Racunar se zamrzne

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Prilikom koriscenja pretrazivaca Mozila firefox,,i to dok igram Stormfall,,vec dva puta u roku od 2 dana racunar se ukoci.Koad sam otisao na restart,nije hteo da restartuje,,zatim sam ga ugasio na glavnom dugmetu i pokusao da ga upalim,,samo se pojavio crni ekran,,nije startovao vindovs,,onda sam ga opet ugasio i iskljucio iz struje,,sacekao malo i ponovo upalio,,pojavilo se kao kad trazi odakle da pokrene windovs,,,tada sam opet pretisnuo restart,posle nekog vremena,,, i delete,,pa izabrao opciju da butuje preko hard diska i pritisnuo f 10,,,tada se racunar pokrenuo normalno.To se sve deilo 2 puta,,,Probao sam sa Nod 32 i ne pokazuje nista.Od intermneta koristim Vip fleshku koja ima protok ,kako pise 5 mega/bita...................................DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by emamarko at 14:11:41 on 2013-08-12
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.3327.1720 [GMT 2:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Vip Komandni Centar\VipKomandniCentar.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
uSearch Bar = Preserve
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
mRun: [AMD AVT] cmd.exe /c start "amd accelerated video transcoding device initialization" /min "c:\program files\amd avt\bin\kdbsync.exe" aml
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [Link mogu videti samo ulogovani korisnici]
TCP: Interfaces\{18E46C8B-BE6E-4B2B-AC77-F8591830353E} : NameServer = 10.85.64.173 10.85.64.174
Handler: skype-ie-addon-data - <Clsid value has no data>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 validation.sls.microsoft.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\emamarko\appdata\roaming\mozilla\firefox\profiles\v9irwhhl.default\
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici]
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\users\emamarko\appdata\local\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers
FF - user.js: extentions.y2layers.installId - 02ee0082-6961-4b48-a89a-7d45386aea43
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 211560]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2005-3-16 13696]
R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2013-2-14 171680]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\iobit\advanced systemcare 6\ASCService.exe [2013-5-28 464256]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 217088]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-11-16 291840]
R2 AODDriver4.1;AODDriver4.1;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-3-5 45184]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2013-3-21 1341664]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2013-1-10 105760]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2013-1-12 37944]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-2 139776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-2-23 86544]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2013-3-18 9216]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2013-2-14 17672]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-6-18 107392]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-6-20 295376]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-1-16 14848]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2013-1-16 24064]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-1-16 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-1-16 27136]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2013-1-16 1343400]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="c:\program files\windows nt\accessories\WORDPAD.EXE" "%1" [UserChoice]
ShellExec: Opera.exe: open="c:\program files\opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2013-08-12 07:58:20 7143960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{8ba8c071-a797-4fc8-a548-043a6f0b259b}\mpengine.dll
2013-08-10 13:10:18 698504 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{aa8d24d7-2237-4a9d-98ed-09a9b699e01d}\gapaengine.dll
2013-08-10 13:10:12 7143960 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-08-10 13:06:50 -------- d-----w- c:\program files\Microsoft Security Client
2013-08-10 08:19:28 -------- d-----w- c:\program files\ESET
2013-08-04 03:31:06 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2013-08-04 03:31:06 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
2013-08-04 03:31:06 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2013-08-04 03:31:06 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
2013-07-31 23:20:36 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-07-29 18:29:49 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 09:00:29 -------- d-----w- c:\windows\system32\MRT
2013-07-24 19:36:56 -------- d-----w- c:\users\emamarko\appdata\roaming\Opera Software
2013-07-24 19:36:56 -------- d-----w- c:\users\emamarko\appdata\local\Opera Software
2013-07-24 11:20:14 -------- d-----w- c:\users\emamarko\appdata\local\Pokki
2013-07-23 19:28:15 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-23 19:28:15 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-23 19:28:06 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M ====================
.
2013-08-10 17:35:38 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-10 17:35:38 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-18 19:50:08 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 19:50:08 107392 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-11 23:43:37 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- c:\windows\system32\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-06-09 19:10:18 98304 ------w- c:\users\emamarko\appdata\roaming\BCWorker.exe
2013-06-07 02:37:52 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-05 03:05:09 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 04:53:07 509440 ----a-w- c:\windows\system32\qedit.dll
.
============= FINISH: 14:12:01,16 ===============
.
[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav,

Imas problem sa dva Antivirus programa na sistemu. Deinstaliraj jedan od njih koji zelis i postavi mi nov DDS log.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 12.1.2013 16:22:07
System Uptime: 12.8.2013 17:27:35 (0 hours ago)
.
Motherboard: BIOSTAR Group | | A760G M2+
Processor: AMD Athlon(tm) II X2 240 Processor | CPU 1 | 2800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 78 GiB total, 37,418 GiB free.
D: is FIXED (NTFS) - 220 GiB total, 82,594 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e969-e325-11ce-bfc1-08002be10318}
Description: Standard floppy disk controller
Device ID: ACPI\PNP0700\4&E6148F9&0
Manufacturer: (Standard floppy disk controllers)
Name: Standard floppy disk controller
PNP Device ID: ACPI\PNP0700\4&E6148F9&0
Service: fdc
.
==== System Restore Points ===================
.
RP487: 11.8.2013 19:00:06 - Windows Backup
RP489: 12.8.2013 17:16:10 - Before uninstalling ESET NOD32 Antivirus
RP490: 12.8.2013 17:16:45 - Uklonjeno ESET NOD32 Antivirus
.
==== Installed Programs ======================
.
7-Zip 9.20
ACDSee Pro 3
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Advanced SystemCare 6
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD VISION Engine Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
ESET Online Scanner v3
GOM Player
Google Chrome
Handset USB Driver
Java 7 Update 25
Java Auto Updater
Junk Mail filter update
Metro: Last Light (c) Deep Silver version 1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Movie Maker
Mozilla Firefox 22.0 (x86 en-US)
Nexus Mod Manager
NVIDIA PhysX
Opera Stable 15.0.1147.153
PerfectDisk 11 Professional
Photo Common
Photo Gallery
PowerISO
Realtek High Definition Audio Driver
The KMPlayer (remove only)
Unlocker 1.9.1
Vip Komandni Centar
Vuze
Winamp
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live MIME IFilter
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR 4.20 beta 2 (32-bit)
Your Uninstaller! 2010
ZTE Handset USB Driver
.
==== Event Viewer Messages From Past Week ========
.
5.8.2013 20:54:47, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 3 time(s).
12.8.2013 17:28:18, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
12.8.2013 17:28:18, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473536.
12.8.2013 17:27:44, Error: volmgr [46] - Crash dump initialization failed!
11.8.2013 5:19:15, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
11.8.2013 5:11:03, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.155.1970.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: [Link mogu videti samo ulogovani korisnici] Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9700.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10.8.2013 21:56:07, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
10.8.2013 21:56:07, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10.8.2013 21:55:52, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
10.8.2013 15:29:00, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: [Link mogu videti samo ulogovani korisnici] Name: VirTool:Win32/Obfuscator.XZ ID: 2147625929 Severity: Severe Category: Tool Path: file:_C:\Program Files\Metro Last Light\steam_api.dll Detection Origin: Local machine Detection Type: Heuristics Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070021 Error description: The process cannot access the file because another process has locked a portion of the file. Signature Version: AV: 1.155.1970.0, AS: 1.155.1970.0, NIS: 106.0.0.0 Engine Version: AM: 1.1.9700.0, NIS: 2.1.9700.0
10.8.2013 15:07:37, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft Security Essentials - KB2805304.
10.8.2013 14:21:37, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
.
==== End Of File ===========================

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

DDS.txt fajl mi treba, ne attach.txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by emamarko at 18:41:47 on 2013-08-12
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.3327.2064 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Vip Komandni Centar\VipKomandniCentar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
uSearch Bar = Preserve
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
mRun: [AMD AVT] cmd.exe /c start "amd accelerated video transcoding device initialization" /min "c:\program files\amd avt\bin\kdbsync.exe" aml
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [Link mogu videti samo ulogovani korisnici]
TCP: Interfaces\{18E46C8B-BE6E-4B2B-AC77-F8591830353E} : NameServer = 10.85.64.173 10.85.64.174
Handler: skype-ie-addon-data - <Clsid value has no data>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 validation.sls.microsoft.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\emamarko\appdata\roaming\mozilla\firefox\profiles\v9irwhhl.default\
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici]
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\users\emamarko\appdata\local\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers
FF - user.js: extentions.y2layers.installId - 02ee0082-6961-4b48-a89a-7d45386aea43
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 211560]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2005-3-16 13696]
R1 MpKslb5ffe0ff;MpKslb5ffe0ff;c:\programdata\microsoft\microsoft antimalware\definition updates\{746a4c20-a406-4eae-8807-cecfde6af0cd}\MpKslb5ffe0ff.sys [2013-8-12 29904]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\iobit\advanced systemcare 6\ASCService.exe [2013-5-28 464256]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 217088]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-11-16 291840]
R2 AODDriver4.1;AODDriver4.1;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-3-5 45184]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-6-18 107392]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2013-1-12 37944]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-6-20 295376]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-2 139776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-2-23 86544]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2013-3-18 9216]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2013-2-14 17672]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-1-16 14848]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2013-1-16 24064]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-1-16 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-1-16 27136]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2013-1-16 1343400]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="c:\program files\windows nt\accessories\WORDPAD.EXE" "%1" [UserChoice]
ShellExec: Opera.exe: open="c:\program files\opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2013-08-12 15:36:01 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{746a4c20-a406-4eae-8807-cecfde6af0cd}\MpKslb5ffe0ff.sys
2013-08-12 12:25:17 7143960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{746a4c20-a406-4eae-8807-cecfde6af0cd}\mpengine.dll
2013-08-10 13:10:18 698504 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{aa8d24d7-2237-4a9d-98ed-09a9b699e01d}\gapaengine.dll
2013-08-10 13:10:12 7143960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-08-10 13:06:50 -------- d-----w- c:\program files\Microsoft Security Client
2013-08-10 08:19:28 -------- d-----w- c:\program files\ESET
2013-08-04 03:31:06 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2013-08-04 03:31:06 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
2013-08-04 03:31:06 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2013-08-04 03:31:06 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
2013-07-31 23:20:36 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-07-29 18:29:49 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 09:00:29 -------- d-----w- c:\windows\system32\MRT
2013-07-24 19:36:56 -------- d-----w- c:\users\emamarko\appdata\roaming\Opera Software
2013-07-24 19:36:56 -------- d-----w- c:\users\emamarko\appdata\local\Opera Software
2013-07-24 11:20:14 -------- d-----w- c:\users\emamarko\appdata\local\Pokki
2013-07-23 19:28:15 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-23 19:28:15 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-23 19:28:06 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M ====================
.
2013-08-10 17:35:38 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-10 17:35:38 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-18 19:50:08 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 19:50:08 107392 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-11 23:43:37 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- c:\windows\system32\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-06-09 19:10:18 98304 ------w- c:\users\emamarko\appdata\roaming\BCWorker.exe
2013-06-07 02:37:52 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-05 03:05:09 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 04:53:07 509440 ----a-w- c:\windows\system32\qedit.dll
.
============= FINISH: 18:41:56,46 ===============

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt





********************





Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:


filesrcm;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadrzaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

[Link mogu videti samo ulogovani korisnici]
Zoek.exe Version 4.0.0.4 Updated 10-August-2013
Tool run by emamarko on pon 12.08.2013 at 19:10:46,11.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode No Internet Access Detected
Launched: D:\Dawnloags\Mozilla\zoek.exe [Script inserted]

==== System Restore Info ======================

12.8.2013 19:11:11 Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-08-10 13:07:20 A91A9E35DA6EB2C0BC75519525235962 2057 ----a-w- C:\Windows\epplauncher.mif
====== C:\Users\emamarko\AppData\Local\Temp ====
====== C:\Windows\system32 =====
2013-08-12 16:58:15 84F230ACA7E1D67981106968A125DEB5 405400 ----a-w- C:\Windows\System32\FNTCACHE.DAT
2013-07-31 23:20:36 1C0E369575F387460E2A5F28269B2CC4 1247744 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-29 18:29:49 56D61BE56DA22334829E14CDE6A8C1FE 1620480 ----a-w- C:\Windows\System32\WMVDECOD.DLL
====== C:\Windows\system32\drivers =====
====== C:\Windows\Tasks ======
2013-08-01 18:22:38 C76D9088F10F3CE91A14CC0F6C8921FB 3900 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-726334547-1794027604-3523308295-1000UA
2013-08-01 18:22:38 411C2C2E42C3F9A4278BACE475CFD343 920 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-726334547-1794027604-3523308295-1000UA.job
2013-08-01 18:22:37 551A228373B2A9921AB01CD1907DB42C 868 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-726334547-1794027604-3523308295-1000Core.job
2013-08-01 18:22:37 53286A9827417CA011891421D16F7A13 3504 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-726334547-1794027604-3523308295-1000Core
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-08-10 13:07:48 -------- d-----w- C:\Program Files\Microsoft Silverlight
2013-08-10 08:19:28 -------- d-----w- C:\Program Files\ESET
2013-07-24 19:36:54 -------- d-----w- C:\Program Files\Opera
======= C: =====
2013-07-25 18:43:00 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\asc_rdflag
====== C:\Users\emamarko\AppData\Roaming ======
2013-08-12 15:36:43 5F8F0B875F6FC1869992192D8BB5EEF2 107656 ----a-w- C:\users\emamarko\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-01 20:38:42 -------- d-----w- C:\users\emamarko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-07-24 19:36:56 -------- d-----w- C:\users\emamarko\AppData\Roaming\Opera Software
2013-07-24 19:36:56 -------- d-----w- C:\users\emamarko\AppData\Local\Opera Software
2013-07-24 11:20:14 -------- d-----w- C:\users\emamarko\AppData\Local\Pokki
2013-07-24 11:16:21 3C6F5FCE53E9FC693DDD40389D94B0DB 18 ----a-w- C:\users\emamarko\AppData\Roaming\uid.dat
2013-07-23 19:26:32 -------- d-----w- C:\users\emamarko\AppData\Locallow\Sun
====== C:\Users\emamarko ======
2013-08-10 13:08:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2013-07-23 19:28:20 -------- d-----w- C:\ProgramData\Sun

====== C: exe-files ==
2013-08-10 08:19:56 CE0D0B11986FD2C0247AE88A59B36A6E 579904 ----a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2013-08-10 08:19:56 BDB7D97012F9B3102DB72AA76A24942A 546944 ----a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
2013-08-10 08:19:56 7C9EEC809FB9CDA26EFC245C001EA980 2347384 ----a-w- C:\Program Files\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2013-08-10 08:19:56 7ABF8849E76732C357F419B1AF5668F2 546944 ----a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2013-08-10 08:19:56 6D4ED8A5C071F29730A6F0B943FEEA3A 122584 ----a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="cmd.exe /c start amd accelerated video transcoding device initialization /min c:\program files\amd avt\bin\kdbsync.exe aml"
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PnkBstrA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PnkBstrB]


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [10.08.2013 19:35]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-726334547-1794027604-3523308295-1000Core.job --a------ C:\Users\emamarko\AppData\Local\Google\Update\GoogleUpdate.exe [01.08.2013 20:22]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-726334547-1794027604-3523308295-1000UA.job --a------ C:\Users\emamarko\AppData\Local\Google\Update\GoogleUpdate.exe [01.08.2013 20:22]
C:\Windows\tasks\update-S-1-5-21-726334547-1794027604-3523308295-1000.job --a------ C:\Program Files\Skillbrains\Updater\Updater.exe [23.02.2013 00:26]
C:\Windows\tasks\update-sys.job --a------ C:\Program Files\Skillbrains\Updater\Updater.exe [23.02.2013 00:26]

==== Firefox Extensions ======================

ProfilePath: C:\Users\emamarko\AppData\Roaming\Mozilla\Firefox\Profiles\v9irwhhl.default
- Video Resumer - %ProfilePath%\extensions\videoresumer@jetpack.xpi
- ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
- Easy YouTube Video Downloader - %ProfilePath%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\emamarko\AppData\Roaming\Mozilla\Firefox\Profiles\v9irwhhl.default
101700E93EB905992B518256CB441829 - C:\Users\emamarko\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update
0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash
ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U25
D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
F045DF7AF127DC4BCC53421850114E15 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In
3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
7D28153B7D586330678AD522B71D89CB - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bmiabdepfhhiieiipmeecdmeljggmfee - No path found[]
jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[]
kiplfnciaokpcennlkldkdaeaaomamof - No path found[]

Google Docs - emamarko - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - emamarko - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - emamarko - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - emamarko - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - emamarko - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{0FEC3956-C3BB-4367-8209-5115629226E5} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
{E1656179-65A0-411B-8C7B-4A457B6D19AB} Vuze Remote B Customized Web Search Url="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3283135&CUI=UN40886358182628291&UM=2"

==== EOF on pon 12.08.2013 at 19:12:24,32 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ponovo pokreni zoek ;


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;


U beli okvir prozora iskopiraj sledeći tekst:


emptyclsid;
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E1656179-65A0-411B-8C7B-4A457B6D19AB}];r
bmiabdepfhhiieiipmeecdmeljggmfee;chr
jbolfgndggfhhpbnkgnpjkfhinclbigj;chr
kiplfnciaokpcennlkldkdaeaaomamof;chr
FFdefaults;
chrdefaults;
iedefaults;
emptyalltemp;
autoclean;




Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadrzaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

evo izvestaja ,,umedjuvremenu mi se instalirao druga verzija firefoxa
Zoek.exe Version 4.0.0.4 Updated 10-August-2013
Tool run by emamarko on pon 12.08.2013 at 19:54:10,92.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: D:\Dawnloags\Mozilla\zoek.exe [Script inserted]

==== System Restore Info ======================

12.8.2013 19:54:44 Zoek.exe System Restore Point Created Succesfully.

==== Creating Sample_12.08.2013_1956.zip ======================

Copied file C:\Users\emamarko\AppData\Roaming\BCWorker.exe to sample\BCWorker.exe
sample\BCWorker.exe renamed to AB8D3146E05440D369FD9F41EFE844B1

C:\Users\Public\Desktop\sample_12.08.2013_1956.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-726334547-1794027604-3523308295-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E1656179-65A0-411B-8C7B-4A457B6D19AB} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\emamarko\AppData\Roaming\Mozilla\Firefox\Profiles\v9irwhhl.default\prefs.js:
user_pref("browser.startup.homepage", "www.google.com");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\emamarko\AppData\Roaming\Mozilla\Firefox\Profiles\v9irwhhl.default\prefs.js:

ProfilePath: C:\Users\emamarko\AppData\Roaming\Mozilla\Firefox\Profiles\v9irwhhl.default

user.js not found
---- Lines yahoo removed from prefs.js ----


---- Lines yahoo modified from prefs.js ----


---- Lines browser.startup.page removed from prefs.js ----


---- Lines browser.startup.page modified from prefs.js ----


---- FireFox user.js and prefs.js backups ----

prefs_12.08.2013_1956_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E1656179-65A0-411B-8C7B-4A457B6D19AB}]

==== Deleting Files \ Folders ======================

"C:\Users\emamarko\AppData\Roaming\BCWorker.exe" deleted
"C:\Program Files\MyPC Backup" deleted
"C:\Users\emamarko\AppData\LocalLow\MarineAquarium3Free_57" deleted
"C:\Users\emamarko\AppData\Roaming\Mozilla\Firefox\Profiles\v9irwhhl.default\jetpack" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\emamarko\AppData\Roaming\Mozilla\Firefox\Profiles\v9irwhhl.default
- Video Resumer - %ProfilePath%\extensions\videoresumer@jetpack.xpi
- ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
- Easy YouTube Video Downloader - %ProfilePath%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\emamarko\AppData\Roaming\Mozilla\Firefox\Profiles\v9irwhhl.default
101700E93EB905992B518256CB441829 - C:\Users\emamarko\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update
0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash
ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U25
D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
F045DF7AF127DC4BCC53421850114E15 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In
3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
7D28153B7D586330678AD522B71D89CB - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bmiabdepfhhiieiipmeecdmeljggmfee - No path found[]
jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[]
kiplfnciaokpcennlkldkdaeaaomamof - No path found[]

Google Docs - emamarko - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - emamarko - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - emamarko - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - emamarko - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - emamarko - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{0FEC3956-C3BB-4367-8209-5115629226E5} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\users\emamarko\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\users\emamarko\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof deleted successfully

==== Empty IE Cache ======================

C:\Users\emamarko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\users\emamarko\AppData\Local\Mozilla\Firefox\Profiles\v9irwhhl.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\emamarko\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\emamarko\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied

==== EOF on pon 12.08.2013 at 19:58:22,64 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ovde nije bilo malware-a, brisali smo neki crap iz browsera i to je to.
Ti prati situaciju, ukoliko se desi da zamrzne jos koji put, otvori temu u Windows forumu da pogledaju sta je uzrok.
Moguce i da su dva AV-a pravili problem.

Ostaje da pobrisemo alate koje smo koristili.


Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings

Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.
Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt