Trojanski konj

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

E ovako... Kad pokrenem kompjuter otvara mi ovaj prozorčić
ja pokušam uklonim sve ali mi se pojavi da uklanjanje pretnji nije moguće. Zadnjih 2-3 puta kad sam pokrenuo kompjuter mi to prikazuje. Ne primećujem da mi računar radi usporeno ili sporije otvara programe... Evo i ova slika
. Kad pokrenem skeniranje ne pronalazi ove trojance i pise da mi je kompjuter zaštićen.

• 1Ovo se svidja korisniku: Marko Ivanović 2
  
  Registruj se da bi pohvalio/la poruku!

Kao sto rekoh, potrebno je da ispratis uputstvo na linku ispod i dostavis DDS.txt i Attach.txt izvestaje

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

TwinHeadedEagle ::Kao sto rekoh, potrebno je da ispratis uputstvo na linku ispod i dostavis DDS.txt i Attach.txt izvestaje

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html
Izvini evo sad ću.

• 1Ovo se svidja korisniku: Marko Ivanović 2
  
  Registruj se da bi pohvalio/la poruku!

Ako ne uspes da skines DDS, vidi da ga skines na drugi racunar, ili na mobilni, pa onda prebaci na racunar putem USB-a...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Kad pokrenem kompjuter odmah mi se pojavi ovaj prozorčić
. Ja pokušam da ga uklonim ali prikazuje da to nije moguće. Evo još jedne slike
.




DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.25.2
Run by Home at 17:45:48 on 2013-06-29
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.3545.2171 [GMT 2:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
BHO: privitize Helper Object: {1ACB5ABE-4890-4747-952C-F13BDB93FB75} - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\bh\privitize.dll
BHO: WebCake: {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient_2.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: privitize Toolbar: {1C46A0DD-D53E-46C4-A435-CA11103E255E} - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\privitizeTlbr.dll
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A2EEAB71-9E59-4F0A-A90F-D432E29D2661} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-06-23 20:00; plugin@getwebcake.com; C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\extensions\plugin@getwebcake.com
FF - ExtSQL: 2013-06-26 18:36; ffxtlbr@privitize.com; C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\extensions\ffxtlbr@privitize.com
FF - ExtSQL: 2013-06-26 20:59; lndl@mips.edu; C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\extensions\lndl@mips.edu
FF - ExtSQL: 2013-06-26 21:00; zzozouxjqj@ajj.org; C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\extensions\zzozouxjqj@ajj.org
FF - ExtSQL: 2013-06-28 21:10; hpae_w0j@ie-eeo.edu; C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\extensions\hpae_w0j@ie-eeo.edu
FF - ExtSQL: 2013-06-28 21:12; 15h3oeir@jgwiuouya.org; C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\extensions\15h3oeir@jgwiuouya.org
FF - ExtSQL: 2013-06-28 21:59; m3axfc@pyayi.org; C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\extensions\m3axfc@pyayi.org
FF - ExtSQL: 2013-06-28 22:00; gr0h@tlpylfs.org; C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\extensions\gr0h@tlpylfs.org
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.webcake.installId - 1122f0db-7862-41b5-89a9-1b01bfd71481
FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
FF - user.js: extentions.webcake.installId - 1122f0db-7862-41b5-89a9-1b01bfd71481
FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 006649e10000000000003085a948dc9c
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15879
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.520:01:27
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119776&tsp=4922
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.privitize.tlbrSrchUrl - hxxp://searchou.com/?id=006649e10000000000003085a948dc9c&affilt=5&q=
FF - user.js: extensions.privitize.id - 006649e10000000000003085a948dc9c
FF - user.js: extensions.privitize.appId - {301966DF-A84B-4255-AAB9-574B5CE237E4}
FF - user.js: extensions.privitize.instlDay - 15882
FF - user.js: extensions.privitize.vrsn - 1.8.21.6
FF - user.js: extensions.privitize.vrsni - 1.8.21.6
FF - user.js: extensions.privitize.vrsnTs - 1.8.21.616:03:50
FF - user.js: extensions.privitize.prtnrId - privitize
FF - user.js: extensions.privitize.prdct - privitize
FF - user.js: extensions.privitize.aflt - 5
FF - user.js: extensions.privitize.smplGrp - none
FF - user.js: extensions.privitize.tlbrId - base
FF - user.js: extensions.privitize.instlRef -
FF - user.js: extensions.privitize.dfltLng -
FF - user.js: extensions.privitize.excTlbr - false
FF - user.js: extensions.privitize.ffxUnstlRst - false
FF - user.js: extensions.privitize.admin - false
FF - user.js: extensions.privitize.autoRvrt - false
FF - user.js: extensions.privitize.rvrt - false
FF - user.js: extensions.privitize.hmpg - true
FF - user.js: extensions.privitize.hmpgUrl - hxxp://searchou.com/?id=006649e10000000000003085a948dc9c&affilt=5
FF - user.js: extensions.privitize.hpOld0 - www.google.rs
FF - user.js: extensions.privitize.dfltSrch - true
FF - user.js: extensions.privitize.srchPrvdr - Search The Web (privitize)
FF - user.js: extensions.privitize.kw_url - hxxp://searchou.com/?q={searchTerms}&id=006649e10000000000003085a948dc9c&affilt=5
FF - user.js: extensions.privitize.dnsErr - true
FF - user.js: extensions.privitize.newTab - true
FF - user.js: extensions.privitize.newTabUrl - hxxp://searchou.com/?id=006649e10000000000003085a948dc9c&affilt=5
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-1 235520]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
R2 SrvUpdater;Software Updater;C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [2013-4-12 31744]
R2 WebCake Desktop Updater;WebCake Desktop Updater;C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [2013-6-23 23552]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2013-4-1 110744]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]
S3 3xHybr64;3xHybrid service;C:\Windows\System32\drivers\3xHybr64.sys [2007-4-20 873216]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver;C:\Windows\System32\drivers\RTL2832U_IRHID.sys [2013-5-30 44320]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;C:\Windows\System32\drivers\RTL2832UBDA.sys [2013-5-30 117152]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;C:\Windows\System32\drivers\RTL2832UUSB.sys [2013-5-30 38944]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Usluga tehnologije aktivacije operativnog sistema Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-1 1255736]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== Created Last 30 ================
.
2013-06-29 14:16:48 -------- d-----w- C:\ProgramData\Simply Super Software
2013-06-29 13:01:16 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-06-29 11:14:46 -------- d-----w- C:\ProgramData\McAfee Security Scan
2013-06-29 11:14:44 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2013-06-29 11:12:10 -------- d-----w- C:\Users\Home\AppData\Local\Adobe
2013-06-29 10:57:06 -------- d-----w- C:\Users\Home\AppData\Local\Deployment
2013-06-29 10:57:06 -------- d-----w- C:\Users\Home\AppData\Local\Apps
2013-06-28 19:09:00 -------- d-----w- C:\ProgramData\StarApp
2013-06-28 19:09:00 -------- d-----w- C:\ProgramData\SSearchh-NeWWTab
2013-06-28 19:08:35 -------- d-----w- C:\Program Files (x86)\Optimizer Pro
2013-06-28 19:07:54 -------- d-----w- C:\ProgramData\SSafe savvee
2013-06-28 14:56:03 -------- d-----w- C:\Users\Home\AppData\Roaming\Foxit Software
2013-06-27 07:41:44 -------- d-----w- C:\Users\Home\AppData\Roaming\PhotoScape
2013-06-27 07:41:20 -------- d-----w- C:\Program Files (x86)\PhotoScape
2013-06-26 18:58:25 -------- d-----w- C:\ProgramData\SearchNewTab
2013-06-26 18:57:26 -------- d-----w- C:\ProgramData\ssaFe! save
2013-06-26 18:57:04 -------- d-----w- C:\ProgramData\InstallMate
2013-06-26 17:33:42 -------- d-----w- C:\Users\Home\AppData\Roaming\AVG
2013-06-26 17:33:04 -------- d-----w- C:\ProgramData\AVG
2013-06-26 17:32:51 -------- d-sh--w- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-06-26 14:06:17 -------- d-----w- C:\Users\Home\AppData\Roaming\DownLite
2013-06-26 14:03:49 -------- d-----w- C:\Users\Home\AppData\Local\Google
2013-06-26 14:03:48 -------- d-----w- C:\Program Files (x86)\Industriya
2013-06-23 18:00:38 -------- d-----w- C:\Program Files (x86)\WebCake
2013-06-23 18:00:24 -------- d-----w- C:\ProgramData\Tarma Installer
2013-06-23 18:00:11 -------- d-----w- C:\Program Files (x86)\TornTV.com
2013-06-22 11:42:05 -------- d-----w- C:\Users\Home\AppData\Roaming\uTorrent
2013-06-22 11:05:36 -------- d-----w- C:\Program Files (x86)\GOG.com
2013-06-22 08:05:29 -------- d-----w- C:\Program Files (x86)\SoftwareUpdater
2013-06-22 08:04:54 -------- d-----w- C:\Program Files (x86)\Vittalia
2013-06-21 19:46:26 -------- d-----w- C:\Users\Home\AppData\Local\Microsoft Games
2013-06-21 19:42:59 -------- d-----w- C:\Program Files\CCleaner
2013-06-21 12:45:51 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-21 11:53:01 -------- d-----w- C:\Windows\System32\appmgmt
.
==================== Find3M ====================
.
2013-06-29 11:14:42 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-29 11:14:42 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-21 12:45:43 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-21 12:45:43 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-04-01 13:33:04 0 ----a-w- C:\Windows\ativpsrm.bin
2013-04-01 13:09:38 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2013-04-01 13:09:38 14848 ----a-w- C:\Windows\System32\slwga.dll
2013-04-01 13:09:38 13824 ----a-w- C:\Windows\SysWow64\slwga.dll
2013-04-01 13:09:37 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2013-04-01 13:09:37 1008640 ----a-w- C:\Windows\System32\user32.dll
.
============= FINISH: 17:46:05,81 ===============


https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

TwinHeadedEagle ::Ako ne uspes da skines DDS, vidi da ga skines na drugi racunar, ili na mobilni, pa onda prebaci na racunar putem USB-a... Uspeo sam da ga skinem

• 1Ovo se svidja korisniku: Marko Ivanović 2
  
  Registruj se da bi pohvalio/la poruku!

Korak 1.


Preuzmi Farbar Recovery Scan Tool i sacuvaj ga na Desktop

Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom.
Tvoj Windows je 64-bitna verzija.

Dvoklikom pokreni FRST;
Kada se alat startuje, klikni Yes na disclaimer.
Klikni na dugme Scan;
Alat ce kreirati izvestaj (FRST.txt) u isti direktorijum gde je i FRST.exe sacuvan.
Iskopiraj sadrzaj tog loga u poruku.
Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvestaj (Addition.txt). Taj izvestaj nije potreban.



Korak 2.


Preuzmi program GMER sa donjeg linka na Desktop:


GMER download
Klikni dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.


Dvoklikom pokrenite GMER.
Sačekaj da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, klikni No;

klikni Scan i sačekaj da skeniranje bude završeno;

klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer1);

klikni desnim tasterom u prozor programa Gmer i odaberi Options > 3rd party - klikni Scan;

po završetku skeniranja klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer2);

klikni taster >>> i odaberi Autostart karticu;

po završetku kratkotrajnog skeniranja, klikni Copy;

otvori Notepad i u njega postavi kopirani tekst - izveštaj sačuvaj na Desktop (pod nazivom Gmer3);

Slikoviti prikaz postupka

Priloži sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2013 01
Ran by Home (administrator) on 29-06-2013 18:52:00
Running from C:\Users\Home\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
() C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
(WebCake LLC) C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6843024 2012-10-29] (Realtek Semiconductor)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$e04d5268b3562573d50863341528e0d7\n. ATTENTION! ====> ZeroAccess
HKCR\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-3145937626-3286986765-835811450-1000\$e04d5268b3562573d50863341528e0d7\n. ATTENTION! ====> ZeroAccess
HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2011-12-09] (Nullsoft, Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU SearchScopes: DefaultScope {D1EAB2A0-BACD-49F7-A191-922CE9E9099E} URL = http://searchou.com/?q={searchTerms}&id=006649e10000000000003085a948dc9c&affilt=5&r=43
SearchScopes: HKCU - {D1EAB2A0-BACD-49F7-A191-922CE9E9099E} URL = http://searchou.com/?q={searchTerms}&id=006649e10000000000003085a948dc9c&affilt=5&r=43
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: privitize Helper Object - {1ACB5ABE-4890-4747-952C-F13BDB93FB75} - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\bh\privitize.dll (Industriya LLC)
BHO-x32: WebCake - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient_2.dll (WebCake LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - privitize Toolbar - {1C46A0DD-D53E-46C4-A435-CA11103E255E} - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\privitizeTlbr.dll (Industriya LLC)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default
FF user.js: detected! => C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\user.js
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: SSafe savvee - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\Extensions\15h3oeir@jgwiuouya.org
FF Extension: Privitize.com - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\Extensions\ffxtlbr@privitize.com
FF Extension: SSearchh-NeWWTab - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\Extensions\gr0h@tlpylfs.org
FF Extension: SSafe savvee - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\Extensions\hpae_w0j@ie-eeo.edu
FF Extension: ssaFe! save - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\Extensions\lndl@mips.edu
FF Extension: SSearchh-NeWWTab - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\Extensions\m3axfc@pyayi.org
FF Extension: WebCake - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\Extensions\plugin@getwebcake.com
FF Extension: SearchNewTab - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\ws8ph87e.default\Extensions\zzozouxjqj@ajj.org

Chrome:
=======
CHR Extension: (SSafe savvee) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgbonnlgaijklmelediajejfofdieee\1
CHR Extension: (SearchNewTab) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\albdecokpdbjaonobpomjphnhfeonmae\1
CHR Extension: (SSearchh-NeWWTab) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\banacjlleafnamlngcmlmihpfnmhnbbj\1
CHR Extension: (SSearchh-NeWWTab) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmlhlhkalgdackhkfhaogfldgdebkjcc\1
CHR Extension: (Privitize Chrome Toolbar) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhfcbmlocifngpbjdpgnkbjmgkadkjpp\1.0
CHR Extension: (ssaFe! save) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdaoepbnfmmphodhoimkjekaeghlbefo\1
CHR Extension: (SSafe savvee) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkaffijloipbclfhchnfcmjahnabehm\1

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [31744 2013-04-12] ()
R2 WebCake Desktop Updater; C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [23552 2013-06-07] (WebCake LLC)

==================== Drivers (Whitelisted) ====================

S3 3xHybr64; C:\Windows\System32\DRIVERS\3xHybr64.sys [873216 2007-04-20] (Philips Semiconductors GmbH)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-29 18:51 - 2013-06-29 18:51 - 01933592 ____A (Farbar) C:\Users\Home\Downloads\FRST64.exe
2013-06-29 18:51 - 2013-06-29 18:51 - 00000000 ____D C:\FRST
2013-06-29 17:46 - 2013-06-29 17:46 - 00021100 ____A C:\Users\Home\Desktop\attach.txt
2013-06-29 17:46 - 2013-06-29 17:46 - 00017786 ____A C:\Users\Home\Desktop\dds.txt
2013-06-29 17:45 - 2013-06-29 17:45 - 00000000 ____D C:\Users\Home\Desktop\didf
2013-06-29 17:32 - 2013-06-29 17:32 - 00688992 ____R (Swearware) C:\Users\Home\Desktop\dds.scr
2013-06-29 16:17 - 2013-06-29 16:17 - 00000000 ____D C:\Users\Home\Documents\Simply Super Software
2013-06-29 16:16 - 2013-06-29 16:16 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-06-29 15:01 - 2013-06-29 18:03 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-06-29 15:01 - 2013-06-29 15:01 - 00000761 ____A C:\Users\Home\Desktop\Spybot - Search & Destroy.lnk
2013-06-29 13:14 - 2013-06-29 18:06 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-29 13:14 - 2013-06-29 14:04 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2013-06-29 13:14 - 2013-06-29 13:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-06-29 13:14 - 2013-06-29 13:14 - 00000000 ____D C:\ProgramData\McAfee
2013-06-29 13:12 - 2013-06-29 13:15 - 00000000 ____D C:\Users\Home\AppData\Local\Adobe
2013-06-29 12:57 - 2013-06-29 12:57 - 00000000 ____D C:\Users\Home\AppData\Local\Deployment
2013-06-29 12:57 - 2013-06-29 12:57 - 00000000 ____D C:\Users\Home\AppData\Local\Apps\2.0
2013-06-29 11:18 - 2013-06-29 17:16 - 00012798 ____N C:\Windows\WindowsUpdate.log
2013-06-28 21:09 - 2013-06-28 21:10 - 00000000 ____D C:\ProgramData\SSearchh-NeWWTab
2013-06-28 21:09 - 2013-06-28 21:09 - 00000000 ____D C:\ProgramData\StarApp
2013-06-28 21:08 - 2013-06-28 21:11 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-06-28 21:07 - 2013-06-28 21:09 - 00000000 ____D C:\ProgramData\SSafe savvee
2013-06-28 16:56 - 2013-06-28 16:56 - 00000000 ____D C:\Users\Home\AppData\Roaming\Foxit Software
2013-06-27 09:44 - 2013-06-27 09:45 - 00006144 ___AH C:\Users\Home\Desktop\photothumb.db
2013-06-27 09:41 - 2013-06-27 09:47 - 00000000 ____D C:\Users\Home\AppData\Roaming\PhotoScape
2013-06-27 09:41 - 2013-06-27 09:41 - 00001031 ____A C:\Users\Home\Desktop\PhotoScape.lnk
2013-06-27 09:41 - 2013-06-27 09:41 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-06-26 20:58 - 2013-06-26 20:58 - 00000000 ____D C:\ProgramData\SearchNewTab
2013-06-26 20:57 - 2013-06-29 15:31 - 00000000 ____D C:\ProgramData\InstallMate
2013-06-26 20:57 - 2013-06-26 20:57 - 00000000 ____D C:\ProgramData\ssaFe! save
2013-06-26 19:33 - 2013-06-26 19:34 - 00000000 ____D C:\ProgramData\AVG
2013-06-26 19:33 - 2013-06-26 19:33 - 00000000 ____D C:\Users\Home\AppData\Roaming\AVG
2013-06-26 19:32 - 2013-06-26 19:32 - 00000000 __SHD C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-06-26 16:09 - 2013-06-26 16:09 - 00000000 ____D C:\ProgramData\Real
2013-06-26 16:06 - 2013-06-26 16:06 - 00000000 ____D C:\Users\Home\AppData\Roaming\DownLite
2013-06-26 16:03 - 2013-06-26 16:03 - 00000000 ____D C:\Users\Home\AppData\Local\Google
2013-06-26 16:03 - 2013-06-26 16:03 - 00000000 ____D C:\Program Files (x86)\Industriya
2013-06-26 15:27 - 2013-06-26 15:27 - 00000000 ____D C:\Users\Home\Documents\JoWooD
2013-06-23 20:00 - 2013-06-23 20:02 - 00000000 ____D C:\Program Files (x86)\TornTV.com
2013-06-23 20:00 - 2013-06-23 20:00 - 00000000 ____D C:\Program Files (x86)\WebCake
2013-06-22 14:43 - 2013-06-22 14:43 - 00000000 ____D C:\Users\Home\Downloads\Nova fascikla
2013-06-22 13:42 - 2013-06-29 15:48 - 00000000 ____D C:\Users\Home\AppData\Roaming\uTorrent
2013-06-22 13:05 - 2013-06-22 13:05 - 00000000 ____D C:\Program Files (x86)\GOG.com
2013-06-22 12:47 - 2013-06-22 12:47 - 00000000 ____D C:\Program Files\WinRAR
2013-06-22 12:45 - 2013-06-22 12:59 - 00000000 ____D C:\Users\Home\AppData\Roaming\WinRAR
2013-06-22 10:05 - 2013-06-22 10:05 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-06-22 10:04 - 2013-06-22 10:04 - 00000000 ____D C:\Program Files (x86)\Vittalia
2013-06-21 22:02 - 2013-06-26 19:26 - 00000000 ___RD C:\Users\Home\Desktop\Marija
2013-06-21 21:53 - 2013-06-27 09:43 - 00000000 ___RD C:\Users\Home\Desktop\Marko
2013-06-21 21:46 - 2013-06-21 22:21 - 00000000 ____D C:\Users\Home\AppData\Local\Microsoft Games
2013-06-21 21:42 - 2013-06-21 21:43 - 00000000 ____D C:\Program Files\CCleaner
2013-06-21 21:42 - 2013-06-21 21:42 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-21 21:36 - 2013-06-26 20:44 - 00000000 ___RD C:\Users\Home\Desktop\Sladjan
2013-06-21 19:00 - 2013-06-23 20:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-21 14:45 - 2013-06-21 14:45 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-21 14:45 - 2013-06-21 14:45 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-21 14:45 - 2013-06-21 14:45 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-21 14:45 - 2013-06-21 14:45 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-21 14:45 - 2013-06-21 14:45 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-21 13:53 - 2013-06-21 13:53 - 00000000 ____D C:\Windows\System32\appmgmt
2013-05-30 15:12 - 2013-06-21 13:11 - 00000000 ____D C:\Users\Home\AppData\Local\Newsoft
2013-05-30 15:12 - 2013-05-30 15:12 - 00000000 ____D C:\Users\Home\Documents\Presto! PVR
2013-05-30 15:09 - 2009-10-25 18:43 - 00117152 ____A (REALTEK SEMICONDUCTOR Corp.) C:\Windows\SysWOW64\Drivers\RTL2832UBDA.sys
2013-05-30 15:09 - 2009-10-25 18:43 - 00117152 ____A (REALTEK SEMICONDUCTOR Corp.) C:\Windows\System32\Drivers\RTL2832UBDA.sys
2013-05-30 15:09 - 2009-10-25 18:43 - 00038944 ____A (REALTEK SEMICONDUCTOR Corp.) C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys
2013-05-30 15:09 - 2009-10-25 18:43 - 00038944 ____A (REALTEK SEMICONDUCTOR Corp.) C:\Windows\System32\Drivers\RTL2832UUSB.sys
2013-05-30 15:09 - 2009-10-05 05:22 - 00044320 ____A (Realtek) C:\Windows\SysWOW64\Drivers\RTL2832U_IRHID.sys
2013-05-30 15:09 - 2009-10-05 05:22 - 00044320 ____A (Realtek) C:\Windows\System32\Drivers\RTL2832U_IRHID.sys
2013-05-30 15:08 - 2013-06-21 13:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-05-30 15:08 - 2013-05-30 15:08 - 00000000 ____D C:\Users\Home\AppData\Roaming\InstallShield
2013-05-30 15:08 - 2013-05-30 15:08 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-05-30 15:08 - 2009-10-15 19:36 - 00139356 ____A (Realtek) C:\Windows\SysWOW64\RTKDABSOURCE.dll
2013-05-30 15:08 - 2009-10-15 00:22 - 00348239 ___AT (Realtek) C:\Windows\SysWOW64\RTKFM.dll
2013-05-30 15:08 - 2009-10-15 00:16 - 04690000 ____A (Realtek) C:\Windows\SysWOW64\RTKDAB.dll
2013-05-30 15:08 - 2009-10-14 23:03 - 00053248 ____A C:\Windows\SysWOW64\RTKDABMWare.dll
2013-05-30 15:08 - 2009-10-14 19:21 - 00135294 ____A (Realtek) C:\Windows\SysWOW64\RTKFMSOURCE.dll
2013-05-30 15:08 - 2009-09-10 22:15 - 00114688 ___AT (Realtek) C:\Windows\SysWOW64\RTL283XACCESS.dll
2013-05-30 15:08 - 2009-09-10 19:44 - 00073832 ____A C:\Windows\SysWOW64\SuperFrameSplitter.dll

==================== One Month Modified Files and Folders =======

2013-06-29 18:51 - 2013-06-29 18:51 - 01933592 ____A (Farbar) C:\Users\Home\Downloads\FRST64.exe
2013-06-29 18:51 - 2013-06-29 18:51 - 00000000 ____D C:\FRST
2013-06-29 18:06 - 2013-06-29 13:14 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-29 18:03 - 2013-06-29 15:01 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-06-29 17:46 - 2013-06-29 17:46 - 00021100 ____A C:\Users\Home\Desktop\attach.txt
2013-06-29 17:46 - 2013-06-29 17:46 - 00017786 ____A C:\Users\Home\Desktop\dds.txt
2013-06-29 17:45 - 2013-06-29 17:45 - 00000000 ____D C:\Users\Home\Desktop\didf
2013-06-29 17:32 - 2013-06-29 17:32 - 00688992 ____R (Swearware) C:\Users\Home\Desktop\dds.scr
2013-06-29 17:32 - 2013-04-02 17:56 - 00000000 ____D C:\ProgramData\MFAData
2013-06-29 17:16 - 2013-06-29 11:18 - 00012798 ____N C:\Windows\WindowsUpdate.log
2013-06-29 17:13 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-29 16:17 - 2013-06-29 16:17 - 00000000 ____D C:\Users\Home\Documents\Simply Super Software
2013-06-29 16:16 - 2013-06-29 16:16 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-06-29 16:03 - 2013-04-02 18:25 - 00000000 ____D C:\Program Files (x86)\AVG
2013-06-29 15:48 - 2013-06-22 13:42 - 00000000 ____D C:\Users\Home\AppData\Roaming\uTorrent
2013-06-29 15:31 - 2013-06-26 20:57 - 00000000 ____D C:\ProgramData\InstallMate
2013-06-29 15:21 - 2013-04-01 15:10 - 00000000 ____D C:\users\Home
2013-06-29 15:01 - 2013-06-29 15:01 - 00000761 ____A C:\Users\Home\Desktop\Spybot - Search & Destroy.lnk
2013-06-29 14:04 - 2013-06-29 13:14 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2013-06-29 14:01 - 2013-04-02 19:06 - 00000000 ____D C:\Users\Home\AppData\Roaming\Winamp
2013-06-29 13:15 - 2013-06-29 13:12 - 00000000 ____D C:\Users\Home\AppData\Local\Adobe
2013-06-29 13:14 - 2013-06-29 13:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-06-29 13:14 - 2013-06-29 13:14 - 00000000 ____D C:\ProgramData\McAfee
2013-06-29 13:14 - 2013-04-01 17:00 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-29 13:14 - 2013-04-01 17:00 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-29 13:10 - 2013-04-02 19:06 - 00001066 ____A C:\Users\Public\Desktop\VLC media player.lnk
2013-06-29 13:10 - 2013-04-02 19:06 - 00000000 ____D C:\Users\Home\AppData\Roaming\vlc
2013-06-29 12:57 - 2013-06-29 12:57 - 00000000 ____D C:\Users\Home\AppData\Local\Deployment
2013-06-29 12:57 - 2013-06-29 12:57 - 00000000 ____D C:\Users\Home\AppData\Local\Apps\2.0
2013-06-28 21:11 - 2013-06-28 21:08 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-06-28 21:10 - 2013-06-28 21:09 - 00000000 ____D C:\ProgramData\SSearchh-NeWWTab
2013-06-28 21:09 - 2013-06-28 21:09 - 00000000 ____D C:\ProgramData\StarApp
2013-06-28 21:09 - 2013-06-28 21:07 - 00000000 ____D C:\ProgramData\SSafe savvee
2013-06-28 16:56 - 2013-06-28 16:56 - 00000000 ____D C:\Users\Home\AppData\Roaming\Foxit Software
2013-06-27 17:15 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-06-27 09:47 - 2013-06-27 09:41 - 00000000 ____D C:\Users\Home\AppData\Roaming\PhotoScape
2013-06-27 09:45 - 2013-06-27 09:44 - 00006144 ___AH C:\Users\Home\Desktop\photothumb.db
2013-06-27 09:43 - 2013-06-21 21:53 - 00000000 ___RD C:\Users\Home\Desktop\Marko
2013-06-27 09:41 - 2013-06-27 09:41 - 00001031 ____A C:\Users\Home\Desktop\PhotoScape.lnk
2013-06-27 09:41 - 2013-06-27 09:41 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-06-27 09:34 - 2009-07-14 07:13 - 00713888 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-26 20:58 - 2013-06-26 20:58 - 00000000 ____D C:\ProgramData\SearchNewTab
2013-06-26 20:57 - 2013-06-26 20:57 - 00000000 ____D C:\ProgramData\ssaFe! save
2013-06-26 20:44 - 2013-06-21 21:36 - 00000000 ___RD C:\Users\Home\Desktop\Sladjan
2013-06-26 19:34 - 2013-06-26 19:33 - 00000000 ____D C:\ProgramData\AVG
2013-06-26 19:33 - 2013-06-26 19:33 - 00000000 ____D C:\Users\Home\AppData\Roaming\AVG
2013-06-26 19:32 - 2013-06-26 19:32 - 00000000 __SHD C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-06-26 19:26 - 2013-06-21 22:02 - 00000000 ___RD C:\Users\Home\Desktop\Marija
2013-06-26 16:09 - 2013-06-26 16:09 - 00000000 ____D C:\ProgramData\Real
2013-06-26 16:06 - 2013-06-26 16:06 - 00000000 ____D C:\Users\Home\AppData\Roaming\DownLite
2013-06-26 16:03 - 2013-06-26 16:03 - 00000000 ____D C:\Users\Home\AppData\Local\Google
2013-06-26 16:03 - 2013-06-26 16:03 - 00000000 ____D C:\Program Files (x86)\Industriya
2013-06-26 15:27 - 2013-06-26 15:27 - 00000000 ____D C:\Users\Home\Documents\JoWooD
2013-06-25 20:33 - 2013-04-01 15:10 - 00000000 ____D C:\Users\Home\AppData\Local\VirtualStore
2013-06-23 20:02 - 2013-06-23 20:00 - 00000000 ____D C:\Program Files (x86)\TornTV.com
2013-06-23 20:01 - 2013-06-21 19:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-23 20:00 - 2013-06-23 20:00 - 00000000 ____D C:\Program Files (x86)\WebCake
2013-06-22 17:02 - 2013-04-02 19:09 - 00000000 ____D C:\Users\Home\AppData\Roaming\Skype
2013-06-22 17:01 - 2013-04-02 19:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-22 17:01 - 2013-04-02 19:09 - 00000000 ____D C:\ProgramData\Skype
2013-06-22 14:43 - 2013-06-22 14:43 - 00000000 ____D C:\Users\Home\Downloads\Nova fascikla
2013-06-22 13:59 - 2009-07-14 06:45 - 00020832 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-22 13:59 - 2009-07-14 06:45 - 00020832 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-22 13:05 - 2013-06-22 13:05 - 00000000 ____D C:\Program Files (x86)\GOG.com
2013-06-22 12:59 - 2013-06-22 12:45 - 00000000 ____D C:\Users\Home\AppData\Roaming\WinRAR
2013-06-22 12:47 - 2013-06-22 12:47 - 00000000 ____D C:\Program Files\WinRAR
2013-06-22 10:05 - 2013-06-22 10:05 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-06-22 10:04 - 2013-06-22 10:04 - 00000000 ____D C:\Program Files (x86)\Vittalia
2013-06-22 06:10 - 2013-04-01 15:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-21 22:21 - 2013-06-21 21:46 - 00000000 ____D C:\Users\Home\AppData\Local\Microsoft Games
2013-06-21 21:52 - 2013-04-02 01:02 - 00000000 ____D C:\Windows\Panther
2013-06-21 21:43 - 2013-06-21 21:42 - 00000000 ____D C:\Program Files\CCleaner
2013-06-21 21:42 - 2013-06-21 21:42 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-21 14:45 - 2013-06-21 14:45 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-21 14:45 - 2013-06-21 14:45 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-21 14:45 - 2013-06-21 14:45 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-21 14:45 - 2013-06-21 14:45 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-21 14:45 - 2013-06-21 14:45 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-21 14:45 - 2013-04-01 15:44 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-21 14:45 - 2013-04-01 15:44 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-21 13:59 - 2013-04-02 18:26 - 00000977 ____A C:\Users\Public\Desktop\AVG 2013.lnk
2013-06-21 13:53 - 2013-06-21 13:53 - 00000000 ____D C:\Windows\System32\appmgmt
2013-06-21 13:52 - 2013-05-30 15:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-21 13:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-21 13:11 - 2013-05-30 15:12 - 00000000 ____D C:\Users\Home\AppData\Local\Newsoft
2013-05-30 15:12 - 2013-05-30 15:12 - 00000000 ____D C:\Users\Home\Documents\Presto! PVR
2013-05-30 15:08 - 2013-05-30 15:08 - 00000000 ____D C:\Users\Home\AppData\Roaming\InstallShield
2013-05-30 15:08 - 2013-05-30 15:08 - 00000000 ____D C:\Program Files (x86)\Realtek

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3145937626-3286986765-835811450-1000\$e04d5268b3562573d50863341528e0d7

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$e04d5268b3562573d50863341528e0d7

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


LastRegBack: 2013-06-23 20:52

==================== End Of Log ============================

• 1Ovo se svidja korisniku: Marko Ivanović 2
  
  Registruj se da bi pohvalio/la poruku!

Odlicno, jos GMER izvestaje...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 29 Jun 2013 19:24

Evo
https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Dopuna: 29 Jun 2013 19:26

I još nešto da te pitam mogu li ja sad sve ovo da izbrišem?