MyCity » Ambulanta -> Arhiva Ambulante » Onemogucen download

Onemogucen download

Napisano na dan: 17.8.2015

Onemogucen download

Sledeća strana

Pagination

Odgovori

j-22orao Poslao: 17 Avg 2015 12:20 Idi na vrh
offline j-22orao Građanin Pridružio: 14 Maj 2011 Poruke: 51	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U svakom od browsera koje posedujem svaki download većih fajlova se zamrzne na kraju. Ako je fajl veličine npr. 100 MB, Download proces stane 99,9% i to je mrtva tačka,dalje neće,dok samo u Chrome-u nedugo zatim napiše "Failed-Network Error" . Ovaj se problem poceo ispoljavati od kada sam pokušao skinuti Sketchup,ranije je download normalno funkcionisao. Zaštitni softver NEMAM. Problem sa pokušao rešiti korišćenjem drugog browsera,ali je on i dalje tu (problem) Konekcija je dobra,openADSL,11 Mbit/s,mislim da sa tim problem nema veze. Ostale informacije koje bi mogle opisati bliže stanje na vašem računaru: Nije u dobrom stanju,jer mu je skeniranje standardnim Antivirus programom naporno. Znam da cu mozda trebati da skinem FRST,ali ce verovatno i taj download biti neuspesan P.S na BitTorrentu download NECE NI DA POCNE!

Profil

TwinHeadedEagle Poslao: 17 Avg 2015 14:26 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Research Engineer @MalwareBytes Pridružio: 09 Avg 2011 Poruke: 15877 Gde živiš: Beograd	1Ovo se svidja korisniku: Mr.Blackwell Registruj se da bi pohvalio/la poruku! Pozdrav, Preuzmi FRST na drugom racunaru, prebaci i onda pokreni. Na isti nacin dostavi izvestaje.

Profil

j-22orao Poslao: 17 Avg 2015 16:15 Idi na vrh
offline j-22orao Građanin Pridružio: 14 Maj 2011 Poruke: 51	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Evo logova: Frst.txt Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-08-2015 Ran by Administrator (administrator) on IME MOG KOMPJUTERA NIJE BITNO ZA RESAVANJE PROBLEMA (17-08-2015 16:08:00) Running from C:\Documents and Settings\Administrator\My Documents\Downloads Loaded Profiles: Administrator (Available Profiles: Administrator) Platform: Microsoft Windows XP Professional Service Pack 2 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\WINDOWS\system32\ati2evxx.exe () C:\WINDOWS\system32\ati2evxx.exe (Windows SysTool) C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect\ProtectWindowsManager.exe (Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.) C:\WINDOWS\system32\LEXPPS.EXE (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (ATI Technologies, Inc.) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (Cyberlink Corp.) C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (MSI) C:\Program Files\MSI\TV@Anywhere Plus\TVR\Scheduled.exe (Lexmark International, Inc.) C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe () C:\Program Files\Winamp\winampa.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe (Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems) C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe (Lexmark International, Inc.) C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe (ZSMCSNAP) C:\WINDOWS\ZSSnp211.exe () C:\WINDOWS\Domino.exe (Facebook Inc.) C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe () C:\WINDOWS\CIDD_P\lsass.exe () C:\Program Files\RocketDock\RocketDock.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (Skillbrains) C:\Documents and Settings\Administrator\Local Settings\Application Data\Skillbrains\lightshot\4.4.2.10\Lightshot.exe (Google Inc.) C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe () C:\PROGRA~1\MSI\TV@ANY~1\P3XRCtl.exe (XTab system) C:\Program Files\MiuiTab\ProtectService.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe (Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [High Definition Audio Property Page Shortcut] => C:\WINDOWS\system32\HDAShCut.exe [135680 2005-01-07] (Windows (R) Server 2003 DDK provider) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [14396416 2005-05-05] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [139264 2005-05-04] (Realtek Semiconductor Corp.) HKLM\...\Run: [ATIPTA] => C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [1601536 2004-06-10] (ATI Technologies, Inc.) HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [229376 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [RemoteControl] => C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe [188416 2004-11-02] (Cyberlink Corp.) HKLM\...\Run: [PVR Agent] => C:\Program Files\MSI\TV@Anywhere Plus\TVR\Scheduled.exe [2984448 2005-04-29] (MSI) HKLM\...\Run: [Lexmark X1100 Series] => C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [208896 2003-08-19] (Lexmark International, Inc.) HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [181248 2003-12-13] () HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [296096 2012-11-11] (RealNetworks, Inc.) HKLM\...\Run: [Ulead AutoDetector v2] => C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [163840 2005-03-16] (Ulead Systems, Inc.) HKLM\...\Run: [Ulead Quick-Drop] => C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Suite\Ulead Quick-Drop 1.0\Quick-Drop.exe [184320 2005-04-28] (Ulead Systems, Inc.) HKLM\...\Run: [USIUDF_Eject_Monitor] => C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe [151552 2004-12-23] (Ulead Systems) HKLM\...\Run: [PAC7302_Monitor] => C:\WINDOWS\PixArt\PAC7302\Monitor.exe [389120 2006-11-03] (PixArt Imaging Incorporation) HKLM\...\Run: [ZSSnp211] => C:\WINDOWS\ZSSnp211.exe [131072 2007-04-06] (ZSMCSNAP) HKLM\...\Run: [Domino] => C:\WINDOWS\Domino.exe [131072 2006-08-18] () HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [332160 2013-07-02] (Oracle Corporation) HKLM\...\Run: [configuration] => C:\WINDOWS\configuration\configuration.exe [414067 2010-06-28] () HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2004-06-10] () HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [Facebook Update] => C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [138096 2014-04-21] (Facebook Inc.) HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [00000000000000000000000000000000] => /r HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [565248 2007-09-02] () HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [LightShot] => C:\Documents and Settings\Administrator\Local Settings\Application Data\Skillbrains\lightshot\LightShot.exe [226592 2013-09-27] () HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [ViOrb] => HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1667584 2004-08-04] (Microsoft Corporation) HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [18779904 2013-01-08] (Skype Technologies S.A.) HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [Google Update] => C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2014-04-21] (Google Inc.) HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [tsiVideo] => rundll32.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\\mdi064.dll,asdasd <===== ATTENTION Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2012-07-23] ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TV Remote Control.lnk [2008-11-05] ShortcutTarget: TV Remote Control.lnk -> C:\Program Files\MSI\TV@Anywhere Utilities\P3XRCtl.exe () Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Think Green Weather.lnk [2013-06-27] ShortcutTarget: Think Green Weather.lnk -> C:\Program Files\Stardock\DesktopGadgets\Think Green Weather\Think Green Weather.exe (No File) SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File AlternateShell: CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [S-1-5-21-1004336348-606747145-725345543-500] => Internet Explorer proxy is enabled. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1428779350&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1428779350&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&q={searchTerms} HKU\S-1-5-21-1004336348-606747145-725345543-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz= HKU\S-1-5-21-1004336348-606747145-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 HKU\S-1-5-21-1004336348-606747145-725345543-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> 0B7EA87983FC43709484963C78B615B5 URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {2AB32CF9-9E78-4E6C-B2E5-677BD6F95508} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} BHO: GoodTab Class -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> C:\Program Files\MiuiTab\SupTab.dll [2015-07-15] (Thinkgood Co. Limited) BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\XTab\SupTab.dll No File BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-13] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-13] (Oracle Corporation) DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies) Hosts: 5.79.87.21 valve-master-server.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{A688B2DF-8803-4767-82F2-CA049C323934}: [DhcpNameServer] 192.168.1.1 StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe istartsurf.com/?type=sc&ts=14287793.....2292122921 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cuk05zyj.default FF DefaultSearchEngine: istartsurf FF SelectedSearchEngine: istartsurf FF Homepage: hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-13] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-13] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\npctrl.1.0.20926.0.dll [2007-09-25] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-11-11] (RealNetworks, Inc.) FF Plugin: @real.com/nprjplug;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-11-11] (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-11-11] (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-11-11] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-11-11] (RealPlayer) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.) FF Plugin HKU\S-1-5-21-1004336348-606747145-725345543-500: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-1004336348-606747145-725345543-500: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Administrator\Application Data\Mozilla\plugins\npgoogletalk.dll [2014-10-29] (Google) FF Plugin HKU\S-1-5-21-1004336348-606747145-725345543-500: @talk.google.com/O1DPlugin -> C:\Documents and Settings\Administrator\Application Data\Mozilla\plugins\npo1d.dll [2014-10-29] (Google) FF Plugin HKU\S-1-5-21-1004336348-606747145-725345543-500: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.) FF Plugin HKU\S-1-5-21-1004336348-606747145-725345543-500: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.) FF Plugin HKU\S-1-5-21-1004336348-606747145-725345543-500: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-09] (Unity Technologies ApS) FF user.js: detected! => C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cuk05zyj.default\user.js [2015-05-29] FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Administrator\Application Data\mozilla\plugins\npgoogletalk.dll [2014-10-29] (Google) FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Administrator\Application Data\mozilla\plugins\npo1d.dll [2014-10-29] (Google) FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2014-12-13] FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cuk05zyj.default\Extensions\faststartff@gmail.com [2014-12-13] FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cuk05zyj.default\Extensions\ffxtlbr@babylon.com [2014-12-13] FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cuk05zyj.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2014-09-08] FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-11-11] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-11-21] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-18] CHR Extension: (Docs) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-17] CHR Extension: (Google Drive) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-18] CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-18] CHR Extension: (Google Search) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-18] CHR Extension: (Google Sheets) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-18] CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-18] CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 1 CHR HKLM\...\Chrome\Extension: [cmgjfgdffckcfmmoocnfgnhdfniddmec] - <no Path\update_url> CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-11-11] CHR HKLM\...\Chrome\Extension: [mbfiljpelpkpopnoofcgmbnipcgagncm] - <no Path\update_url> ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [376832 2004-06-10] () S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [516096 2004-06-10] () [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [139264 2005-04-04] (Macrovision Corporation) [File not signed] R2 IHProtect Service; C:\Program Files\MiuiTab\ProtectService.exe [125112 2015-07-15] (XTab system) [File not signed] R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-12-13] (Oracle Corporation) R2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [303104 2003-08-18] (Lexmark International, Inc.) R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248 2005-07-25] (Hewlett-Packard Company) [File not signed] S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [114904 2005-10-14] (Microsoft Corporation) [File not signed] R2 NIS; C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [199640 2011-04-17] (Symantec Corporation) [File not signed] S3 ose; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [158768 2003-07-28] (Microsoft Corporation) [File not signed] S4 SQLBrowser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [308952 2005-10-14] (Microsoft Corporation) [File not signed] S3 SQLWriter; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [165592 2005-10-14] (Microsoft Corporation) [File not signed] R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-03-13] (Ulead Systems, Inc.) [File not signed] R2 WindowsMangerProtect; C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect\ProtectWindowsManager.exe [545280 2015-07-16] (Windows SysTool) [File not signed] <==== ATTENTION S2 24c54e38; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files\DeltaFix\DeltaFix.dll",serv <==== ATTENTION ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AndNetDiag; C:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [23040 2012-07-03] (LG Electronics Inc.) S3 ANDNetModem; C:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (LG Electronics Inc.) R3 Cap713x; C:\WINDOWS\System32\DRIVERS\Cap713x.sys [686080 2005-05-04] (Philips Semiconductors GmbH) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-04] (Microsoft Corporation) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [374392 2011-06-25] (Symantec Corporation) R2 EIO; C:\WINDOWS\system32\drivers\EIO.sys [7296 2004-05-26] (ASUSTeK Computer Inc.) [File not signed] R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed] S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [145920 2005-01-07] (Windows (R) Server 2003 DDK provider) R3 Intels51; C:\WINDOWS\System32\DRIVERS\Intels51.sys [670203 2003-05-22] (Intel Corporation) [File not signed] S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-04] (Microsoft Corporation) R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-03-12] (Sonic Solutions) [File not signed] S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-07-17] () R3 SMBios; C:\WINDOWS\System32\DRIVERS\SMBios.sys [36484 2004-06-07] (Intel Corporation) [File not signed] R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software) S3 SRTSP; C:\WINDOWS\System32\Drivers\NIS\1206000.01D\SRTSP.SYS [516216 2011-03-31] (Symantec Corporation) R1 SRTSPX; C:\WINDOWS\system32\drivers\NIS\1206000.01D\SRTSPX.SYS [50168 2011-03-31] (Symantec Corporation) R0 SymDS; C:\WINDOWS\System32\drivers\NIS\1206000.01D\SYMDS.SYS [340088 2011-01-27] (Symantec Corporation) R0 SymEFA; C:\WINDOWS\System32\drivers\NIS\1206000.01D\SYMEFA.SYS [744568 2011-03-15] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [126584 2011-06-12] (Symantec Corporation) S1 SymIRON; C:\WINDOWS\system32\drivers\NIS\1206000.01D\Ironx86.SYS [136312 2011-01-27] (Symantec Corporation) R1 SYMTDI; C:\WINDOWS\System32\Drivers\NIS\1206000.01D\SYMTDI.SYS [369784 2011-03-22] (Symantec Corporation) S3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [33512 2012-11-01] (AnchorFree Inc) R3 ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [27392 2004-12-23] (Ulead Systems, Inc.) [File not signed] R1 USIUDF; C:\WINDOWS\System32\Drivers\USIUDF.sys [292896 2004-07-07] (Ulead Systems, Inc.) [File not signed] R3 vvftav211; C:\WINDOWS\System32\drivers\vvftav211.sys [480128 2007-12-10] (Vimicro Corporation) [File not signed] R3 ZSMC30x; C:\WINDOWS\System32\Drivers\ZS211.sys [1537024 2007-12-05] (ZSMC.Corporation) [File not signed] R3 amsint32; \??\C:\WINDOWS\system32\drivers\hmunn.sys [X] S3 LVUSBSta; system32\drivers\lvusbsta.sys [X] S3 PID_0928; system32\DRIVERS\LV561AV.SYS [X] U1 WS2IFSL; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-17 15:50 - 2015-08-17 16:08 - 00000000 ____D C:\FRST 2015-08-17 14:22 - 2015-08-17 15:41 - 00002529 _____ C:\Documents and Settings\All Users\Start Menu\Programs\FaceGen Modeller 3.5 Free.lnk 2015-08-17 14:22 - 2015-08-17 14:22 - 00000000 ____D C:\Program Files\Singular Inversions 2015-08-16 14:32 - 2015-08-16 14:42 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\Пријеми 2015-08-16 14:09 - 2015-08-17 09:28 - 00000000 ____D C:\WINDOWS\SxsCaPendDel 2015-07-31 16:09 - 2015-08-05 17:02 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\New Folder ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-17 16:09 - 2008-11-04 18:56 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp 2015-08-17 16:06 - 2013-01-01 23:23 - 00000438 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{4CE59E1A-5AC4-4FCE-8BF6-F1589E7C608D}.job 2015-08-17 16:05 - 2014-04-21 23:58 - 00001044 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-606747145-725345543-500UA.job 2015-08-17 15:56 - 2008-11-04 18:56 - 00031970 _____ C:\WINDOWS\SchedLgU.Txt 2015-08-17 15:42 - 2013-01-21 18:07 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\BitTorrent 2015-08-17 15:42 - 2011-03-26 13:07 - 00000000 ____D C:\Program Files\Winamp 2015-08-17 15:42 - 2009-01-11 16:11 - 00000000 ____D C:\WINDOWS\Minidump 2015-08-17 15:41 - 2008-11-04 18:56 - 00000000 ____D C:\Documents and Settings\Administrator 2015-08-17 15:38 - 2012-03-12 20:45 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-17 15:17 - 2012-08-28 10:08 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-08-17 14:55 - 2009-03-08 13:12 - 00000868 _____ C:\WINDOWS\Tasks\Google Software Updater.job 2015-08-17 14:49 - 2008-11-04 18:51 - 01553521 ____N C:\WINDOWS\WindowsUpdate.log 2015-08-17 14:30 - 2012-03-08 16:59 - 00001030 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1004336348-606747145-725345543-500UA.job 2015-08-17 14:19 - 2009-03-08 11:12 - 00000000 ____D C:\unzipped 2015-08-17 14:16 - 2008-11-04 19:45 - 00000349 ____N C:\WINDOWS\wiadebug.log 2015-08-17 14:05 - 2014-04-21 23:58 - 00000992 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-606747145-725345543-500Core.job 2015-08-17 10:30 - 2012-11-11 12:45 - 00000302 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1004336348-606747145-725345543-500.job 2015-08-17 09:29 - 2008-11-04 19:45 - 00000049 ____N C:\WINDOWS\wiaservc.log 2015-08-17 09:29 - 2008-11-04 18:56 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp 2015-08-17 09:28 - 2015-04-11 20:51 - 00000446 _____ C:\WINDOWS\Tasks\SMupdate3.job 2015-08-17 09:28 - 2015-04-11 20:51 - 00000446 _____ C:\WINDOWS\Tasks\SMupdate2.job 2015-08-17 09:28 - 2015-04-11 20:51 - 00000446 _____ C:\WINDOWS\Tasks\SMupdate1.job 2015-08-17 09:28 - 2014-11-22 19:18 - 00000664 ____H C:\WINDOWS\Tasks\SystemLifter-S-3647665956.job 2015-08-17 09:28 - 2012-11-11 12:45 - 00000294 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1004336348-606747145-725345543-500.job 2015-08-17 09:28 - 2012-05-20 19:00 - 00000288 _____ C:\WINDOWS\Tasks\RMAutoUpdate.job 2015-08-17 09:28 - 2012-03-12 20:45 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-17 09:28 - 2012-02-21 12:49 - 00000290 _____ C:\WINDOWS\Tasks\Express Files Updater.job 2015-08-17 09:28 - 2008-11-04 20:54 - 00000000 ____D C:\WINDOWS\system32\Lang 2015-08-17 09:28 - 2008-11-04 18:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-08-16 14:07 - 2009-03-08 13:13 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google 2015-08-16 14:06 - 2015-05-21 11:38 - 00000000 _____ C:\Documents and Settings\Administrator\TempWmicBatchFile.bat 2015-08-16 09:36 - 2001-08-23 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2015-08-14 22:48 - 2008-11-04 18:56 - 00000278 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2015-08-12 11:18 - 2012-04-28 22:06 - 129304528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-08-11 23:30 - 2012-03-08 16:59 - 00001008 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1004336348-606747145-725345543-500Core.job 2015-08-10 13:57 - 2014-08-16 09:41 - 00000000 ____D C:\Program Files\SpeedFan 2015-08-09 19:00 - 2012-05-18 10:58 - 00000290 _____ C:\WINDOWS\Tasks\RMSchedule.job 2015-08-08 16:59 - 2008-11-04 21:48 - 00001125 _____ C:\WINDOWS\winamp.ini 2015-07-31 22:29 - 2015-06-05 12:30 - 00715772 _____ C:\Documents and Settings\Administrator\My Documents\Untitled231.skp ==================== Files in the root of some directories ======= 2014-12-06 22:16 - 2015-02-28 19:01 - 0000004 _____ () C:\Documents and Settings\Administrator\Application Data\appdataFr2.bin 2013-06-27 14:27 - 2013-06-27 16:42 - 0000096 _____ () C:\Documents and Settings\Administrator\Application Data\Camdata.ini 2013-06-27 14:27 - 2013-06-27 16:42 - 0000408 _____ () C:\Documents and Settings\Administrator\Application Data\CamLayout.ini 2013-06-27 14:27 - 2013-06-27 16:42 - 0000408 _____ () C:\Documents and Settings\Administrator\Application Data\CamShapes.ini 2013-06-27 14:25 - 2013-06-27 16:42 - 0004509 _____ () C:\Documents and Settings\Administrator\Application Data\CamStudio.cfg 2013-06-27 14:25 - 2013-06-27 14:25 - 0000000 _____ () C:\Documents and Settings\Administrator\Application Data\CamStudio.Producer.Data.ini 2013-06-27 14:25 - 2013-06-27 14:25 - 0001206 _____ () C:\Documents and Settings\Administrator\Application Data\CamStudio.Producer.ini 2012-03-26 21:16 - 2012-04-05 13:58 - 0114688 _____ () C:\Documents and Settings\Administrator\Application Data\chrtmp 2012-03-26 21:16 - 2012-04-05 17:35 - 7797314 _____ () C:\Documents and Settings\Administrator\Application Data\werfgsdfsdf.sam 2013-12-30 21:17 - 2015-06-20 19:57 - 0018944 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-12-23 22:24 - 2013-12-23 22:24 - 0000003 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\updater.log Some files in TEMP: ==================== C:\Documents and Settings\Administrator\Local Settings\Temp\rtdrvmon.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of log ============================ I Addition: mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 17 Avg 2015 16:44 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Research Engineer @MalwareBytes Pridružio: 09 Avg 2011 Poruke: 15877 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Vidim tragove Sality virusa koji se kaci za svaki izvrsni fajl i prakticno ga je nemoguce ukloniti sa sistema. Nisam siguran da li je jos aktivan, ali bih preporucio reinstalaciju sistema.

Profil

j-22orao Poslao: 17 Avg 2015 16:59 Idi na vrh
offline j-22orao Građanin Pridružio: 14 Maj 2011 Poruke: 51	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! WHAT??? Da li postoji neko drugo resenje........???? molim vas da kazete da,u suprotnom.....

Profil

TwinHeadedEagle Poslao: 17 Avg 2015 17:20 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Research Engineer @MalwareBytes Pridružio: 09 Avg 2011 Poruke: 15877 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ja mogu da ti ocistim racunar od infekcije, ali da li ce virus opet povratiti, to je pitanje.

Profil

j-22orao Poslao: 17 Avg 2015 18:12 Idi na vrh
offline j-22orao Građanin Pridružio: 14 Maj 2011 Poruke: 51	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ne zanima me da li ce da se virus povrati......jer sam naucio kako se siri,a iskreno znam odakle mi ga (od stika,i u knjizari prepoznali virus sa te fleske) ako umes i hoces ciscenje ce doboro doci a kasnije cemo preduzeti mere predostroznosti,A da li su ovo neki od znakova Sality-ja (Viruta,cyh da je jedan od najgorih): nestanak fajlova,nestaje memorije,usporen internet isako sam napisao da mi je konekcija dobra,eto imam problem sa downlaodom i nemogu da ubacim nijedan add-on u chrom,takodje zbog network errora......Znaci ako mozes hoces moze ciscenje.....e sad ne znam da li mogu to preko salitykiller ili virutkillera da odradim ali dobro..........

Profil

TwinHeadedEagle Poslao: 17 Avg 2015 18:25 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Research Engineer @MalwareBytes Pridružio: 09 Avg 2011 Poruke: 15877 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Bar je fles lako drzati cistim: http://mcshield.net/ Deinstaliraj: - Sustainer - WinZipper 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: createrestorepoint: closeprocesses: emptytemp: C:\WINDOWS\CIDD_P Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Think Green Weather.lnk [2013-06-27] ShortcutTarget: Think Green Weather.lnk -> C:\Program Files\Stardock\DesktopGadgets\Think Green Weather\Think Green Weather.exe (No File) SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File AlternateShell: CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [tsiVideo] => rundll32.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\\mdi064.dll,asdasd <===== ATTENTION HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [ViOrb] => HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [00000000000000000000000000000000] => /r HKLM\...\Run: [configuration] => C:\WINDOWS\configuration\configuration.exe [414067 2010-06-28] () C:\WINDOWS\configuration ProxyEnable: [S-1-5-21-1004336348-606747145-725345543-500] => Internet Explorer proxy is enabled. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1428779350&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1428779350&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&q={searchTerms} HKU\S-1-5-21-1004336348-606747145-725345543-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz= HKU\S-1-5-21-1004336348-606747145-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 HKU\S-1-5-21-1004336348-606747145-725345543-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> 0B7EA87983FC43709484963C78B615B5 URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {2AB32CF9-9E78-4E6C-B2E5-677BD6F95508} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} BHO: GoodTab Class -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> C:\Program Files\MiuiTab\SupTab.dll [2015-07-15] (Thinkgood Co. Limited) BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\XTab\SupTab.dll No File RemoveProxy: StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=14287793.....2292122921 FF DefaultSearchEngine: istartsurf FF SelectedSearchEngine: istartsurf FF Homepage: hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 FF user.js: detected! => C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cuk05zyj.default\user.js [2015-05-29] FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2014-12-13] FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cuk05zyj.default\Extensions\faststartff@gmail.com [2014-12-13] FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cuk05zyj.default\Extensions\ffxtlbr@babylon.com [2014-12-13] FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cuk05zyj.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2014-09-08] R2 WindowsMangerProtect; C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect\ProtectWindowsManager.exe [545280 2015-07-16] (Windows SysTool) [File not signed] <==== ATTENTION S2 24c54e38; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files\DeltaFix\DeltaFix.dll",serv <==== ATTENTION C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect c:\Program Files\DeltaFix R3 amsint32; \??\C:\WINDOWS\system32\drivers\hmunn.sys [X] S3 LVUSBSta; system32\drivers\lvusbsta.sys [X] S3 PID_0928; system32\DRIVERS\LV561AV.SYS [X] U1 WS2IFSL; no ImagePath Task: C:\WINDOWS\Tasks\Express Files Updater.job => C:\Program Files\ExpressFiles\EFupdater.exehttp:/www.express-files.com <==== ATTENTION Task: C:\WINDOWS\Tasks\SMupdate1.job => C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll <==== ATTENTION Task: C:\WINDOWS\Tasks\SMupdate2.job => C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll <==== ATTENTION Task: C:\WINDOWS\Tasks\SMupdate3.job => C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll <==== ATTENTION Task: C:\WINDOWS\Tasks\SystemLifter-S-3647665956.job => c:\documents and settings\all users\application data\trusted publisher\systemlifter\SystemLifter.exex/schedule /profile c:\documents and settings\all users\application data\trusted publisher\systemlifter\3647665956.ini <==== ATTENTION C:\Program Files\ExpressFiles C:\PROGRA~1\COMMON~1\System\SysMenu.dll c:\documents and settings\all users\application data\trusted publisher AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. Skeniranje sa MalwareBytes Preuzmi Malwarebytes Anti-Malware i sacuvaj instalaciju na Desktop. Instaliraj program standardnim putem, samo sto na kraju instalacije mozes da iskljucis Trial verziju, ali i ne moras. Drugu opciju ostavi, MalwareBytes ce biti pokrenut i azuriran. Nakon sto je to gotovo, klikni na Settings tab, na levoj strani izaberi Detctions & protection and obelezi Scan for rootkits ukoliko vec nije. U istom prozoru, ispod PUP and PUM detections postavi da bude Treat detections as malware. Zatim klikni na Scan tab, Izaberi Threat Scan i na kraju klikni na Scan Now. Nakon sto i ukoliko je malware detektovan, klikni na Apply Actions. Zatim ce MalwareBytes krenuti sa uklanjanjem infekcije i zatrazice ti da restartujes racunar. Nakon zavrsetka skeniranja (ili nakon restart), klikni na History tab. Klikni na Application Logs, a zatim dvoklik na najnoviji Scan Log. Na dnu prozora klikni na Export i izaberi Text file. Sacuvaj izvestaj na Desktop i prikaci ga u sledecoj poruci.

Profil

j-22orao Poslao: 18 Avg 2015 19:45 Idi na vrh
offline j-22orao Građanin Pridružio: 14 Maj 2011 Poruke: 51	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sustainer odbio deinstaliranje,winzipper deinstaliran ali prilikom deinstaliranja prikazivo greske nije bas odbio,prikaz`o neku gresku Frst uspesno zavrsio fix,ali bez ikakve poruke o zavrsetku samo zatvorio prozor i kreirao fixlog:evo ga: Fix result of Farbar Recovery Scan Tool (x86) Version:17-08-2015 Ran by Administrator (2015-08-17 21:32:34) Run:1 Running from C:\Documents and Settings\Administrator\My Documents\Downloads Loaded Profiles: Administrator (Available Profiles: Administrator) Boot Mode: Normal ============================================== fixlist content: ************** createrestorepoint: closeprocesses: emptytemp: C:\WINDOWS\CIDD_P Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Think Green Weather.lnk [2013-06-27] ShortcutTarget: Think Green Weather.lnk -> C:\Program Files\Stardock\DesktopGadgets\Think Green Weather\Think Green Weather.exe (No File) SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File AlternateShell: CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [tsiVideo] => rundll32.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\\mdi064.dll,asdasd <===== ATTENTION HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [ViOrb] => HKU\S-1-5-21-1004336348-606747145-725345543-500\...\Run: [00000000000000000000000000000000] => /r HKLM\...\Run: [configuration] => C:\WINDOWS\configuration\configuration.exe [414067 2010-06-28] () C:\WINDOWS\configuration ProxyEnable: [S-1-5-21-1004336348-606747145-725345543-500] => Internet Explorer proxy is enabled. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1428779350&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1428779350&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&q={searchTerms} HKU\S-1-5-21-1004336348-606747145-725345543-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz= HKU\S-1-5-21-1004336348-606747145-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 HKU\S-1-5-21-1004336348-606747145-725345543-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> 0B7EA87983FC43709484963C78B615B5 URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {2AB32CF9-9E78-4E6C-B2E5-677BD6F95508} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1004336348-606747145-725345543-500 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=obw&utm_campaign=install_ie&utm_content=ds&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921&ts=1428779379&type=default&q={searchTerms} BHO: GoodTab Class -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> C:\Program Files\MiuiTab\SupTab.dll [2015-07-15] (Thinkgood Co. Limited) BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\XTab\SupTab.dll No File RemoveProxy: StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe istartsurf.com/?type=sc&ts=14287793.....2292122921 FF DefaultSearchEngine: istartsurf FF SelectedSearchEngine: istartsurf FF Homepage: hxxp://www.istartsurf.com/?type=hppp&ts=1428779362&from=obw&uid=WDCXWD1600AAJS-00B4A0_WD-WMAT3012292122921 FF user.js: detected! => C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cuk05zyj.default\user.js [2015-05-29] FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2014-12-13] FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cuk05zyj.default\Extensions\faststartff@gmail.com [2014-12-13] FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cuk05zyj.default\Extensions\ffxtlbr@babylon.com [2014-12-13] FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cuk05zyj.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2014-09-08] R2 WindowsMangerProtect; C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect\ProtectWindowsManager.exe [545280 2015-07-16] (Windows SysTool) [File not signed] <==== ATTENTION S2 24c54e38; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files\DeltaFix\DeltaFix.dll",serv <==== ATTENTION C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect c:\Program Files\DeltaFix R3 amsint32; \??\C:\WINDOWS\system32\drivers\hmunn.sys [X] S3 LVUSBSta; system32\drivers\lvusbsta.sys [X] S3 PID_0928; system32\DRIVERS\LV561AV.SYS [X] U1 WS2IFSL; no ImagePath Task: C:\WINDOWS\Tasks\Express Files Updater.job => C:\Program Files\ExpressFiles\EFupdater.exehttp:/www.express-files.com <==== ATTENTION Task: C:\WINDOWS\Tasks\SMupdate1.job => C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll <==== ATTENTION Task: C:\WINDOWS\Tasks\SMupdate2.job => C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll <==== ATTENTION Task: C:\WINDOWS\Tasks\SMupdate3.job => C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll <==== ATTENTION Task: C:\WINDOWS\Tasks\SystemLifter-S-3647665956.job => c:\documents and settings\all users\application data\trusted publisher\systemlifter\SystemLifter.exex/schedule /profile c:\documents and settings\all users\application data\trusted publisher\systemlifter\3647665956.ini <==== ATTENTION C:\Program Files\ExpressFiles C:\PROGRA~1\COMMON~1\System\SysMenu.dll c:\documents and settings\all users\application data\trusted publisher AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 *************** Restore point was successfully created. Processes closed successfully. Malwarebytes uspesno skenirao i uklonio zarazene fajlove,kreirao log ali posle restarta jedva da hoce da se otovri,te ne mogu da dostavim njegov log.Sta dalje?

Profil

TwinHeadedEagle Poslao: 19 Avg 2015 07:55 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Research Engineer @MalwareBytes Pridružio: 09 Avg 2011 Poruke: 15877 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovo nije ceo Fixlog.txt. Ponovo odradi FRST fix.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Onemogucen download

Ko je trenutno na forumu

Ukupno su 709 korisnika na forumu :: 19 registrovanih, 2 sakrivenih i 688 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: amstel, bankulen, branko7, Hoegaarden, ILGromovnik, Krusarac, kuntalo, mane123, Nebo_M, nemkea71, Ognjen D., pein, Rakenica, sabros, Snorks, Srki98, USSVoyager, wolf431, zljubomir

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by