Na ovom kompjuteru ima svašta

1

Na ovom kompjuteru ima svašta

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 3155
  • Gde živiš: Herceg Novi

Napisano: 12 Sep 2017 20:44

Pišem sa mog telefona u ime novog člana (Aki HNovi) jer ona ima problem sa logovanjem, a ja imam problem sa njenom tastaturom na kompu.

Poslaću izveštaje Farbar-ove i MBAM-a koje sam uradila na njenom kompu.

Dopuna: 12 Sep 2017 20:48

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2017 02
Ran by korisnik (administrator) on KORISNIK-PC (12-09-2017 19:38:09)
Running from C:\Users\korisnik\Desktop
Loaded Profiles: korisnik (Available Profiles: korisnik & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\korisnik\Desktop\FRST64 (1).exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-12] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {b0961fb0-1793-11e2-8515-d43d7e0145a8} - E:\autorun.exe
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {f26a8f30-c5e0-11e2-b742-d43d7e0145a8} - E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
GroupPolicy\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8BE5A43C-9EA4-4C05-B7AB-59E018F3FDD1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F81CD68B-D090-4D72-8A36-9274FBDA6D51}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZC^xdm941^YY^hr&ptb=BD387117-58ED-4C29-B1BE-625324DC6F5A&ind=2013060912&n=77fcdf30&psa=&st=kwd&searchfor=1122nikola
URLSearchHook: HKLM-x32 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
SearchScopes: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> DefaultScope {54C2D6AD-D64D-4596-9C99-99CEB40AA9B0} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-09-12] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-09-12] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-26] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll [2012-12-03] (SimilarGroup)
Toolbar: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll [2012-09-26] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2012-09-26] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-26] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-02-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1875000320-2089066893-3847967519-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\korisnik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default [2017-09-12]
CHR Extension: (Google Slides) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-20]
CHR Extension: (Google Docs) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-20]
CHR Extension: (Avast SafePrice) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-13]
CHR Extension: (Google Sheets) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-09-12]
CHR Extension: (Avast Online Security) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-09-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-12]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-12] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-12] (AVAST Software)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-09-12] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-09-12] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-09-12] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-09-12] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-09-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-09-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-09-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-09-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-09-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-09-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-09-12] (AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-08] (HandSet Incorporated)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-12] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [101824 2017-09-12] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-09-12] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-12] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-09-12] (Malwarebytes)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [131080 2012-06-08] (ZTE Incorporated)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-12 19:38 - 2017-09-12 19:38 - 000013108 _____ C:\Users\korisnik\Desktop\FRST.txt
2017-09-12 19:37 - 2017-09-12 19:37 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-09-12 19:36 - 2017-09-12 19:36 - 002397184 _____ (Farbar) C:\Users\korisnik\Desktop\FRST64 (1).exe
2017-09-12 19:31 - 2017-09-12 19:31 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-12 19:05 - 2017-09-12 19:05 - 000254558 _____ C:\Users\korisnik\Downloads\downloads.htm
2017-09-12 19:00 - 2017-09-12 19:38 - 000000000 ____D C:\FRST
2017-09-12 18:59 - 2017-09-12 19:00 - 002397184 _____ (Farbar) C:\Users\korisnik\Downloads\FRST64.exe
2017-09-12 18:20 - 2017-09-12 18:21 - 000000036 _____ C:\Users\korisnik\Desktop\mbam.txt
2017-09-12 18:01 - 2017-09-12 19:31 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-12 18:01 - 2017-09-12 19:31 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-09-12 18:01 - 2017-09-12 19:31 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-12 18:01 - 2017-09-12 18:01 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-09-12 18:00 - 2017-09-12 18:00 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-12 18:00 - 2017-09-12 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-12 18:00 - 2017-09-12 18:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-12 18:00 - 2017-09-12 18:00 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-12 18:00 - 2017-08-24 11:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-09-12 17:56 - 2017-09-12 17:59 - 066347240 _____ (Malwarebytes ) C:\Users\korisnik\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-12 17:49 - 2017-09-12 19:04 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-09-12 17:48 - 2017-09-12 17:49 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-09-12 17:48 - 2017-09-12 17:48 - 000002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-09-12 17:48 - 2017-09-12 17:48 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-09-12 17:41 - 2017-09-12 17:41 - 000002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-09-12 17:41 - 2017-09-12 17:41 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-09-12 17:41 - 2017-09-12 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-12 17:39 - 2017-09-12 17:41 - 000000000 ____D C:\Program Files\CCleaner
2017-09-12 17:38 - 2017-09-12 17:38 - 009826968 _____ (Piriform Ltd) C:\Users\korisnik\Downloads\ccsetup534.exe
2017-09-12 17:28 - 2017-09-12 17:28 - 000001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-09-12 17:28 - 2017-09-12 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-09-12 17:27 - 2017-09-12 17:26 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-12 19:31 - 2017-04-05 14:26 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2017-09-12 19:31 - 2014-08-07 22:47 - 000000000 ____D C:\Program Files\Google
2017-09-12 19:31 - 2014-08-07 22:46 - 000000000 ____D C:\Program Files (x86)\Google
2017-09-12 19:31 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-12 19:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2017-09-12 18:50 - 2009-07-14 06:45 - 000021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-12 18:50 - 2009-07-14 06:45 - 000021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-12 18:49 - 2013-09-22 11:47 - 000000000 ____D C:\Users\korisnik\AppData\LocalLow\Temp
2017-09-12 18:49 - 2012-09-26 19:37 - 000000000 ____D C:\Users\korisnik\AppData\Local\Google
2017-09-12 18:45 - 2016-07-14 00:56 - 000003898 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468450592
2017-09-12 18:31 - 2012-09-26 19:49 - 000000000 ____D C:\Users\korisnik\AppData\Roaming\Skype
2017-09-12 18:01 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-12 17:55 - 2017-03-15 21:17 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-09-12 17:55 - 2012-09-26 19:49 - 000000000 ____D C:\ProgramData\Skype
2017-09-12 17:48 - 2012-09-26 19:47 - 000000000 ____D C:\ProgramData\Adobe
2017-09-12 17:45 - 2013-09-22 11:46 - 000000000 ____D C:\Users\korisnik\AppData\Roaming\uTorrent
2017-09-12 17:44 - 2013-10-18 21:01 - 000000000 ____D C:\Windows\Minidump
2017-09-12 17:44 - 2012-09-27 05:20 - 000000000 ____D C:\Windows\Panther
2017-09-12 17:43 - 2013-02-14 21:38 - 000000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1875000320-2089066893-3847967519-1000UA.job
2017-09-12 17:34 - 2013-02-14 21:37 - 000000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1875000320-2089066893-3847967519-1000Core.job
2017-09-12 17:33 - 2016-01-20 22:09 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-12 17:33 - 2016-01-20 22:09 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-12 17:27 - 2017-04-04 19:30 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-09-12 17:26 - 2017-04-04 19:30 - 000343296 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-09-12 17:26 - 2017-04-04 19:30 - 000320528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-09-12 17:26 - 2017-04-04 19:30 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-09-12 17:26 - 2017-04-04 19:30 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-09-12 17:26 - 2016-07-12 13:47 - 000041832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-09-12 17:26 - 2014-08-07 17:17 - 000047016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-09-12 17:26 - 2014-01-06 14:27 - 000199312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-09-12 17:26 - 2013-06-05 18:01 - 000361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-09-12 17:26 - 2013-06-05 18:01 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 001016384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 000590880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 000147784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

==================== Files in the root of some directories =======

2017-03-21 08:45 - 2017-03-21 08:45 - 000000000 ____H () C:\Users\korisnik\AppData\Local\BITABF7.tmp
2017-03-21 08:44 - 2017-03-21 08:45 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{2DE2F56A-F566-4C65-8551-CFDE98A018F1}
2015-10-15 16:41 - 2015-10-15 16:41 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{3777955B-2B69-43B7-AD6E-7C6931A1E69E}
2015-02-07 21:38 - 2015-02-07 21:38 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{6971EBF1-B074-48BA-B076-203E50525306}
2015-10-31 10:35 - 2015-10-31 10:39 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{B673AF09-A2B5-4655-A53F-87CEF18094C6}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2013-12-20 22:51] - [2010-11-21 05:24] - 002389504 _____ (Microsoft Corporation) 3B57A11F33BC8024B9BE3EABD5EF6415

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-04 18:42

==================== End of FRST.txt ============================


https://www.mycity.rs/must-login.png

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 3155
  • Gde živiš: Herceg Novi

Kako da posaljem ovaj izvestaj, nemam opcije kao na uputstvu koje sam ja dobila u ovoj poruci.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 9932
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Imaš opciju Quarantine Selected. Nju iskoristi, pa onda postavi MBAM izvještaj uz nove FRST.txt i Addition.txt izvještaje.

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 3155
  • Gde živiš: Herceg Novi

Evo novi izvestaji Frst-a.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2017 02
Ran by korisnik (administrator) on KORISNIK-PC (12-09-2017 22:00:24)
Running from C:\Users\korisnik\Desktop
Loaded Profiles: korisnik (Available Profiles: korisnik & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Farbar) C:\Users\korisnik\Desktop\FRST64 (1).exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-12] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9855192 2017-09-07] (Piriform Ltd)
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {b0961fb0-1793-11e2-8515-d43d7e0145a8} - E:\autorun.exe
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {f26a8f30-c5e0-11e2-b742-d43d7e0145a8} - E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
GroupPolicy\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8BE5A43C-9EA4-4C05-B7AB-59E018F3FDD1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F81CD68B-D090-4D72-8A36-9274FBDA6D51}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZC^xdm941^YY^hr&ptb=BD387117-58ED-4C29-B1BE-625324DC6F5A&ind=2013060912&n=77fcdf30&psa=&st=kwd&searchfor=1122nikola
URLSearchHook: HKLM-x32 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
SearchScopes: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> DefaultScope {54C2D6AD-D64D-4596-9C99-99CEB40AA9B0} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-09-12] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-09-12] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-26] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll [2012-12-03] (SimilarGroup)
Toolbar: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll [2012-09-26] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2012-09-26] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-26] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-02-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1875000320-2089066893-3847967519-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\korisnik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default [2017-09-12]
CHR Extension: (Google Slides) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-20]
CHR Extension: (Google Docs) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-20]
CHR Extension: (Avast SafePrice) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-13]
CHR Extension: (Google Sheets) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-09-12]
CHR Extension: (Avast Online Security) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-09-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-12]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-12] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-12] (AVAST Software)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-09-12] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-09-12] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-09-12] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-09-12] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-09-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-09-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-09-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-09-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-09-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-09-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-09-12] (AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-08] (HandSet Incorporated)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-12] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [101824 2017-09-12] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-09-12] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-12] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-09-12] (Malwarebytes)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [131080 2012-06-08] (ZTE Incorporated)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-12 22:00 - 2017-09-12 22:01 - 000012935 _____ C:\Users\korisnik\Desktop\FRST.txt
2017-09-12 21:40 - 2017-09-12 21:40 - 000215326 _____ C:\Users\korisnik\Desktop\mbam.txt
2017-09-12 21:13 - 2017-09-12 21:58 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-12 21:13 - 2017-09-12 21:57 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-12 21:13 - 2017-09-12 21:57 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-09-12 21:13 - 2017-09-12 21:57 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-12 21:13 - 2017-09-12 21:13 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-09-12 21:13 - 2017-09-12 21:13 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-12 21:13 - 2017-09-12 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-12 21:12 - 2017-09-12 21:12 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-12 21:12 - 2017-08-24 11:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-09-12 21:09 - 2017-09-12 21:12 - 066347240 _____ (Malwarebytes ) C:\Users\korisnik\Desktop\mb3-setup-consumer-3.2.2.2018.exe
2017-09-12 21:03 - 2017-09-12 21:58 - 000000000 ____D C:\ProgramData\MCShield
2017-09-12 21:03 - 2017-09-12 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2017-09-12 21:03 - 2017-09-12 21:03 - 000000000 ____D C:\Program Files (x86)\MCShield
2017-09-12 21:02 - 2017-09-12 21:02 - 002856736 _____ (MyCity) C:\Users\korisnik\Desktop\MCShield-Setup.exe
2017-09-12 19:36 - 2017-09-12 19:36 - 002397184 _____ (Farbar) C:\Users\korisnik\Desktop\FRST64 (1).exe
2017-09-12 19:05 - 2017-09-12 19:05 - 000254558 _____ C:\Users\korisnik\Downloads\downloads.htm
2017-09-12 19:00 - 2017-09-12 22:00 - 000000000 ____D C:\FRST
2017-09-12 18:59 - 2017-09-12 19:00 - 002397184 _____ (Farbar) C:\Users\korisnik\Downloads\FRST64.exe
2017-09-12 18:00 - 2017-09-12 18:00 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-12 17:56 - 2017-09-12 17:59 - 066347240 _____ (Malwarebytes ) C:\Users\korisnik\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-12 17:49 - 2017-09-12 19:04 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-09-12 17:48 - 2017-09-12 17:49 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-09-12 17:48 - 2017-09-12 17:48 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-09-12 17:41 - 2017-09-12 17:41 - 000002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-09-12 17:41 - 2017-09-12 17:41 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-09-12 17:41 - 2017-09-12 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-12 17:39 - 2017-09-12 17:41 - 000000000 ____D C:\Program Files\CCleaner
2017-09-12 17:38 - 2017-09-12 17:38 - 009826968 _____ (Piriform Ltd) C:\Users\korisnik\Downloads\ccsetup534.exe
2017-09-12 17:28 - 2017-09-12 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-09-12 17:27 - 2017-09-12 17:26 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-12 21:57 - 2017-04-05 14:26 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2017-09-12 21:57 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-12 21:52 - 2012-09-26 19:49 - 000000000 ____D C:\Users\korisnik\AppData\Roaming\Skype
2017-09-12 21:22 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2017-09-12 21:06 - 2013-09-22 11:46 - 000000000 ____D C:\Users\korisnik\AppData\Roaming\uTorrent
2017-09-12 20:43 - 2013-02-14 21:38 - 000000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1875000320-2089066893-3847967519-1000UA.job
2017-09-12 20:42 - 2013-02-14 21:37 - 000000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1875000320-2089066893-3847967519-1000Core.job
2017-09-12 20:22 - 2009-07-14 06:45 - 000021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-12 20:22 - 2009-07-14 06:45 - 000021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-12 19:31 - 2014-08-07 22:47 - 000000000 ____D C:\Program Files\Google
2017-09-12 19:31 - 2014-08-07 22:46 - 000000000 ____D C:\Program Files (x86)\Google
2017-09-12 18:49 - 2013-09-22 11:47 - 000000000 ____D C:\Users\korisnik\AppData\LocalLow\Temp
2017-09-12 18:49 - 2012-09-26 19:37 - 000000000 ____D C:\Users\korisnik\AppData\Local\Google
2017-09-12 18:45 - 2016-07-14 00:56 - 000003898 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468450592
2017-09-12 18:01 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-12 17:55 - 2017-03-15 21:17 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-09-12 17:55 - 2012-09-26 19:49 - 000000000 ____D C:\ProgramData\Skype
2017-09-12 17:48 - 2012-09-26 19:47 - 000000000 ____D C:\ProgramData\Adobe
2017-09-12 17:44 - 2013-10-18 21:01 - 000000000 ____D C:\Windows\Minidump
2017-09-12 17:44 - 2012-09-27 05:20 - 000000000 ____D C:\Windows\Panther
2017-09-12 17:33 - 2016-01-20 22:09 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-12 17:33 - 2016-01-20 22:09 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-12 17:27 - 2017-04-04 19:30 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-09-12 17:26 - 2017-04-04 19:30 - 000343296 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-09-12 17:26 - 2017-04-04 19:30 - 000320528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-09-12 17:26 - 2017-04-04 19:30 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-09-12 17:26 - 2017-04-04 19:30 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-09-12 17:26 - 2016-07-12 13:47 - 000041832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-09-12 17:26 - 2014-08-07 17:17 - 000047016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-09-12 17:26 - 2014-01-06 14:27 - 000199312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-09-12 17:26 - 2013-06-05 18:01 - 000361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-09-12 17:26 - 2013-06-05 18:01 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 001016384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 000590880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 000147784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

==================== Files in the root of some directories =======

2017-03-21 08:45 - 2017-03-21 08:45 - 000000000 ____H () C:\Users\korisnik\AppData\Local\BITABF7.tmp
2017-03-21 08:44 - 2017-03-21 08:45 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{2DE2F56A-F566-4C65-8551-CFDE98A018F1}
2015-10-15 16:41 - 2015-10-15 16:41 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{3777955B-2B69-43B7-AD6E-7C6931A1E69E}
2015-02-07 21:38 - 2015-02-07 21:38 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{6971EBF1-B074-48BA-B076-203E50525306}
2015-10-31 10:35 - 2015-10-31 10:39 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{B673AF09-A2B5-4655-A53F-87CEF18094C6}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2013-12-20 22:51] - [2010-11-21 05:24] - 002389504 _____ (Microsoft Corporation) 3B57A11F33BC8024B9BE3EABD5EF6415

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-04 18:42

==================== End of FRST.txt ============================


https://www.mycity.rs/must-login.png



Izvestaj MBAM-a mogu poslati samo da ga iskopiram u poruku, drugi nacin ne znam, ne daje mi nikakvu mogucnost. Moze li tako?

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 9932
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Otvori Notepad i kopiraj izvještaj u nejga, sačuvaj fajl i kao takvog ga prikači uz poruku.

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 3155
  • Gde živiš: Herceg Novi

Uradiću sjutra uveče kad dođem s posla, izvini što ne mogu ranije.

online
  • Pridružio: 14 Jun 2016
  • Poruke: 439

Pozdrav,
Molim te da ukloniš SimilarSites preko Control Panela.

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {b0961fb0-1793-11e2-8515-d43d7e0145a8} - E:\autorun.exe
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {f26a8f30-c5e0-11e2-b742-d43d7e0145a8} - E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
GroupPolicy\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
E:\autorun.exe
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZC^xdm941^YY^hr&ptb=BD387117-58ED-4C29-B1BE-625324DC6F5A&ind=2013060912&n=77fcdf30&psa=&st=kwd&searchfor=1122nikola
URLSearchHook: HKLM-x32 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
SearchScopes: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> DefaultScope {54C2D6AD-D64D-4596-9C99-99CEB40AA9B0} URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll [2012-12-03] (SimilarGroup)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
Task: {1B1FC533-88D4-4740-9065-40F0A2938A5E} - \Default2Check -> No File <==== ATTENTION
C:\Program Files (x86)\SimilarSites
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 3155
  • Gde živiš: Herceg Novi

Pozdrav!

Izvini sto tek sada saljem izvestaj, nisam mogla ranije. Evo:

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-09-2017
Ran by korisnik (13-09-2017 21:47:28) Run:1
Running from C:\Users\korisnik\Desktop
Loaded Profiles: korisnik (Available Profiles: korisnik & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {b0961fb0-1793-11e2-8515-d43d7e0145a8} - E:\autorun.exe
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {f26a8f30-c5e0-11e2-b742-d43d7e0145a8} - E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
GroupPolicy\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
E:\autorun.exe
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZC^xdm941^YY^hr&ptb=BD387117-58ED-4C29-B1BE-625324DC6F5A&ind=2013060912&n=77fcdf30&psa=&st=kwd&searchfor=1122nikola
URLSearchHook: HKLM-x32 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
SearchScopes: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> DefaultScope {54C2D6AD-D64D-4596-9C99-99CEB40AA9B0} URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll [2012-12-03] (SimilarGroup)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
Task: {1B1FC533-88D4-4740-9065-40F0A2938A5E} - \Default2Check -> No File <==== ATTENTION
C:\Program Files (x86)\SimilarSites
EmptyTemp:

*****************

Restore point was successfully created.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0961fb0-1793-11e2-8515-d43d7e0145a8} => key removed successfully
HKLM\Software\Classes\CLSID\{b0961fb0-1793-11e2-8515-d43d7e0145a8} => key not found.
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f26a8f30-c5e0-11e2-b742-d43d7e0145a8} => key removed successfully
HKLM\Software\Classes\CLSID\{f26a8f30-c5e0-11e2-b742-d43d7e0145a8} => key not found.
C:\Windows\system32\GroupPolicy\User => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Policies\Google => key removed successfully
"E:\autorun.exe" => not found.
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => value not found.
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value removed successfully
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => value not found.
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => value not found.
HKLM\Software\Wow6432Node\Classes\CLSID\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B1FC533-88D4-4740-9065-40F0A2938A5E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B1FC533-88D4-4740-9065-40F0A2938A5E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Default2Check => key not found.
"C:\Program Files (x86)\SimilarSites" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29448316 B
Java, Flash, Steam htmlcache => 740 B
Windows/system/drivers => 60699692 B
Edge => 0 B
Chrome => 398089369 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 117985 B
systemprofile32 => 1979979 B
LocalService => 132244 B
NetworkService => 692 B
korisnik => 29639875 B
Guest => 49055777 B

RecycleBin => 275912 B
EmptyTemp: => 551.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:48:15 ====

online
  • Pridružio: 14 Jun 2016
  • Poruke: 439

Preuzmi AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
U Tools odaberi Options.
U dijaloškom okviru koji se pojavi isključi Reset Winsock settings ako je uključen.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Ako ti javi da postoji novija verzija, postaraj se da je preuzmeš.

Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Pojavit će se poruka da računar treba restartovati. Klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"


Javi kakvo je stanje nakon čišćenja.

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 3155
  • Gde živiš: Herceg Novi

U odnosu na sinoc, racunar sada leti. smešak

Evo izvestaj:

https://www.mycity.rs/must-login.png

Ko je trenutno na forumu
 

Ukupno su 679 korisnika na forumu :: 46 registrovanih, 10 sakrivenih i 623 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 1567 - dana 15 Jul 2016 20:18

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _commandos_, _Petar, Aleksandar Tomić, Batinas, bojankrstc, boyce, CheefCoach, Detective, Dorcolac2, drimer, Dzoni Stek, eulereix, Folkstar, goxin, haris1913, Jezekijel, Lieutenant, limes, ljuba, Logic005, majstorjoe, Marko Marković, mačković, nemanja.tatic, nenad81, ofbeyond, powSrb, Profica, rikirubio, S-lash, sasakrajina, softwaremaniac, stalker, Stephanos, StepskiVuk, Stoorb, Sveto2, Toni, Trinitron1, vathra, vlad the impaler, Vlada1389, yufighter, zgoljo, zixmix, zoro+