MyCity » Ambulanta -> Arhiva Ambulante » Uspored rad kompa

Uspored rad kompa

Napisano na dan: 23.11.2014

Strana:
1
2

Uspored rad kompa

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Cyrax Poslao: 23 Nov 2014 16:37 Idi na vrh
offline Cyrax Građanin Pridružio: 13 Maj 2008 Poruke: 113	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Ovako Kompjuter mi je super usporen u zadnjevreme. Cesto mi kuca i ne nije u mogucnosti da obradi vecu kolicinu podataka. Kada otvorim vise kartica preko neta postaje veoma usporen i kuca. Kada npr listam slike na Fb ili radim bilo sta npr pokusavam da gledam D3Go preko neta da bi mi ucitao listu kanala treba mu veoma dosta vremean i cesto zakuca ili dok obican sajt za pracenje rezultata pokusavam da proverim treba mu dosta vremean da ucita. Pa ako bi ste mogli da me posavetujete sta bih mogaoda uradim sciljem da ga ubrzam. A takodje cesto mi AVG detektuje a mi je ram memorija veoma opterecena pa me navelo na razmisljanje da mi nesto od dodatnih programa jede ram memoriju. Hvala unapred. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014 Ran by Cyrax (administrator) on CYRAX-PC on 23-11-2014 16:26:19 Running from C:\Users\Cyrax\Desktop Loaded Profile: Cyrax (Available profiles: Cyrax) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (WinAbility® Software Corporation) C:\PROGRAMS\FGUARD\FGKey.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe () C:\Program Files\AVG SafeGuard toolbar\vprot.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [FG_Monitor] => C:\PROGRAMS\FGUARD\FGKey.exe [118600 2008-01-04] (WinAbility® Software Corporation) HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2557976 2014-05-27] () HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKU\S-1-5-21-580165240-721162046-3227699501-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-580165240-721162046-3227699501-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.) HKU\S-1-5-21-580165240-721162046-3227699501-1001\...\MountPoints2: {2affdf6d-e0cd-11e3-9c1c-001fd0b5bc2f} - F:\autorun.exe HKU\S-1-5-21-580165240-721162046-3227699501-1001\...\MountPoints2: {b0c4c9f3-5f4e-11e4-abde-001fd0b5bc2f} - G:\iStudio.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Start Page = websearch.searc-hall.info/?pid=3540&r=2.....p;unqvl=65 HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4015E9A44970CF01 HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKLM -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65 SearchScopes: HKLM -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65 SearchScopes: HKU\S-1-5-21-580165240-721162046-3227699501-1001 -> {115BE84A-2FAA-4BDF-9A7A-CDFB1D73DFA0} URL = google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-580165240-721162046-3227699501-1001 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65 BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.6.542\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50 FireFox: ======== FF ProfilePath: C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default FF DefaultSearchEngine,S: WebSearch FF DefaultSearchUrl: hxxp://websearch.searc-hall.info/?pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65&l=1&q= FF SearchEngineOrder.1: WebSearch FF SearchEngineOrder.1,S: WebSearch FF SelectedSearchEngine,S: WebSearch FF Homepage: google.rs FF Keyword.URL: hxxp://websearch.searc-hall.info/?pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65&l=1&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update \1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update \1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default\searchplugins\WebSearch.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml FF Extension: United States English Spellchecker - C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default\Extensions\en-US@dictionaries.addons.mozilla.org [2014-06-19] FF Extension: DownloadHelper - C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-24] FF Extension: Adblock Plus - C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2014-08-06] CHR Extension: (Photo Zoom for Facebook) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-08-06] CHR Extension: (AdBlock) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-06] CHR Extension: (Skype Click to Call) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-05-15] CHR Extension: (Google новчаник) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-15] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [213784 2014-10-29] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-05-18] (AVG Technologies) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-05-21] (Disc Soft Ltd) R2 FGUARD32; C:\PROGRAMS\FGUARD\FGUARD32.SYS [54008 2008-01-04] (WinAbility® Software Corporation) S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [454656 2007-11-08] (PixArt Imaging Inc.) S3 cpudrv; No ImagePath S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-23 16:26 - 2014-11-23 16:26 - 00012384 _____ () C:\Users\Cyrax\Desktop\FRST.txt 2014-11-23 16:25 - 2014-11-23 16:26 - 00000000 ____D () C:\FRST 2014-11-23 16:24 - 2014-11-23 16:24 - 01110016 _____ (Farbar) C:\Users\Cyrax\Desktop\FRST.exe 2014-11-23 12:51 - 2014-11-23 12:51 - 00000056 _____ () C:\Windows\setupact.log 2014-11-23 12:51 - 2014-11-23 12:51 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-19 15:03 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-19 15:03 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2014-11-12 19:59 - 2000-06-08 17:00 - 00119568 _____ (Microsoft Corporation) C:\Windows\system32\KSPRaccb.rra 2014-11-12 11:39 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-12 11:39 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-12 11:39 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-12 11:39 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-12 11:39 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-12 11:39 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-12 11:39 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-12 11:39 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-12 11:39 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-12 11:39 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-12 11:39 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-12 11:39 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-12 11:39 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-12 11:39 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-12 11:39 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-12 11:39 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-12 11:39 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-12 11:39 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-12 11:39 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-12 11:39 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-12 11:39 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-12 11:39 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-12 11:39 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-12 11:39 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-12 11:39 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-12 11:39 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-12 11:38 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-12 11:38 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-12 11:38 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-12 11:38 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-12 11:38 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-12 11:38 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-12 11:38 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-12 11:38 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-12 11:38 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-12 11:38 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-12 11:38 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-12 11:38 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-12 11:38 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-12 11:38 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-12 11:38 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-12 11:38 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-12 11:38 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-12 11:38 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-12 11:38 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-12 11:38 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-12 11:38 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-12 11:38 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-12 11:38 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-12 11:38 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-12 11:38 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-12 11:38 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-12 11:38 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-12 11:38 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-12 11:38 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-12 11:38 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-04 23:30 - 2014-11-04 23:30 - 00000000 ____D () C:\Users\Cyrax\Desktop\Drina 2014-11-04 21:49 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2014-10-31 16:22 - 2014-10-31 16:22 - 00000000 ____D () C:\Users\Cyrax\Downloads\Emergency Debark 2014-10-31 16:21 - 2014-10-31 16:21 - 00044753 _____ () C:\Users\Cyrax\Downloads\Emergency Debark.zip 2014-10-29 21:34 - 2014-10-29 21:34 - 00213784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys 2014-10-29 16:36 - 2014-10-29 16:40 - 00000330 _____ () C:\Windows\system32\debug.log 2014-10-29 15:42 - 2014-10-29 15:48 - 00000000 ____D () C:\Users\Cyrax\AppData\Roaming\Intelli-studio 2014-10-29 15:42 - 2014-10-29 15:42 - 00000000 ____D () C:\Program Files\Samsung 2014-10-26 02:10 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-10-25 17:35 - 2014-10-25 17:35 - 02761728 _____ () C:\Users\Cyrax\Downloads\03.specijalne_snimke_kuka_(2003).pps 2014-10-25 14:48 - 2014-10-25 14:48 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-10-25 14:48 - 2014-10-25 14:48 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-10-25 14:48 - 2014-10-25 14:48 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-10-25 14:48 - 2014-10-25 14:48 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-10-25 14:48 - 2014-10-25 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-25 14:48 - 2014-10-25 14:48 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-10-25 12:58 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-10-25 12:58 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-10-25 12:58 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-10-25 12:58 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-10-24 20:22 - 2014-10-24 20:22 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-10-24 20:22 - 2014-10-24 20:22 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-10-24 20:22 - 2014-10-24 20:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-10-24 20:22 - 2014-10-24 20:22 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-10-24 20:22 - 2014-10-24 20:22 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-10-24 20:22 - 2014-10-24 20:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-10-24 20:22 - 2014-10-24 20:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-10-24 20:22 - 2014-10-24 20:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-10-24 20:22 - 2014-10-24 20:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-10-24 20:21 - 2014-10-24 20:21 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-10-24 20:21 - 2014-10-24 20:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-23 16:23 - 2014-05-15 20:56 - 00000000 ____D () C:\Users\Cyrax\AppData\Roaming\Skype 2014-11-23 16:09 - 2014-06-10 09:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-23 15:39 - 2014-05-15 15:28 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-23 12:58 - 2014-06-24 13:26 - 01744388 _____ () C:\Windows\WindowsUpdate.log 2014-11-23 12:57 - 2014-05-15 21:05 - 00000000 ____D () C:\ProgramData\MFAData 2014-11-23 12:56 - 2009-07-14 05:34 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-23 12:56 - 2009-07-14 05:34 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-23 12:51 - 2014-10-22 12:22 - 00000476 ____H () C:\Windows\Tasks\SW-Booster-S-792098896.job 2014-11-23 12:51 - 2014-05-15 15:28 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-23 12:51 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-22 14:21 - 2014-05-21 20:42 - 00000000 ____D () C:\Users\Cyrax\AppData\Roaming\uTorrent 2014-11-17 13:50 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\twain_32 2014-11-14 14:15 - 2014-10-21 13:19 - 00000935 _____ () C:\Users\Public\Desktop\AVG 2015.lnk 2014-11-14 14:15 - 2014-05-15 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-11-12 22:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-11-12 20:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-11-12 20:28 - 2009-07-14 03:04 - 00000765 _____ () C:\Windows\win.ini 2014-11-12 20:23 - 2009-07-14 05:33 - 00279336 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-12 20:20 - 2014-05-28 15:43 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-12 20:17 - 2014-05-15 16:09 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-12 20:12 - 2014-05-15 16:09 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-12 11:34 - 2014-05-15 21:08 - 00000000 ___HD () C:\$AVG 2014-11-12 00:09 - 2014-06-10 09:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-11-12 00:09 - 2014-06-10 09:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-10-30 10:41 - 2014-05-15 15:08 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-29 16:36 - 2014-05-24 19:17 - 00000000 ____D () C:\Users\Cyrax\AppData\Roaming\Adobe 2014-10-25 14:51 - 2014-05-16 00:56 - 00000000 ____D () C:\Windows\Panther 2014-10-25 14:49 - 2014-05-15 20:18 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-TW 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-HK 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-CN 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\tr-TR 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sv-SE 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ru-RU 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-PT 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-BR 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nl-NL 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nb-NO 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ko-KR 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ja-JP 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\it-IT 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\hu-HU 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fr-FR 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fi-FI 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\el-GR 2014-10-24 20:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE 2014-10-24 20:10 - 2014-06-10 18:03 - 00000000 ____D () C:\Users\Cyrax\AppData\Local\Adobe 2014-10-24 19:24 - 2014-10-22 12:22 - 00000000 ____D () C:\Program Files\YoutubeAdBlocke 2014-10-24 11:03 - 2014-05-15 20:55 - 00000000 ____D () C:\ProgramData\Skype ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-15 14:55 ==================== End Of Log ============================ mycity.rs/must-login.png

Profil

magna86 Poslao: 23 Nov 2014 17:04 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start HKU\S-1-5-21-580165240-721162046-3227699501-1001\...\MountPoints2: {2affdf6d-e0cd-11e3-9c1c-001fd0b5bc2f} - F:\autorun.exe HKU\S-1-5-21-580165240-721162046-3227699501-1001\...\MountPoints2: {b0c4c9f3-5f4e-11e4-abde-001fd0b5bc2f} - G:\iStudio.exe CloseProcesses: HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searc-hall.info/?pid=3540&r=2.....p;unqvl=65 HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKLM -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65 SearchScopes: HKLM -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65 SearchScopes: HKU\S-1-5-21-580165240-721162046-3227699501-1001 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65 FF DefaultSearchEngine,S: WebSearch FF DefaultSearchUrl: hxxp://websearch.searc-hall.info/?pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65&l=1&q= FF SearchEngineOrder.1: WebSearch FF SearchEngineOrder.1,S: WebSearch FF SelectedSearchEngine,S: WebSearch FF Keyword.URL: hxxp://websearch.searc-hall.info/?pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65&l=1&q= Hosts: HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2557976 2014-05-27] () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.6.542\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) Task: {03A153F2-68D4-461C-8A32-33BAAAFE32CB} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION Task: {B2F584EB-51AC-4732-9117-F13D5BB9DA09} - System32\Tasks\SW-Booster-S-792098896 => c:\programdata\trusted publisher\sw-booster\SW-Booster.exe <==== ATTENTION Task: {E50FDBA6-7DCF-4ACB-BF1F-A4B611C3EEEC} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files\Optimizer Pro\OptProLauncher.exe <==== ATTENTION Task: C:\Windows\Tasks\SW-Booster-S-792098896.job => c:\programdata\trusted publisher\sw-booster\SW-Booster.exe <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 CMD: del /f /q C:\Windows\Tasks\SW-Booster-S-792098896.job EmptyTemp: C:\Program Files\AVG SafeGuard toolbar C:\Program Files\MyPC Backup c:\programdata\trusted publisher C:\Program Files\Optimizer Pro End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

Cyrax Poslao: 23 Nov 2014 17:15 Idi na vrh
offline Cyrax Građanin Pridružio: 13 Maj 2008 Poruke: 113	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-11-2014 Ran by Cyrax at 2014-11-23 17:06:17 Run:1 Running from C:\Users\Cyrax\Desktop Loaded Profile: Cyrax (Available profiles: Cyrax) Boot Mode: Normal ============================================== Content of fixlist: *************** Start HKU\S-1-5-21-580165240-721162046-3227699501-1001\...\MountPoints2: {2affdf6d-e0cd-11e3-9c1c-001fd0b5bc2f} - F:\autorun.exe HKU\S-1-5-21-580165240-721162046-3227699501-1001\...\MountPoints2: {b0c4c9f3-5f4e-11e4-abde-001fd0b5bc2f} - G:\iStudio.exe CloseProcesses: HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Start Page = websearch.searc-hall.info/?pid=3540&r=2.....p;unqvl=65 HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKLM -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65 SearchScopes: HKLM -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65 SearchScopes: HKU\S-1-5-21-580165240-721162046-3227699501-1001 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65 FF DefaultSearchEngine,S: WebSearch FF DefaultSearchUrl: hxxp://websearch.searc-hall.info/?pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65&l=1&q= FF SearchEngineOrder.1: WebSearch FF SearchEngineOrder.1,S: WebSearch FF SelectedSearchEngine,S: WebSearch FF Keyword.URL: hxxp://websearch.searc-hall.info/?pid=3540&r=2014/10/22&hid=6927390955433027191&lg=EN&cc=RS&unqvl=65&l=1&q= Hosts: HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2557976 2014-05-27] () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.6.542\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) Task: {03A153F2-68D4-461C-8A32-33BAAAFE32CB} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION Task: {B2F584EB-51AC-4732-9117-F13D5BB9DA09} - System32\Tasks\SW-Booster-S-792098896 => c:\programdata\trusted publisher\sw-booster\SW-Booster.exe <==== ATTENTION Task: {E50FDBA6-7DCF-4ACB-BF1F-A4B611C3EEEC} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files\Optimizer Pro\OptProLauncher.exe <==== ATTENTION Task: C:\Windows\Tasks\SW-Booster-S-792098896.job => c:\programdata\trusted publisher\sw-booster\SW-Booster.exe <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 CMD: del /f /q C:\Windows\Tasks\SW-Booster-S-792098896.job EmptyTemp: C:\Program Files\AVG SafeGuard toolbar C:\Program Files\MyPC Backup c:\programdata\trusted publisher C:\Program Files\Optimizer Pro End *************** "HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2affdf6d-e0cd-11e3-9c1c-001fd0b5bc2f}" => Key deleted successfully. "HKCR\CLSID\{2affdf6d-e0cd-11e3-9c1c-001fd0b5bc2f}" => Key not found. "HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0c4c9f3-5f4e-11e4-abde-001fd0b5bc2f}" => Key deleted successfully. "HKCR\CLSID\{b0c4c9f3-5f4e-11e4-abde-001fd0b5bc2f}" => Key not found. Processes closed successfully. HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. "HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" => Key deleted successfully. "HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" => Key not found. "HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" => Key deleted successfully. "HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" => Key not found. Firefox DefaultSearchEngine,S deleted successfully. Firefox DefaultSearchUrl deleted successfully. Firefox SearchEngineOrder.1 deleted successfully. Firefox SearchEngineOrder.1,S deleted successfully. Firefox SelectedSearchEngine,S deleted successfully. Firefox Keyword.URL deleted successfully. C:\Windows\System32\Drivers\etc\hosts => Moved successfully. Hosts was reset successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\vProt => value deleted successfully. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => value deleted successfully. "HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03A153F2-68D4-461C-8A32-33BAAAFE32CB}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03A153F2-68D4-461C-8A32-33BAAAFE32CB}" => Key deleted successfully. C:\Windows\System32\Tasks\LaunchSignup => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B2F584EB-51AC-4732-9117-F13D5BB9DA09}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2F584EB-51AC-4732-9117-F13D5BB9DA09}" => Key deleted successfully. C:\Windows\System32\Tasks\SW-Booster-S-792098896 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SW-Booster-S-792098896" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E50FDBA6-7DCF-4ACB-BF1F-A4B611C3EEEC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E50FDBA6-7DCF-4ACB-BF1F-A4B611C3EEEC}" => Key deleted successfully. C:\Windows\System32\Tasks\Optimizer Pro Schedule => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimizer Pro Schedule" => Key deleted successfully. C:\Windows\Tasks\SW-Booster-S-792098896.job => Moved successfully. C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully. ========= del /f /q C:\Windows\Tasks\SW-Booster-S-792098896.job ========= Could Not Find C:\Windows\Tasks\SW-Booster-S-792098896.job ========= End of CMD: ========= C:\Program Files\AVG SafeGuard toolbar => Moved successfully. "C:\Program Files\MyPC Backup" => File/Directory not found. c:\programdata\trusted publisher => Moved successfully. "C:\Program Files\Optimizer Pro" => File/Directory not found. EmptyTemp: => Removed 299.4 MB temporary data. The system needed a reboot. ==== End of Fixlog ====

Profil

magna86 Poslao: 23 Nov 2014 20:08 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu, idemo dalje ... Preuzmi smeenk-ov zoek () sa ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... Klikni na More Options dugme i stikliraj polje ispred sledece opcije: Auto Clean Napomena: Stikliraj samo navedenu opciju, ostale opcije ne dirati ! ! Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

Cyrax Poslao: 23 Nov 2014 20:48 Idi na vrh
offline Cyrax Građanin Pridružio: 13 Maj 2008 Poruke: 113	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe v5.0.0.0 Updated 23-11-2014 Tool run by Cyrax on 23-Nov-14 at 20:25:28.48. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Cyrax\Desktop\zoek.exe [Scan all users] [Checkboxes used] ==== System Restore Info ====================== 23-Nov-14 8:27:24 PM Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\GoSave deleted successfully C:\PROGRA~2\GoSave deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\Users\Cyrax\AppData\Roaming\Optimizer Pro deleted successfully C:\Users\Cyrax\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default user.js not found ---- Lines extensions.9V01r9NrpAKj2NBC removed from prefs.js ---- user_pref("extensions.9V01r9NrpAKj2NBC.epoch", "1414263886"); user_pref("extensions.9V01r9NrpAKj2NBC.url", "http://jpiservice.info/sync2/?q=hfZ9ofV9CShEAen0rHk9rchTB6lKDzt4oltjtNtVh7n0rjnFrdsGrjwGrjnFtMFHhd9FqdwE ---- Lines extensions.mTiuJ6CmdDT4EOYM removed from prefs.js ---- user_pref("extensions.mTiuJ6CmdDT4EOYM.epoch", "1414263887"); user_pref("extensions.mTiuJ6CmdDT4EOYM.url", "http://getjpijs.info/sync2/?q=hfZ9ofbMDMnMCyVUojr8qdaMg708BNmGWj8ikGhGheDUojw9rjaGrTwFrTwFrihIC7n0rjnFrd ---- FireFox user.js and prefs.js backups ---- prefs__0837_.backup ProfilePath: C:\Users\Cyrax\AppData\Roaming\Thunderbird\Profiles\mav8muno.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs__0837_.backup ==== Batch Command(s) Run By Tool====================== Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ==== Deleting Files \ Folders ====================== C:\Program Files\YoutubeAdBlocke deleted C:\Program Files\YouTube Accelerator deleted C:\Program Files\globalUpdate deleted C:\Program Files\Common Files\AVG Secure Search deleted C:\PROGRA~2\Avg_Update_0414c deleted C:\PROGRA~2\AVG Security Toolbar deleted C:\PROGRA~2\AVG Secure Search deleted C:\PROGRA~2\AVG SafeGuard toolbar deleted C:\Users\Cyrax\AppData\Local\globalUpdate deleted C:\Users\Cyrax\AppData\Local\Installer deleted C:\Users\Public\Documents\GOOBZO deleted C:\Users\Public\Documents\ShopperPro deleted C:\Users\Cyrax\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\system32\GroupPolicy\User deleted C:\Users\Cyrax\Documents\Optimizer Pro deleted C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default\searchplugins\WebSearch.xml deleted "C:\PROGRA~2\fbc3fe224e03aa07\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20141022132206" deleted "C:\PROGRA~2\fbc3fe224e03aa07\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20141022132219" deleted "C:\PROGRA~2\fbc3fe224e03aa07\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20141022132132" deleted "C:\PROGRA~2\fbc3fe224e03aa07\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20141022132151" deleted "C:\PROGRA~2\fbc3fe224e03aa07\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20141022135638" deleted "C:\PROGRA~2\fbc3fe224e03aa07\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20141022135639" deleted "C:\PROGRA~2\fbc3fe224e03aa07\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20141022135646" deleted "C:\PROGRA~2\fbc3fe224e03aa07" deleted "C:\Users\Cyrax\AppData\Local\AVG SafeGuard toolbar" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default - United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org - DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default 67D325B5AEB28E381B84E8DE1A90C7A8 - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll - Shockwave Flash BBF0479C2D30519A2E746D12CAE54B43 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U71 1ED046D972B98E0ADEC4D4D61BF37695 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.710.14 64C4ADE063A9C93D3BAE09922AD90C27 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 446BCAE59E26321802E000FC3E0C390A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Torch deleted Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Administrator\AppData\Local\Chromatic Browser deleted Fake profile C:\Users\Cyrax\AppData\Local\Torch deleted Fake profile C:\Users\Cyrax\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Cyrax\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Cyrax\AppData\Local\Chromatic Browser deleted Fake profile C:\Users\Guest\AppData\Local\Torch deleted Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Guest\AppData\Local\Chromatic Browser deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Torch deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser deleted ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-Jul-14 05:22 PM] BIODIGITAL HUMAN - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak Photo Zoom for Facebook - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi AdBlock - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Skype Click to Call - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Chromium Startpages ====================== C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", "startup_urls": [ "http://www.google.rs/" ], ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {115BE84A-2FAA-4BDF-9A7A-CDFB1D73DFA0} Google Url="https://www.google.com/search?q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411821192} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411821192} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully ==== Empty IE Cache ====================== C:\Users\Cyrax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GXGGIGP7 will be deleted at reboot C:\Users\Cyrax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IASOPE1H will be deleted at reboot C:\Users\Cyrax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T1YUQBXN will be deleted at reboot C:\Users\Cyrax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XPH812HI will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=99 folders=72 36772189 bytes) ==== Empty Temp Folders ====================== C:\Users\Cyrax\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Cyrax\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Cyrax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GXGGIGP7" not found "C:\Users\Cyrax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IASOPE1H" not found "C:\Users\Cyrax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T1YUQBXN" not found "C:\Users\Cyrax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XPH812HI" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on 23-Nov-14 at 20:44:44.16 ======================

Profil

magna86 Poslao: 23 Nov 2014 20:53 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu, ovo sada izgleda mnogo bolje. Verovatno to i osecas samim radom sistema? Sada privodimo ovo lagano kraju. No, potrebno je da deinstaliras i kompletno uklonis Google Chrome browser. Kod deinstalacije obavezno izaberi Also delete your browsing data opciju. Smes da sacuvas bookmarks backup. Cilj je da u potpunosti uklonimo Chrome browser i njegove podatke jer je kompromitovan. Kada zavrsis deinstalaciju, restartuj racunar te sa officijalnog sajta preuzmi svezu verziju pa je instaliraj. . I idemo na dodatnu ARK proveru. Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

Cyrax Poslao: 23 Nov 2014 22:11 Idi na vrh
offline Cyrax Građanin Pridružio: 13 Maj 2008 Poruke: 113	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Evo odradio sam sve, samo imam jedno pitanj. Nisam odradio bookmarks backup posto imam svoj chrom google account koji mi sam pamti ceo bookmarks i lozinke, tako da sam se samo ponovo ulogovao preko njega. Pa me zanima da li je to OK ili sam samo trebao da beckup bookmarks ? A evo i izvestaja dole ispod. Malwarebytes Anti-Rootkit BETA 1.08.2.1001 malwarebytes.org Database version: v2014.11.23.09 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 11.0.9600.17420 Cyrax :: CYRAX-PC [administrator] 23-Nov-14 9:17:24 PM mbar-log-2014-11-23 (21-17-24).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 321333 Time elapsed: 14 minute(s), 18 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) mycity.rs/must-login.png

Profil

magna86 Poslao: 23 Nov 2014 22:39 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Citat:Pa me zanima da li je to OK ili sam samo trebao da beckup bookmarks ? Naravno da je to Ok. Google pravi Sync preko svojih naloga no ja sam morao da ti napomenem da mozes i sam, rucno da odradis backup. Kako ti se sada ponasa racunar?

Profil

Cyrax Poslao: 23 Nov 2014 22:51 Idi na vrh
offline Cyrax Građanin Pridružio: 13 Maj 2008 Poruke: 113	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Daleko bolje nego sto je bilo barem koliko ja mogu ovako u kratkom roku da provalim. Mada opet npr kada odem na D3GO brze je dosta ali i dalje mu treba vremena da ucita npr pregled sta je moguce gledati sada na kanalima. Ali u svakom slucaju daleko je brzi nego sto je bio pre.

Profil

magna86 Poslao: 23 Nov 2014 23:05 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Onda taj problem nije do tebe. Cache koji bi mozda mogao da pravi problem zajedno sa junk fajlovima smo dva puta cistili, instalirao si svez browser, uklonjen je sav stetan softver, to je to. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Uspored rad kompa

Ko je trenutno na forumu

Ukupno su 862 korisnika na forumu :: 10 registrovanih, 0 sakrivenih i 852 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bigfoot, branko7, djordje92sm, Kriglord, kybonacci, milenko crazy north, Neutral-M, VJ, wizzardone, zziko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by