Na ovom kompjuteru ima svašta

1

Na ovom kompjuteru ima svašta

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 3252
  • Gde živiš: Herceg Novi

Napisano: 12 Sep 2017 20:44

Pišem sa mog telefona u ime novog člana (Aki HNovi) jer ona ima problem sa logovanjem, a ja imam problem sa njenom tastaturom na kompu.

Poslaću izveštaje Farbar-ove i MBAM-a koje sam uradila na njenom kompu.

Dopuna: 12 Sep 2017 20:48

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2017 02
Ran by korisnik (administrator) on KORISNIK-PC (12-09-2017 19:38:09)
Running from C:\Users\korisnik\Desktop
Loaded Profiles: korisnik (Available Profiles: korisnik & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\korisnik\Desktop\FRST64 (1).exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-12] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {b0961fb0-1793-11e2-8515-d43d7e0145a8} - E:\autorun.exe
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {f26a8f30-c5e0-11e2-b742-d43d7e0145a8} - E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
GroupPolicy\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8BE5A43C-9EA4-4C05-B7AB-59E018F3FDD1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F81CD68B-D090-4D72-8A36-9274FBDA6D51}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZC^xdm941^YY^hr&ptb=BD387117-58ED-4C29-B1BE-625324DC6F5A&ind=2013060912&n=77fcdf30&psa=&st=kwd&searchfor=1122nikola
URLSearchHook: HKLM-x32 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
SearchScopes: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> DefaultScope {54C2D6AD-D64D-4596-9C99-99CEB40AA9B0} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-09-12] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-09-12] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-26] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll [2012-12-03] (SimilarGroup)
Toolbar: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll [2012-09-26] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2012-09-26] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-26] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-02-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1875000320-2089066893-3847967519-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\korisnik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default [2017-09-12]
CHR Extension: (Google Slides) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-20]
CHR Extension: (Google Docs) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-20]
CHR Extension: (Avast SafePrice) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-13]
CHR Extension: (Google Sheets) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-09-12]
CHR Extension: (Avast Online Security) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-09-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-12]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-12] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-12] (AVAST Software)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-09-12] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-09-12] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-09-12] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-09-12] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-09-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-09-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-09-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-09-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-09-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-09-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-09-12] (AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-08] (HandSet Incorporated)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-12] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [101824 2017-09-12] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-09-12] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-12] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-09-12] (Malwarebytes)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [131080 2012-06-08] (ZTE Incorporated)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-12 19:38 - 2017-09-12 19:38 - 000013108 _____ C:\Users\korisnik\Desktop\FRST.txt
2017-09-12 19:37 - 2017-09-12 19:37 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-09-12 19:36 - 2017-09-12 19:36 - 002397184 _____ (Farbar) C:\Users\korisnik\Desktop\FRST64 (1).exe
2017-09-12 19:31 - 2017-09-12 19:31 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-12 19:05 - 2017-09-12 19:05 - 000254558 _____ C:\Users\korisnik\Downloads\downloads.htm
2017-09-12 19:00 - 2017-09-12 19:38 - 000000000 ____D C:\FRST
2017-09-12 18:59 - 2017-09-12 19:00 - 002397184 _____ (Farbar) C:\Users\korisnik\Downloads\FRST64.exe
2017-09-12 18:20 - 2017-09-12 18:21 - 000000036 _____ C:\Users\korisnik\Desktop\mbam.txt
2017-09-12 18:01 - 2017-09-12 19:31 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-12 18:01 - 2017-09-12 19:31 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-09-12 18:01 - 2017-09-12 19:31 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-12 18:01 - 2017-09-12 18:01 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-09-12 18:00 - 2017-09-12 18:00 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-12 18:00 - 2017-09-12 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-12 18:00 - 2017-09-12 18:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-12 18:00 - 2017-09-12 18:00 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-12 18:00 - 2017-08-24 11:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-09-12 17:56 - 2017-09-12 17:59 - 066347240 _____ (Malwarebytes ) C:\Users\korisnik\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-12 17:49 - 2017-09-12 19:04 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-09-12 17:48 - 2017-09-12 17:49 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-09-12 17:48 - 2017-09-12 17:48 - 000002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-09-12 17:48 - 2017-09-12 17:48 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-09-12 17:41 - 2017-09-12 17:41 - 000002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-09-12 17:41 - 2017-09-12 17:41 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-09-12 17:41 - 2017-09-12 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-12 17:39 - 2017-09-12 17:41 - 000000000 ____D C:\Program Files\CCleaner
2017-09-12 17:38 - 2017-09-12 17:38 - 009826968 _____ (Piriform Ltd) C:\Users\korisnik\Downloads\ccsetup534.exe
2017-09-12 17:28 - 2017-09-12 17:28 - 000001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-09-12 17:28 - 2017-09-12 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-09-12 17:27 - 2017-09-12 17:26 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-12 19:31 - 2017-04-05 14:26 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2017-09-12 19:31 - 2014-08-07 22:47 - 000000000 ____D C:\Program Files\Google
2017-09-12 19:31 - 2014-08-07 22:46 - 000000000 ____D C:\Program Files (x86)\Google
2017-09-12 19:31 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-12 19:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2017-09-12 18:50 - 2009-07-14 06:45 - 000021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-12 18:50 - 2009-07-14 06:45 - 000021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-12 18:49 - 2013-09-22 11:47 - 000000000 ____D C:\Users\korisnik\AppData\LocalLow\Temp
2017-09-12 18:49 - 2012-09-26 19:37 - 000000000 ____D C:\Users\korisnik\AppData\Local\Google
2017-09-12 18:45 - 2016-07-14 00:56 - 000003898 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468450592
2017-09-12 18:31 - 2012-09-26 19:49 - 000000000 ____D C:\Users\korisnik\AppData\Roaming\Skype
2017-09-12 18:01 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-12 17:55 - 2017-03-15 21:17 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-09-12 17:55 - 2012-09-26 19:49 - 000000000 ____D C:\ProgramData\Skype
2017-09-12 17:48 - 2012-09-26 19:47 - 000000000 ____D C:\ProgramData\Adobe
2017-09-12 17:45 - 2013-09-22 11:46 - 000000000 ____D C:\Users\korisnik\AppData\Roaming\uTorrent
2017-09-12 17:44 - 2013-10-18 21:01 - 000000000 ____D C:\Windows\Minidump
2017-09-12 17:44 - 2012-09-27 05:20 - 000000000 ____D C:\Windows\Panther
2017-09-12 17:43 - 2013-02-14 21:38 - 000000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1875000320-2089066893-3847967519-1000UA.job
2017-09-12 17:34 - 2013-02-14 21:37 - 000000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1875000320-2089066893-3847967519-1000Core.job
2017-09-12 17:33 - 2016-01-20 22:09 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-12 17:33 - 2016-01-20 22:09 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-12 17:27 - 2017-04-04 19:30 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-09-12 17:26 - 2017-04-04 19:30 - 000343296 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-09-12 17:26 - 2017-04-04 19:30 - 000320528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-09-12 17:26 - 2017-04-04 19:30 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-09-12 17:26 - 2017-04-04 19:30 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-09-12 17:26 - 2016-07-12 13:47 - 000041832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-09-12 17:26 - 2014-08-07 17:17 - 000047016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-09-12 17:26 - 2014-01-06 14:27 - 000199312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-09-12 17:26 - 2013-06-05 18:01 - 000361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-09-12 17:26 - 2013-06-05 18:01 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 001016384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 000590880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 000147784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

==================== Files in the root of some directories =======

2017-03-21 08:45 - 2017-03-21 08:45 - 000000000 ____H () C:\Users\korisnik\AppData\Local\BITABF7.tmp
2017-03-21 08:44 - 2017-03-21 08:45 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{2DE2F56A-F566-4C65-8551-CFDE98A018F1}
2015-10-15 16:41 - 2015-10-15 16:41 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{3777955B-2B69-43B7-AD6E-7C6931A1E69E}
2015-02-07 21:38 - 2015-02-07 21:38 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{6971EBF1-B074-48BA-B076-203E50525306}
2015-10-31 10:35 - 2015-10-31 10:39 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{B673AF09-A2B5-4655-A53F-87CEF18094C6}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2013-12-20 22:51] - [2010-11-21 05:24] - 002389504 _____ (Microsoft Corporation) 3B57A11F33BC8024B9BE3EABD5EF6415

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-04 18:42

==================== End of FRST.txt ============================


https://www.mycity.rs/must-login.png

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 3252
  • Gde živiš: Herceg Novi

Kako da posaljem ovaj izvestaj, nemam opcije kao na uputstvu koje sam ja dobila u ovoj poruci.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10002
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Imaš opciju Quarantine Selected. Nju iskoristi, pa onda postavi MBAM izvještaj uz nove FRST.txt i Addition.txt izvještaje.

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 3252
  • Gde živiš: Herceg Novi

Evo novi izvestaji Frst-a.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2017 02
Ran by korisnik (administrator) on KORISNIK-PC (12-09-2017 22:00:24)
Running from C:\Users\korisnik\Desktop
Loaded Profiles: korisnik (Available Profiles: korisnik & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Farbar) C:\Users\korisnik\Desktop\FRST64 (1).exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-12] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9855192 2017-09-07] (Piriform Ltd)
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {b0961fb0-1793-11e2-8515-d43d7e0145a8} - E:\autorun.exe
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {f26a8f30-c5e0-11e2-b742-d43d7e0145a8} - E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
GroupPolicy\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8BE5A43C-9EA4-4C05-B7AB-59E018F3FDD1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F81CD68B-D090-4D72-8A36-9274FBDA6D51}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZC^xdm941^YY^hr&ptb=BD387117-58ED-4C29-B1BE-625324DC6F5A&ind=2013060912&n=77fcdf30&psa=&st=kwd&searchfor=1122nikola
URLSearchHook: HKLM-x32 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
SearchScopes: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> DefaultScope {54C2D6AD-D64D-4596-9C99-99CEB40AA9B0} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-09-12] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-09-12] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-26] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll [2012-12-03] (SimilarGroup)
Toolbar: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll [2012-09-26] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2012-09-26] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-26] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-02-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1875000320-2089066893-3847967519-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\korisnik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default [2017-09-12]
CHR Extension: (Google Slides) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-20]
CHR Extension: (Google Docs) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-20]
CHR Extension: (Avast SafePrice) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-13]
CHR Extension: (Google Sheets) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-09-12]
CHR Extension: (Avast Online Security) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-09-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-12]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-12] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-12] (AVAST Software)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-09-12] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-09-12] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-09-12] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-09-12] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-09-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-09-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-09-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-09-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-09-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-09-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-09-12] (AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-08] (HandSet Incorporated)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-12] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [101824 2017-09-12] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-09-12] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-12] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-09-12] (Malwarebytes)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [131080 2012-06-08] (ZTE Incorporated)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-12 22:00 - 2017-09-12 22:01 - 000012935 _____ C:\Users\korisnik\Desktop\FRST.txt
2017-09-12 21:40 - 2017-09-12 21:40 - 000215326 _____ C:\Users\korisnik\Desktop\mbam.txt
2017-09-12 21:13 - 2017-09-12 21:58 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-12 21:13 - 2017-09-12 21:57 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-12 21:13 - 2017-09-12 21:57 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-09-12 21:13 - 2017-09-12 21:57 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-12 21:13 - 2017-09-12 21:13 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-09-12 21:13 - 2017-09-12 21:13 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-12 21:13 - 2017-09-12 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-12 21:12 - 2017-09-12 21:12 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-12 21:12 - 2017-08-24 11:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-09-12 21:09 - 2017-09-12 21:12 - 066347240 _____ (Malwarebytes ) C:\Users\korisnik\Desktop\mb3-setup-consumer-3.2.2.2018.exe
2017-09-12 21:03 - 2017-09-12 21:58 - 000000000 ____D C:\ProgramData\MCShield
2017-09-12 21:03 - 2017-09-12 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2017-09-12 21:03 - 2017-09-12 21:03 - 000000000 ____D C:\Program Files (x86)\MCShield
2017-09-12 21:02 - 2017-09-12 21:02 - 002856736 _____ (MyCity) C:\Users\korisnik\Desktop\MCShield-Setup.exe
2017-09-12 19:36 - 2017-09-12 19:36 - 002397184 _____ (Farbar) C:\Users\korisnik\Desktop\FRST64 (1).exe
2017-09-12 19:05 - 2017-09-12 19:05 - 000254558 _____ C:\Users\korisnik\Downloads\downloads.htm
2017-09-12 19:00 - 2017-09-12 22:00 - 000000000 ____D C:\FRST
2017-09-12 18:59 - 2017-09-12 19:00 - 002397184 _____ (Farbar) C:\Users\korisnik\Downloads\FRST64.exe
2017-09-12 18:00 - 2017-09-12 18:00 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-12 17:56 - 2017-09-12 17:59 - 066347240 _____ (Malwarebytes ) C:\Users\korisnik\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-12 17:49 - 2017-09-12 19:04 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-09-12 17:48 - 2017-09-12 17:49 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-09-12 17:48 - 2017-09-12 17:48 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-09-12 17:41 - 2017-09-12 17:41 - 000002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-09-12 17:41 - 2017-09-12 17:41 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-09-12 17:41 - 2017-09-12 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-12 17:39 - 2017-09-12 17:41 - 000000000 ____D C:\Program Files\CCleaner
2017-09-12 17:38 - 2017-09-12 17:38 - 009826968 _____ (Piriform Ltd) C:\Users\korisnik\Downloads\ccsetup534.exe
2017-09-12 17:28 - 2017-09-12 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-09-12 17:27 - 2017-09-12 17:26 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-12 21:57 - 2017-04-05 14:26 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2017-09-12 21:57 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-12 21:52 - 2012-09-26 19:49 - 000000000 ____D C:\Users\korisnik\AppData\Roaming\Skype
2017-09-12 21:22 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2017-09-12 21:06 - 2013-09-22 11:46 - 000000000 ____D C:\Users\korisnik\AppData\Roaming\uTorrent
2017-09-12 20:43 - 2013-02-14 21:38 - 000000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1875000320-2089066893-3847967519-1000UA.job
2017-09-12 20:42 - 2013-02-14 21:37 - 000000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1875000320-2089066893-3847967519-1000Core.job
2017-09-12 20:22 - 2009-07-14 06:45 - 000021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-12 20:22 - 2009-07-14 06:45 - 000021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-12 19:31 - 2014-08-07 22:47 - 000000000 ____D C:\Program Files\Google
2017-09-12 19:31 - 2014-08-07 22:46 - 000000000 ____D C:\Program Files (x86)\Google
2017-09-12 18:49 - 2013-09-22 11:47 - 000000000 ____D C:\Users\korisnik\AppData\LocalLow\Temp
2017-09-12 18:49 - 2012-09-26 19:37 - 000000000 ____D C:\Users\korisnik\AppData\Local\Google
2017-09-12 18:45 - 2016-07-14 00:56 - 000003898 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468450592
2017-09-12 18:01 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-12 17:55 - 2017-03-15 21:17 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-09-12 17:55 - 2012-09-26 19:49 - 000000000 ____D C:\ProgramData\Skype
2017-09-12 17:48 - 2012-09-26 19:47 - 000000000 ____D C:\ProgramData\Adobe
2017-09-12 17:44 - 2013-10-18 21:01 - 000000000 ____D C:\Windows\Minidump
2017-09-12 17:44 - 2012-09-27 05:20 - 000000000 ____D C:\Windows\Panther
2017-09-12 17:33 - 2016-01-20 22:09 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-12 17:33 - 2016-01-20 22:09 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-12 17:27 - 2017-04-04 19:30 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-09-12 17:26 - 2017-04-04 19:30 - 000343296 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-09-12 17:26 - 2017-04-04 19:30 - 000320528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-09-12 17:26 - 2017-04-04 19:30 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-09-12 17:26 - 2017-04-04 19:30 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-09-12 17:26 - 2016-07-12 13:47 - 000041832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-09-12 17:26 - 2014-08-07 17:17 - 000047016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-09-12 17:26 - 2014-01-06 14:27 - 000199312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-09-12 17:26 - 2013-06-05 18:01 - 000361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-09-12 17:26 - 2013-06-05 18:01 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 001016384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 000590880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 000147784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-09-12 17:26 - 2012-09-26 19:53 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

==================== Files in the root of some directories =======

2017-03-21 08:45 - 2017-03-21 08:45 - 000000000 ____H () C:\Users\korisnik\AppData\Local\BITABF7.tmp
2017-03-21 08:44 - 2017-03-21 08:45 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{2DE2F56A-F566-4C65-8551-CFDE98A018F1}
2015-10-15 16:41 - 2015-10-15 16:41 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{3777955B-2B69-43B7-AD6E-7C6931A1E69E}
2015-02-07 21:38 - 2015-02-07 21:38 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{6971EBF1-B074-48BA-B076-203E50525306}
2015-10-31 10:35 - 2015-10-31 10:39 - 000000000 _____ () C:\Users\korisnik\AppData\Local\{B673AF09-A2B5-4655-A53F-87CEF18094C6}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2013-12-20 22:51] - [2010-11-21 05:24] - 002389504 _____ (Microsoft Corporation) 3B57A11F33BC8024B9BE3EABD5EF6415

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-04 18:42

==================== End of FRST.txt ============================


https://www.mycity.rs/must-login.png



Izvestaj MBAM-a mogu poslati samo da ga iskopiram u poruku, drugi nacin ne znam, ne daje mi nikakvu mogucnost. Moze li tako?

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10002
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Otvori Notepad i kopiraj izvještaj u nejga, sačuvaj fajl i kao takvog ga prikači uz poruku.

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 3252
  • Gde živiš: Herceg Novi

Uradiću sjutra uveče kad dođem s posla, izvini što ne mogu ranije.

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 515

Pozdrav,
Molim te da ukloniš SimilarSites preko Control Panela.

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {b0961fb0-1793-11e2-8515-d43d7e0145a8} - E:\autorun.exe
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {f26a8f30-c5e0-11e2-b742-d43d7e0145a8} - E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
GroupPolicy\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
E:\autorun.exe
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZC^xdm941^YY^hr&ptb=BD387117-58ED-4C29-B1BE-625324DC6F5A&ind=2013060912&n=77fcdf30&psa=&st=kwd&searchfor=1122nikola
URLSearchHook: HKLM-x32 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
SearchScopes: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> DefaultScope {54C2D6AD-D64D-4596-9C99-99CEB40AA9B0} URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll [2012-12-03] (SimilarGroup)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
Task: {1B1FC533-88D4-4740-9065-40F0A2938A5E} - \Default2Check -> No File <==== ATTENTION
C:\Program Files (x86)\SimilarSites
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 3252
  • Gde živiš: Herceg Novi

Pozdrav!

Izvini sto tek sada saljem izvestaj, nisam mogla ranije. Evo:

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-09-2017
Ran by korisnik (13-09-2017 21:47:28) Run:1
Running from C:\Users\korisnik\Desktop
Loaded Profiles: korisnik (Available Profiles: korisnik & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {b0961fb0-1793-11e2-8515-d43d7e0145a8} - E:\autorun.exe
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\...\MountPoints2: {f26a8f30-c5e0-11e2-b742-d43d7e0145a8} - E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
GroupPolicy\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
E:\autorun.exe
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZC^xdm941^YY^hr&ptb=BD387117-58ED-4C29-B1BE-625324DC6F5A&ind=2013060912&n=77fcdf30&psa=&st=kwd&searchfor=1122nikola
URLSearchHook: HKLM-x32 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (SimilarGroup)
SearchScopes: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> DefaultScope {54C2D6AD-D64D-4596-9C99-99CEB40AA9B0} URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll [2012-12-03] (SimilarGroup)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-1875000320-2089066893-3847967519-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
Task: {1B1FC533-88D4-4740-9065-40F0A2938A5E} - \Default2Check -> No File <==== ATTENTION
C:\Program Files (x86)\SimilarSites
EmptyTemp:

*****************

Restore point was successfully created.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0961fb0-1793-11e2-8515-d43d7e0145a8} => key removed successfully
HKLM\Software\Classes\CLSID\{b0961fb0-1793-11e2-8515-d43d7e0145a8} => key not found.
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f26a8f30-c5e0-11e2-b742-d43d7e0145a8} => key removed successfully
HKLM\Software\Classes\CLSID\{f26a8f30-c5e0-11e2-b742-d43d7e0145a8} => key not found.
C:\Windows\system32\GroupPolicy\User => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Policies\Google => key removed successfully
"E:\autorun.exe" => not found.
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => value not found.
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value removed successfully
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => value not found.
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => value not found.
HKLM\Software\Wow6432Node\Classes\CLSID\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKU\S-1-5-21-1875000320-2089066893-3847967519-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B1FC533-88D4-4740-9065-40F0A2938A5E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B1FC533-88D4-4740-9065-40F0A2938A5E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Default2Check => key not found.
"C:\Program Files (x86)\SimilarSites" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29448316 B
Java, Flash, Steam htmlcache => 740 B
Windows/system/drivers => 60699692 B
Edge => 0 B
Chrome => 398089369 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 117985 B
systemprofile32 => 1979979 B
LocalService => 132244 B
NetworkService => 692 B
korisnik => 29639875 B
Guest => 49055777 B

RecycleBin => 275912 B
EmptyTemp: => 551.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:48:15 ====

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 515

Preuzmi AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
U Tools odaberi Options.
U dijaloškom okviru koji se pojavi isključi Reset Winsock settings ako je uključen.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Ako ti javi da postoji novija verzija, postaraj se da je preuzmeš.

Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Pojavit će se poruka da računar treba restartovati. Klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"


Javi kakvo je stanje nakon čišćenja.

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 3252
  • Gde živiš: Herceg Novi

U odnosu na sinoc, racunar sada leti. smešak

Evo izvestaj:

https://www.mycity.rs/must-login.png

Ko je trenutno na forumu
 

Ukupno su 544 korisnika na forumu :: 35 registrovanih, 6 sakrivenih i 503 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 1567 - dana 15 Jul 2016 19:18

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: aljosa7, aramis s, bulovic, damirZR, Dimitrise93, doklevise, Dorcolac2, dr.mijatovic, DucicM, francis begbie, goxin, Ilija Cvorovic, jaeger, Jezekijel, kuzmar, lakiluciano, Lancerux, messerschmitt, Milos822, Mirage 2000N, mladen.zovko, nenad812, petarbudimir, Radovan Vinčić, ray ban11, Ričard, rulic zoran, S-lash, Srki94, StefanNBG90, vanja2106, vathra, Vazduhoplovac, Vojkan Petrovic, W123