MyCity » Ambulanta -> Arhiva Ambulante » Kako da se resim reklama na windowsu 7

Kako da se resim reklama na windowsu 7

Napisano na dan: 16.10.2015

Kako da se resim reklama na windowsu 7

Sledeća strana

Pagination

Odgovori

njuskalo75 Poslao: 16 Okt 2015 09:09 Idi na vrh
offline njuskalo75 Ugledni građanin Dalibor Pridružio: 03 Feb 2011 Poruke: 445 Gde živiš: Landau and der Pfalz	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Postovani,imao sam pre oko mesec dana isti problem,kliknem na bilo sta na pretrazivacu iskacu mi novi prozori sa reklamama,to ste mi tada resili i od juce isti problem mi se desava. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-10-2015 01 Ran by Anđelić (administrator) on ANĐELIĆ-PC (16-10-2015 09:01:53) Running from C:\Users\Anđelić\Desktop Loaded Profiles: Anđelić (Available Profiles: Anđelić) Platform: Microsoft Windows 7 Ultimate (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe (The Privoxy team - www.privoxy.org) C:\Program Files\Jelbruss Secure Web\privoxy.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Vimicro) C:\Windows\vmsnap3.exe () C:\Windows\Domino.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_19_0_0_207.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_19_0_0_207.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [VMSnap3] => C:\Windows\VMSnap3.exe [49152 2006-07-18] (Vimicro) HKLM\...\Run: [Domino] => C:\Windows\Domino.exe [49152 2006-07-04] () HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [782520 2015-09-01] (Avira Operations GmbH & Co. KG) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File Startup: C:\Users\Anđelić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk [2015-10-13] ShortcutTarget: FrostWire On Startup.lnk -> C:\Program Files\FrostWire 6\FrostWire.exe (No File) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [S-1-5-21-3060246460-3445727265-2582410140-1000] => Proxy is enabled. ProxyServer: [S-1-5-21-3060246460-3445727265-2582410140-1000] => 127.0.0.1:8118 AutoConfigURL: [S-1-5-21-3060246460-3445727265-2582410140-1000] => 127.0.0.1:8118 Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-10-13] (Lavasoft Limited) Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-10-13] (Lavasoft Limited) Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-10-13] (Lavasoft Limited) Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-10-13] (Lavasoft Limited) Winsock: Catalog9 23 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-10-13] (Lavasoft Limited) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{29109664-89CC-4405-A30C-C728323E5565}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= HKU\S-1-5-21-3060246460-3445727265-2582410140-1000\Software\Microsoft\Internet Explorer\Main,Start Page = nohomepageset HKU\S-1-5-21-3060246460-3445727265-2582410140-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com HKU\S-1-5-21-3060246460-3445727265-2582410140-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3060246460-3445727265-2582410140-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-20] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-20] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Anđelić\AppData\Roaming\Mozilla\Firefox\Profiles\j5qjg02t.default FF Homepage: www.google.rs FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-14] () FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-20] (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-15] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-15] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google презентације) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-15] CHR Extension: (Google документи) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-15] CHR Extension: (Google диск) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-15] CHR Extension: (YouTube) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15] CHR Extension: (Google Search) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-15] CHR Extension: (Google табеле) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-15] CHR Extension: (Avira Browser Safety) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-15] CHR Extension: (Google документи офлајн) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-15] CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-15] CHR Extension: (Gmail) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-15] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com) S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [932912 2015-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG) R2 PrivoxyService; C:\Program Files\Jelbruss Secure Web\privoxy.exe [371200 2015-10-13] (The Privoxy team - www.privoxy.org) [File not signed] <==== ATTENTION R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108448 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136728 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-09-01] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [55912 2015-09-01] (Avira Operations GmbH & Co. KG) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-09-01] (Avira Operations GmbH & Co. KG) S3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [480128 2007-06-23] (Vimicro Corporation) S1 BAPIDRV; system32\DRIVERS\BAPIDRV.sys [X] S3 MsgPlusDriver; system32\DRIVERS\MsgPlusDriver.sys [X] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] S3 ZSMC0303; System32\Drivers\usbVM303.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-16 09:01 - 2015-10-16 09:02 - 00011840 _____ C:\Users\Anđelić\Desktop\FRST.txt 2015-10-16 09:01 - 2015-10-16 09:01 - 00000000 ____D C:\FRST 2015-10-16 08:58 - 2015-10-16 08:58 - 01700352 _____ (Farbar) C:\Users\Anđelić\Desktop\FRST.exe 2015-10-16 08:13 - 2015-10-16 08:13 - 00001050 _____ C:\Windows\PFRO.log 2015-10-16 08:13 - 2015-10-16 08:13 - 00000056 _____ C:\Windows\setupact.log 2015-10-16 08:13 - 2015-10-16 08:13 - 00000000 _____ C:\Windows\setuperr.log 2015-10-15 22:51 - 2015-10-15 22:51 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-10-15 22:51 - 2015-10-15 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-10-15 22:50 - 2015-10-16 08:55 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-15 22:50 - 2015-10-16 08:13 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-15 22:45 - 2015-10-15 22:45 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\Mozilla 2015-10-15 22:44 - 2015-10-15 22:44 - 00047104 ___SH C:\Users\Anđelić\AppData\Roaming\Thumbs.db 2015-10-14 11:45 - 2015-10-14 12:45 - 19376840 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe 2015-10-13 11:53 - 2015-10-13 11:53 - 00000000 ____D C:\Program Files\Jelbruss Secure Web 2015-10-13 11:50 - 2015-10-13 11:50 - 00000000 ____D C:\Users\Anđelić\AppData\Local\Lavasoft 2015-10-13 11:50 - 2015-10-13 11:50 - 00000000 ____D C:\ProgramData\Lavasoft 2015-10-13 11:48 - 2015-10-13 11:48 - 00345360 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll 2015-10-13 11:48 - 2015-10-13 11:48 - 00002864 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini 2015-10-13 11:48 - 2015-10-13 11:48 - 00000000 ____D C:\Program Files\Lavasoft 2015-10-13 11:46 - 2015-10-13 18:51 - 00000000 ____D C:\Users\Anđelić\AppData\LocalLow\BitTorrent 2015-10-13 11:25 - 2015-10-13 11:47 - 00000000 ____D C:\Program Files\Lenovo 2015-10-13 11:25 - 2015-10-13 11:29 - 00000000 ____D C:\Users\Anđelić\.frostwire5 2015-10-13 11:25 - 2015-10-13 11:28 - 00000000 ____D C:\Users\Anđelić\FrostWire 2015-10-13 11:25 - 2015-10-13 11:25 - 00000000 ____D C:\Windows\Downloaded Installations 2015-10-13 11:24 - 2015-10-13 18:49 - 00000000 ____D C:\Program Files\FrostWire 6 2015-10-13 11:24 - 2015-10-13 11:46 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\RPEng 2015-10-12 20:18 - 2015-10-12 20:19 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2015-10-12 20:18 - 2015-10-12 20:18 - 00001965 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2015-10-12 20:18 - 2015-10-12 20:18 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\SUPERAntiSpyware.com 2015-10-12 20:18 - 2015-10-12 20:18 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2015-10-12 20:18 - 2015-10-12 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2015-10-11 18:26 - 2015-10-11 18:26 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe 2015-10-09 20:09 - 2015-10-09 20:09 - 00210921 _____ C:\Users\Anđelić\Documents\U AUTOMOBILU.pptx 2015-10-08 15:15 - 2015-10-08 15:15 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\Avira 2015-10-08 15:11 - 2015-09-01 17:10 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\ssmdrv.sys 2015-10-08 15:11 - 2015-09-01 17:09 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-10-08 15:11 - 2015-09-01 17:09 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-10-08 15:11 - 2015-09-01 17:09 - 00055912 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-10-08 15:11 - 2015-09-01 17:09 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2015-10-08 15:01 - 2015-10-12 17:28 - 00000000 ____D C:\ProgramData\Package Cache 2015-10-08 15:01 - 2015-10-12 17:27 - 00001092 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-10-08 15:01 - 2015-10-12 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-10-08 15:01 - 2015-10-08 15:11 - 00000000 ____D C:\ProgramData\Avira 2015-10-08 15:01 - 2015-10-08 15:11 - 00000000 ____D C:\Program Files\Avira 2015-10-03 21:03 - 2015-10-03 21:03 - 00003021 _____ C:\Users\Anđelić\Desktop\Microsoft Word 2010.lnk 2015-10-03 21:03 - 2015-10-03 21:03 - 00002937 _____ C:\Users\Anđelić\Desktop\Microsoft PowerPoint 2010.lnk 2015-10-03 14:27 - 2015-10-03 14:27 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-10-03 14:02 - 2015-10-03 14:02 - 00006820 _____ C:\Windows\system32\.crusader 2015-09-29 14:30 - 2015-09-29 14:30 - 00001111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk 2015-09-29 14:30 - 2015-09-29 14:30 - 00001105 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk 2015-09-29 14:30 - 2015-09-29 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player 2015-09-28 21:14 - 2015-09-28 21:14 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\Canneverbe Limited 2015-09-28 21:13 - 2015-09-28 21:13 - 00000000 ____D C:\ProgramData\Canneverbe Limited 2015-09-28 19:10 - 2015-09-28 19:10 - 00000000 ____D C:\Users\Anđelić\.ViberPC 2015-09-28 19:10 - 2015-09-28 19:10 - 00000000 ____D C:\Users\Anđelić\.QtWebEngineProcess 2015-09-28 19:09 - 2015-09-28 19:09 - 00000000 ____D C:\Users\Anđelić\AppData\Local\Viber 2015-09-28 17:13 - 2015-09-29 07:01 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\ViberPC 2015-09-28 17:13 - 2015-09-28 17:13 - 00001004 _____ C:\Users\Anđelić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk 2015-09-28 17:13 - 2015-09-28 17:13 - 00000996 _____ C:\Users\Anđelić\Desktop\Viber.lnk 2015-09-28 17:08 - 2015-10-16 08:14 - 00000292 _____ C:\Windows\Tasks\AutoKMS.job 2015-09-28 17:01 - 2015-09-28 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2015-09-28 17:01 - 2015-09-28 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-09-28 17:00 - 2015-09-28 17:00 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services 2015-09-28 17:00 - 2015-09-28 17:00 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2015-09-28 16:59 - 2015-09-28 16:59 - 00000000 ____D C:\Windows\PCHEALTH 2015-09-28 16:59 - 2015-09-28 16:59 - 00000000 ____D C:\Program Files\Microsoft.NET 2015-09-28 16:59 - 2015-09-28 16:59 - 00000000 ____D C:\Program Files\Microsoft Sync Framework 2015-09-28 16:59 - 2015-09-28 16:59 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2015-09-28 16:58 - 2015-09-28 16:58 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8 2015-09-28 16:57 - 2015-09-28 16:57 - 00000000 ____D C:\Program Files\Microsoft Analysis Services 2015-09-28 16:56 - 2015-09-28 16:59 - 00000000 ____D C:\Program Files\Microsoft Office 2015-09-28 16:55 - 2015-09-28 16:55 - 00000000 __RHD C:\MSOCache 2015-09-28 16:39 - 2015-09-28 16:39 - 00001037 _____ C:\Users\Public\Desktop\FastStone Capture.lnk 2015-09-28 16:39 - 2015-09-28 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture 2015-09-28 16:39 - 2015-09-28 16:39 - 00000000 ____D C:\Program Files\FastStone Capture 2015-09-26 13:05 - 2015-09-26 13:05 - 00000000 ____D C:\Users\Anđelić\AppData\Local\GHISLER 2015-09-22 10:25 - 2015-10-02 22:55 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-09-22 10:25 - 2015-10-02 22:55 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-09-20 21:59 - 2015-09-20 21:59 - 00000000 ____D C:\Windows\system32\vbox 2015-09-20 21:36 - 2015-10-13 11:25 - 00000000 ____D C:\Users\Anđelić\.oracle_jre_usage 2015-09-20 21:36 - 2015-09-20 21:36 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\Sun 2015-09-20 21:36 - 2015-09-20 21:36 - 00000000 ____D C:\Program Files\Common Files\Java 2015-09-20 21:34 - 2015-09-20 21:34 - 00000000 ____D C:\Users\Anđelić\AppData\LocalLow\Oracle ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-16 08:45 - 2015-04-05 17:32 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-10-16 08:21 - 2009-07-14 06:34 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-10-16 08:21 - 2009-07-14 06:34 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-10-16 08:17 - 2015-04-05 17:10 - 01515990 _____ C:\Windows\system32\PerfStringBackup.INI 2015-10-16 08:17 - 2009-08-16 05:32 - 00669438 _____ C:\Windows\system32\perfh019.dat 2015-10-16 08:17 - 2009-08-16 05:32 - 00129538 _____ C:\Windows\system32\perfc019.dat 2015-10-16 08:14 - 2015-04-10 11:49 - 00151552 _____ C:\Windows\KMSEmulator.exe 2015-10-16 08:13 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-10-15 22:55 - 2015-04-18 14:23 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\Skype 2015-10-15 22:51 - 2015-04-05 17:27 - 00000000 ____D C:\Users\Anđelić\AppData\Local\Google 2015-10-15 22:51 - 2015-04-05 17:27 - 00000000 ____D C:\Program Files\Google 2015-10-14 13:33 - 2015-04-05 18:39 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-10-14 12:45 - 2015-04-05 17:32 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-10-14 12:45 - 2015-04-05 17:32 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-10-13 11:25 - 2015-04-05 17:07 - 00000000 ____D C:\Users\Anđelić 2015-10-09 22:10 - 2015-04-16 21:42 - 00000000 ____D C:\Program Files\TeamViewer 2015-10-09 22:09 - 2015-04-16 21:43 - 00000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-10-09 22:09 - 2015-04-16 21:43 - 00000917 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-10-03 14:04 - 2015-04-05 17:45 - 00000000 ____D C:\Program Files\WinRAR 2015-10-03 14:02 - 2015-05-02 19:54 - 00000000 ____D C:\ProgramData\HitmanPro 2015-10-03 08:51 - 2015-04-05 17:42 - 00000000 ____D C:\ProgramData\Skype 2015-10-03 08:48 - 2015-04-05 17:45 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-03 08:48 - 2015-04-05 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-02 23:26 - 2015-09-01 00:38 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-10-02 23:26 - 2015-04-05 17:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-09-29 16:45 - 2015-04-05 17:47 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\BSplayer 2015-09-29 08:49 - 2015-04-10 11:39 - 00000000 ____D C:\Program Files\NCapture 2015-09-29 08:49 - 2015-04-05 18:42 - 00000000 ____D C:\Program Files\A4 tech 2015-09-28 21:04 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET 2015-09-28 19:08 - 2015-04-11 15:59 - 00407920 _____ C:\Windows\system32\FNTCACHE.DAT 2015-09-28 17:07 - 2015-04-12 08:51 - 00108824 _____ C:\Users\Anđelić\AppData\Local\GDIPFONTCACHEV1.DAT 2015-09-28 17:07 - 2015-04-10 11:49 - 00000000 ____D C:\Windows\AutoKMS 2015-09-28 17:04 - 2015-04-10 11:18 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-09-28 17:01 - 2009-07-14 09:49 - 00000000 ____D C:\Windows\ShellNew 2015-09-28 17:01 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-09-28 17:00 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\MSBuild 2015-09-28 16:57 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System 2015-09-28 16:57 - 2009-07-14 04:04 - 00000478 _____ C:\Windows\win.ini 2015-09-26 08:12 - 2015-04-21 06:12 - 00000000 ____D C:\Windows\Minidump 2015-09-23 21:27 - 2015-06-14 10:48 - 00000000 ____D C:\ProgramData\Apple 2015-09-23 21:23 - 2015-06-14 10:50 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB 2015-09-20 21:38 - 2015-06-14 07:32 - 00000000 ____D C:\Program Files\Common Files\AV 2015-09-20 21:36 - 2015-04-05 17:26 - 00000000 ____D C:\ProgramData\Oracle 2015-09-20 21:36 - 2015-04-05 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-09-20 21:36 - 2015-04-05 17:26 - 00000000 ____D C:\Program Files\Java 2015-09-20 21:35 - 2015-04-05 17:26 - 00097888 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2015-09-19 08:14 - 2015-04-06 00:03 - 00000000 ____D C:\Users\Anđelić\AppData\Local\Microsoft Games 2015-09-16 19:59 - 2015-04-10 11:18 - 00000000 ____D C:\Users\Anđelić\AppData\Local\Microsoft Help 2015-09-16 06:01 - 2009-07-14 06:53 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT ==================== Files in the root of some directories ======= 2015-10-15 22:44 - 2015-10-15 22:44 - 0047104 ___SH () C:\Users\Anđelić\AppData\Roaming\Thumbs.db 2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Anđelić\AppData\Roaming\w9PkZhJalsisHJDt2gdddRisW 2015-04-14 16:44 - 2015-04-14 16:44 - 0000000 _____ () C:\Users\Anđelić\AppData\Local\{9FC00419-D2CE-4AB6-84B4-3CD20F549C7B} 2015-09-12 22:22 - 2015-09-12 22:22 - 0000000 _____ () C:\Users\Anđelić\AppData\Local\{BDD04AF7-7A59-45AF-ADCE-D9A71E7713E7} Some files in TEMP: ==================== C:\Users\Anđelić\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-10-11 19:46 ==================== End of FRST.txt ============================ https://www.mycity.rs/must-login.png

Profil

magna86 Poslao: 16 Okt 2015 15:45 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Cisto za tvoju informaciju, SUPERAntiSpyware mozes da uklonis sa racunara da ti bezveze ne zauzima resurse. To je zastitni softver koji je davno izgubio trku sa vremenom. Izbor je tvoj naravno. Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: Uninstall-List; C:\Windows\system32\bootdelete.exe;i C:\Windows\system32\.crusader;vs ipconfig /flushdns >> %temp%\log.txt;b bitsadmin /reset /allusers >> %temp%\log.txt;b C:\Users\Anđelić\AppData\Roaming\w9PkZhJalsisHJDt2gdddRisW;fs EmptyFoldersCheck;Delete {472083B0-C522-11CF-8763-00608CC02F24};c {0633EE93-D776-472f-A0FF-E1416B8B2E3A};c EmptyCLSID; C:\Users\Anđelić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk;f C:\Program Files\FrostWire 6;fs ResetIEProxy; IEDefaults; PrivoxyService;s C:\Program Files\Jelbruss Secure Web;fs AutoClean; Reboot; Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

njuskalo75 Poslao: 16 Okt 2015 19:14 Idi na vrh
offline njuskalo75 Ugledni građanin Dalibor Pridružio: 03 Feb 2011 Poruke: 445 Gde živiš: Landau and der Pfalz	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe v5.0.0.1 Updated 15-October-2015 Tool run by AnĐeli† on pet 16.10.2015 at 16:53:08,82. Microsoft Windows 7 Ultimate 6.1.7600 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\ANELI~1\Desktop\zoek.scr [Scan all users] [Script inserted] ==== System Restore Info ====================== 16.10.2015 16:54:01 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\IObit deleted successfully C:\Program Files\Lenovo deleted successfully C:\Program Files\MyPlayCity.com deleted successfully C:\Program Files\Common Files\AV deleted successfully C:\Users\ANELI~1\AppData\Local\GHISLER deleted successfully C:\Users\ANELI~1\AppData\Local\Opera Software deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== File Information Results ====================== --- C:\Windows\system32\bootdelete.exe --- Company: SurfRight B.V. File Description: Hitman Pro 3.5 BootDelete File Version: 1.1.0.335 Product Name: BootDelete Copyright: Copyright © 2010 SurfRight B.V. Original Filename: BootDelete File type: ----a-w- File size: 12872 Created time: 2015-10-11 16:26:57 Modified time: 2015-10-11 16:26:58 MD5: 5614386D4CFDF9E56F355C45BEEBC976 SHA1: DC7EFC870467A86F965C70469D7D33D275D7DC82 ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PrivoxyService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PrivoxyService deleted successfully ==== Batch Command(s) Run By Tool====================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. BITSADMIN version 3.0 [ 7.5.7600 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. Unable to cancel {23F3FC63-D85B-441F-AFC4-9230126E0732}. 0 out of 1 jobs canceled. Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ==== Deleting Files \ Folders ====================== C:\Program Files\IObit not found C:\Program Files\Lenovo not found C:\Program Files\MyPlayCity.com not found C:\Users\Anđelić\AppData\Roaming\w9PkZhJalsisHJDt2gdddRisW not found "C:\Users\Anđelić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk" not found C:\Program Files\NCapture deleted C:\Program Files\FrostWire 6 deleted C:\Program Files\Jelbruss Secure Web deleted C:\Program Files\Lavasoft\Web Companion deleted C:\PROGRA~2\Lavasoft\Web Companion deleted C:\PROGRA~2\Package Cache deleted C:\Users\ANELI~1\AppData\Local\Lavasoft\WebCompanion.exe_Url_f5db2c2eotb405zbclgx4obr3tgwdj1t deleted C:\Windows\system32\config\systemprofile\AppData\Local\LavasoftTcpService deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Windows\system32\LavasoftTcpServiceOff.ini deleted "C:\Users\ANELI~1\AppData\Local\{9FC00419-D2CE-4AB6-84B4-3CD20F549C7B}" deleted "C:\Users\ANELI~1\AppData\Local\{BDD04AF7-7A59-45AF-ADCE-D9A71E7713E7}" deleted "C:\Windows\system32\LavasoftTcpService.dll" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\ANELI~1\AppData\Roaming\Mozilla\Firefox\Profiles\j5qjg02t.default user_pref("browser.startup.homepage", "www.google.rs"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\ANELI~1\AppData\Roaming\Mozilla\Firefox\Profiles\j5qjg02t.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.71 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions flliilndjeohchalpbbcdekjklbdgfkk - No path found[] AdBlock - ANELI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom ==== Chromium Fix ====================== C:\Users\ANELI~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully C:\Users\ANELI~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com" "Search Bar"="http://www.bing.com" "Default_Page_URL"="http://www.google.com" "Default_Search_URL"="https://safesearch.avira.com/#web/result?source=art&q=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" "Default_Search_URL"="https://safesearch.avira.com/#web/result?source=art&q=" "Search Page"="https://safesearch.avira.com/#web/result?source=art&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="127.0.0.1:8118" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Uninstall List x86 ====================== Adobe Flash Player 19 NPAPI [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] Adobe Flash Player 19 PPAPI [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player PPAPI] Adobe Reader XI (11.0.12) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AB0000000001}] Adobe Refresh Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824147215}] Avira Antivirus [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Avira Antivirus] Avira Launcher [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{27743B8E-DD60-4A84-BE7C-26570DDD5BB9}] Avira Launcher [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5dfbeba9-9f22-463d-8c95-c861911810a2}] BS.Player FREE [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayerf] BS.Player PRO [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayerp] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] Defraggler [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Defraggler] FastStone Capture 5.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\FastStone Capture] Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] Java 8 Update 40 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218040F0}] Java 8 Update 60 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218060F0}] Metric Collection SDK 35 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}] Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Office14.PROPLUSR] Mozilla Firefox 41.0.1 (x86 sr) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 41.0.1 (x86 sr)] Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService] Revo Uninstaller 1.95 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Revo Uninstaller] Skypet 7.12 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6A0549A9-1B96-498C-ACBC-3943001FEB19}] TeamViewer 10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TeamViewer] Unlocker 1.9.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Unlocker] Viber [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Viber] WinRAR 5.21 (32-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] ==== Empty IE Cache ====================== C:\Users\ANELI~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\ANELI~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LE7SR1A will be deleted at reboot C:\Users\ANELI~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0EMY1DV will be deleted at reboot C:\Users\ANELI~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WBGVTMHU will be deleted at reboot C:\Users\ANELI~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WCPTP37Z will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0KAQEGXO will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BH64259X will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P0QCAMBC will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YLIBRPZA will be deleted at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7830SSHY will be deleted at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7E4FGAQ0 will be deleted at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KNX25RV5 will be deleted at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OYOP104A will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0KAQEGXO will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BH64259X will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P0QCAMBC will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YLIBRPZA will be deleted at reboot C:\Users\ANELI~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\ANELI~1\AppData\Local\Mozilla\Firefox\Profiles\a39r34t3.default-1441567625322\cache2 emptied successfully C:\Users\ANELI~1\AppData\Local\Mozilla\Firefox\Profiles\j5qjg02t.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\ANELI~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=42 folders=23 7501587 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\ANELI~1\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ANELI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\ANELI~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\ANELI~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LE7SR1A" not deleted "C:\Users\ANELI~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0EMY1DV" not deleted "C:\Users\ANELI~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WBGVTMHU" not deleted "C:\Users\ANELI~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WCPTP37Z" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0KAQEGXO" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BH64259X" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P0QCAMBC" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YLIBRPZA" not found "C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7830SSHY" not deleted "C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7E4FGAQ0" not deleted "C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KNX25RV5" not deleted "C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OYOP104A" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0KAQEGXO" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BH64259X" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P0QCAMBC" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YLIBRPZA" not found ==== EOF on pet 16.10.2015 at 19:11:06,93 ======================

Profil

magna86 Poslao: 16 Okt 2015 21:43 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek je odradio fin posao. Idemo sada da vidimo sta veliki tata ima da kaze. 1. Preuzmi sUBs-ov ComboFix () sa ovog linka i sačuvaj alat na Desktop. • Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); • Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. ------------------------------------------------------------ 2. Privremeno deaktiviraj AntiVirus program, u većini slučajeva preko desnog klika na ikonu programa u system tray. Oni mogu ometati alat tokom rada. Ukoliko nisi siguran kako to da uradiš, isprati ovo uputstvo. ------------------------------------------------------------ 3. Dvoklikom na ikonicu pokreni ComboFix. Potom, na disclaimer prozoru klikni dugme I Agree! • ComboFix će proveriti da li je dostupna nova verzija alata. Klikni Yes ako je zatrazeno preuzimanje. • Ukoliko Recovery Console nije instaliran, ComboFix će ponuditi preuzimanje i instalaciju. Klikni Yes da bi dozvolio alatu da preuzme i instalira Recovery Console • ComboFix će skenirati računar po fazama (Stage_#) ukupno 50 faza. Ne kliktati okolo dok ComboFix ispituje sistem. • Ukoliko je malware detektovan, ComboFix će zapoceti njegovo uklanjanje. Iz tog razloga, alat će po potrebi restartovati Windows (nekad i više puta); Napomena: Ako nakon rada alata dobiješ grešku (Illegal operation attempted on a registry key that has been marked for deletion) prilikom startovanja programa, restartovati računar i to ce rešiti problem. ------------------------------------------------------------ 4. Kada alat završi, formiraće i otvoriti izveštaj (tipična lokacija: C:\ComboFix.txt) Iskopiraj sadržaj ComboFix.txt izveštaja u poruku. ComboFix će takođe formirati i dodatan izveštaj (tipicna lokacija: C:\Qoobox\ComboFix-quarantined-files.txt) Okači ComboFix-quarantined-files.txt izveštaj uz poruku koristeći opciju Prikači fajl

Profil

njuskalo75 Poslao: 16 Okt 2015 22:19 Idi na vrh
offline njuskalo75 Ugledni građanin Dalibor Pridružio: 03 Feb 2011 Poruke: 445 Gde živiš: Landau and der Pfalz	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 16 Okt 2015 22:18 ComboFix 15-10-15.01 - Anđelić 16.10.2015 21:59:30.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1250.381.1033.18.2047.1276 [GMT 2:00] Running from: c:\users\AneliŠ\Desktop\ComboFix.exe AV: Avira Antivirus Disabled/Updated {4D041356-F94D-285F-8768-AAE50FA36859} SP: Avira Antivirus Disabled/Updated {F665F2B2-DF77-27D1-BDD8-9197742422E4} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\ANELI~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll c:\users\Anđelić\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll . . ((((((((((((((((((((((((( Files Created from 2015-09-16 to 2015-10-16 ))))))))))))))))))))))))))))))) . . 2015-10-16 20:06 . 2015-10-16 20:09 -------- d-----w- c:\users\Anđelić\AppData\Local\temp 2015-10-16 20:06 . 2015-10-16 20:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-10-16 15:21 . 2014-02-13 21:59 24064 ----a-w- c:\windows\zoek-delete.exe 2015-10-15 20:45 . 2015-10-15 20:45 -------- d-----w- c:\users\Anđelić\AppData\Roaming\Mozilla 2015-10-14 09:45 . 2015-10-14 10:45 19376840 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe 2015-10-13 09:50 . 2015-10-16 15:15 -------- d-----w- c:\users\Anđelić\AppData\Local\Lavasoft 2015-10-13 09:50 . 2015-10-16 15:15 -------- d-----w- c:\programdata\Lavasoft 2015-10-13 09:48 . 2015-10-13 09:48 345360 ----a-w- c:\windows\system32\Lavasearch 2015-10-13 09:48 . 2015-10-16 15:15 -------- d-----w- c:\program files\Lavasoft 2015-10-13 09:25 . 2015-10-13 09:28 -------- d-----w- c:\users\Anđelić\FrostWire 2015-10-13 09:25 . 2015-10-13 09:29 -------- d-----w- c:\users\Anđelić\.frostwire5 2015-10-13 09:25 . 2015-10-13 09:25 -------- d-----w- c:\windows\Downloaded Installations 2015-10-13 09:24 . 2015-10-13 09:46 -------- d-----w- c:\users\Anđelić\AppData\Roaming\RPEng 2015-10-11 16:26 . 2015-10-11 16:26 12872 ----a-w- c:\windows\system32\bootdelete.exe 2015-10-08 13:15 . 2015-10-08 13:15 -------- d-----w- c:\users\Anđelić\AppData\Roaming\Avira 2015-10-08 13:11 . 2015-09-01 15:09 55912 ----a-w- c:\windows\system32\drivers\avnetflt.sys 2015-10-08 13:11 . 2015-09-01 15:09 37896 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2015-10-08 13:11 . 2015-09-01 15:09 136728 ----a-w- c:\windows\system32\drivers\avipbb.sys 2015-10-08 13:11 . 2015-09-01 15:09 108448 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2015-10-08 13:01 . 2015-10-08 13:11 -------- d-----w- c:\program files\Avira 2015-10-08 13:01 . 2015-10-08 13:11 -------- d-----w- c:\programdata\Avira 2015-10-03 12:27 . 2015-10-03 12:27 -------- d-----w- c:\programdata\Malwarebytes 2015-10-03 12:26 . 2015-10-03 12:26 -------- d-----w- c:\users\Anđelić\AppData\Local\Programs 2015-09-28 19:14 . 2015-09-28 19:14 -------- d-----w- c:\users\Anđelić\AppData\Roaming\Canneverbe Limited 2015-09-28 19:13 . 2015-09-28 19:13 -------- d-----w- c:\programdata\Canneverbe Limited 2015-09-28 17:10 . 2015-09-28 17:10 -------- d-----w- c:\users\Anđelić\.QtWebEngineProcess 2015-09-28 17:10 . 2015-09-28 17:10 -------- d-----w- c:\users\Anđelić\.ViberPC 2015-09-28 17:09 . 2015-09-28 17:09 -------- d-----w- c:\users\Anđelić\AppData\Local\Viber 2015-09-28 15:13 . 2015-09-29 05:01 -------- d-----w- c:\users\Anđelić\AppData\Roaming\ViberPC 2015-09-28 15:00 . 2015-09-28 15:00 -------- d-----w- c:\program files\Microsoft Synchronization Services 2015-09-28 14:59 . 2015-09-28 14:59 -------- d-----w- c:\windows\PCHEALTH 2015-09-28 14:59 . 2015-09-28 14:59 -------- d-----w- c:\program files\Microsoft.NET 2015-09-28 14:59 . 2015-09-28 14:59 -------- d-----w- c:\program files\Microsoft Sync Framework 2015-09-28 14:59 . 2015-09-28 14:59 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2015-09-28 14:58 . 2015-09-28 14:58 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2015-09-28 14:57 . 2015-09-28 14:57 -------- d-----w- c:\program files\Microsoft Analysis Services 2015-09-28 14:55 . 2015-09-28 14:55 -------- d-----r- C:\MSOCache 2015-09-28 14:39 . 2015-09-28 14:39 -------- d-----w- c:\program files\FastStone Capture 2015-09-20 19:59 . 2015-09-20 19:59 -------- d-----w- c:\windows\system32\config\systemprofile\.oracle_jre_usage 2015-09-20 19:59 . 2015-09-20 19:59 -------- d-----w- c:\windows\system32\vbox 2015-09-20 19:36 . 2015-09-20 19:36 -------- d-----w- c:\program files\Common Files\Java 2015-09-20 19:36 . 2015-09-20 19:36 -------- d-----w- c:\users\Anđelić\AppData\Roaming\Sun 2015-09-20 19:36 . 2015-10-13 09:25 -------- d-----w- c:\users\Anđelić\.oracle_jre_usage . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-10-16 20:08 . 2015-04-10 09:49 151552 ----a-w- c:\windows\KMSEmulator.exe 2015-10-14 10:45 . 2015-04-05 15:32 780488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2015-10-14 10:45 . 2015-04-05 15:32 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2015-09-20 19:35 . 2015-04-05 15:26 97888 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2014-10-23 4825880] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VMSnap3"="c:\windows\VMSnap3.exe" [2006-07-18 49152] "Domino"="c:\windows\Domino.exe" [2006-07-04 49152] "Avira SystrayStartTrigger"="c:\program files\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2015-09-10 66320] "avgnt"="c:\program files\Avira\Antivirus\avgnt.exe" [2015-09-01 782520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "SoftwareSASGeneration"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] @="" . R1 BAPIDRV;BAPIDRV;c:\windows\system32\DRIVERS\BAPIDRV.sys [x] R2 AntiVirMailService;Avira Mail Protection;c:\program files\Avira\Antivirus\avmailc7.exe [2015-09-01 932912] R2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\Antivirus\avwebg7.exe [2015-10-14 1147720] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-07-09 327296] R3 MsgPlusDriver;Messenger Plus! Virtual Camera;c:\windows\system32\DRIVERS\MsgPlusDriver.sys [x] R3 vvftav303;vvftav303;c:\windows\system32\drivers\vvftav303.sys [2007-06-23 480128] R3 ZSMC0303;A4 TECH PC Camera H;c:\windows\system32\Drivers\usbVM303.sys [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2015-09-01 37896] S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\Antivirus\sched.exe [2015-09-01 461672] S2 Avira.ServiceHost;Avira Service Host;c:\program files\Avira\Launcher\Avira.ServiceHost.exe [2015-09-10 240872] S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys [2015-09-01 55912] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776] . . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-10-15 20:51 997704 ----a-w- c:\program files\Google\Chrome\Application\46.0.2490.71\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2015-10-14 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job - c:\windows\system32\Macromed\Flash\FlashUtil32_19_0_0_207_pepper.exe [2015-10-14 10:45] . 2015-10-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-05 10:45] . 2015-10-16 c:\windows\Tasks\AutoKMS.job - c:\windows\AutoKMS\AutoKMS.exe [2015-04-10 15:07] . 2015-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2015-10-15 20:50] . 2015-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2015-10-15 20:50] . . ------- Supplementary Scan ------- . uDefault_Search_URL = https://safesearch.avira.com/#web/result?source=art&q= IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 Trusted Zone: localhost Trusted Zone: webcompanion.com TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Anđelić\AppData\Roaming\Mozilla\Firefox\Profiles\j5qjg02t.default\ FF - prefs.js: browser.startup.homepage - www.google.rs . - - - - ORPHANS REMOVED - - - - . ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file) c:\users\Anđelić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk - c:\program files\FrostWire 6\FrostWire.exe AddRemove-{5dfbeba9-9f22-463d-8c95-c861911810a2} - c:\programdata\Package Cache\{5dfbeba9-9f22-463d-8c95-c861911810a2}\Avira.OE.Setup.Bundle.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\taskhost.exe c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files\Avira\Antivirus\avguard.exe c:\program files\TeamViewer\TeamViewer_Service.exe c:\program files\Avira\Antivirus\avshadow.exe c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE c:\windows\system32\WUDFHost.exe c:\windows\system32\conhost.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Completion time: 2015-10-16 22:12:23 - machine was rebooted ComboFix-quarantined-files.txt 2015-10-16 20:12 . Pre-Run: 15.303.282.688 bytes free Post-Run: 15.006.502.912 bytes free . - - End Of File - - F589D30BC0987C9B174261C1B7017D19 A36C5E4F47E84449FF07ED3517B43A31 Dopuna: 16 Okt 2015 22:19 ComboFix-quarantined-files.txt nemam na particiji C tj.sistemskoj

Profil

magna86 Poslao: 16 Okt 2015 22:30 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ni ne treba da bude na C particiji. No nije bitno. Resetuj Google Chrome nazad na podrazumevana podesanja, evo kako; https://support.google.com/chrome/answer/3296214?hl=en Potom, iskopiraj mi svez FRST.txt izvestaj i reci mi za stanje.

Profil

njuskalo75 Poslao: 16 Okt 2015 22:51 Idi na vrh
offline njuskalo75 Ugledni građanin Dalibor Pridružio: 03 Feb 2011 Poruke: 445 Gde živiš: Landau and der Pfalz	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-10-2015 Ran by Anđelić (administrator) on ANĐELIĆ-PC (16-10-2015 22:48:27) Running from C:\Users\Anđelić\Desktop Loaded Profiles: Anđelić (Available Profiles: Anđelić) Platform: Microsoft Windows 7 Ultimate (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [VMSnap3] => C:\Windows\VMSnap3.exe [49152 2006-07-18] (Vimicro) HKLM\...\Run: [Domino] => C:\Windows\Domino.exe [49152 2006-07-04] () HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [782520 2015-09-01] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-3060246460-3445727265-2582410140-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{29109664-89CC-4405-A30C-C728323E5565}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-3060246460-3445727265-2582410140-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-3060246460-3445727265-2582410140-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-3060246460-3445727265-2582410140-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3060246460-3445727265-2582410140-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3060246460-3445727265-2582410140-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-20] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-20] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Anđelić\AppData\Roaming\Mozilla\Firefox\Profiles\j5qjg02t.default FF Homepage: www.google.rs FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-14] () FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-20] (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-15] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-15] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Users\Anđelić\AppData\Roaming\Mozilla\Firefox\Profiles\j5qjg02t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-16] Chrome: ======= CHR Profile: C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google презентације) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-15] CHR Extension: (Google документи) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-15] CHR Extension: (Google диск) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-15] CHR Extension: (YouTube) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15] CHR Extension: (Google Search) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-15] CHR Extension: (Google табеле) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-15] CHR Extension: (Avira Browser Safety) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-15] CHR Extension: (Google документи офлајн) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-15] CHR Extension: (AdBlock) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-16] CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-15] CHR Extension: (Gmail) - C:\Users\Anđelić\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-15] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [932912 2015-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108448 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136728 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-09-01] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [55912 2015-09-01] (Avira Operations GmbH & Co. KG) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-09-01] (Avira Operations GmbH & Co. KG) S3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [480128 2007-06-23] (Vimicro Corporation) S1 BAPIDRV; system32\DRIVERS\BAPIDRV.sys [X] S3 catchme; \??\C:\Users\ANELI~1\AppData\Local\Temp\catchme.sys [X] S3 MsgPlusDriver; system32\DRIVERS\MsgPlusDriver.sys [X] S3 ZSMC0303; System32\Drivers\usbVM303.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-16 22:48 - 2015-10-16 22:48 - 00010295 _____ C:\Users\Anđelić\Desktop\FRST.txt 2015-10-16 22:48 - 2015-10-16 22:48 - 00000000 ____D C:\FRST 2015-10-16 22:47 - 2015-10-16 22:47 - 01700352 _____ (Farbar) C:\Users\Anđelić\Downloads\FRST.exe 2015-10-16 22:47 - 2015-10-16 22:47 - 01700352 _____ (Farbar) C:\Users\Anđelić\Desktop\FRST.exe 2015-10-16 22:12 - 2015-10-16 22:12 - 00010738 _____ C:\ComboFix.txt 2015-10-16 22:10 - 2015-10-16 22:12 - 00004970 ____N C:\Windows\WindowsUpdate.log 2015-10-16 21:57 - 2015-10-16 22:12 - 00000000 ____D C:\Qoobox 2015-10-16 21:57 - 2015-10-16 22:10 - 00000000 ____D C:\Windows\erdnt 2015-10-16 21:57 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2015-10-16 21:57 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2015-10-16 21:57 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-10-16 21:57 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-10-16 21:57 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-10-16 21:57 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2015-10-16 21:57 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2015-10-16 21:57 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2015-10-16 21:14 - 2015-10-16 21:14 - 00000000 ____D C:\Users\Anđelić\Desktop\Provera dali neko krade internet 2015-10-16 19:29 - 2015-10-16 21:16 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-10-16 17:21 - 2014-02-13 23:59 - 00024064 _____ C:\Windows\zoek-delete.exe 2015-10-15 22:51 - 2015-10-15 22:51 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-10-15 22:51 - 2015-10-15 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-10-15 22:50 - 2015-10-16 22:08 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-15 22:50 - 2015-10-16 21:55 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-15 22:45 - 2015-10-15 22:45 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\Mozilla 2015-10-15 22:44 - 2015-10-15 22:44 - 00047104 ___SH C:\Users\Anđelić\AppData\Roaming\Thumbs.db 2015-10-14 11:45 - 2015-10-14 12:45 - 19376840 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe 2015-10-13 11:50 - 2015-10-16 17:15 - 00000000 ____D C:\Users\Anđelić\AppData\Local\Lavasoft 2015-10-13 11:50 - 2015-10-16 17:15 - 00000000 ____D C:\ProgramData\Lavasoft 2015-10-13 11:48 - 2015-10-16 17:15 - 00000000 ____D C:\Program Files\Lavasoft 2015-10-13 11:48 - 2015-10-13 11:48 - 00345360 _____ (Lavasoft Limited) C:\Windows\system32\Lavasearch 2015-10-13 11:46 - 2015-10-13 18:51 - 00000000 ____D C:\Users\Anđelić\AppData\LocalLow\BitTorrent 2015-10-13 11:25 - 2015-10-13 11:29 - 00000000 ____D C:\Users\Anđelić\.frostwire5 2015-10-13 11:25 - 2015-10-13 11:28 - 00000000 ____D C:\Users\Anđelić\FrostWire 2015-10-13 11:25 - 2015-10-13 11:25 - 00000000 ____D C:\Windows\Downloaded Installations 2015-10-13 11:24 - 2015-10-13 11:46 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\RPEng 2015-10-11 18:26 - 2015-10-11 18:26 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe 2015-10-09 20:09 - 2015-10-09 20:09 - 00210921 _____ C:\Users\Anđelić\Documents\U AUTOMOBILU.pptx 2015-10-08 15:15 - 2015-10-08 15:15 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\Avira 2015-10-08 15:11 - 2015-09-01 17:10 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\ssmdrv.sys 2015-10-08 15:11 - 2015-09-01 17:09 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-10-08 15:11 - 2015-09-01 17:09 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-10-08 15:11 - 2015-09-01 17:09 - 00055912 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-10-08 15:11 - 2015-09-01 17:09 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2015-10-08 15:01 - 2015-10-12 17:27 - 00001092 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-10-08 15:01 - 2015-10-12 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-10-08 15:01 - 2015-10-08 15:11 - 00000000 ____D C:\ProgramData\Avira 2015-10-08 15:01 - 2015-10-08 15:11 - 00000000 ____D C:\Program Files\Avira 2015-10-03 21:03 - 2015-10-03 21:03 - 00003021 _____ C:\Users\Anđelić\Desktop\Microsoft Word 2010.lnk 2015-10-03 21:03 - 2015-10-03 21:03 - 00002937 _____ C:\Users\Anđelić\Desktop\Microsoft PowerPoint 2010.lnk 2015-10-03 14:27 - 2015-10-03 14:27 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-10-03 14:02 - 2015-10-03 14:02 - 00006820 _____ C:\Windows\system32\.crusader 2015-09-29 14:30 - 2015-09-29 14:30 - 00001111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk 2015-09-29 14:30 - 2015-09-29 14:30 - 00001105 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk 2015-09-29 14:30 - 2015-09-29 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player 2015-09-28 21:14 - 2015-09-28 21:14 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\Canneverbe Limited 2015-09-28 21:13 - 2015-09-28 21:13 - 00000000 ____D C:\ProgramData\Canneverbe Limited 2015-09-28 19:10 - 2015-09-28 19:10 - 00000000 ____D C:\Users\Anđelić\.ViberPC 2015-09-28 19:10 - 2015-09-28 19:10 - 00000000 ____D C:\Users\Anđelić\.QtWebEngineProcess 2015-09-28 19:09 - 2015-09-28 19:09 - 00000000 ____D C:\Users\Anđelić\AppData\Local\Viber 2015-09-28 17:13 - 2015-09-29 07:01 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\ViberPC 2015-09-28 17:13 - 2015-09-28 17:13 - 00001004 _____ C:\Users\Anđelić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk 2015-09-28 17:13 - 2015-09-28 17:13 - 00000996 _____ C:\Users\Anđelić\Desktop\Viber.lnk 2015-09-28 17:08 - 2015-10-16 22:09 - 00000292 _____ C:\Windows\Tasks\AutoKMS.job 2015-09-28 17:01 - 2015-09-28 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2015-09-28 17:01 - 2015-09-28 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-09-28 17:00 - 2015-09-28 17:00 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services 2015-09-28 17:00 - 2015-09-28 17:00 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2015-09-28 16:59 - 2015-09-28 16:59 - 00000000 ____D C:\Windows\PCHEALTH 2015-09-28 16:59 - 2015-09-28 16:59 - 00000000 ____D C:\Program Files\Microsoft.NET 2015-09-28 16:59 - 2015-09-28 16:59 - 00000000 ____D C:\Program Files\Microsoft Sync Framework 2015-09-28 16:59 - 2015-09-28 16:59 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2015-09-28 16:58 - 2015-09-28 16:58 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8 2015-09-28 16:57 - 2015-09-28 16:57 - 00000000 ____D C:\Program Files\Microsoft Analysis Services 2015-09-28 16:56 - 2015-09-28 16:59 - 00000000 ____D C:\Program Files\Microsoft Office 2015-09-28 16:55 - 2015-09-28 16:55 - 00000000 ___RD C:\MSOCache 2015-09-28 16:39 - 2015-09-28 16:39 - 00001037 _____ C:\Users\Public\Desktop\FastStone Capture.lnk 2015-09-28 16:39 - 2015-09-28 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture 2015-09-28 16:39 - 2015-09-28 16:39 - 00000000 ____D C:\Program Files\FastStone Capture 2015-09-22 10:25 - 2015-10-02 22:55 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-09-22 10:25 - 2015-10-02 22:55 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-09-20 21:59 - 2015-09-20 21:59 - 00000000 ____D C:\Windows\system32\vbox 2015-09-20 21:36 - 2015-10-13 11:25 - 00000000 ____D C:\Users\Anđelić\.oracle_jre_usage 2015-09-20 21:36 - 2015-09-20 21:36 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\Sun 2015-09-20 21:36 - 2015-09-20 21:36 - 00000000 ____D C:\Program Files\Common Files\Java 2015-09-20 21:34 - 2015-09-20 21:34 - 00000000 ____D C:\Users\Anđelić\AppData\LocalLow\Oracle ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-16 22:45 - 2015-04-05 17:32 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-10-16 22:16 - 2009-07-14 06:34 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-10-16 22:16 - 2009-07-14 06:34 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-10-16 22:12 - 2015-04-05 17:10 - 01515990 _____ C:\Windows\system32\PerfStringBackup.INI 2015-10-16 22:12 - 2009-08-16 05:32 - 00669438 _____ C:\Windows\system32\perfh019.dat 2015-10-16 22:12 - 2009-08-16 05:32 - 00129538 _____ C:\Windows\system32\perfc019.dat 2015-10-16 22:12 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default 2015-10-16 22:12 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public 2015-10-16 22:09 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini 2015-10-16 22:08 - 2015-04-10 11:49 - 00151552 _____ C:\Windows\KMSEmulator.exe 2015-10-16 22:07 - 2015-04-05 17:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-10-16 22:07 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-10-16 21:43 - 2015-04-18 14:23 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\Skype 2015-10-16 17:15 - 2009-07-14 04:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2015-10-15 22:51 - 2015-04-05 17:27 - 00000000 ____D C:\Users\Anđelić\AppData\Local\Google 2015-10-15 22:51 - 2015-04-05 17:27 - 00000000 ____D C:\Program Files\Google 2015-10-14 13:33 - 2015-04-05 18:39 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-10-14 12:45 - 2015-04-05 17:32 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-10-14 12:45 - 2015-04-05 17:32 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-10-13 11:25 - 2015-04-05 17:07 - 00000000 ____D C:\Users\Anđelić 2015-10-09 22:10 - 2015-04-16 21:42 - 00000000 ____D C:\Program Files\TeamViewer 2015-10-09 22:09 - 2015-04-16 21:43 - 00000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-10-09 22:09 - 2015-04-16 21:43 - 00000917 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-10-03 14:04 - 2015-04-05 17:45 - 00000000 ____D C:\Program Files\WinRAR 2015-10-03 14:02 - 2015-05-02 19:54 - 00000000 ____D C:\ProgramData\HitmanPro 2015-10-03 08:51 - 2015-04-05 17:42 - 00000000 ____D C:\ProgramData\Skype 2015-10-03 08:48 - 2015-04-05 17:45 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-03 08:48 - 2015-04-05 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-09-29 16:45 - 2015-04-05 17:47 - 00000000 ____D C:\Users\Anđelić\AppData\Roaming\BSplayer 2015-09-29 08:49 - 2015-04-05 18:42 - 00000000 ____D C:\Program Files\A4 tech 2015-09-28 21:04 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET 2015-09-28 19:08 - 2015-04-11 15:59 - 00407920 _____ C:\Windows\system32\FNTCACHE.DAT 2015-09-28 17:07 - 2015-04-12 08:51 - 00108824 _____ C:\Users\Anđelić\AppData\Local\GDIPFONTCACHEV1.DAT 2015-09-28 17:07 - 2015-04-10 11:49 - 00000000 ____D C:\Windows\AutoKMS 2015-09-28 17:04 - 2015-04-10 11:18 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-09-28 17:01 - 2009-07-14 09:49 - 00000000 ____D C:\Windows\ShellNew 2015-09-28 17:01 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-09-28 17:00 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\MSBuild 2015-09-28 16:57 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System 2015-09-28 16:57 - 2009-07-14 04:04 - 00000478 _____ C:\Windows\win.ini 2015-09-26 08:12 - 2015-04-21 06:12 - 00000000 ____D C:\Windows\Minidump 2015-09-23 21:27 - 2015-06-14 10:48 - 00000000 ____D C:\ProgramData\Apple 2015-09-23 21:23 - 2015-06-14 10:50 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB 2015-09-20 21:36 - 2015-04-05 17:26 - 00000000 ____D C:\ProgramData\Oracle 2015-09-20 21:36 - 2015-04-05 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-09-20 21:36 - 2015-04-05 17:26 - 00000000 ____D C:\Program Files\Java 2015-09-20 21:35 - 2015-04-05 17:26 - 00097888 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2015-09-19 08:14 - 2015-04-06 00:03 - 00000000 ____D C:\Users\Anđelić\AppData\Local\Microsoft Games 2015-09-16 19:59 - 2015-04-10 11:18 - 00000000 ____D C:\Users\Anđelić\AppData\Local\Microsoft Help 2015-09-16 06:01 - 2009-07-14 06:53 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT ==================== Files in the root of some directories ======= 2015-10-15 22:44 - 2015-10-15 22:44 - 0047104 ___SH () C:\Users\Anđelić\AppData\Roaming\Thumbs.db 2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Anđelić\AppData\Roaming\w9PkZhJalsisHJDt2gdddRisW ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-10-11 19:46 ==================== End of FRST.txt ============================ Racunar mnogo bolje radi.

Profil

magna86 Poslao: 17 Okt 2015 14:14 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-3060246460-3445727265-2582410140-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-3060246460-3445727265-2582410140-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = S3 catchme; \??\C:\Users\ANELI~1\AppData\Local\Temp\catchme.sys [X] EmptyTemp: C:\Users\Anđelić\AppData\Roaming\w9PkZhJalsisHJDt2gdddRisW End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Kako da se resim reklama na windowsu 7

Ko je trenutno na forumu

Ukupno su 890 korisnika na forumu :: 49 registrovanih, 6 sakrivenih i 835 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: antonije64, Atomski čoban, Buzdovan, CikaKURE, cinoeye, comi_pfc, Dimitrije Paunovic, djboj, Djokislav, dozorni, dragoljub11987, dushan, FOX, hyla, ikan, Karla, Komentator, Koridor, Krusarac, kuntalo, kybonacci, Litostroton, Lošmi, Marko Marković, menges, mercedesamg, Mercury, milutin134, Mlav, mnn2, nebojsag, nedeljkovici, Oscar, Pikac-47, raptorsi, raso7, repac, RJ, Sirius, Sićko, slonic_tonic, sokojet, SR-3m, Trpe Grozni, vathra, VP6919, vukdra, zeo, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by