Poslao: 23 Nov 2015 05:25
|
offline
- 50nE
- Građanin
- Pridružio: 01 Nov 2008
- Poruke: 87
- Gde živiš: Kragujevac
|
Napisano: 23 Nov 2015 5:20
Problem u već zadatom naslovu.
Iskakajuće stranice (bele) na browseru pri skoro svakom kliku (random).
Jedna napomena. Volim da pored rada na računaru, da odigram koju partiju PES-a.
Pri svakom pokretanju ove igrice, moram da ugasim svoj Anti-virus. Jer fajl "rld.dll" okarakterisan je kao da je virus. Molim da ako nije problem, dobijem odgovor da li jedino on ugrožava zdrav razum mog kompjutera ili ne? Nakon toga možemo početi da ga režemo i raznesemo viruse. Pozdrav.
Dopuna: 23 Nov 2015 5:25
Dopuna:
Da li samo već pomenuti faj pravi problem ili postoji nešto mnogo gore?
Evo logova:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-11-2015
Ran by Napoleon (administrator) on NAPOLEON-PC (23-11-2015 05:23:21)
Running from C:\Users\Napoleon\Downloads
Loaded Profiles: Napoleon (Available Profiles: Napoleon)
Platform: Microsoft Windows 7 Ultimate (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Popcorn Time) C:\Program Files\Popcorn Time\Updater.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(C. Ghisler & Co.) C:\Program Files\totalcmd\TOTALCMD.EXE
(Opera Software) C:\Program Files\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files\Opera\33.0.1990.115\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files\Opera\33.0.1990.115\opera.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-08] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-30] (Avast Software s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-2430270236-2861619039-123382870-1001\...\Run: [Viber] => C:\Users\Napoleon\AppData\Local\Viber\Viber.exe [51657424 2015-11-09] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-30] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 212.200.191.166 212.200.190.166
Tcpip\..\Interfaces\{506B123D-E040-4923-BF7B-5C423385D15E}: [NameServer] 199.203.131.150,82.163.143.168
Tcpip\..\Interfaces\{506B123D-E040-4923-BF7B-5C423385D15E}: [DhcpNameServer] 212.200.191.166 212.200.190.166
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-30] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-22] (Oracle Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-30] [not signed]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-30]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-30]
Opera:
=======
OPR Extension: (Violent monkey) - C:\Users\Napoleon\AppData\Roaming\Opera Software\Opera Stable\Extensions\niofholngoecgnpgamgbiiijcjlllpge [2015-10-04]
OPR Extension: (Adblock Plus) - C:\Users\Napoleon\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-10-19]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [294400 2011-03-09] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [140224 2010-06-17] (Advanced Micro Devices)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-30] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-30] (Avast Software)
R2 Update service; C:\Program Files\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-30] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-30] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-30] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-06-27] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-30] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-30] ()
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 SrvHsfPCI; C:\Windows\System32\DRIVERS\VSTBS23.SYS [266752 2009-07-13] (Conexant Systems, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-30] (Avast Software)
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-23 05:23 - 2015-11-23 05:23 - 00009564 _____ C:\Users\Napoleon\Downloads\FRST.txt
2015-11-23 05:23 - 2015-11-23 05:23 - 00000000 ____D C:\FRST
2015-11-23 05:22 - 2015-11-23 05:22 - 01717248 _____ (Farbar) C:\Users\Napoleon\Downloads\FRST.exe
2015-11-22 16:21 - 2015-11-22 16:21 - 00000000 ____D C:\Program Files\Common Files\Java
2015-11-18 04:23 - 2015-11-18 04:23 - 00131072 ____N C:\Windows\Minidump\111815-15802-01.dmp
2015-11-14 00:35 - 2015-11-14 00:35 - 00131072 ____N C:\Windows\Minidump\111415-17487-01.dmp
2015-11-13 12:43 - 2015-11-13 12:44 - 00000000 ____D C:\Users\Napoleon\AppData\Local\Viber
2015-11-13 12:41 - 2015-11-13 12:41 - 00131072 ____N C:\Windows\Minidump\111315-18595-01.dmp
2015-11-11 20:46 - 2015-11-11 20:46 - 00007424 _____ C:\Users\Napoleon\Desktop\as.ashprj
2015-11-08 20:05 - 2015-11-08 20:06 - 48332813 _____ (Popcorn Time ) C:\Users\Napoleon\Downloads\PopcornTime-latest (2).exe
2015-11-06 21:50 - 2015-11-06 21:53 - 48332813 _____ (Popcorn Time ) C:\Users\Napoleon\Downloads\PopcornTime-latest (1).exe
2015-11-06 21:47 - 2015-11-06 21:47 - 00000000 ____D C:\Users\Napoleon\AppData\Roaming\Macromedia
2015-11-06 21:46 - 2015-11-06 22:02 - 00000000 ____D C:\Users\Napoleon\Downloads\PopcornTime
2015-11-06 21:43 - 2015-11-06 21:53 - 00001937 _____ C:\Users\Public\Desktop\Popcorn Time.lnk
2015-11-06 21:43 - 2015-11-06 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-11-06 21:43 - 2015-11-06 21:53 - 00000000 ____D C:\Program Files\Popcorn Time
2015-11-04 23:22 - 2015-11-04 23:22 - 00131072 ____N C:\Windows\Minidump\110415-21169-01.dmp
2015-11-02 19:55 - 2015-11-02 19:55 - 00131072 ____N C:\Windows\Minidump\110215-21418-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-23 05:16 - 2015-07-04 14:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-23 05:08 - 2015-08-16 04:08 - 00000346 _____ C:\Windows\Tasks\Superclean.job
2015-11-23 05:04 - 2015-07-16 20:38 - 00000000 ____D C:\Program Files\OneSystemCare
2015-11-23 05:03 - 2015-08-24 10:06 - 00000000 ____D C:\Program Files\DNS Unlocker
2015-11-23 05:02 - 2015-06-30 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-11-23 04:55 - 2015-10-19 00:20 - 00000000 ____D C:\ProgramData\TEMP
2015-11-23 04:53 - 2015-05-30 09:19 - 02012950 _____ C:\Windows\WindowsUpdate.log
2015-11-22 16:27 - 2015-07-17 19:45 - 00000000 ____D C:\Users\Napoleon\AppData\Roaming\ViberPC
2015-11-22 16:26 - 2015-07-04 13:44 - 00000000 ____D C:\ProgramData\Oracle
2015-11-22 16:24 - 2009-07-14 05:34 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-22 16:24 - 2009-07-14 05:34 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-22 16:22 - 2015-07-04 13:44 - 00000000 ____D C:\Program Files\Java
2015-11-22 16:21 - 2015-10-07 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-22 16:21 - 2015-10-07 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-11-22 16:21 - 2015-10-05 05:23 - 00000000 ____D C:\Users\Napoleon\.oracle_jre_usage
2015-11-22 16:20 - 2015-10-07 16:38 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-11-22 16:18 - 2015-08-08 14:25 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-11-21 16:40 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2015-11-21 16:03 - 2009-07-14 05:39 - 00076266 _____ C:\Windows\setupact.log
2015-11-20 05:31 - 2015-07-16 20:36 - 00000000 ____D C:\Program Files\Opera
2015-11-19 09:56 - 2015-05-30 00:31 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-18 04:23 - 2015-06-02 21:02 - 00000000 ____D C:\Windows\Minidump
2015-11-18 04:23 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-12 03:05 - 2015-06-03 02:00 - 00000000 ____D C:\Windows\system32\MRT
2015-11-12 03:00 - 2015-06-03 02:00 - 143250520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 03:01 - 2015-07-04 14:09 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-11-11 03:01 - 2015-07-04 14:09 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-11-06 21:46 - 2015-06-26 15:40 - 00000000 ____D C:\Users\Napoleon\AppData\Roaming\Adobe
2015-11-06 21:43 - 2015-05-30 23:22 - 00000000 ____D C:\Users\Napoleon\AppData\Local\Popcorn-Time
2015-10-29 22:37 - 2015-06-24 16:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-27 05:55 - 2015-09-15 18:32 - 00000000 ____D C:\Users\Napoleon\Desktop\m
2015-10-26 07:17 - 2015-09-08 23:38 - 00000000 ____D C:\Users\Napoleon\AppData\Roaming\uTorrent
==================== Files in the root of some directories =======
2015-08-07 02:03 - 2015-08-11 22:38 - 0000024 _____ () C:\Users\Napoleon\AppData\Roaming\appdataFr25.bin
2015-05-30 23:05 - 2015-05-30 23:05 - 0007597 _____ () C:\Users\Napoleon\AppData\Local\Resmon.ResmonCfg
2015-10-19 13:26 - 2015-10-19 13:26 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-11 23:17
==================== End of FRST.txt ============================
mycity.rs/must-login.png
|
|
|
|
|
Poslao: 24 Nov 2015 01:04
|
offline
- 50nE
- Građanin
- Pridružio: 01 Nov 2008
- Poruke: 87
- Gde živiš: Kragujevac
|
Napisano: 24 Nov 2015 0:58
Fix result of Farbar Recovery Scan Tool (x86) Version:23-11-2015
Ran by Napoleon (2015-11-24 00:50:37) Run:1
Running from C:\Users\Napoleon\Downloads
Loaded Profiles: Napoleon (Available Profiles: Napoleon)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
OPR Extension: (Violent monkey) - C:\Users\Napoleon\AppData\Roaming\Opera Software\Opera Stable\Extensions\niofholngoecgnpgamgbiiijcjlllpge [2015-10-04]
Task: {78F4FB35-FD67-4FFB-84FC-C2354FE2BBB0} - System32\Tasks\Superclean => c:\programdata\{b8e0ae3e-3fee-7e3b-b8e0-0ae3e3feb8f8}\hqghumeaylnlf.exe [2014-08-16] (Super PC Tools Ltd) <==== ATTENTION
Task: C:\Windows\Tasks\Superclean.job => c:\programdata\{b8e0ae3e-3fee-7e3b-b8e0-0ae3e3feb8f8}\hqghumeaylnlf.exe <==== ATTENTION
C:\Program Files\OneSystemCare
C:\Program Files\DNS Unlocker
C:\Users\Napoleon\AppData\Roaming\appdataFr25.bin
C:\Users\Napoleon\AppData\Local\Resmon.ResmonCfg
C:\ProgramData\DP45977C.lfl
c:\programdata\{b8e0ae3e-3fee-7e3b-b8e0-0ae3e3feb8f8}
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
EmptyTemp:
*****************
"HKLM\SOFTWARE\Policies\Google" => key removed successfully.
C:\Users\Napoleon\AppData\Roaming\Opera Software\Opera Stable\Extensions\niofholngoecgnpgamgbiiijcjlllpge => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78F4FB35-FD67-4FFB-84FC-C2354FE2BBB0}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78F4FB35-FD67-4FFB-84FC-C2354FE2BBB0}" => key removed successfully.
C:\Windows\System32\Tasks\Superclean => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Superclean" => key removed successfully.
C:\Windows\Tasks\Superclean.job => moved successfully
C:\Program Files\OneSystemCare => moved successfully
C:\Program Files\DNS Unlocker => moved successfully
C:\Users\Napoleon\AppData\Roaming\appdataFr25.bin => moved successfully
C:\Users\Napoleon\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
c:\programdata\{b8e0ae3e-3fee-7e3b-b8e0-0ae3e3feb8f8} => moved successfully
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully..
EmptyTemp: => 576.4 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 00:50:58 ====
Dopuna: 24 Nov 2015 1:04
AdwCleaner[C1]
mycity.rs/must-login.png
|
|
|
|
|
|
|
Poslao: 06 Dec 2015 11:21
|
offline
- 50nE
- Građanin
- Pridružio: 01 Nov 2008
- Poruke: 87
- Gde živiš: Kragujevac
|
Napisano: 06 Dec 2015 11:19
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
malwarebytes.org
Database version:
main: v2015.12.01.07
rootkit: v2015.11.26.01
Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Napoleon :: NAPOLEON-PC [administrator]
1.12.2015 22:59:47
mbar-log-2015-12-01 (22-59-47).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 291701
Time elapsed: 19 minute(s), 29 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 1
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{506B123D-E040-4923-BF7B-5C423385D15E}|NameServer (Trojan.DNSChanger) -> Bad: (199.203.131.150,82.163.143.168) Good: () -> Replace on reboot. [ac3f3a65a1ea77bfeb68581a0ff5d42c]
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
mycity.rs/must-login.png
Dopuna: 06 Dec 2015 11:21
Hvala, majstore! Sad je odlično.
|
|
|
|
|