Laptop se restartuje prilikom pocetka svakog downloada...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Cao. Imam problem ocigledno.
Laptop mi se resetuje prilikom pocetka svakog downloada. Pojavi se prozorcic koji ne stignem da procitam i samo se restartuje. Imam instaliran windows 7, a laptop je Toshiba Satellite. To mi se desilo nakon sto sam sa nekog sajta pokusala da skinem program koji se zove WebCam Monitor 6, ne znam tacno sa kojeg sajta jer sam pokusavala sa vise. Znam da mi se uz njega pojavljivalo da instaliram Net Framework. Mislim da mi je skidanje tog programa donijelo ovaj problem. Pokusala sam da ga skinem antimalwerom Malwere-Anti Malwere sa plavom ikonicom ali problem i dalje postoji. Nisam imala nikakav antivirus niti antimalwere pa sam morala da skinem sa drugog laptopa taj Malwere i prenesem ga usb-om.
Znaci nemoguce je trenutno da se sa ovog laptopa nesto skine tako da nisam u mogucnosti ispostovati vasa pravila postavljanja teme, to jest nisam u mogucnosti da vam dostavim ikakve izvjestaje preko programa koje ste postavili jer ih ne mogu downlodovati.
Da li mozete pretpostaviti sta bi to moglo da bude i kako da se rijesi?
Hvala na pomoci unapred. Zagrljaj

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Imaš li čist USB disk da na njega snimiš FRST koji se traži u uputstvu na nekom drugom računaru pa da onda prebaciš FRST na svoj računar?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pa sad vise nije cist, cim sam ga stavila u ovaj laptop. Sutra cu nesto pokusati sa novim usb-om. Cujemo se. Hvala na brzom odg.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Danka Borojevic ::Pa sad vise nije cist, cim sam ga stavila u ovaj laptop. Sutra cu nesto pokusati sa novim usb-om. Cujemo se. Hvala na brzom odg.

Nema potrebe da kupuješ novi. Prije nego štoUSB stik ubodeš u drugi računar, na tom drugom račuanru instaliraj MCShield koga možeš preuzeti odavde. On će biti zaštita od zlonamjernih programa koji se šire putem USB diskova.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Uspjela sam.
mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Danka (administrator) on DANKA-PC on 12-11-2014 10:21:59
Running from C:\Users\Danka\Desktop
Loaded Profile: Danka (Available profiles: Danka)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\TK8 StickyNotes\TK8StickyNotes.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Advanced Micro Devices, Inc.) C:\Windows\System32\atibtmon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [LoginPrompt] 9B98878C898483DB898C83868C
HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21437568 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\Run: [TK8 StickyNotes] => C:\Program Files (x86)\TK8 StickyNotes\TK8StickyNotes.exe [10103808 2013-11-05] ()
HKU\S-1-5-21-2176275773-2264376577-2624193879-1000\...\Policies\Explorer: [NoViewOnDrive] 0

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0397D0578290CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-ba
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 79.143.160.20 62.68.96.8 79.143.168.8

FireFox:
========
FF ProfilePath: C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2176275773-2264376577-2624193879-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Danka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF Extension: Website Xplorer - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\{a2bfe612-4cf5-48ea-907c-f3fb25bc9d6b} [2014-08-12]
FF Extension: TrustedShopper - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\jid1-bKSXgRwy1UQeRA@jetpack.xpi [2014-08-15]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)


==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 10:21 - 2014-11-12 10:22 - 00006513 _____ () C:\Users\Danka\Desktop\FRST.txt
2014-11-12 10:21 - 2014-11-12 10:22 - 00000000 ____D () C:\FRST
2014-11-12 10:20 - 2014-11-12 10:11 - 02116096 _____ (Farbar) C:\Users\Danka\Desktop\FRST64.exe
2014-11-11 23:04 - 2014-11-11 23:04 - 17926832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-11 00:25 - 2014-11-11 00:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 23:18 - 2014-11-11 00:01 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-10 23:18 - 2014-11-10 23:18 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-10 23:18 - 2014-11-10 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-10 23:18 - 2014-11-10 23:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-10 23:18 - 2014-11-10 23:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-10 23:18 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-10 23:18 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-10 23:18 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-10 23:16 - 2014-11-10 22:50 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Danka\Desktop\mbam-setup-2.0.3.1025.exe
2014-11-10 22:17 - 2014-11-10 22:17 - 00028796 _____ () C:\Users\Danka\AppData\Local\Bron.tok.A14.em.bin
2014-11-10 20:16 - 2014-11-10 20:23 - 23878192 _____ (DeskShare Inc. ) C:\Users\Danka\Downloads\WebCamMonitor.exe
2014-11-10 19:41 - 2014-11-10 19:41 - 00000000 ____D () C:\039221925231dc599346f095
2014-11-10 17:55 - 2014-11-10 17:55 - 395226617 _____ () C:\Windows\MEMORY.DMP
2014-11-10 17:55 - 2014-11-10 17:55 - 00274744 _____ () C:\Windows\Minidump\111014-18392-01.dmp
2014-11-10 17:55 - 2014-11-10 17:55 - 00000000 ____D () C:\Windows\Minidump
2014-11-02 23:31 - 2014-11-02 23:31 - 00000000 ____D () C:\Users\Danka\AppData\Local\Ok-SendMail-Bron-tok
2014-11-02 23:29 - 2014-11-10 23:38 - 00000000 ____D () C:\Users\Danka\AppData\Local\Loc.Mail.Bron.Tok
2014-11-02 23:29 - 2014-11-02 23:29 - 00000051 _____ () C:\Users\Danka\AppData\Local\Kosong.Bron.Tok.txt
2014-10-28 13:23 - 2014-10-28 13:23 - 00001128 _____ () C:\Users\Danka\Documents\Documents - Shortcut.lnk
2014-10-24 18:21 - 2014-10-24 18:21 - 00638888 _____ (Oracle Corporation) C:\Users\Danka\Downloads\jxpiinstall(1).exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 10:21 - 2014-06-25 15:49 - 00000000 ____D () C:\Users\Danka\AppData\Roaming\Skype
2014-11-12 10:15 - 2009-07-14 06:13 - 00726316 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-12 10:15 - 2009-07-14 05:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-12 10:15 - 2009-07-14 05:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-12 10:04 - 2014-06-25 15:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-12 09:57 - 2014-08-12 16:56 - 00000374 _____ () C:\Windows\Tasks\WpsNotifyTask_Danka.job
2014-11-12 09:55 - 2014-06-25 14:02 - 02052294 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 09:54 - 2014-08-12 16:56 - 00000374 _____ () C:\Windows\Tasks\WpsUpdateTask_Danka.job
2014-11-12 09:52 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-12 09:52 - 2009-07-14 05:51 - 00045562 _____ () C:\Windows\setupact.log
2014-11-11 23:11 - 2014-08-15 15:03 - 00000224 _____ () C:\Users\Danka\BullseyeCoverageError.txt
2014-11-11 23:04 - 2014-06-25 15:45 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-11 23:04 - 2014-06-25 15:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-11 23:04 - 2014-06-25 15:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-11 22:03 - 2014-06-25 15:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-11 09:49 - 2010-11-21 04:47 - 00159256 _____ () C:\Windows\PFRO.log
2014-11-10 23:38 - 2014-08-28 21:11 - 00000000 __SHD () C:\Users\Danka\AppData\Local\EmieUserList
2014-11-10 23:38 - 2014-08-28 21:11 - 00000000 __SHD () C:\Users\Danka\AppData\Local\EmieSiteList
2014-11-10 23:38 - 2014-06-25 14:08 - 00000000 ____D () C:\Users\Danka
2014-11-10 23:34 - 2014-09-23 00:05 - 00000000 ____D () C:\Users\Danka\AppData\Roaming\WinRAR
2014-11-10 23:34 - 2014-08-15 10:48 - 00000000 ____D () C:\Users\Danka\Documents\Java
2014-11-10 23:34 - 2014-08-12 16:03 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-11-10 23:34 - 2014-07-05 09:44 - 00000000 ____D () C:\Users\Danka\AppData\Roaming\PhotoScape
2014-11-10 23:34 - 2014-06-25 15:40 - 00000000 ____D () C:\Users\Danka\AppData\Roaming\AIMP3
2014-11-10 23:34 - 2010-11-21 08:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-11-10 20:32 - 2014-10-02 21:38 - 00096256 ____H () C:\Users\Danka\Desktop\photothumb.db
2014-11-02 23:38 - 2014-06-25 14:08 - 00000000 ____D () C:\Users\Danka\AppData\Local\VirtualStore
2014-11-02 23:31 - 2014-10-03 11:49 - 00000000 ____D () C:\Users\Danka\Desktop\Originals
2014-11-02 23:31 - 2014-09-16 11:20 - 00000000 ____D () C:\Users\Danka\Desktop\RECEPTI
2014-11-02 23:31 - 2014-08-15 10:51 - 00000000 ____D () C:\Users\Danka\Documents\Add-in Express
2014-11-02 23:31 - 2014-06-25 15:46 - 00000000 ____D () C:\Users\Danka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2014-11-02 23:31 - 2014-06-25 15:39 - 00000000 ____D () C:\Users\Danka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-02 23:31 - 2014-06-25 14:08 - 00000000 ___RD () C:\Users\Danka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-02 23:31 - 2014-06-25 14:08 - 00000000 ___RD () C:\Users\Danka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-02 23:31 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-24 18:26 - 2014-07-16 18:01 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-24 18:26 - 2014-06-25 15:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-24 18:23 - 2014-08-15 10:54 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-24 18:23 - 2014-07-16 18:01 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-24 18:23 - 2014-07-16 18:01 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-24 18:23 - 2014-07-16 18:01 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-16 20:48 - 2014-08-12 16:56 - 00000000 ____D () C:\Users\Danka\AppData\Local\Kingsoft

Some content of TEMP:
====================
C:\Users\Danka\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe
C:\Users\Danka\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\Danka\AppData\Local\Temp\ExPromo.exe
C:\Users\Danka\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Danka\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Danka\AppData\Local\Temp\nhpmonitor.exe
C:\Users\Danka\AppData\Local\Temp\NSISPromotionEx.dll
C:\Users\Danka\AppData\Local\Temp\PIPInstaller_PTV_.exe
C:\Users\Danka\AppData\Local\Temp\post1.exe
C:\Users\Danka\AppData\Local\Temp\post2.dll
C:\Users\Danka\AppData\Local\Temp\post2.exe
C:\Users\Danka\AppData\Local\Temp\SimBundD.exe
C:\Users\Danka\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-29 15:10

==================== End Of Log ============================



mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Korak 1

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

FF user.js: detected! => C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\user.js
FF Extension: Website Xplorer - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\{a2bfe612-4cf5-48ea-907c-f3fb25bc9d6b} [2014-08-12]
FF Extension: TrustedShopper - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\u05udksv.default\Extensions\jid1-bKSXgRwy1UQeRA@jetpack.xpi [2014-08-15]
Task: {849D0ABB-C845-4925-8D46-EB010247BD74} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {D492DCF2-C80B-42FC-9C4B-9B3849E5F2A4} - \ASP No Task File <==== ATTENTION
C:\Program Files (x86)\MyPC Backup
EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum




Korak 2

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

mycity.rs/must-login.png



mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da li ti se i dalje sistem restartuje prilikom svakog downloada?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Izgleda da ne. Jao hvala vam mnogo. Moze kratki savjet? Koji antivirus da instaliram da mi ne ometa rad racunara, da li je neophodan? Izvinjavam se na dodatnom smaranju. Hvala jos jednom.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Što se AV programa tiče, možeš staviti koji god želiš. Ukoliko nemaš novaca ili ne želiš da ga izdvojiš za neki komercijalni AV program, na raspolaganju ti se nalaze kvalitetni besplatni AV programi poput Avast Free, AVG Free, Avira Free, Microsoft Security Essentials, Panda Cloud AV, itd.
Nemoj koristiti piratske verzije AV programa!!!


Obavićemo još jednu provjeru.





Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;


• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.




>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.




Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.