MyCity » Ambulanta -> Arhiva Ambulante » Provera racunara

Provera racunara

Napisano na dan: 7.3.2014

Provera racunara

Sledeća strana

Pagination

Odgovori

Stefan1996 Poslao: 07 Mar 2014 15:15 Idi na vrh
offline Stefan1996 Novi MyCity građanin Pridružio: 11 Sep 2012 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Hteo bih da proverim racunar jer mi je stiglo neko obavestenje od telekoma kao da mi je racunar zarazen nekim virusom GRUM. Skenirao sam bio racunar sa Avastom i nista nije pronasao. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16506 Run by Stefan at 15:09:57 on 2014-03-07 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.1214 [GMT 1:00] . AV: avast! Antivirus Enabled/Updated {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus Enabled/Updated {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\MCShield\MCShieldRTM.exe C:\Windows\SysWOW64\IoctlSvc.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\Stefan\AppData\Roaming\uTorrent\uTorrent.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Winamp\winamp.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com mWinlogon: Userinit = userinit.exe, BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [MCShield Monitor] C:\Program Files (x86)\MCShield\MCShieldRTM.exe uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent mRun: [CMD] cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20130909 (exit) else (start alt-rutor.org && exit) mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui dRunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: NameServer = 192.168.1.1 TCP: Interfaces\{5D86B38C-77DC-4F9F-80F4-AFF5AAE796CD} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{C50D33EB-D88A-482B-A5D4-D98A46666948} : DHCPNameServer = 8.8.8.8 SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned> x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\p4exu7w5.default\ FF - prefs.js: browser.startup.homepage - google.rs FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=501549&p= FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Winamp Detect\npwachk.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-12-23 65776] R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-12-23 207904] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-12-23 1034464] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-12-23 422216] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-9-10 283064] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-8-30 239616] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-8-30 344064] R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-11-20 57512] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-12-23 78648] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-23 50344] R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2013-12-23 79672] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-7-5 96256] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-9-10 344680] S2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-11-20 57512] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-8 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856] S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-26 418376] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-26 701512] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-26 25928] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992] S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960] S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-6-21 42184] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-13 1255736] . =============== File Associations =============== . ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1" . =============== Created Last 30 ================ . 2014-03-02 18:51:50 -------- d-----w- C:\Program Files (x86)\World of Warcraft 2014-02-24 14:48:21 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2014-02-24 14:48:13 90112 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx 2014-02-24 14:48:13 57344 ----a-w- C:\Windows\SysWow64\QuickTime.qts 2014-02-24 14:47:41 93696 ----a-w- C:\Users\Stefan\AppData\Roaming\ezpinst.exe 2014-02-24 14:47:41 82048 ----a-w- C:\Users\Stefan\AppData\Roaming\pcouffin.sys 2014-02-24 14:47:30 -------- d-----w- C:\Program Files (x86)\Fox Video Converter 2014-02-24 14:29:14 -------- d-----w- C:\Program Files (x86)\AutoGK 2014-02-16 22:21:16 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2014-02-16 18:44:42 -------- d-----w- C:\ProgramData\YTD Video Downloader 2014-02-16 18:44:35 -------- d-----w- C:\Program Files (x86)\GreenTree Applications 2014-02-16 16:46:13 -------- d-----w- C:\Users\Stefan\AppData\Roaming\NCH Software 2014-02-16 15:54:05 -------- d-----w- C:\Users\Stefan\AppData\Roaming\Aimersoft Video Converter 2014-02-16 15:54:04 -------- d-----w- C:\Users\Stefan\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} 2014-02-16 15:53:26 -------- d-----w- C:\Users\Stefan\AppData\Local\Aimersoft 2014-02-16 15:53:24 -------- d-----w- C:\Program Files\Common Files\Aimersoft 2014-02-16 15:52:55 -------- d-----w- C:\ProgramData\Aimersoft Video Converter 2014-02-16 15:52:51 -------- d-----w- C:\Program Files (x86)\Aimersoft 2014-02-16 13:19:08 -------- d-----w- C:\Program Files\DivX 2014-02-16 13:19:02 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared 2014-02-16 13:18:18 -------- d-----w- C:\Windows\SysWow64\SearchProtect 2014-02-16 13:15:59 -------- d-----w- C:\Program Files (x86)\Conduit 2014-02-16 13:15:17 -------- d-----w- C:\Users\Stefan\AppData\Local\NativeMessaging 2014-02-16 13:15:16 -------- d-----w- C:\Users\Stefan\AppData\Local\Conduit 2014-02-16 13:15:11 -------- d-----w- C:\Users\Stefan\AppData\Local\CRE 2014-02-16 13:13:40 -------- d-----w- C:\ProgramData\Conduit 2014-02-16 13:13:36 -------- d-----w- C:\Program Files (x86)\DivX 2014-02-16 13:12:57 -------- d-----w- C:\ProgramData\DivX 2014-02-16 12:44:57 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5 2014-02-16 12:38:26 -------- d-----w- C:\Users\Stefan\AppData\Roaming\Xilisoft 2014-02-16 12:20:54 -------- d-----w- C:\Users\Stefan\AppData\Roaming\AVS4YOU 2014-02-16 12:20:04 -------- d-----w- C:\Program Files (x86)\Common Files\AVSMedia 2014-02-16 12:18:50 24576 ----a-w- C:\Windows\SysWow64\msxml3a.dll 2014-02-16 12:18:50 1700352 ----a-w- C:\Windows\SysWow64\GdiPlus.dll 2014-02-16 12:18:50 -------- d-----w- C:\ProgramData\AVS4YOU 2014-02-16 12:18:50 -------- d-----w- C:\Program Files (x86)\AVS4YOU 2014-02-07 09:20:49 -------- d-----w- C:\Users\Stefan\AppData\Local\Chromium 2014-02-07 09:18:44 -------- d-----w- C:\Users\Stefan\AppData\Local\Sports Interactive . ==================== Find3M ==================== . 2014-03-04 21:40:35 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2014-03-04 21:40:35 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2014-02-27 21:07:53 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2014-02-13 13:47:51 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-02-13 13:47:51 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-12-30 23:25:12 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll 2013-12-23 17:02:44 79672 ----a-w- C:\Windows\System32\drivers\aswstm.sys 2013-12-23 17:02:02 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2013-12-23 17:02:02 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2013-12-23 17:02:02 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2013-12-23 17:02:02 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-12-23 17:02:02 1034464 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-12-23 17:02:01 43152 ----a-w- C:\Windows\avastSS.scr 2013-12-15 19:36:42 314016 ----a-w- C:\Windows\System32\drivers\atksgt.sys 2013-12-15 19:36:41 43680 ----a-w- C:\Windows\System32\drivers\lirsgt.sys . ============= FINISH: 15:10:33.46 =============== mycity.rs/must-login.png

Profil

magna86 Poslao: 07 Mar 2014 16:28 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav Stefan1996 i dobrodosao u Ambulantu. Hajde da to ispitamo malo bolje. Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop: Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom. Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija. dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor; pričekati koji trenutak dok alat proverava postoji li novija verzija; klikni na dugme Scan; po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj FRST.txt izveštaja u poruku; po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt); okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl Preuzmi program GMER, RootKit Detektor i sačuvati ga na Desktop: Napomena: alat nosi nasumice generisan naziv. Na samoj ikonici će jasno pisati GMER. Dvoklikom pokreni GMER. Sačekaj da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, klikni No; klikni dugme [Scan] i sačekaj da skeniranje bude završeno; klikni dugme [Save ...] - izveštaj sačuvaj na Desktop pod nazivom ARK; kliknite taster >>> i odaberite Autostart karticu; klikni dugme [Scan]; po završetku kratkotrajnog skeniranja, klikni [Copy]; otvori Notepad i u njega postavi kopirani tekst - izveštaj sačuvaj na Desktop pod nazivom autostart; Priloži oba GMER izveštaja uz poruku korišćenjem opcije Prikači fajl.

Profil

Stefan1996 Poslao: 07 Mar 2014 16:44 Idi na vrh
offline Stefan1996 Novi MyCity građanin Pridružio: 11 Sep 2012 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014 Ran by Stefan (administrator) on STEFAN-PC on 07-03-2014 16:30:36 Running from C:\Users\Stefan\Downloads Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (BitTorrent Inc.) C:\Users\Stefan\AppData\Roaming\uTorrent\uTorrent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe (TeamSpeak Systems GmbH) C:\Users\Stefan\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe () D:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe () D:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.201\deploy\LoLLauncher.exe () D:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.75\deploy\LolClient.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Opera Software) C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe () C:\Program Files (x86)\Opera\19.0.1326.63\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe (Opera Software) C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe (Opera Software) C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe (Opera Software) C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM-x32\...\Run: [CMD] - cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20130909 (exit) else (start alt-rutor.org && exit) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-23] (AVAST Software) HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect" HKU\S-1-5-21-3782287969-1370658776-4257963606-1000\...\Run: [MCShield Monitor] - C:\Program Files (x86)\MCShield\MCShieldRTM.exe [650816 2014-02-02] (MyCity) HKU\S-1-5-21-3782287969-1370658776-4257963606-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB081F245C103CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope {23ED2A45-98AC-470C-93C1-487B1B145A1B} URL = SearchScopes: HKCU - DefaultScope {B45EF48B-D050-4D20-9A65-F83966E2ECF4} URL = search.yahoo.com/search?fr=chr-greentree_ie.....549&p={searchTerms} SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3288691&CUI=UN71562942263942983&UM=2&UP=SP239EEF2A-AB00-4828-BC82-E67C63974B81&SSPV= SearchScopes: HKCU - {23ED2A45-98AC-470C-93C1-487B1B145A1B} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3288691&CUI=UN71562942263942983&UM=2 SearchScopes: HKCU - {B45EF48B-D050-4D20-9A65-F83966E2ECF4} URL = search.yahoo.com/search?fr=chr-greentree_ie.....549&p={searchTerms} BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: No Name - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No File BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\p4exu7w5.default FF Homepage: google.rs FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=501549&p= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll () FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\p4exu7w5.default\searchplugins\yahoo_ff.xml FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2014-03-05] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-05] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-05] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-23] Chrome: ======= CHR Extension: (avast! Online Security) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-27] CHR Extension: (Google новчаник) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-09] CHR HKCU\...\Chrome\Extension: [pkmpcdbgnfjfeelcpebpkflcmbkclfho] - C:\Users\Stefan\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx [2014-02-08] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-23] CHR HKLM-x32\...\Chrome\Extension: [pkmpcdbgnfjfeelcpebpkflcmbkclfho] - C:\Users\Stefan\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx [2014-02-08] ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-23] (AVAST Software) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG) R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-10] () ==================== Drivers (Whitelisted) ==================== S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57512 2012-11-20] (Advanced Micro Devices) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-23] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-23] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-23] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-23] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-23] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-23] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-23] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-12-15] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-10] (Disc Soft Ltd) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-12-15] () S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-07 16:30 - 2014-03-07 16:31 - 00013930 _____ () C:\Users\Stefan\Downloads\FRST.txt 2014-03-07 16:30 - 2014-03-07 16:30 - 00000000 ____D () C:\FRST 2014-03-07 16:29 - 2014-03-07 16:30 - 02156544 _____ (Farbar) C:\Users\Stefan\Downloads\FRST64.exe 2014-03-07 15:14 - 2014-03-07 15:14 - 00013414 _____ () C:\Users\Stefan\Downloads\292584_1611140348_dds.txt 2014-03-07 15:10 - 2014-03-07 15:10 - 00013414 _____ () C:\Users\Stefan\Desktop\dds.txt 2014-03-07 15:10 - 2014-03-07 15:10 - 00005998 _____ () C:\Users\Stefan\Desktop\attach.txt 2014-03-07 15:09 - 2014-03-07 15:09 - 00688992 ____R (Swearware) C:\Users\Stefan\Desktop\dds.scr 2014-03-06 21:57 - 2014-03-06 21:57 - 00015913 _____ () C:\Users\Stefan\Downloads\[kickass.to]in.the.fog.2012.dvdrip.xvid.ac3.nogrp.torrent 2014-03-06 21:34 - 2014-03-06 21:34 - 00056846 _____ () C:\Users\Stefan\Downloads\[kickass.to]a.bridge.too.far.1977.nl.sub.torrent 2014-03-05 20:38 - 2014-03-05 20:38 - 00060993 _____ () C:\Users\Stefan\Downloads\Thief-RELOADED.torrent 2014-03-05 09:49 - 2014-03-05 09:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-04 12:31 - 2014-03-05 22:20 - 00000166 _____ () C:\Users\Stefan\AppData\default.pls 2014-03-03 17:43 - 2014-03-05 17:05 - 00000000 ____D () C:\Users\Stefan\Desktop\Staljingrad 2014-03-02 19:51 - 2014-03-02 19:51 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft 2014-03-01 17:51 - 2014-03-01 17:52 - 00005095 _____ () C:\Windows\DirectX.log 2014-03-01 10:46 - 2014-03-07 07:20 - 00001242 _____ () C:\Windows\setupact.log 2014-03-01 10:46 - 2014-03-01 10:46 - 00000572 _____ () C:\Windows\PFRO.log 2014-03-01 10:46 - 2014-03-01 10:46 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-25 16:15 - 2014-03-05 17:24 - 00000000 ____D () C:\Users\Stefan\Desktop\Zvezda 2014-02-24 19:54 - 2014-02-26 19:26 - 00000000 ____D () C:\Users\Stefan\Desktop\brestaya.krep 2014-02-24 19:53 - 2014-02-24 19:53 - 00000000 ____D () C:\Users\Stefan\Desktop\The Train 2014-02-24 15:48 - 2009-01-05 16:18 - 00090112 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx 2014-02-24 15:48 - 2009-01-05 16:18 - 00057344 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts 2014-02-24 15:48 - 2003-03-19 04:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2014-02-24 15:47 - 2014-03-04 12:18 - 00000000 ____D () C:\Program Files (x86)\Fox Video Converter 2014-02-24 15:47 - 2014-02-24 15:48 - 00000074 _____ () C:\Users\Stefan\AppData\Roaming\pcouffin.log 2014-02-24 15:47 - 2014-02-24 15:48 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Vso 2014-02-24 15:47 - 2014-02-24 15:47 - 00093696 _____ () C:\Users\Stefan\AppData\Roaming\ezpinst.exe 2014-02-24 15:47 - 2014-02-24 15:47 - 00082048 _____ (VSO Software) C:\Users\Stefan\AppData\Roaming\pcouffin.sys 2014-02-24 15:47 - 2014-02-24 15:47 - 00007176 _____ () C:\Users\Stefan\AppData\Roaming\pcouffin.cat 2014-02-24 15:47 - 2014-02-24 15:47 - 00001002 _____ () C:\Users\Stefan\Desktop\Fox Video Converter.lnk 2014-02-24 15:47 - 2014-02-24 15:47 - 00000000 ____D () C:\Users\Stefan\Documents\PcSetup 2014-02-24 15:29 - 2014-02-24 20:17 - 00000000 ____D () C:\Program Files (x86)\AutoGK 2014-02-23 22:31 - 2014-02-23 22:31 - 00245883 _____ () C:\Users\Stefan\Downloads\84191-Flashpointseason2.zip 2014-02-22 11:22 - 2014-02-22 11:22 - 00000000 ____D () C:\Users\Stefan\Desktop\New folder (2) 2014-02-17 10:02 - 2014-03-07 16:13 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-17 10:02 - 2014-03-07 10:13 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-17 10:02 - 2014-02-17 10:08 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-02-17 10:02 - 2014-02-17 10:08 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-02-16 23:21 - 2014-02-16 23:21 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-02-16 23:21 - 2014-02-16 23:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-02-16 23:21 - 2014-02-16 23:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-02-16 23:21 - 2014-02-16 23:21 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-02-16 23:21 - 2014-02-16 23:21 - 00000000 ____D () C:\Program Files\Java 2014-02-16 19:44 - 2014-02-16 19:44 - 00000000 ____D () C:\ProgramData\YTD Video Downloader 2014-02-16 19:44 - 2014-02-16 19:44 - 00000000 ____D () C:\Program Files (x86)\GreenTree Applications 2014-02-16 17:46 - 2014-02-16 17:48 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software 2014-02-16 17:46 - 2014-02-16 17:46 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\NCH Software 2014-02-16 17:46 - 2014-02-16 17:46 - 00000000 ____D () C:\ProgramData\NCH Software 2014-02-16 16:54 - 2014-02-25 19:32 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Aimersoft Video Converter 2014-02-16 16:54 - 2014-02-16 16:54 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} 2014-02-16 16:53 - 2014-02-16 16:53 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Aimersoft 2014-02-16 16:53 - 2014-02-16 16:53 - 00000000 ____D () C:\Program Files\Common Files\Aimersoft 2014-02-16 16:52 - 2014-02-28 21:37 - 00000000 ____D () C:\Program Files (x86)\Aimersoft 2014-02-16 16:52 - 2014-02-25 19:31 - 00000000 ____D () C:\ProgramData\Aimersoft Video Converter 2014-02-16 14:21 - 2014-02-16 15:21 - 00005120 _____ () C:\Users\Stefan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-02-16 14:19 - 2014-02-16 16:30 - 00000000 ____D () C:\Program Files\DivX 2014-02-16 14:19 - 2014-02-16 15:18 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\DivX 2014-02-16 14:18 - 2014-02-16 14:18 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect 2014-02-16 14:15 - 2014-02-16 16:29 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Conduit 2014-02-16 14:15 - 2014-02-16 14:15 - 00000000 ____D () C:\Users\Stefan\AppData\Local\NativeMessaging 2014-02-16 14:15 - 2014-02-16 14:15 - 00000000 ____D () C:\Users\Stefan\AppData\Local\CRE 2014-02-16 14:15 - 2014-02-16 14:15 - 00000000 ____D () C:\Program Files (x86)\Conduit 2014-02-16 14:13 - 2014-02-27 00:00 - 00000000 ____D () C:\ProgramData\Conduit 2014-02-16 14:13 - 2014-02-16 16:30 - 00000000 ____D () C:\Program Files (x86)\DivX 2014-02-16 14:13 - 2014-02-16 14:16 - 00000009 _____ () C:\END 2014-02-16 14:12 - 2014-02-16 16:30 - 00000000 ____D () C:\ProgramData\DivX 2014-02-16 13:47 - 2014-02-24 15:43 - 00000563 _____ () C:\Users\Stefan\AppData\Roaming\AutoGK.ini 2014-02-16 13:47 - 2014-02-16 13:47 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Media Player Classic 2014-02-16 13:44 - 2014-02-28 21:36 - 00000000 ____D () C:\Program Files (x86)\Gabest 2014-02-16 13:44 - 2014-02-24 20:18 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5 2014-02-16 13:38 - 2014-02-16 13:38 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Xilisoft 2014-02-16 13:20 - 2014-02-16 13:20 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\AVS4YOU 2014-02-16 13:18 - 2014-02-16 13:58 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU 2014-02-16 13:18 - 2014-02-16 13:20 - 00000000 ____D () C:\ProgramData\AVS4YOU 2014-02-16 13:18 - 2012-03-23 19:59 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2014-02-16 13:18 - 2012-03-23 19:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll 2014-02-15 17:56 - 2014-02-15 17:56 - 00000000 ____D () C:\Users\Stefan\Documents\Remedy 2014-02-15 17:53 - 2014-02-15 17:53 - 00001028 _____ () C:\Users\Public\Desktop\Alan Wake.lnk 2014-02-07 10:20 - 2014-02-07 10:20 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Chromium 2014-02-07 10:18 - 2014-02-07 10:18 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Sports Interactive ==================== One Month Modified Files and Folders ======= 2014-03-07 16:31 - 2014-03-07 16:30 - 00013930 _____ () C:\Users\Stefan\Downloads\FRST.txt 2014-03-07 16:30 - 2014-03-07 16:30 - 00000000 ____D () C:\FRST 2014-03-07 16:30 - 2014-03-07 16:29 - 02156544 _____ (Farbar) C:\Users\Stefan\Downloads\FRST64.exe 2014-03-07 16:30 - 2013-09-14 17:28 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\uTorrent 2014-03-07 16:13 - 2014-02-17 10:02 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-07 16:00 - 2013-09-10 10:24 - 01814759 _____ () C:\Windows\WindowsUpdate.log 2014-03-07 15:15 - 2013-09-10 18:30 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\TS3Client 2014-03-07 15:14 - 2014-03-07 15:14 - 00013414 _____ () C:\Users\Stefan\Downloads\292584_1611140348_dds.txt 2014-03-07 15:10 - 2014-03-07 15:10 - 00013414 _____ () C:\Users\Stefan\Desktop\dds.txt 2014-03-07 15:10 - 2014-03-07 15:10 - 00005998 _____ () C:\Users\Stefan\Desktop\attach.txt 2014-03-07 15:09 - 2014-03-07 15:09 - 00688992 ____R (Swearware) C:\Users\Stefan\Desktop\dds.scr 2014-03-07 10:13 - 2014-02-17 10:02 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-07 07:27 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-07 07:27 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-07 07:22 - 2013-10-21 18:49 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-03-07 07:20 - 2014-03-01 10:46 - 00001242 _____ () C:\Windows\setupact.log 2014-03-07 07:20 - 2013-09-10 16:47 - 00000000 ____D () C:\ProgramData\MCShield 2014-03-07 07:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-03-06 21:57 - 2014-03-06 21:57 - 00015913 _____ () C:\Users\Stefan\Downloads\[kickass.to]in.the.fog.2012.dvdrip.xvid.ac3.nogrp.torrent 2014-03-06 21:34 - 2014-03-06 21:34 - 00056846 _____ () C:\Users\Stefan\Downloads\[kickass.to]a.bridge.too.far.1977.nl.sub.torrent 2014-03-06 11:41 - 2013-12-23 18:02 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-03-06 11:41 - 2013-09-10 19:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-03-05 22:20 - 2014-03-04 12:31 - 00000166 _____ () C:\Users\Stefan\AppData\default.pls 2014-03-05 22:20 - 2014-02-04 18:25 - 00000000 ____D () C:\The KMPlayer 2014-03-05 22:20 - 2013-10-29 17:23 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Ahead 2014-03-05 20:38 - 2014-03-05 20:38 - 00060993 _____ () C:\Users\Stefan\Downloads\Thief-RELOADED.torrent 2014-03-05 17:24 - 2014-02-25 16:15 - 00000000 ____D () C:\Users\Stefan\Desktop\Zvezda 2014-03-05 17:05 - 2014-03-03 17:43 - 00000000 ____D () C:\Users\Stefan\Desktop\Staljingrad 2014-03-05 09:49 - 2014-03-05 09:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-04 22:49 - 2013-09-10 14:08 - 00000000 ____D () C:\ProgramData\Origin 2014-03-04 22:40 - 2013-10-20 08:00 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-03-04 22:40 - 2013-09-11 16:03 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-03-04 22:38 - 2013-09-10 14:08 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-03-04 12:18 - 2014-02-24 15:47 - 00000000 ____D () C:\Program Files (x86)\Fox Video Converter 2014-03-03 17:44 - 2009-07-14 06:13 - 00779724 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-03-03 17:42 - 2013-09-16 19:02 - 00000000 ____D () C:\Users\Stefan\Desktop\New folder 2014-03-03 15:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-03-02 19:51 - 2014-03-02 19:51 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft 2014-03-01 17:52 - 2014-03-01 17:51 - 00005095 _____ () C:\Windows\DirectX.log 2014-03-01 17:36 - 2013-09-21 14:12 - 00000000 ____D () C:\Users\Stefan\AppData\Local\SKIDROW 2014-03-01 17:22 - 2013-09-10 15:53 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\DAEMON Tools Lite 2014-03-01 10:46 - 2014-03-01 10:46 - 00000572 _____ () C:\Windows\PFRO.log 2014-03-01 10:46 - 2014-03-01 10:46 - 00000000 _____ () C:\Windows\setuperr.log 2014-03-01 00:13 - 2013-09-23 13:28 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Winamp 2014-02-28 21:37 - 2014-02-16 16:52 - 00000000 ____D () C:\Program Files (x86)\Aimersoft 2014-02-28 21:36 - 2014-02-16 13:44 - 00000000 ____D () C:\Program Files (x86)\Gabest 2014-02-28 21:35 - 2013-09-10 01:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-02-27 22:16 - 2013-09-10 14:10 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Origin 2014-02-27 22:07 - 2013-09-11 15:31 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-02-27 00:00 - 2014-02-16 14:13 - 00000000 ____D () C:\ProgramData\Conduit 2014-02-26 19:26 - 2014-02-24 19:54 - 00000000 ____D () C:\Users\Stefan\Desktop\brestaya.krep 2014-02-25 19:32 - 2014-02-16 16:54 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Aimersoft Video Converter 2014-02-25 19:31 - 2014-02-16 16:52 - 00000000 ____D () C:\ProgramData\Aimersoft Video Converter 2014-02-24 20:18 - 2014-02-16 13:44 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5 2014-02-24 20:17 - 2014-02-24 15:29 - 00000000 ____D () C:\Program Files (x86)\AutoGK 2014-02-24 20:08 - 2014-01-02 16:35 - 00000000 ____D () C:\Program Files (x86)\Hard Disk Sentinel 2014-02-24 19:53 - 2014-02-24 19:53 - 00000000 ____D () C:\Users\Stefan\Desktop\The Train 2014-02-24 15:48 - 2014-02-24 15:47 - 00000074 _____ () C:\Users\Stefan\AppData\Roaming\pcouffin.log 2014-02-24 15:48 - 2014-02-24 15:47 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Vso 2014-02-24 15:48 - 2013-12-04 22:30 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-02-24 15:47 - 2014-02-24 15:47 - 00093696 _____ () C:\Users\Stefan\AppData\Roaming\ezpinst.exe 2014-02-24 15:47 - 2014-02-24 15:47 - 00082048 _____ (VSO Software) C:\Users\Stefan\AppData\Roaming\pcouffin.sys 2014-02-24 15:47 - 2014-02-24 15:47 - 00007176 _____ () C:\Users\Stefan\AppData\Roaming\pcouffin.cat 2014-02-24 15:47 - 2014-02-24 15:47 - 00001002 _____ () C:\Users\Stefan\Desktop\Fox Video Converter.lnk 2014-02-24 15:47 - 2014-02-24 15:47 - 00000000 ____D () C:\Users\Stefan\Documents\PcSetup 2014-02-24 15:43 - 2014-02-16 13:47 - 00000563 _____ () C:\Users\Stefan\AppData\Roaming\AutoGK.ini 2014-02-23 22:31 - 2014-02-23 22:31 - 00245883 _____ () C:\Users\Stefan\Downloads\84191-Flashpointseason2.zip 2014-02-22 18:56 - 2013-10-21 19:02 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-02-22 11:22 - 2014-02-22 11:22 - 00000000 ____D () C:\Users\Stefan\Desktop\New folder (2) 2014-02-17 10:08 - 2014-02-17 10:02 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-02-17 10:08 - 2014-02-17 10:02 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-02-17 10:03 - 2013-09-10 01:42 - 00000000 ____D () C:\Program Files (x86)\Google 2014-02-16 23:21 - 2014-02-16 23:21 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-02-16 23:21 - 2014-02-16 23:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-02-16 23:21 - 2014-02-16 23:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-02-16 23:21 - 2014-02-16 23:21 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-02-16 23:21 - 2014-02-16 23:21 - 00000000 ____D () C:\Program Files\Java 2014-02-16 23:03 - 2013-10-19 18:35 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-02-16 19:44 - 2014-02-16 19:44 - 00000000 ____D () C:\ProgramData\YTD Video Downloader 2014-02-16 19:44 - 2014-02-16 19:44 - 00000000 ____D () C:\Program Files (x86)\GreenTree Applications 2014-02-16 17:48 - 2014-02-16 17:46 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software 2014-02-16 17:46 - 2014-02-16 17:46 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\NCH Software 2014-02-16 17:46 - 2014-02-16 17:46 - 00000000 ____D () C:\ProgramData\NCH Software 2014-02-16 16:54 - 2014-02-16 16:54 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} 2014-02-16 16:53 - 2014-02-16 16:53 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Aimersoft 2014-02-16 16:53 - 2014-02-16 16:53 - 00000000 ____D () C:\Program Files\Common Files\Aimersoft 2014-02-16 16:53 - 2013-09-12 08:26 - 00063088 _____ () C:\Users\Stefan\AppData\Local\GDIPFONTCACHEV1.DAT 2014-02-16 16:33 - 2009-07-14 05:45 - 00296760 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-02-16 16:30 - 2014-02-16 14:19 - 00000000 ____D () C:\Program Files\DivX 2014-02-16 16:30 - 2014-02-16 14:13 - 00000000 ____D () C:\Program Files (x86)\DivX 2014-02-16 16:30 - 2014-02-16 14:12 - 00000000 ____D () C:\ProgramData\DivX 2014-02-16 16:29 - 2014-02-16 14:15 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Conduit 2014-02-16 15:21 - 2014-02-16 14:21 - 00005120 _____ () C:\Users\Stefan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-02-16 15:18 - 2014-02-16 14:19 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\DivX 2014-02-16 14:18 - 2014-02-16 14:18 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect 2014-02-16 14:16 - 2014-02-16 14:13 - 00000009 _____ () C:\END 2014-02-16 14:15 - 2014-02-16 14:15 - 00000000 ____D () C:\Users\Stefan\AppData\Local\NativeMessaging 2014-02-16 14:15 - 2014-02-16 14:15 - 00000000 ____D () C:\Users\Stefan\AppData\Local\CRE 2014-02-16 14:15 - 2014-02-16 14:15 - 00000000 ____D () C:\Program Files (x86)\Conduit 2014-02-16 13:58 - 2014-02-16 13:18 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU 2014-02-16 13:47 - 2014-02-16 13:47 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Media Player Classic 2014-02-16 13:38 - 2014-02-16 13:38 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Xilisoft 2014-02-16 13:20 - 2014-02-16 13:20 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\AVS4YOU 2014-02-16 13:20 - 2014-02-16 13:18 - 00000000 ____D () C:\ProgramData\AVS4YOU 2014-02-15 17:56 - 2014-02-15 17:56 - 00000000 ____D () C:\Users\Stefan\Documents\Remedy 2014-02-15 17:53 - 2014-02-15 17:53 - 00001028 _____ () C:\Users\Public\Desktop\Alan Wake.lnk 2014-02-13 22:49 - 2013-11-12 22:02 - 00000000 ____D () C:\Users\Stefan\AppData\Local\JDownloader 0.9 2014-02-13 14:47 - 2013-12-23 14:50 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-02-13 14:47 - 2013-12-23 14:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-11 20:28 - 2013-10-06 16:38 - 00000000 ____D () C:\ProgramData\Codemasters 2014-02-07 10:20 - 2014-02-07 10:20 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Chromium 2014-02-07 10:18 - 2014-02-07 10:18 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Sports Interactive ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-01 11:09 ==================== End Of Log ============================ mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png evo..

Profil

magna86 Poslao: 07 Mar 2014 17:33 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 'vako. Postavljeni logovi ne pokazuju direktne znakove aktivnog malware-a ali isto tako pokazuju ostatke nekih bundled programa (to su programi koji su dosli uz neki drugi legitiman program. Sami po sebi po nekad i nisu maliciozni ali su okarakterisani kao nezeljenji programi iz raznoraznih razloga knp.forsiranje link reklama, redirect i slicno) koje cemo ukloniti. Prvo sto bi bilo dobro da uradis jeste da odes u + Program and Features i deinstaliras YTD Video Downloader program. Kao sto gore napisah, ovo je okarakterisan kao PUP program i vredi napomenuti da mnogi nasi alati koji su specijalizovani za detekciju i uklanjanje PUP softvera automacki ciljaju ovaj program. Imas legitimnih cloud servisa na interentu (pretrazi google) koje ce ti zameniti ovaj program. Sada pokrecemo FRST program jos jedan put ali ovaj put koristeci njegov FixList. FixList ima zadatak da kaze FRST-u da ukloni zaostale PUP unose, ukloni neke nezeljene stavke, isprazni temp a isto tako izvrsi dodatnu proveru. --- --- --- FRST's FixList --- --- 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start File: C:\Windows\SysWOW64\mshta.exe C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com C:\Users\Stefan\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx HKLM-x32\...\Run: [CMD] - cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20130909 (exit) else (start http://alt-rutor.org && exit) HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect" SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3288691&CUI=UN71562942263942983&UM=2&UP=SP239EEF2A-AB00-4828-BC82-E67C63974B81&SSPV= SearchScopes: HKCU - {23ED2A45-98AC-470C-93C1-487B1B145A1B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3288691&CUI=UN71562942263942983&UM=2 BHO: No Name - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No File FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2014-03-05] CHR HKCU\...\Chrome\Extension: [pkmpcdbgnfjfeelcpebpkflcmbkclfho] - C:\Users\Stefan\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx [2014-02-08] CHR HKLM-x32\...\Chrome\Extension: [pkmpcdbgnfjfeelcpebpkflcmbkclfho] - C:\Users\Stefan\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx [2014-02-08] 2014-02-16 19:44 - 2014-02-16 19:44 - 00000000 ____D () C:\ProgramData\YTD Video Downloader 2014-02-16 19:44 - 2014-02-16 19:44 - 00000000 ____D () C:\Program Files (x86)\GreenTree Applications 2014-02-16 14:18 - 2014-02-16 14:18 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect 2014-02-16 14:15 - 2014-02-16 16:29 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Conduit 2014-02-16 14:15 - 2014-02-16 14:15 - 00000000 ____D () C:\Users\Stefan\AppData\Local\NativeMessaging 2014-02-16 14:15 - 2014-02-16 14:15 - 00000000 ____D () C:\Program Files (x86)\Conduit 2014-02-16 14:13 - 2014-02-27 00:00 - 00000000 ____D () C:\ProgramData\Conduit 2014-02-16 14:16 - 2014-02-16 14:13 - 00000009 _____ () C:\END CMD: DEL %TEMP%\. /F /S /Q CMD: DEL %WINDIR%\TEMP\. /F /S /Q CMD: RD /S /Q %TEMP% CMD: RD /S /Q %WINDIR%\TEMP REBOOT: End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

Stefan1996 Poslao: 07 Mar 2014 18:21 Idi na vrh
offline Stefan1996 Novi MyCity građanin Pridružio: 11 Sep 2012 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png evo. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-03-2014 Ran by Stefan at 2014-03-07 18:06:06 Run:1 Running from C:\Users\Stefan\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** Start File: C:\Windows\SysWOW64\mshta.exe C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com C:\Users\Stefan\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx HKLM-x32\...\Run: [CMD] - cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20130909 (exit) else (start alt-rutor.org && exit) HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect" SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3288691&CUI=UN71562942263942983&UM=2&UP=SP239EEF2A-AB00-4828-BC82-E67C63974B81&SSPV= SearchScopes: HKCU - {23ED2A45-98AC-470C-93C1-487B1B145A1B} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3288691&CUI=UN71562942263942983&UM=2 BHO: No Name - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No File FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2014-03-05] CHR HKCU\...\Chrome\Extension: [pkmpcdbgnfjfeelcpebpkflcmbkclfho] - C:\Users\Stefan\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx [2014-02-08] CHR HKLM-x32\...\Chrome\Extension: [pkmpcdbgnfjfeelcpebpkflcmbkclfho] - C:\Users\Stefan\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx [2014-02-08] 2014-02-16 19:44 - 2014-02-16 19:44 - 00000000 ____D () C:\ProgramData\YTD Video Downloader 2014-02-16 19:44 - 2014-02-16 19:44 - 00000000 ____D () C:\Program Files (x86)\GreenTree Applications 2014-02-16 14:18 - 2014-02-16 14:18 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect 2014-02-16 14:15 - 2014-02-16 16:29 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Conduit 2014-02-16 14:15 - 2014-02-16 14:15 - 00000000 ____D () C:\Users\Stefan\AppData\Local\NativeMessaging 2014-02-16 14:15 - 2014-02-16 14:15 - 00000000 ____D () C:\Program Files (x86)\Conduit 2014-02-16 14:13 - 2014-02-27 00:00 - 00000000 ____D () C:\ProgramData\Conduit 2014-02-16 14:16 - 2014-02-16 14:13 - 00000009 _____ () C:\END CMD: DEL %TEMP%\. /F /S /Q CMD: DEL %WINDIR%\TEMP\. /F /S /Q CMD: RD /S /Q %TEMP% CMD: RD /S /Q %WINDIR%\TEMP REBOOT: End ***************** ========================= File: C:\Windows\SysWOW64\mshta.exe ======================== MD5: 061CBB1058A10C0875D18CAFF835AE97 Creation and modification date: 2012-07-13 16:37 - 2012-07-13 16:37 Size: 0011776 Attributes: ----A Company Name: Microsoft Corporation Internal Name: MSHTA.EXE Original Name: MSHTA.EXE.MUI Product Name: Windows® Internet Explorer Description: Microsoft (R) HTML Application host File Version: 9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) Product Version: 9.00.8112.16421 Copyright: © Microsoft Corporation. All rights reserved. ====== End Of File: ====== C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com => Moved successfully. C:\Users\Stefan\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx => Moved successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CMD => Value deleted successfully. HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key deleted successfully. HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{23ED2A45-98AC-470C-93C1-487B1B145A1B} => Key deleted successfully. HKCR\CLSID\{23ED2A45-98AC-470C-93C1-487B1B145A1B} => Key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} => Key deleted successfully. HKCR\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} => Key not found. C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com not found. HKCU\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho => Key deleted successfully. "C:\Users\Stefan\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho => Key deleted successfully. "C:\Users\Stefan\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx" => File/Directory not found. "C:\ProgramData\YTD Video Downloader" => File/Directory not found. C:\Program Files (x86)\GreenTree Applications => Moved successfully. C:\Windows\SysWOW64\SearchProtect => Moved successfully. C:\Users\Stefan\AppData\Local\Conduit => Moved successfully. C:\Users\Stefan\AppData\Local\NativeMessaging => Moved successfully. C:\Program Files (x86)\Conduit => Moved successfully. C:\ProgramData\Conduit => Moved successfully. C:\END => Moved successfully. ========= DEL %TEMP%\. /F /S /Q ========= Deleted file - C:\Users\Stefan\AppData\Local\Temp\59B1.tmp Deleted file - C:\Users\Stefan\AppData\Local\Temp\AdobeARM.log Deleted file - C:\Users\Stefan\AppData\Local\Temp\Attach.txt Deleted file - C:\Users\Stefan\AppData\Local\Temp\chrome_installer.log Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera19.0.1326.63opera_autoupdate.lock Deleted file - C:\Users\Stefan\AppData\Local\Temp\DDS.txt Deleted file - C:\Users\Stefan\AppData\Local\Temp\DMIB8CD.tmp C:\Users\Stefan\AppData\Local\Temp\FXSAPIDebugLogFile.txt The process cannot access the file because it is being used by another process. Deleted file - C:\Users\Stefan\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20140301_175232914.html Deleted file - C:\Users\Stefan\AppData\Local\Temp\MM-APG-5.pdf Deleted file - C:\Users\Stefan\AppData\Local\Temp\opera_crashreporter.log Deleted file - C:\Users\Stefan\AppData\Local\Temp\set9B7D.tmp Deleted file - C:\Users\Stefan\AppData\Local\Temp\Stefan.bmp Deleted file - C:\Users\Stefan\AppData\Local\Temp\_A81A.tmp Deleted file - C:\Users\Stefan\AppData\Local\Temp\_D914.tmp Deleted file - C:\Users\Stefan\AppData\Local\Temp\2180_7293\crl-set Deleted file - C:\Users\Stefan\AppData\Local\Temp\2180_7293\manifest.fingerprint Deleted file - C:\Users\Stefan\AppData\Local\Temp\2180_7293\manifest.json Deleted file - C:\Users\Stefan\AppData\Local\Temp\2348_22660\crl-set Deleted file - C:\Users\Stefan\AppData\Local\Temp\2348_22660\manifest.fingerprint Deleted file - C:\Users\Stefan\AppData\Local\Temp\2348_22660\manifest.json Deleted file - C:\Users\Stefan\AppData\Local\Temp\2964_9476\crl-set Deleted file - C:\Users\Stefan\AppData\Local\Temp\2964_9476\manifest.fingerprint Deleted file - C:\Users\Stefan\AppData\Local\Temp\2964_9476\manifest.json Deleted file - C:\Users\Stefan\AppData\Local\Temp\3028_14942\crl-set Deleted file - C:\Users\Stefan\AppData\Local\Temp\3028_14942\manifest.fingerprint Deleted file - C:\Users\Stefan\AppData\Local\Temp\3028_14942\manifest.json Deleted file - C:\Users\Stefan\AppData\Local\Temp\3692_18763\crl-set Deleted file - C:\Users\Stefan\AppData\Local\Temp\3692_18763\manifest.fingerprint Deleted file - C:\Users\Stefan\AppData\Local\Temp\3692_18763\manifest.json Deleted file - C:\Users\Stefan\AppData\Local\Temp\4788_30710\crl-set Deleted file - C:\Users\Stefan\AppData\Local\Temp\4788_30710\manifest.fingerprint Deleted file - C:\Users\Stefan\AppData\Local\Temp\4788_30710\manifest.json Deleted file - C:\Users\Stefan\AppData\Local\Temp\5836_5928\crl-set Deleted file - C:\Users\Stefan\AppData\Local\Temp\5836_5928\manifest.fingerprint Deleted file - C:\Users\Stefan\AppData\Local\Temp\5836_5928\manifest.json Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\Opera_20.0.1387.64_Autoupdate.exe Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\opera_200_percent.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\opera_autoupdate.exe Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\opera_autoupdate.licenses Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\opera_autoupdate.version Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\opera_crashreporter.exe Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\osmesa.dll Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\wow_helper.exe Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\af.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\ar.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\az.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\be.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\bg.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\bn.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\ca.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\cs.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\da.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\de.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\el.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\en-GB.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\en-US.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\es-419.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\es.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\fi.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\fr-CA.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\fr.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\fy.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\gd.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\hi.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\hr.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\hu.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\id.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\it.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\ja.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\kk.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\ko.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\lt.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\lv.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\me.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\mk.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\ms.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\nb.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\nl.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\nn.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\pa.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\pl.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\pt-BR.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\pt-PT.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\ro.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\ru.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\sk.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\sr.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\sv.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\sw.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\ta.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\te.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\th.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\tl.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\tr.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\uk.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\uz.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\vi.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\zh-CN.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\zh-TW.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\localization\zu.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\0CD5F3A0-8BF6-11E2-9E96-0800200C9A66.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\1AF2CDD0-8BF3-11E2-9E96-0800200C9A66.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\1CF37043-6733-479C-9086-7B21A2292DDA.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\1CFF9287-F5FE-4970-B2A0-3245021CE63A.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\2A3F5C20-8BF5-11E2-9E96-0800200C9A66.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\3B6191A0-8BF3-11E2-9E96-0800200C9A66.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\5BBBDD5B-EDC7-4168-9F5D-290AF826E716.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\66DD4BB6-A3BA-4B11-AF7A-F4BF23E073B2.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\6D3582E1-6013-429F-BB34-C75B90CDD1F8.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\8D754F20-8BF5-11E2-9E96-0800200C9A66.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\C665D993-1B49-4C2E-962C-BEB19993BB86.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\CCCED631-6DA2-4060-9824-95737E64350C.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\default_partner_content.json Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\dictionaries.xml Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\F3F34CBB-24FF-4830-9E87-1663E7A0A5EE.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\FDC2CCAB-E8F9-4620-91DD-B0B67285997C.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\FF57F01A-0718-44B7-8A1F-8B15BC33A50B.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\4200_16133\resources\license.txt Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\d3dcompiler_46.dll Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\ffmpegsumo.dll Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\files_list Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\icudt.dll Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\launcher.exe Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\launcher_lib.dll Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\libEGL.dll Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\libGLESv2.dll Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\msvcp100.dll Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\msvcr100.dll Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\npTestNetscapePlugIn.dll Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\opera.dll Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\opera.exe Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\opera.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\opera_100_percent.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\opera_125_percent.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\opera_150_percent.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\Opera_20.0.1387.64_Autoupdate.exe Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\opera_200_percent.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\opera_autoupdate.exe Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\opera_autoupdate.licenses Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\opera_autoupdate.version Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\opera_crashreporter.exe Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\osmesa.dll Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\wow_helper.exe Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\af.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\ar.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\az.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\be.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\bg.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\bn.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\ca.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\cs.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\da.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\de.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\el.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\en-GB.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\en-US.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\es-419.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\es.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\fi.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\fr-CA.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\fr.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\fy.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\gd.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\hi.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\hr.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\hu.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\id.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\it.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\ja.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\kk.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\ko.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\lt.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\lv.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\me.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\mk.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\ms.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\nb.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\nl.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\nn.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\pa.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\pl.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\pt-BR.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\pt-PT.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\ro.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\ru.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\sk.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\sr.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\sv.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\sw.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\ta.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\te.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\th.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\tl.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\tr.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\uk.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\uz.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\vi.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\zh-CN.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\zh-TW.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\localization\zu.pak Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\0CD5F3A0-8BF6-11E2-9E96-0800200C9A66.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\1AF2CDD0-8BF3-11E2-9E96-0800200C9A66.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\1CF37043-6733-479C-9086-7B21A2292DDA.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\1CFF9287-F5FE-4970-B2A0-3245021CE63A.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\2A3F5C20-8BF5-11E2-9E96-0800200C9A66.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\3B6191A0-8BF3-11E2-9E96-0800200C9A66.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\5BBBDD5B-EDC7-4168-9F5D-290AF826E716.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\66DD4BB6-A3BA-4B11-AF7A-F4BF23E073B2.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\6D3582E1-6013-429F-BB34-C75B90CDD1F8.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\8D754F20-8BF5-11E2-9E96-0800200C9A66.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\C665D993-1B49-4C2E-962C-BEB19993BB86.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\CCCED631-6DA2-4060-9824-95737E64350C.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\default_partner_content.json Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\dictionaries.xml Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\F3F34CBB-24FF-4830-9E87-1663E7A0A5EE.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\FDC2CCAB-E8F9-4620-91DD-B0B67285997C.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\FF57F01A-0718-44B7-8A1F-8B15BC33A50B.ico Deleted file - C:\Users\Stefan\AppData\Local\Temp\CProgram Files (x86)Opera\installing\resources\license.txt Deleted file - C:\Users\Stefan\AppData\Local\Temp\{EB184AEE-28CD-4271-8B24-CCD41CE7B303}\fpb.tmp Deleted file - C:\Users\Stefan\AppData\Local\Temp\~nsu.tmp\Au_.exe ========= End of CMD: ========= ========= DEL %WINDIR%\TEMP\. /F /S /Q ========= Deleted file - C:\Windows\TEMP\bcdedit.exe Deleted file - C:\Windows\TEMP\chrome_installer.log Deleted file - C:\Windows\TEMP\fwtsqmfile00.sqm Deleted file - C:\Windows\TEMP\fwtsqmfile01.sqm Deleted file - C:\Windows\TEMP\fwtsqmfile14.sqm Deleted file - C:\Windows\TEMP\avast_ash\Mozilla Firefox\update.xml Deleted file - C:\Windows\TEMP\CR_E6A83.tmp\SETUP_PATCH.PACKED.7Z C:\Windows\TEMP\_avast_\Webshlock.txt The process cannot access the file because it is being used by another process. ========= End of CMD: ========= ========= RD /S /Q %TEMP% ========= C:\Users\Stefan\AppData\Local\Temp\etilqs_OxLwt4RfbkrAqYa - The process cannot access the file because it is being used by another process. C:\Users\Stefan\AppData\Local\Temp\etilqs_wSnjazHY8iS89eQ - The process cannot access the file because it is being used by another process. C:\Users\Stefan\AppData\Local\Temp\FXSAPIDebugLogFile.txt - The process cannot access the file because it is being used by another process. ========= End of CMD: ========= ========= RD /S /Q %WINDIR%\TEMP ========= C:\Windows\TEMP\_avast_\Webshlock.txt - The process cannot access the file because it is being used by another process. ========= End of CMD: ========= The system needed a reboot. ==== End of Fixlog ====

Profil

magna86 Poslao: 07 Mar 2014 20:43 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To bi bilo to. Ovde nema malware. Tvoj sistem je cist, nemas aktivne infekcije. Citat:... stiglo neko obavestenje od telekoma kao da mi je racunar zarazen nekim virusom GRUM. Trebao bi jos jednom da proveris da li je to stvarno mail od telekoma, isto tako ta informacija moze biti cisto kao neko njihovo 'trece' upozorenje koje je mozda na globalnom nivou. No, veca je verovatnoca da je taj mail obican spam, moze biti i da mail i nije dosao od telekoma. To bi takodje trebao da ispitas. Kao sto vec rekoh, tvoj sistem nije inficiran, imas dobar AntiVirus, dobre AntiMalware programe kao dodatan sloj zastite a sada smo i dodatno proverili sistem sa dva mocna dijagnosticka alata koji mi to i potvrdjuju. Tako da, mozes da odahnes. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

Stefan1996 Poslao: 07 Mar 2014 23:14 Idi na vrh
offline Stefan1996 Novi MyCity građanin Pridružio: 11 Sep 2012 Poruke: 4	1Ovo se svidja korisniku: magna86 Registruj se da bi pohvalio/la poruku! Ok, hvala ti puno na pomoci. Pozdrav

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provera racunara

Ko je trenutno na forumu

Ukupno su 831 korisnika na forumu :: 5 registrovanih, 1 sakriven i 825 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Bokiboks, goxin, Marko Marković, mige, Shilok

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by