2014-11-19 00:10 - 2014-11-19 21:49 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-19 00:10 - 2014-11-19 00:10 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-11-19 00:10 - 2014-11-19 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-11-19 00:10 - 2014-11-19 00:10 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-19 00:10 - 2014-11-19 00:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-11-19 00:10 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-19 00:10 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-19 00:10 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-11-18 23:22 - 2014-11-18 23:22 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-11-18 22:49 - 2014-11-18 22:49 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-11-18 22:49 - 2014-11-18 22:49 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-11-18 22:49 - 2014-11-18 22:49 - 00000000 ____D () C:\Users\ABC\AppData\Roaming\TeamViewer 2014-11-18 22:48 - 2014-11-18 22:48 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2014-11-18 18:02 - 2014-11-18 18:02 - 00000000 ____D () C:\Users\ABC\AppData\Local\Skype 2014-11-18 18:01 - 2014-11-18 18:01 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-11-18 18:01 - 2014-11-18 18:01 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-11-18 18:01 - 2014-11-18 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-11-18 15:43 - 2014-11-19 06:19 - 00065536 _____ () C:\Windows\system32\Ikeext.etl ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-19 22:44 - 2013-09-14 14:24 - 00000000 ____D () C:\Users\ABC\AppData\Roaming\Skype 2014-11-19 22:19 - 2013-12-31 15:15 - 00004278 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8061F7B1-F4AC-44A9-A3ED-73BF88B76812} 2014-11-19 22:13 - 2013-11-07 18:52 - 00000000 ____D () C:\Program Files (x86)\Hard Disk Sentinel 2014-11-19 22:12 - 2013-09-14 14:21 - 00000000 ____D () C:\Users\ABC\AppData\Roaming\Winamp 2014-11-19 21:11 - 2013-09-27 14:06 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2734324262-2305933730-3698300640-1000UA.job 2014-11-19 15:27 - 2013-09-14 21:03 - 01706973 ____N () C:\Windows\WindowsUpdate.log 2014-11-19 15:11 - 2013-09-27 14:06 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2734324262-2305933730-3698300640-1000Core.job 2014-11-19 06:26 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-19 06:26 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-19 06:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-19 01:24 - 2013-09-14 13:15 - 00000000 ____D () C:\Users\ABC\AppData\Local\Google 2014-11-19 01:24 - 2013-09-14 13:15 - 00000000 ____D () C:\Program Files (x86)\Google 2014-11-19 01:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2014-11-19 00:53 - 2013-09-14 14:08 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-11-19 00:29 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\addins 2014-11-18 23:46 - 2013-09-14 14:10 - 00000000 _____ () C:\Windows\SysWOW64\config.nt 2014-11-18 23:45 - 2013-09-14 12:08 - 00000000 ____D () C:\Users\ABC 2014-11-18 23:44 - 2014-01-11 07:11 - 00000000 ____D () C:\Users\GVBH 2014-11-18 23:44 - 2014-01-10 13:04 - 00000000 ____D () C:\Users\Guest 2014-11-18 23:44 - 2013-09-14 13:17 - 00000000 ___HD () C:\SuperChargerProfile 2014-11-18 23:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-11-18 23:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2014-11-18 23:26 - 2013-09-14 13:16 - 00000000 ____D () C:\Program Files\Google 2014-11-18 23:22 - 2013-10-02 19:15 - 00000000 ____D () C:\Program Files (x86)\OLYMPUS 2014-11-18 23:12 - 2009-07-14 05:45 - 00275432 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-18 23:06 - 2013-09-27 12:39 - 00000000 ____D () C:\Users\ABC\Documents\Replace 2014-11-18 22:53 - 2013-09-14 13:32 - 00057560 _____ () C:\Users\ABC\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-18 20:47 - 2013-11-09 18:10 - 00000000 ____D () C:\Users\ABC\AppData\Roaming\vlc 2014-11-18 18:01 - 2013-09-14 14:24 - 00000000 ____D () C:\ProgramData\Skype 2014-11-18 17:38 - 2014-02-23 21:56 - 00000000 ____D () C:\Windows\Minidump 2014-11-18 17:25 - 2013-11-29 18:11 - 00000049 _____ () C:\Windows\NeroDigital.ini ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-19 02:28 ==================== End Of Log ============================

Profil

Sass Drake Poslao: 19 Nov 2014 22:49 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav. Nisi postavio Addition.txt. Trebalo bi da se nalazi u folderu odakle si pokrenuo FRST64.exe. Takođe, prebaci FRST64.exe na Desktop.

Profil

ivanbeljinac Poslao: 19 Nov 2014 22:51 Idi na vrh
offline ivanbeljinac Novi MyCity građanin Pridružio: 19 Nov 2014 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png pokrenuo sam frst iz folder-a downloads. (tek sam sad vidio) ako treba o5 ponovicu izvestaj.

Profil

Sass Drake Poslao: 19 Nov 2014 22:55 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. `CHR Extension: (SweetTunes1) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\giolhomkcooifelkdfpejhidfidaahlc [2014-11-19] CHR HKLM-x32\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Users\ABC\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx [2013-11-03] C:\Users\ABC\AppData\Local\CRE EmptyTemp:` U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum Korak 2 Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: `startupall; skipfix-iedefaults; firefoxlook; chromelook; filesrcm;` Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku.

Profil

ivanbeljinac Poslao: 19 Nov 2014 23:13 Idi na vrh
offline ivanbeljinac Novi MyCity građanin Pridružio: 19 Nov 2014 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 19 Nov 2014 23:04 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-11-2014 Ran by ABC at 2014-11-19 22:56:56 Run:1 Running from C:\Users\ABC\Desktop Loaded Profile: ABC (Available profiles: ABC & GVBH & Guest) Boot Mode: Normal ============================================== Content of fixlist: *************** CHR Extension: (SweetTunes1) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\giolhomkcooifelkdfpejhidfidaahlc [2014-11-19] CHR HKLM-x32\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Users\ABC\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx [2013-11-03] C:\Users\ABC\AppData\Local\CRE EmptyTemp: *************** C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\giolhomkcooifelkdfpejhidfidaahlc => Moved successfully. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\giolhomkcooifelkdfpejhidfidaahlc" => Key deleted successfully. C:\Users\ABC\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx => Moved successfully. C:\Users\ABC\AppData\Local\CRE => Moved successfully. EmptyTemp: => Removed 33.7 MB temporary data. The system needed a reboot. ==== End of Fixlog ==== Dopuna: 19 Nov 2014 23:13 Zoek.exe v5.0.0.0 Updated 19-November-2014 Tool run by ABC on Wed 11/19/2014 at 23:05:10.65. Microsoft Windows 7 Ultimate 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\ABC\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 11/19/2014 11:06:44 PM Zoek.exe System Restore Point Created Succesfully. ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\ABC\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-11-19 00:53:40 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-11-19 00:43:52 C6051DEE4D1BE1054175DA6447951AEC 71344 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-19 00:43:52 2766DFF68860021F9071C955304D2B9C 701104 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-11-18 14:43:39 4AD247493B40147D57E6C5DAAC8DDBA4 65536 ------w- C:\Windows\Sysnative\Ikeext.etl ====== C:\Windows\Sysnative\drivers ===== 2014-11-18 23:10:52 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-11-18 23:10:34 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-11-18 23:10:34 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2014-11-18 23:10:34 5C3669B71657F22E67A1D4BD49D2CBE7 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys ====== C:\Windows\Tasks ====== 2014-11-19 00:43:54 BEC5E4D7AA21939E11DDC2336D2149A4 3768 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater 2014-11-19 00:43:54 6754AAB75B11301E76834A35ACA517EC 830 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-19 00:17:11 4677365130677CDDD9D9ACB399D7E0FB 926 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-19 00:17:11 0FE6CFAD419E20A992A2F0CD187A54D9 3922 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2014-11-19 00:17:10 51A99FF0F12FBBCD02AB8D3F5732153D 922 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-19 00:17:10 3CFE88AE2B18E527095DC030D8CD8AD7 3670 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-11-19 17:47:31 -------- d-----w- C:\PROGRA~2\Pucajte Kod Nas 2014-11-19 00:53:47 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-11-19 00:53:16 -------- d-----w- C:\PROGRA~2\Java 2014-11-19 00:47:00 -------- d-----w- C:\PROGRA~2\Unchecky 2014-11-18 21:48:57 -------- d-----w- C:\PROGRA~2\TeamViewer 2014-11-18 17:01:54 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-11-18 17:01:54 -------- d-----r- C:\PROGRA~2\Skype ======= C: ===== 2014-11-18 21:33:28 6B751B0C8E99F6F75CF7EFC2D28CA6D1 2947569 ----a-w- C:\maki.JPG ====== C:\Users\ABC\AppData\Roaming ====== 2014-11-19 00:47:26 -------- d-----w- C:\Users\ABC\AppData\Locallow\Sun 2014-11-19 00:47:17 -------- d-----w- C:\Users\ABC\AppData\Local\Unity 2014-11-19 00:47:16 -------- d-----w- C:\Users\ABC\AppData\Locallow\Unity 2014-11-19 00:38:46 -------- d-----w- C:\Users\ABC\AppData\Local\Adobe 2014-11-19 00:16:43 -------- d-----w- C:\Users\ABC\AppData\Local\Deployment 2014-11-19 00:16:43 -------- d-----w- C:\Users\ABC\AppData\Local\Apps 2014-11-18 21:49:16 -------- d-----w- C:\Users\ABC\AppData\Roaming\TeamViewer 2014-11-18 17:02:02 -------- d-----w- C:\Users\ABC\AppData\Local\Skype 2014-11-18 16:41:59 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\buenosearch LTD 2014-11-18 15:28:04 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2014-11-18 15:13:53 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking ====== C:\Users\ABC ====== 2014-11-19 21:29:55 CF752598523E8DFA816240B31AF511BD 2117120 ----a-w- C:\Users\ABC\Desktop\FRST64.exe 2014-11-19 17:10:08 C4FC71BD70A4B473EBD63AEA0C21F3B2 160480747 ----a-w- C:\Users\ABC\Downloads\Cs 1.6 [2013] by PKN.exe 2014-11-19 00:53:48 -------- d-----w- C:\ProgramData\Sun 2014-11-19 00:53:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-19 00:53:17 -------- d-----w- C:\ProgramData\Oracle 2014-11-19 00:47:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky 2014-11-19 00:47:00 -------- d-----w- C:\ProgramData\Unchecky 2014-11-19 00:24:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-11-18 17:01:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ====== C: exe-files == 2014-11-19 21:29:55 CF752598523E8DFA816240B31AF511BD 2117120 ----a-w- C:\Users\ABC\Desktop\FRST64.exe 2014-11-19 17:10:08 C4FC71BD70A4B473EBD63AEA0C21F3B2 160480747 ----a-w- C:\Users\ABC\Downloads\Cs 1.6 [2013] by PKN.exe 2014-11-19 00:53:34 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2014-11-19 00:53:34 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2014-11-19 00:53:34 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2014-11-19 00:53:29 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe 2014-11-19 00:53:29 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe 2014-11-19 00:53:29 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe 2014-11-19 00:53:29 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe 2014-11-19 00:53:29 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe 2014-11-19 00:53:29 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe 2014-11-19 00:53:29 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe 2014-11-19 00:53:29 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe 2014-11-19 00:53:29 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe 2014-11-19 00:53:29 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe 2014-11-19 00:53:29 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe 2014-11-19 00:53:29 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe 2014-11-19 00:53:29 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe 2014-11-19 00:53:29 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe 2014-11-19 00:53:29 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe 2014-11-19 00:53:29 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe 2014-11-19 00:53:29 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe 2014-11-19 00:53:29 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe 2014-11-19 00:53:29 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe 2014-11-19 00:53:29 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe 2014-11-19 00:53:29 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe 2014-11-19 00:47:17 2C9B939C37D3F5D997F96300B6BD5FFF 644529 ----a-w- C:\Users\ABC\AppData\Local\Unity\WebPlayer\Uninstall.exe 2014-11-19 00:47:00 E634A90169A0F1208D9833730076B8ED 1564776 ----a-w- C:\Program Files (x86)\Unchecky\Unchecky.exe 2014-11-19 00:47:00 CFF6E2AFF3C5983145718FC1A2B1250F 111208 ----a-w- C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe 2014-11-19 00:47:00 C84FBDB7AF93E27DF724936903928CB6 399464 ----a-w- C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe 2014-11-19 00:47:00 8000C72CB0084951881A092DE2EC9D63 220264 ----a-w- C:\Program Files (x86)\Unchecky\uninstall.exe 2014-11-19 00:43:52 2766DFF68860021F9071C955304D2B9C 701104 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-19 00:38:56 23C8F9C2CB81732A3207D197B9E9A4D4 1087296 ----a-w- C:\FRST\Quarantine\C\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\giolhomkcooifelkdfpejhidfidaahlc\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe 2014-11-19 00:24:41 3DAC5E8BD3E071B13B7A2D2DBEDFEF68 40759888 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\39.0.2171.65\39.0.2171.65_chrome_installer.exe 2014-11-19 00:17:08 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2014-11-19 00:17:08 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe 2014-11-19 00:17:08 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe 2014-11-19 00:17:08 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe 2014-11-19 00:17:08 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe 2014-11-19 00:17:08 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe 2014-11-19 00:17:08 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe 2014-11-19 00:17:08 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe 2014-11-19 00:17:07 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\ABC\AppData\Local\Apps\2.0\7A6A72ZN.AO4\BNWZ75GC.0Z3\google.app_4fe91ede9f9bdca3_0001.0003_c700aaacaa4bbbd5\GoogleUpdateSetup.exe 2014-11-19 00:17:07 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\ABC\AppData\Local\Apps\2.0\7A6A72ZN.AO4\BNWZ75GC.0Z3\clic...exe_4fe91ede9f9bdca3_0001.0003_none_b1328e123920ace1\GoogleUpdateSetup.exe 2014-11-19 00:17:07 0C03930EAEB2C336A067451192677F28 10120 ------w- C:\Users\ABC\AppData\Local\Apps\2.0\7A6A72ZN.AO4\BNWZ75GC.0Z3\google.app_4fe91ede9f9bdca3_0001.0003_c700aaacaa4bbbd5\clickonce_bootstrap.exe 2014-11-18 21:48:58 DE8E8FA274122C38CE0A7ED291177759 4812048 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe 2014-11-18 21:48:58 8C8E7948B3940BC2987D06D633DF4AEA 264464 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe 2014-11-18 21:48:58 83DE0CC30F2E7F7108F550AEBDDCE4C7 229648 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe 2014-11-18 21:48:58 4ACFC5853A3F0C6C2F54E537C23EE90F 4799760 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe 2014-11-18 21:48:58 1EBAB1E21BD70604DC18F6102584FACF 465440 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\uninstall.exe 2014-11-18 21:48:57 12220BA871C6D7BAE08FFDD137BAB697 13559056 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe === C: other files == 2014-11-19 00:53:29 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip 2014-11-18 23:10:52 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-11-18 23:10:34 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-11-18 23:10:34 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-11-18 23:10:34 5C3669B71657F22E67A1D4BD49D2CBE7 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2734324262-2305933730-3698300640-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "InCD"="C:\Program Files (x86)\Ahead\InCD\InCD.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroFilterCheck" "hkey"="HKLM" "command"="C:\\Windows\\system32\\NeroCheck.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/19/2014 01:43 AM] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2734324262-2305933730-3698300640-1000Core.job --a------ C:\Users\ABC\AppData\Local\Facebook\Update\FacebookUpdate.exe [09/27/2013 02:06 PM] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2734324262-2305933730-3698300640-1000UA.job --a------ C:\Users\ABC\AppData\Local\Facebook\Update\FacebookUpdate.exe [09/27/2013 02:06 PM] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:^6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/19/2014 01:17 AM] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2734324262-2305933730-3698300640-1000Core" [C:\Users\ABC\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2734324262-2305933730-3698300640-1000UA" [C:\Users\ABC\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{8061F7B1-F4AC-44A9-A3ED-73BF88B76812}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{83527465-8F23-4DED-A9DB-530646E1E696}" [C:\games\CS1.6v44\Counter-Strike.exe] "C:\Windows\SysNative\tasks\{FA4EF3EB-9475-409B-BEF1-0059F2953D31}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jbolfgndggfhhpbnkgnpjkfhinclbigj - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[11/08/2013 09:50 AM] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions giolhomkcooifelkdfpejhidfidaahlc - C:\Users\ABC\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx[] Google Slides - ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap AdBlock - ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Freemake Video Converter - ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj Google Wallet - ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Freemake Video Converter - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj Skype for Chromium - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Gmail - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Docs - GVBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - GVBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - GVBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - GVBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Freemake Video Converter - GVBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj Skype for Chromium - GVBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Gmail - GVBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", "startup_urls": [ "http://www.google.com" ], C:\Users\GVBH\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", "startup_urls": [ "http://www.google.com" ], ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Default_Page_URL"="http://search.us.com/?guid={7AEBAC17-DDF9-49AB-9ADD-AB0562816522}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {4F0600B3-4FAF-45F0-A245-6E96FB0C5744} Bing Url="http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MSIM_enRS556" {82802DC1-9F04-4228-B18F-85494A3B231D} Yahoo Url="http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10513" {A4FE0C0C-E1B3-44D4-ADB4-07D1CD49AC39} Search.us.com Url="http://search.us.com/serp?guid={7AEBAC17-DDF9-49AB-9ADD-AB0562816522}&k={searchTerms}" ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on Wed 11/19/2014 at 23:09:32.71 ======================

Profil

Sass Drake Poslao: 19 Nov 2014 23:19 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: `C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\buenosearch LTD;fs emptyclsid; autoclean;` Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku.

Profil

ivanbeljinac Poslao: 19 Nov 2014 23:43 Idi na vrh
offline ivanbeljinac Novi MyCity građanin Pridružio: 19 Nov 2014 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe v5.0.0.0 Updated 19-November-2014 Tool run by ABC on Wed 11/19/2014 at 23:22:53.61. Microsoft Windows 7 Ultimate 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\ABC\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-11-19-220932.log 21023 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2734324262-2305933730-3698300640-1000\Software\Microsoft\Internet Explorer\SearchScopes\{82802DC1-9F04-4228-B18F-85494A3B231D} deleted successfully HKEY_USERS\S-1-5-21-2734324262-2305933730-3698300640-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A4FE0C0C-E1B3-44D4-ADB4-07D1CD49AC39} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-2734324262-2305933730-3698300640-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-2734324262-2305933730-3698300640-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-2734324262-2305933730-3698300640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\buenosearch LTD deleted C:\PROGRA~3\Overwolf deleted C:\Users\ABC\AppData\Roaming\SmileysWeLove deleted C:\PROGRA~3\InstallMate deleted C:\Users\ABC\Documents\Add-in Express deleted ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jbolfgndggfhhpbnkgnpjkfhinclbigj - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[11/08/2013 09:50 AM] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions giolhomkcooifelkdfpejhidfidaahlc - C:\Users\ABC\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx[] AdBlock - ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Freemake Video Converter - ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Freemake Video Converter - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj Skype for Chromium - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Docs - GVBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Freemake Video Converter - GVBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj Skype for Chromium - GVBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Chromium Startpages ====================== C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", "startup_urls": [ "http://www.google.com" ], C:\Users\GVBH\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", "startup_urls": [ "http://www.google.com" ], ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Default_Page_URL"="http://search.us.com/?guid={7AEBAC17-DDF9-49AB-9ADD-AB0562816522}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {4F0600B3-4FAF-45F0-A245-6E96FB0C5744} Bing Url="http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MSIM_enRS556" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C31F7F52-C9ED-F634-36C5-AE9154D7D5DF} deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\giolhomkcooifelkdfpejhidfidaahlc deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\GVBH\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=26 folders=13 109560601 bytes) ==== Empty Temp Folders ====================== C:\Users\ABC\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Guest\AppData\Local\Temp emptied successfully C:\Users\GVBH\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ABC\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on Wed 11/19/2014 at 23:38:00.43 ======================

Profil

Sass Drake Poslao: 20 Nov 2014 01:10 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu. Obavićemo još i ARK provjeru. Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

ivanbeljinac Poslao: 24 Nov 2014 22:13 Idi na vrh
offline ivanbeljinac Novi MyCity građanin Pridružio: 19 Nov 2014 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 20 Nov 2014 22:16 Crkao mi je taj hard disk. Ubacio sam novi. Hvala na pomoci Dopuna: 24 Nov 2014 22:12 Proradio hard.... idemo dalje. Malwarebytes Anti-Rootkit BETA 1.08.2.1001 malwarebytes.org Database version: v2014.11.24.08 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 ABC :: ABC-PC [administrator] 11/24/2014 9:55:15 PM mbar-log-2014-11-24 (21-55-15).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 383721 Time elapsed: 9 minute(s), 9 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) Dopuna: 24 Nov 2014 22:13 mycity.rs/must-login.png

Profil

Sass Drake Poslao: 24 Nov 2014 23:33 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To bi bilo to. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provera kompa.

Ko je trenutno na forumu

Ukupno su 854 korisnika na forumu :: 10 registrovanih, 0 sakrivenih i 844 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: branko7, djordje92sm, Hans Gajger, Kriglord, kybonacci, milenko crazy north, milos.cbr, novator, VJ, Vlad000

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by