MyCity » Ambulanta -> Arhiva Ambulante » provera zarazenosti racunara

provera zarazenosti racunara

Napisano na dan: 15.5.2015

Strana:
1
2

provera zarazenosti racunara

Sledeća strana

Pagination

Odgovori

Strana:
1
2

slavisa71 Poslao: 15 Maj 2015 13:48 Idi na vrh
offline slavisa71 Građanin Pridružio: 27 Sep 2013 Poruke: 94	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Unazad mesec-dva kompjuter me dovodi do ludila,sta god pokusam da otvorim meni se otvaraju jos po 2-3 stranice tipa "Trivian", "Brazilske device" itd a o broju reklamnih prozora da i ne govorim.imam avg antivirus i skinuo sam pre neki dan malwarebites antimalware ali uzalud,na googlu sam skinuo adblock i opet nScan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-05-2015 02 Ran by pc centar (administrator) on PC-C464735FA91F on 15-05-2015 13:32:17 Running from C:\Documents and Settings\pc centar\My Documents\Downloads Loaded Profiles: pc centar (Available profiles: pc centar) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States) Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe () C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Atheros) C:\WINDOWS\system32\acs.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (TP-LINK TECHNOLOGIES CO., LTD.) C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe (Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe () C:\Program Files\AVG Web TuneUp\vprot.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\loggingserver.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (AVG Secure Search) C:\Program Files\AVG Web TuneUp\avgcefrend.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Farbar) C:\Documents and Settings\pc centar\My Documents\Downloads\FRST (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20026472 2011-01-21] (Realtek Semiconductor Corp.) HKLM\...\Run: [TWCU] => C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe [479412 2008-03-26] (TP-LINK TECHNOLOGIES CO., LTD.) HKLM\...\Run: [Hard Disk Sentinel] => F:\Hard Disk Sentinel\HDSentinel.exe [4334224 2014-01-30] (H.D.S. Hungary) HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [3033112 2015-05-05] () HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11] (ATI Technologies Inc.) HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [Facebook Update] => C:\Documents and Settings\pc centar\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [138096 2014-11-11] (Facebook Inc.) HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-436374069-1637723038-1801674531-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [9216 2008-04-14] (Microsoft Corporation) SecurityProviders: msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-436374069-1637723038-1801674531-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com URLSearchHook: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File SearchScopes: HKLM -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=22142&r=2015/05/08&hid=9372749780152371321&lg=EN&cc=BA&unqvl=86 SearchScopes: HKLM -> Yandex URL = yandex.ru/yandsearch?clid=154468&text={searchTerms} SearchScopes: HKLM -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=22142&r=2015/05/08&hid=9372749780152371321&lg=EN&cc=BA&unqvl=86 SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> DefaultScope {9F1C6137-C781-41F5-9911-DC426021AD70} URL = trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2830765&CUI=UN70431892010205237&UM=4 SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> Moikrug URL = moikrug.ru/persons/?clid=154468&charset=utf-8&keywords={searchTerms}&submitted=1 SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> Yandex URL = yandex.ru/yandsearch?clid=154468&text={searchTerms} SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> {67754101-847B-4761-ABC3-320D9FE249E6} URL = search.ask.com/web?tpid=BTR-SP&o=APN11584&pf=V7&p2=^BJ2^YYYYYY^YY^BA&gct=sb&itbv=12.24.0.218&apn_uid=ECDC03A6-4AB2-469F-81B8-0891CFD56D93&apn_ptnrs=^BJ2&apn_dtid=^YYYYYY^YY^BA&apn_dbr=cr_40.0.2214.93&doi=2015-01-31&trgb=CR&q={searchTerms}&psv=&pt=crx SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = mysearch.avg.com/search?cid={8CE110A4-488B-44C6-A5BC-D8DE9913591A}&mid=19852fb6060847d2890d85afba3e5e8f-06ce4fc639803a2e3563922518183d8e94088cb9&lang=sr&ds=AVG&coid=avgtbavg&cmpid=0415av&pr=fr&d=2015-05-05 13:06:58&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> {9F1C6137-C781-41F5-9911-DC426021AD70} URL = trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2830765&CUI=UN70431892010205237&UM=4 SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=22142&r=2015/05/08&hid=9372749780152371321&lg=EN&cc=BA&unqvl=86 BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-14] (Oracle Corporation) BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.0.411\AVG Web TuneUp.dll [2015-05-05] (AVG) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-14] (Oracle Corporation) Toolbar: HKLM - No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation) Tcpip\..\Interfaces\{7F946C84-F99B-48F5-8EB6-53494A0EACDB}: [NameServer] 87.250.98.250 87.250.97.250 FireFox: ======== FF ProfilePath: C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default FF NewTab: chrome://LVD-SAE/content/unpackedcrx/newtab/newtab.html FF DefaultSearchEngine: Ask Search FF DefaultSearchEngine,S: WebSearch FF DefaultSearchUrl: hxxp://websearch.goodforsearch.info/?pid=22142&r=2015/05/08&hid=9372749780152371321&lg=EN&cc=BA&unqvl=86&l=1&q= FF SearchEngineOrder.1: WebSearch FF SearchEngineOrder.1,S: WebSearch FF SelectedSearchEngine: WebSearch FF SelectedSearchEngine,S: WebSearch FF Homepage: about:home FF Keyword.URL: hxxp://websearch.goodforsearch.info/?pid=22142&r=2015/05/08&hid=9372749780152371321&lg=EN&cc=BA&unqvl=86&l=1&q= FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.) FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.4.0\\npsitesafety.dll No File FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-14] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-14] (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.) FF Plugin HKU\S-1-5-21-436374069-1637723038-1801674531-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\pc centar\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-436374069-1637723038-1801674531-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\pc centar\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS) FF user.js: detected! => C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\user.js [2015-02-11] FF SearchPlugin: C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\ask-search.xml [2015-05-08] FF SearchPlugin: C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\avg-secure-search.xml [2015-05-05] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml [2014-11-26] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml [2014-11-26] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-05-05] FF Extension: bestadblocker - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\1Nj5XlK@Soy.org [2015-05-08] FF Extension: PrriceMinus - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\4z@So37C.com [2015-05-08] FF Extension: AVG Web TuneUp - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\avg@toolbar [2015-05-05] FF Extension: bestadblocker - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\EUfsIzR@M.net [2015-05-08] FF Extension: PriceMiinnuse - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\KGcTFv@1z7mB.edu [2015-05-08] FF Extension: iLivid - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\LVD-SAE@iacsearchandmedia.com.xpi [2015-05-08] FF Extension: &Yandex Elements& - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\yasearch@yandex.ru.xpi [2015-02-10] FF Extension: BrowseStudio 1.0.1 - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{5a175d0d-5539-4e73-8563-80c93aa35313}.xpi [2014-11-29] FF Extension: Adblock Plus - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-26] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-20] Chrome: ======= CHR HomePage: Default -> mysearch.avg.com?cid={7B0EBEAB-765B-4C9E-8C4F-9B7CEB52654F}&mid=19852fb6060847d2890d85afba3e5e8f-06ce4fc639803a2e3563922518183d8e94088cb9&lang=sr&ds=AVG&coid=avgtbavg&pr=fr&d=2014-07-21 13:01:11&v=3.1.0.6&pid=wtu&sg=&sap=hp CHR StartupUrls: Default -> "https://www.google.ba/?gws_rd=cr&ei=NJ61U4L-GqLnywPy_4G4AQ" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (SavePass 1.1) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2015-03-30] CHR Extension: (Google Drive) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-05] CHR Extension: (YouTube) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-05] CHR Extension: (Google Search) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-05] CHR Extension: (Bookmark Manager) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-14] CHR Extension: (Google Maps) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-09-09] CHR Extension: (iLivid) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-01-28] CHR Extension: (ChromeReload) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo [2015-05-08] CHR Extension: (Google Wallet) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-05] CHR Extension: (Desktop Client for Viber™) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\olamheimegmegknankiijehcgocchdph [2014-09-10] CHR Extension: (Earth map) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\opmibphegngmljhikklndacjdpkmhocp [2014-09-09] CHR Extension: (Adblock ) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbieggejclnbaidmjajaklpankjlabnp [2015-04-25] CHR Extension: (Gmail) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-05] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ACS; C:\WINDOWS\system32\acs.exe [364629 2007-02-12] (Atheros) [File not signed] R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed] R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 vToolbarUpdater18.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [1875480 2015-05-05] (AVG Secure Search) R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-05] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [543712 2007-03-27] (Atheros Communications, Inc.) [File not signed] S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1938272 2010-11-05] (Atheros Communications, Inc.) R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed] R3 ATIAVAIW; C:\WINDOWS\System32\DRIVERS\atinavt2.sys [170496 2009-04-01] (ATI Technologies Inc.) R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [209376 2015-03-25] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [107488 2015-02-05] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [210912 2015-02-25] (AVG Technologies CZ, s.r.o.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-15] (Malwarebytes Corporation) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation) R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [14184 2013-03-13] (Marvell Semiconductor Inc.) R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2013-03-13] (Marvell Semiconductor Inc.) [File not signed] R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [14184 2013-03-13] (Marvell Semiconductor Inc.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [55840 2006-11-15] (Atheros Communications, Inc.) [File not signed] S3 cpuz134; \??\C:\DOCUME~1\PCCENT~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X] S4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath S1 {7eca9cfa-8eb0-4cc4-b008-3419a1b1582a}Gt; system32\drivers\{7eca9cfa-8eb0-4cc4-b008-3419a1b1582a}Gt.sys [X] S1 {9449d7f6-6f2b-4280-9a4d-eb2b42a31f67}Gt; system32\drivers\{9449d7f6-6f2b-4280-9a4d-eb2b42a31f67}Gt.sys [X] S1 {c6cf689f-ec21-4add-accd-adc0bafcbba6}Gt; system32\drivers\{c6cf689f-ec21-4add-accd-adc0bafcbba6}Gt.sys [X] S1 {d0194130-21b3-4618-b5c8-b6dfe1e0bb88}Gt; system32\drivers\{d0194130-21b3-4618-b5c8-b6dfe1e0bb88}Gt.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-15 13:32 - 2015-05-15 13:33 - 00000000 ____D () C:\FRST 2015-05-14 15:10 - 2015-05-15 09:49 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-05-14 15:10 - 2015-05-14 15:10 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk 2015-05-14 15:10 - 2015-05-14 15:10 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2015-05-14 15:10 - 2015-05-14 15:10 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware 2015-05-14 15:10 - 2015-04-14 09:37 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-05-14 15:10 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-05-14 13:14 - 2015-05-14 13:14 - 00001809 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk 2015-05-14 13:14 - 2015-05-14 13:14 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome 2015-05-14 12:49 - 2015-05-14 12:49 - 00000000 ____D () C:\Program Files\Common Files\Java 2015-05-08 13:30 - 2015-05-12 20:43 - 00000000 ____D () C:\Program Files\PriceMiinnuse 2015-05-08 13:30 - 2015-05-12 20:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\bjnggcfbmocgbpnehcbcdfjhkknpkkbg 2015-05-08 13:22 - 2015-05-10 20:59 - 00000000 ____D () C:\Program Files\ChromeReload 2015-05-08 13:21 - 2015-05-14 09:43 - 00000000 ____D () C:\Program Files\PriceMinus 2015-05-08 13:21 - 2015-05-14 09:29 - 00000000 ____D () C:\Program Files\bestadblocker 2015-05-08 13:20 - 2015-05-14 09:43 - 00000000 ____D () C:\Program Files\PrriceMinus 2015-05-08 13:20 - 2015-05-08 13:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\760984944337691657 2015-05-08 13:17 - 2015-05-08 13:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\pooekchhjnhdgonjoiehdkcjbejlaheh 2015-05-05 13:07 - 2015-05-05 17:07 - 00000000 ____D () C:\Documents and Settings\pc centar\Local Settings\Application Data\AVG Web TuneUp 2015-05-05 13:07 - 2015-05-05 13:07 - 00000000 ____D () C:\Documents and Settings\pc centar\Application Data\AVG Web TuneUp 2015-05-05 13:06 - 2015-05-05 13:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG Web TuneUp 2015-05-05 13:06 - 2015-05-05 13:06 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search 2015-05-05 13:06 - 2015-05-05 13:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG Secure Search 2015-04-23 20:56 - 2015-04-23 20:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-04-21 18:05 - 2015-05-12 23:14 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-04-20 12:39 - 2015-05-15 09:21 - 00000230 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2015-04-20 12:39 - 2015-05-08 15:02 - 00000224 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job 2015-04-20 00:38 - 2015-04-20 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$ 2015-04-20 00:35 - 2015-04-20 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969878_WM9L$ 2015-04-20 00:35 - 2015-04-20 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$ 2015-04-20 00:35 - 2015-04-20 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$ 2015-04-20 00:35 - 2015-04-20 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$ 2015-04-20 00:35 - 2015-04-20 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$ 2015-04-20 00:32 - 2015-05-14 16:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$ 2015-04-20 00:31 - 2015-04-20 00:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$ 2015-04-20 00:29 - 2015-04-20 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$ 2015-04-20 00:29 - 2015-04-20 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$ 2015-04-20 00:28 - 2015-04-20 00:28 - 00006640 _____ () C:\WINDOWS\system32\TZLog.log 2015-04-20 00:28 - 2015-04-20 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$ 2015-04-20 00:28 - 2015-04-20 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$ 2015-04-20 00:28 - 2015-04-20 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$ 2015-04-20 00:28 - 2015-04-20 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2845142_WM64$ 2015-04-20 00:25 - 2015-04-20 00:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$ 2015-04-20 00:25 - 2015-04-20 00:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$ 2015-04-20 00:25 - 2015-04-20 00:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$ 2015-04-20 00:24 - 2015-04-20 00:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$ 2015-04-20 00:24 - 2015-04-20 00:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$ 2015-04-20 00:24 - 2015-04-20 00:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$ 2015-04-20 00:21 - 2015-04-20 00:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$ 2015-04-20 00:21 - 2015-04-20 00:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$ 2015-04-20 00:21 - 2015-04-20 00:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$ 2015-04-20 00:21 - 2015-04-20 00:21 - 00000000 ___HD () C:\WINDOWS\$hf_mig$ 2015-04-20 00:18 - 2015-04-20 00:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$ 2015-04-20 00:18 - 2015-04-20 00:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$ 2015-04-20 00:18 - 2015-04-20 00:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$ 2015-04-20 00:14 - 2015-04-20 00:34 - 00000000 ____D () C:\WINDOWS\ie8updates 2015-04-20 00:07 - 2015-04-20 00:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$ 2015-04-19 18:02 - 2013-07-04 05:03 - 02149888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe 2015-04-19 18:02 - 2013-07-04 04:59 - 02193536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2015-04-19 18:02 - 2013-07-04 04:08 - 02070144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2015-04-19 18:02 - 2013-07-04 04:08 - 02028544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe 2015-04-19 17:53 - 2014-02-26 03:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe 2015-04-19 17:53 - 2014-02-26 03:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe 2015-04-19 17:34 - 2013-07-03 04:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys 2015-04-19 17:27 - 2013-07-17 02:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys 2015-04-19 17:27 - 2013-07-17 02:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys 2015-04-19 17:26 - 2013-08-09 02:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys 2015-04-19 17:26 - 2013-08-09 02:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys 2015-04-19 17:26 - 2013-08-09 02:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys 2015-04-19 17:26 - 2009-03-18 13:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys 2015-04-19 17:23 - 2014-03-06 19:59 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll 2015-04-18 18:52 - 2015-04-18 18:52 - 00001472 _____ () C:\Documents and Settings\pc centar\Start Menu\Counter-Strike 1.6.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-15 13:33 - 2014-06-05 12:17 - 00000000 ____D () C:\Documents and Settings\pc centar\Local Settings\Temp 2015-05-15 13:27 - 2014-06-05 12:09 - 01887987 _____ () C:\WINDOWS\WindowsUpdate.log 2015-05-15 13:24 - 2014-12-09 12:28 - 00000000 ____D () C:\Documents and Settings\pc centar\Application Data\Skype 2015-05-15 13:23 - 2014-06-05 13:12 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-15 13:09 - 2014-12-21 13:53 - 00017107 ____C () C:\Documents and Settings\pc centar\debug.log 2015-05-15 10:04 - 2014-11-11 22:59 - 00001014 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-436374069-1637723038-1801674531-1003UA.job 2015-05-15 09:59 - 2014-07-08 17:16 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-05-15 09:53 - 2015-03-16 16:48 - 00000430 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{EEFADBE6-CEC8-4327-8EE6-CEC618EE7532}.job 2015-05-15 09:27 - 2014-07-20 12:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData 2015-05-15 09:23 - 2014-06-05 13:12 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-15 09:21 - 2014-06-05 14:02 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-05-15 09:21 - 2014-06-05 14:02 - 00000049 _____ () C:\WINDOWS\wiaservc.log 2015-05-15 09:20 - 2014-06-05 12:16 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-05-14 22:22 - 2014-06-05 12:16 - 00032572 _____ () C:\WINDOWS\SchedLgU.Txt 2015-05-14 22:20 - 2014-06-05 12:17 - 00000278 ___SH () C:\Documents and Settings\pc centar\ntuser.ini 2015-05-14 22:20 - 2014-06-05 12:17 - 00000000 ____D () C:\Documents and Settings\pc centar 2015-05-14 22:04 - 2014-11-11 22:59 - 00000992 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-436374069-1637723038-1801674531-1003Core.job 2015-05-14 17:04 - 2014-06-29 22:48 - 00000000 ___RD () C:\Documents and Settings\pc centar\Desktop\Jowana 2015-05-14 16:06 - 2015-03-30 20:06 - 00000000 ____D () C:\Program Files\globalUpdate 2015-05-14 14:54 - 2014-12-26 12:01 - 00000000 ____D () C:\Documents and Settings\pc centar\My Documents\Преузимања 2015-05-14 13:14 - 2014-06-05 13:12 - 00000000 ____D () C:\Program Files\Google 2015-05-14 12:55 - 2014-11-15 13:17 - 00000000 ____D () C:\WINDOWS\Minidump 2015-05-14 12:50 - 2015-01-05 13:00 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Oracle 2015-05-14 12:49 - 2014-12-20 22:57 - 00000000 ____D () C:\Program Files\Java 2015-05-14 12:47 - 2014-12-20 22:58 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2015-05-14 12:47 - 2014-12-20 22:58 - 00096352 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-05-12 23:13 - 2008-04-14 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2015-05-12 23:07 - 2013-03-13 20:22 - 137310008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt.exe 2015-05-12 20:44 - 2014-06-30 16:07 - 00000000 ___RD () C:\Documents and Settings\pc centar\Desktop\MUZIKA 2015-05-10 20:08 - 2014-08-13 22:21 - 00000000 ___RD () C:\Documents and Settings\pc centar\Desktop\SLIKE 2015-05-08 13:10 - 2014-12-26 16:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype 2015-05-08 13:09 - 2014-12-26 16:55 - 00000000 ___RD () C:\Program Files\Skype 2015-05-05 23:29 - 2014-11-16 22:12 - 00001374 _____ () C:\WINDOWS\system32\debug.log 2015-05-05 21:26 - 2014-12-21 19:56 - 00000000 ___RD () C:\Documents and Settings\pc centar\Desktop\LEKOVITI RECEPTI 2015-05-05 21:25 - 2015-03-05 18:22 - 00002497 _____ () C:\Documents and Settings\pc centar\Desktop\Microsoft Office Word 2003.lnk 2015-05-05 14:30 - 2014-12-08 19:42 - 00000000 ___RD () C:\Documents and Settings\pc centar\Desktop\Igrice 2015-05-05 13:07 - 2014-07-21 13:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar 2015-05-05 13:06 - 2014-11-16 22:11 - 00000000 ____D () C:\Program Files\AVG Web TuneUp 2015-05-05 00:57 - 2014-06-30 21:35 - 00210944 __SHC () C:\Documents and Settings\pc centar\Desktop\Thumbs.db 2015-04-28 07:57 - 2015-03-28 19:08 - 00000000 ____D () C:\Program Files\MagicISO 2015-04-28 07:56 - 2015-03-19 15:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Forward Development 2015-04-27 21:08 - 2014-12-26 16:55 - 00002267 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk 2015-04-25 21:09 - 2015-03-19 19:36 - 00000000 ____D () C:\Documents and Settings\pc centar\My Documents\Euro Truck Simulator 2015-04-24 12:37 - 2014-12-26 11:52 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-04-21 13:14 - 2014-08-17 21:22 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2015-04-20 23:19 - 2014-09-11 14:57 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer 2015-04-20 20:55 - 2014-07-13 16:07 - 00000000 ___RD () C:\Documents and Settings\pc centar\Desktop\RECEPTI 2015-04-20 20:54 - 2014-06-05 12:20 - 00042944 _____ () C:\Documents and Settings\pc centar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2015-04-20 13:23 - 2014-06-05 13:58 - 00192976 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-04-20 13:06 - 2014-06-05 14:00 - 00492248 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-04-16 21:03 - 2008-04-14 13:00 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-04-16 21:03 - 2008-04-14 13:00 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2014-11-08 18:49 - 2015-01-31 19:34 - 0000000 ____C () C:\Documents and Settings\pc centar\Application Data\bitlord_log.txt 2015-01-31 19:35 - 2015-01-31 19:35 - 0000218 ____C () C:\Documents and Settings\pc centar\Local Settings\Application Data\recently-used.xbel Some content of TEMP: ==================== C:\Documents and Settings\pc centar\Local Settings\Temp\jre-8u31-windows-au.exe C:\Documents and Settings\pc centar\Local Settings\Temp\jre-8u45-windows-au.exe C:\Documents and Settings\pc centar\Local Settings\Temp\ReimagePackage.exe C:\Documents and Settings\pc centar\Local Settings\Temp\setup_wm.exe C:\Documents and Settings\pc centar\Local Settings\Temp\SkypeSetup.exe C:\Documents and Settings\pc centar\Local Settings\Temp\Uninstall.exe C:\Documents and Settings\pc centar\Local Settings\Temp\utt41.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ista pa zato trazim pomoc od vas. mycity.rs/must-login.png

Profil

helen1 Poslao: 15 Maj 2015 14:10 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, probacemo da pomognemo. Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt Posle skeniranja AdwCleanerom, skeniraj ponovo sa FRST-om i postavi mi log.

Profil

slavisa71 Poslao: 15 Maj 2015 15:17 Idi na vrh
offline slavisa71 Građanin Pridružio: 27 Sep 2013 Poruke: 94	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-05-2015 02 Ran by pc centar (administrator) on PC-C464735FA91F on 15-05-2015 15:12:13 Running from C:\Documents and Settings\pc centar\My Documents\Downloads Loaded Profiles: pc centar (Available profiles: pc centar) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States) Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe () C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Atheros) C:\WINDOWS\system32\acs.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (TP-LINK TECHNOLOGIES CO., LTD.) C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe (H.D.S. Hungary) F:\Hard Disk Sentinel\HDSentinel.exe (Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20026472 2011-01-21] (Realtek Semiconductor Corp.) HKLM\...\Run: [TWCU] => C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe [479412 2008-03-26] (TP-LINK TECHNOLOGIES CO., LTD.) HKLM\...\Run: [Hard Disk Sentinel] => F:\Hard Disk Sentinel\HDSentinel.exe [4334224 2014-01-30] (H.D.S. Hungary) HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11] (ATI Technologies Inc.) HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [Facebook Update] => C:\Documents and Settings\pc centar\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [138096 2014-11-11] (Facebook Inc.) HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-436374069-1637723038-1801674531-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [9216 2008-04-14] (Microsoft Corporation) SecurityProviders: msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-436374069-1637723038-1801674531-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com SearchScopes: HKLM -> Yandex URL = yandex.ru/yandsearch?clid=154468&text={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> Moikrug URL = moikrug.ru/persons/?clid=154468&charset=utf-8&keywords={searchTerms}&submitted=1 SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> Yandex URL = yandex.ru/yandsearch?clid=154468&text={searchTerms} SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = mysearch.avg.com/search?cid={8CE110A4-488B-44C6-A5BC-D8DE9913591A}&mid=19852fb6060847d2890d85afba3e5e8f-06ce4fc639803a2e3563922518183d8e94088cb9&lang=sr&ds=AVG&coid=avgtbavg&cmpid=0415av&pr=fr&d=2015-05-05 13:06:58&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms} BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-14] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-14] (Oracle Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation) Tcpip\..\Interfaces\{7F946C84-F99B-48F5-8EB6-53494A0EACDB}: [NameServer] 87.250.98.250 87.250.97.250 FireFox: ======== FF ProfilePath: C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default FF NewTab: chrome://LVD-SAE/content/unpackedcrx/newtab/newtab.html FF DefaultSearchEngine: Ask Search FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-14] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-14] (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.) FF Plugin HKU\S-1-5-21-436374069-1637723038-1801674531-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\pc centar\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-436374069-1637723038-1801674531-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\pc centar\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS) FF SearchPlugin: C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\ask-search.xml [2015-05-15] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml [2014-11-26] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml [2014-11-26] FF Extension: iLivid - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\LVD-SAE@iacsearchandmedia.com.xpi [2015-05-08] FF Extension: BrowseStudio 1.0.1 - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{5a175d0d-5539-4e73-8563-80c93aa35313}.xpi [2014-11-29] FF Extension: Adblock Plus - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-26] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-20] Chrome: ======= CHR Profile: C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ACS; C:\WINDOWS\system32\acs.exe [364629 2007-02-12] (Atheros) [File not signed] R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed] R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-05] () S2 vToolbarUpdater18.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [543712 2007-03-27] (Atheros Communications, Inc.) [File not signed] S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1938272 2010-11-05] (Atheros Communications, Inc.) R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed] R3 ATIAVAIW; C:\WINDOWS\System32\DRIVERS\atinavt2.sys [170496 2009-04-01] (ATI Technologies Inc.) R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [209376 2015-03-25] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [107488 2015-02-05] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [210912 2015-02-25] (AVG Technologies CZ, s.r.o.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-15] (Malwarebytes Corporation) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation) R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [14184 2013-03-13] (Marvell Semiconductor Inc.) R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2013-03-13] (Marvell Semiconductor Inc.) [File not signed] R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [14184 2013-03-13] (Marvell Semiconductor Inc.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [55840 2006-11-15] (Atheros Communications, Inc.) [File not signed] S3 cpuz134; \??\C:\DOCUME~1\PCCENT~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X] S4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-15 15:03 - 2015-05-15 15:03 - 00023012 _____ () C:\Documents and Settings\pc centar\Desktop\AdwCleaner[S0].txt 2015-05-15 14:56 - 2015-05-15 14:59 - 00000000 ____D () C:\AdwCleaner 2015-05-15 13:32 - 2015-05-15 15:12 - 00000000 ____D () C:\FRST 2015-05-14 15:10 - 2015-05-15 09:49 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-05-14 15:10 - 2015-05-14 15:10 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk 2015-05-14 15:10 - 2015-05-14 15:10 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2015-05-14 15:10 - 2015-05-14 15:10 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware 2015-05-14 15:10 - 2015-04-14 09:37 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-05-14 15:10 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-05-14 13:14 - 2015-05-14 13:14 - 00001809 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk 2015-05-14 13:14 - 2015-05-14 13:14 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome 2015-05-14 12:49 - 2015-05-14 12:49 - 00000000 ____D () C:\Program Files\Common Files\Java 2015-05-08 13:22 - 2015-05-10 20:59 - 00000000 ____D () C:\Program Files\ChromeReload 2015-05-08 13:20 - 2015-05-08 13:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\760984944337691657 2015-05-05 13:07 - 2015-05-05 17:07 - 00000000 ____D () C:\Documents and Settings\pc centar\Local Settings\Application Data\AVG Web TuneUp 2015-05-05 13:07 - 2015-05-05 13:07 - 00000000 ____D () C:\Documents and Settings\pc centar\Application Data\AVG Web TuneUp 2015-05-05 13:06 - 2015-05-05 13:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG Web TuneUp 2015-04-23 20:56 - 2015-04-23 20:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-04-21 18:05 - 2015-05-12 23:14 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-04-20 12:39 - 2015-05-15 15:01 - 00000230 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2015-04-20 12:39 - 2015-05-08 15:02 - 00000224 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job 2015-04-20 00:38 - 2015-04-20 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$ 2015-04-20 00:35 - 2015-04-20 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969878_WM9L$ 2015-04-20 00:35 - 2015-04-20 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$ 2015-04-20 00:35 - 2015-04-20 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$ 2015-04-20 00:35 - 2015-04-20 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$ 2015-04-20 00:35 - 2015-04-20 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$ 2015-04-20 00:32 - 2015-05-14 16:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$ 2015-04-20 00:31 - 2015-04-20 00:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$ 2015-04-20 00:29 - 2015-04-20 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$ 2015-04-20 00:29 - 2015-04-20 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$ 2015-04-20 00:28 - 2015-04-20 00:28 - 00006640 _____ () C:\WINDOWS\system32\TZLog.log 2015-04-20 00:28 - 2015-04-20 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$ 2015-04-20 00:28 - 2015-04-20 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$ 2015-04-20 00:28 - 2015-04-20 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$ 2015-04-20 00:28 - 2015-04-20 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2845142_WM64$ 2015-04-20 00:25 - 2015-04-20 00:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$ 2015-04-20 00:25 - 2015-04-20 00:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$ 2015-04-20 00:25 - 2015-04-20 00:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$ 2015-04-20 00:24 - 2015-04-20 00:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$ 2015-04-20 00:24 - 2015-04-20 00:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$ 2015-04-20 00:24 - 2015-04-20 00:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$ 2015-04-20 00:21 - 2015-04-20 00:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$ 2015-04-20 00:21 - 2015-04-20 00:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$ 2015-04-20 00:21 - 2015-04-20 00:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$ 2015-04-20 00:21 - 2015-04-20 00:21 - 00000000 ___HD () C:\WINDOWS\$hf_mig$ 2015-04-20 00:18 - 2015-04-20 00:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$ 2015-04-20 00:18 - 2015-04-20 00:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$ 2015-04-20 00:18 - 2015-04-20 00:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$ 2015-04-20 00:14 - 2015-04-20 00:34 - 00000000 ____D () C:\WINDOWS\ie8updates 2015-04-20 00:07 - 2015-04-20 00:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$ 2015-04-19 18:02 - 2013-07-04 05:03 - 02149888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe 2015-04-19 18:02 - 2013-07-04 04:59 - 02193536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2015-04-19 18:02 - 2013-07-04 04:08 - 02070144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2015-04-19 18:02 - 2013-07-04 04:08 - 02028544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe 2015-04-19 17:53 - 2014-02-26 03:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe 2015-04-19 17:53 - 2014-02-26 03:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe 2015-04-19 17:34 - 2013-07-03 04:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys 2015-04-19 17:27 - 2013-07-17 02:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys 2015-04-19 17:27 - 2013-07-17 02:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys 2015-04-19 17:26 - 2013-08-09 02:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys 2015-04-19 17:26 - 2013-08-09 02:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys 2015-04-19 17:26 - 2013-08-09 02:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys 2015-04-19 17:26 - 2009-03-18 13:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys 2015-04-19 17:23 - 2014-03-06 19:59 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2015-04-19 17:23 - 2014-03-06 19:59 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll 2015-04-18 18:52 - 2015-04-18 18:52 - 00001472 _____ () C:\Documents and Settings\pc centar\Start Menu\Counter-Strike 1.6.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-15 15:12 - 2014-06-05 12:17 - 00000000 ____D () C:\Documents and Settings\pc centar\Local Settings\Temp 2015-05-15 15:06 - 2014-06-05 12:09 - 01897351 _____ () C:\WINDOWS\WindowsUpdate.log 2015-05-15 15:03 - 2014-12-09 12:28 - 00000000 ____D () C:\Documents and Settings\pc centar\Application Data\Skype 2015-05-15 15:02 - 2014-06-05 14:02 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-05-15 15:01 - 2014-06-05 14:02 - 00000049 _____ () C:\WINDOWS\wiaservc.log 2015-05-15 15:01 - 2014-06-05 13:12 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-15 15:01 - 2014-06-05 12:16 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-05-15 15:00 - 2014-06-05 12:17 - 00000278 ___SH () C:\Documents and Settings\pc centar\ntuser.ini 2015-05-15 15:00 - 2014-06-05 12:16 - 00032572 _____ () C:\WINDOWS\SchedLgU.Txt 2015-05-15 14:59 - 2014-12-21 13:53 - 00017344 ____C () C:\Documents and Settings\pc centar\debug.log 2015-05-15 14:59 - 2014-07-08 17:16 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-05-15 13:23 - 2014-06-05 13:12 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-15 10:04 - 2014-11-11 22:59 - 00001014 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-436374069-1637723038-1801674531-1003UA.job 2015-05-15 09:53 - 2015-03-16 16:48 - 00000430 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{EEFADBE6-CEC8-4327-8EE6-CEC618EE7532}.job 2015-05-15 09:27 - 2014-07-20 12:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData 2015-05-14 22:20 - 2014-06-05 12:17 - 00000000 ____D () C:\Documents and Settings\pc centar 2015-05-14 22:04 - 2014-11-11 22:59 - 00000992 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-436374069-1637723038-1801674531-1003Core.job 2015-05-14 17:04 - 2014-06-29 22:48 - 00000000 ___RD () C:\Documents and Settings\pc centar\Desktop\Jowana 2015-05-14 14:54 - 2014-12-26 12:01 - 00000000 ____D () C:\Documents and Settings\pc centar\My Documents\Преузимања 2015-05-14 13:14 - 2014-06-05 13:12 - 00000000 ____D () C:\Program Files\Google 2015-05-14 12:55 - 2014-11-15 13:17 - 00000000 ____D () C:\WINDOWS\Minidump 2015-05-14 12:50 - 2015-01-05 13:00 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Oracle 2015-05-14 12:49 - 2014-12-20 22:57 - 00000000 ____D () C:\Program Files\Java 2015-05-14 12:47 - 2014-12-20 22:58 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2015-05-14 12:47 - 2014-12-20 22:58 - 00096352 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-05-12 23:13 - 2008-04-14 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2015-05-12 23:07 - 2013-03-13 20:22 - 137310008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt.exe 2015-05-12 20:44 - 2014-06-30 16:07 - 00000000 ___RD () C:\Documents and Settings\pc centar\Desktop\MUZIKA 2015-05-10 20:08 - 2014-08-13 22:21 - 00000000 ___RD () C:\Documents and Settings\pc centar\Desktop\SLIKE 2015-05-08 13:10 - 2014-12-26 16:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype 2015-05-08 13:09 - 2014-12-26 16:55 - 00000000 ___RD () C:\Program Files\Skype 2015-05-05 23:29 - 2014-11-16 22:12 - 00001374 _____ () C:\WINDOWS\system32\debug.log 2015-05-05 21:26 - 2014-12-21 19:56 - 00000000 ___RD () C:\Documents and Settings\pc centar\Desktop\LEKOVITI RECEPTI 2015-05-05 21:25 - 2015-03-05 18:22 - 00002497 _____ () C:\Documents and Settings\pc centar\Desktop\Microsoft Office Word 2003.lnk 2015-05-05 14:30 - 2014-12-08 19:42 - 00000000 ___RD () C:\Documents and Settings\pc centar\Desktop\Igrice 2015-05-05 13:06 - 2014-11-16 22:11 - 00000000 ____D () C:\Program Files\AVG Web TuneUp 2015-05-05 00:57 - 2014-06-30 21:35 - 00210944 __SHC () C:\Documents and Settings\pc centar\Desktop\Thumbs.db 2015-04-28 07:57 - 2015-03-28 19:08 - 00000000 ____D () C:\Program Files\MagicISO 2015-04-28 07:56 - 2015-03-19 15:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Forward Development 2015-04-27 21:08 - 2014-12-26 16:55 - 00002267 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk 2015-04-25 21:09 - 2015-03-19 19:36 - 00000000 ____D () C:\Documents and Settings\pc centar\My Documents\Euro Truck Simulator 2015-04-24 12:37 - 2014-12-26 11:52 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-04-21 13:14 - 2014-08-17 21:22 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2015-04-20 23:19 - 2014-09-11 14:57 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer 2015-04-20 20:55 - 2014-07-13 16:07 - 00000000 ___RD () C:\Documents and Settings\pc centar\Desktop\RECEPTI 2015-04-20 20:54 - 2014-06-05 12:20 - 00042944 _____ () C:\Documents and Settings\pc centar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2015-04-20 13:23 - 2014-06-05 13:58 - 00192976 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-04-20 13:06 - 2014-06-05 14:00 - 00492248 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-04-16 21:03 - 2008-04-14 13:00 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-04-16 21:03 - 2008-04-14 13:00 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2014-11-08 18:49 - 2015-01-31 19:34 - 0000000 ____C () C:\Documents and Settings\pc centar\Application Data\bitlord_log.txt 2015-01-31 19:35 - 2015-01-31 19:35 - 0000218 ____C () C:\Documents and Settings\pc centar\Local Settings\Application Data\recently-used.xbel Some content of TEMP: ==================== C:\Documents and Settings\pc centar\Local Settings\Temp\jre-8u31-windows-au.exe C:\Documents and Settings\pc centar\Local Settings\Temp\jre-8u45-windows-au.exe C:\Documents and Settings\pc centar\Local Settings\Temp\Quarantine.exe C:\Documents and Settings\pc centar\Local Settings\Temp\ReimagePackage.exe C:\Documents and Settings\pc centar\Local Settings\Temp\setup_wm.exe C:\Documents and Settings\pc centar\Local Settings\Temp\SkypeSetup.exe C:\Documents and Settings\pc centar\Local Settings\Temp\sqlite3.dll C:\Documents and Settings\pc centar\Local Settings\Temp\utt41.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================

Profil

helen1 Poslao: 15 Maj 2015 15:32 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-436374069-1637723038-1801674531-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF DefaultSearchEngine: Ask Search FF Extension: BrowseStudio 1.0.1 - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{5a175d0d-5539-4e73-8563-80c93aa35313}.xpi [2014-11-29] S2 vToolbarUpdater18.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [X] S3 cpuz134; \??\C:\DOCUME~1\PCCENT~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X] S4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:10D14739 AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:FB6A21E3 FF SearchPlugin: C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\ask-search.xml [2015-05-15] EmptyTemp: 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

slavisa71 Poslao: 15 Maj 2015 18:39 Idi na vrh
offline slavisa71 Građanin Pridružio: 27 Sep 2013 Poruke: 94	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ne znam zasto ali fix nnece da se pokrene iako su i fixlist i frst sacuvani na desktopu

Profil

helen1 Poslao: 15 Maj 2015 18:48 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da li si sacuvao pod dobrim imenom? Da li se pojavljuje neko obavestenje?

Profil

slavisa71 Poslao: 15 Maj 2015 21:12 Idi na vrh
offline slavisa71 Građanin Pridružio: 27 Sep 2013 Poruke: 94	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! pojavljuje se poruka sledece sadrzine no fixlist found.The fixlist.txt should be in the same folder/directory the tool is located.

Profil

helen1 Poslao: 16 Maj 2015 01:14 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: `createsrpoint; autoclean; firefoxlook; emptyalltemp;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

slavisa71 Poslao: 16 Maj 2015 18:17 Idi na vrh
offline slavisa71 Građanin Pridružio: 27 Sep 2013 Poruke: 94	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by pc centar on sub 16.05.2015 at 17:53:20,12. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\pc centar\My Documents\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 16.5.2015 17:54:07 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\VideoLAN deleted successfully C:\Program Files\Common Files\EasyInfo deleted successfully C:\Documents and Settings\All Users\Start Menu\Programs\Forward Development deleted successfully C:\Documents and Settings\All Users\Start Menu\Programs\Multisoft deleted successfully C:\Documents and Settings\pc centar\Start Menu\Programs\World Racing 2 deleted successfully C:\Documents and Settings\pc centar\Application Data\rmi deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-436374069-1637723038-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-436374069-1637723038-1801674531-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81C22134-EB4D-44A2-8F04-10033FDD8CE2} deleted successfully HKEY_USERS\S-1-5-21-436374069-1637723038-1801674531-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD181479-C33C-4936-92C5-B152DBB6953C} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WtuSystemSupport deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.4.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\vToolbarUpdater18.4.0 deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Documents and Settings\PCCENT~1\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default user.js not found ---- Lines saeListNT" removed from prefs.js ---- user_pref("extensions.saeListNT", "[\"about:newtab\",\"LVD-SAE@iacsearchandmedia.com\"]"); ---- Lines CT2830765 removed from prefs.js ---- user_pref("CT2830765.dum", "2"); user_pref("CT2830765.FF19Solved", "true"); user_pref("CT2830765.fullUserID", "UN49059246012179320.IN.20141108174326"); user_pref("CT2830765.installDate", "08/11/2014 17:43:42"); user_pref("CT2830765.installerVersion", "1.11.0.11"); user_pref("CT2830765.installSessionId", "-1"); user_pref("CT2830765.installSp", "FALSE"); user_pref("CT2830765.installUsage", "08/11/2014 17:46:46"); user_pref("CT2830765.installUsageEarly", "08/11/2014 17:46:46"); user_pref("CT2830765.searchRevert", "false"); user_pref("CT2830765.searchUninstallUserMode", "4"); user_pref("CT2830765.searchUserMode", "4"); user_pref("CT2830765.toolbarInstallDate", "08-11-2014 17:43:27"); user_pref("CT2830765.UserID", "UN49059246012179320"); user_pref("CT2830765.versionFromInstaller", "10.35.0.3"); user_pref("CT2830765.xpeMode", "1"); ---- Lines BrowseStudio removed from prefs.js ---- user_pref("extensions.BrowseStudio.asul", "1431705723012"); user_pref("extensions.BrowseStudio.aul", "1431769082235"); user_pref("extensions.BrowseStudio.irl", true); user_pref("extensions.BrowseStudio.is", "isgiwhBA"); user_pref("extensions.BrowseStudio.ug", "0DA3014F-6545-4650-8929-95BE1EA37624"); ---- Lines Round World removed from prefs.js ---- user_pref("extensions.Round World.asul", "1424503851179"); user_pref("extensions.Round World.aul", "1424512676982"); user_pref("extensions.Round World.irl", true); user_pref("extensions.Round World.is", "isgiwhBA"); user_pref("extensions.Round World.ug", "AD1B9926-7EAB-4B0F-863B-6F195F9D645E"); ---- Lines ask.com removed from prefs.js ---- user_pref("extensions.LVD-SAE.newTabSearchURL", "\"http://dts.search.ask.com/sr?gct=hp&o=APN10644A&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=2015- user_pref("extensions.LVD-SAE.searchURL", "\"http://dts.search.ask.com/sr?gct=ds&o=APN10644&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=2015-05-08&d ---- Lines mysearch removed from prefs.js ---- user_pref("avg.wtu.ext.extParams", "{\"action\":\"extParams\",\"data\":{\"searchParams\":{\"pid\":\"wtu\",\"cid\":\"{dc52eead-b9ec-49f3-a071-7f3bac320 ---- Lines extensions.0a86G3Fp9h8GFiGs removed from prefs.js ---- user_pref("extensions.0a86G3Fp9h8GFiGs.epoch", "1431693403"); ---- Lines extensions.mqw7W8uBN57nMpmP removed from prefs.js ---- user_pref("extensions.mqw7W8uBN57nMpmP.epoch", "1431693408"); ---- Lines extensions.njErTPFTTDQnUqbG removed from prefs.js ---- user_pref("extensions.njErTPFTTDQnUqbG.epoch", "1431456463"); ---- Lines extensions.snXyGCrUUgWPfsLJ removed from prefs.js ---- user_pref("extensions.snXyGCrUUgWPfsLJ.epoch", "1431693411"); ---- FireFox user.js and prefs.js backups ---- prefs_16.05.2015_1803_.backup ==== Deleting Files \ Folders ====================== C:\Program Files\VideoLAN not found C:\Program Files\ComPlus Applications deleted C:\Program Files\WindowsUpdate deleted C:\Program Files\MagicISO deleted C:\Program Files\ChromeReload deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\760984944337691657 deleted C:\Documents and Settings\pc centar\Local Settings\Application Data\AVG Web TuneUp deleted C:\AUTORUN.INF deleted C:\autorun.exe deleted C:\install.exe deleted C:\Documents and Settings\pc centar\Application Data\bitlord_log.txt deleted C:\Documents and Settings\pc centar\Application Data\BitLord deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG Web TuneUp deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg_Update_1214tb deleted C:\Documents and Settings\pc centar\Local Settings\Application Data\CrashRpt deleted C:\WINDOWS\system32\GroupPolicy\Machine deleted C:\WINDOWS\system32\GroupPolicy\gpt.ini deleted C:\Documents and Settings\PCCENT~1\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\ask-search.xml deleted C:\Documents and Settings\PCCENT~1\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\CT2830765 deleted "C:\Program Files\AVG Web TuneUp\TBAPI.dll" deleted "C:\Program Files\AVG Web TuneUp\TBAPI.dll" deleted "C:\Program Files\AVG Web TuneUp" not deleted "C:\Program Files\AVG Web TuneUp" not deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Documents and Settings\PCCENT~1\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "chrome://LVD-SAE/content/unpackedcrx/newtab/newtab.html"); user_pref("browser.search.defaultenginename", "Ask Search"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [20.04.2015 23:25] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\PCCENT~1\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default - iLivid - %ProfilePath%\extensions\LVD-SAE@iacsearchandmedia.com.xpi - BrowseStudio 1.0.1 - %ProfilePath%\extensions\{5a175d0d-5539-4e73-8563-80c93aa35313}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 6DE7BF0DADC0881F7ED82D9FCC998B89 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat 08ACECEB47FAF053C468D8AFE44709AD - C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll - Google Update AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation CA808688B28D12B368F9A511FC5E3697 - C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U45 B28862688B70415A3C0C5DCC8B242388 - C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.450.15 DCB0BCEF594E2C410793C4A823C318F3 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director 9AE02005247DA91AB1743F5208DBEF76 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash 77B8694352764F6079A2332FAD7FD426 - C:\Documents and Settings\pc centar\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 3CD19649B2C3023D65E67C056457A2BC - C:\Documents and Settings\pc centar\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 8352E35875F8A69C39550FE991BA23F5 - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll - Foxit Reader Plugin for Mozilla ==== Chromium Look ====================== Bookmark Manager - pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik ==== Chromium Startpages ====================== C:\Documents and Settings\pc centar\Local Settings\Application Data\Bromium\User Data\Default\Preferences "homepage": "http://www.yandex.ru/?clid=154464", ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\pc centar\Local Settings\Temporary Internet Files\Content.IE5\4H4PGZ6X will be deleted at reboot C:\Documents and Settings\pc centar\Local Settings\Temporary Internet Files\Content.IE5\W4QQ9OX0 will be deleted at reboot C:\Documents and Settings\pc centar\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\pc centar\Local Settings\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\pc centar\Local Settings\Application Data\Opera Software\Opera Stable\Cache emptied successfully C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=299 folders=69 95911634 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\Documents and Settings\pc centar\Local Settings\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\PCCENT~1\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\pc centar\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Program Files\AVG Web TuneUp" not found "C:\Program Files\AVG Web TuneUp" not found "C:\Documents and Settings\pc centar\Local Settings\Temporary Internet Files\Content.IE5\4H4PGZ6X" not found "C:\Documents and Settings\pc centar\Local Settings\Temporary Internet Files\Content.IE5\W4QQ9OX0" not found ==== EOF on sub 16.05.2015 at 18:13:25,40 ======================

Profil

helen1 Poslao: 17 Maj 2015 01:22 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Postavi mi novi FRST log i Addition.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » provera zarazenosti racunara

Ko je trenutno na forumu

Ukupno su 1047 korisnika na forumu :: 19 registrovanih, 3 sakrivenih i 1025 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., babaroga, dekir, djuradj, doloress, flash12, kybonacci, Mercury, Milos1389, nebojsag, raykan, ruma, sabros, Sass Drake, tmanda323, Viceroy, voja64, zbazin, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by