MyCity » Ambulanta -> Arhiva Ambulante » Pomeren izgled stranice - nezvani "gosti"?

Pomeren izgled stranice - nezvani "gosti"?

Napisano na dan: 21.1.2014

Strana:
1
2

Pomeren izgled stranice - nezvani "gosti"?

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Dusan Poslao: 21 Jan 2014 03:41 Idi na vrh
offline Dusan SuperModerator Supermoderator opštih foruma Pridružio: 26 Jul 2006 Poruke: 11118	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Od juče se počele nasumce (i na nasumičnim stranicama), a na raznim adresama, pa i na potforumima na MC, pojavljivati linkovane reči (podvučene dvostruko, zelenom bojom), a postavljanjem kursora na njih iskače prozorčić kao na slici: dok se, pri otvaranju bilo koje adrese, nakon 1, 2 sekunde desna strana spusti naniže ostavljajući pri vrhu samo natpis (kao na slici): Ni avast ni MBAM ne pronalaze uljeze i nemaju zamerki na sistem... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 10.0.9200.16750 BrowserJavaVersion: 10.51.2 Run by User at 3:22:32 on 2014-01-21 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2031.273 [GMT 1:00] . AV: avast! Antivirus Enabled/Updated {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus Enabled/Updated {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\MCShield\MCShieldRTM.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\User\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k secsvcs . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.bing.com uSearch Bar = hxxp://www.bing.com BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - c:\program files\free download manager\iefdm2.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe uRun: [Google Update] "c:\users\user\appdata\local\google\update\GoogleUpdate.exe" /c mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [GfxServiceInstall] c:\windows\system32\GfxCUIServiceInstall.vbs mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Preuzimanje oznaèenog s FDM-om - c:\program files\free download manager\dlselected.htm IE: Preuzimanje videa s FDM-om - c:\program files\free download manager\dlfvideo.htm IE: Preuzmi s FDM - c:\program files\free download manager\dllink.htm IE: Preuzmi sve s FDM - c:\program files\free download manager\dlall.htm IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{CE040139-52D7-4A64-8195-783CEC044680} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\m3h4bdv6.default\ FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul FF - prefs.js: keyword.enabled - false FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\users\user\appdata\local\google\update\1.3.22.3\npGoogleUpdate3.dll FF - plugin: c:\users\user\appdata\roaming\mozilla\firefox\profiles\m3h4bdv6.default\extensions\{7d2fb79e-e58c-4db5-a36f-ac1c73967f4d}\plugins\npqbc.dll FF - plugin: c:\users\user\appdata\roaming\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\users\user\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: c:\users\user\appdata\roaming\mozilla\plugins\npo1d.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1207148.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_43.dll . ---- FIREFOX POLICIES ---- user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0); ============= SERVICES / DRIVERS =============== . R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-10-1 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-10-1 180248] R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2013-10-1 16880] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-1 775952] R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2013-10-1 410528] R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2014-1-11 22688] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-1 67824] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-12-21 50344] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-10-5 418376] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-10-5 701512] R3 aswStm;aswStm;c:\windows\system32\drivers\aswstm.sys [2013-12-21 64168] R3 igddim32;igddim32;c:\windows\system32\drivers\igddim32.sys [2013-10-1 1349632] R3 igdkmd32;igdkmd32;c:\windows\system32\drivers\igdkmd32.sys [2013-10-1 435200] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-10-5 22856] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 HDDlife HDD Access service;HDDlife HDD Access service;c:\program files\common files\binarysense\hldasvc.exe [2013-9-13 2050312] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-9-5 171680] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-10-1 14848] S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184] S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2013-10-1 24064] S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-10-1 27136] SUnknown TsUsbFlt;TsUsbFlt; [x] SUnknown tsusbhub;tsusbhub; [x] . =============== File Associations =============== . FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice] . =============== Created Last 30 ================ . 2014-01-21 00:05:36 7760024 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{dba2a9e5-116e-45d1-9579-3b682c064c02}\mpengine.dll 2014-01-16 08:53:00 -------- d-----w- c:\program files\Pravoslavac 2014-01-16 06:32:36 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2014-01-15 03:49:06 2349056 ----a-w- c:\windows\system32\win32k.sys 2014-01-15 03:49:04 240576 ----a-w- c:\windows\system32\drivers\netio.sys 2014-01-15 03:49:02 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys 2014-01-15 03:49:02 284672 ----a-w- c:\windows\system32\drivers\usbport.sys 2014-01-15 03:49:02 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys 2014-01-15 03:49:01 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2014-01-15 03:49:01 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2014-01-15 03:49:01 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys 2014-01-15 03:49:00 6016 ----a-w- c:\windows\system32\drivers\usbd.sys 2014-01-11 21:35:27 22688 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS 2014-01-11 21:35:09 -------- d-----w- c:\program files\HWiNFO32 . ==================== Find3M ==================== . 2014-01-18 22:45:29 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-01-18 22:45:28 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-12-21 20:22:01 64168 ----a-w- c:\windows\system32\drivers\aswstm.sys 2013-12-21 20:21:30 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-12-21 20:21:30 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-12-21 20:21:30 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-12-21 20:21:29 43152 ----a-w- c:\windows\avastSS.scr 2013-12-11 13:43:16 86400 ----a-w- c:\windows\~GLC0002.TMP 2013-12-11 13:24:28 86400 ----a-w- c:\windows\~GLC0001.TMP 2013-12-11 13:20:07 86400 ----a-w- c:\windows\~GLC0000.TMP 2013-11-23 18:26:20 417792 ----a-w- c:\windows\system32\WMPhoto.dll 2013-11-19 02:33:38 230048 ------w- c:\windows\system32\MpSigStub.exe 2013-11-12 02:07:29 2048 ----a-w- c:\windows\system32\tzres.dll 2013-10-30 02:19:52 301568 ----a-w- c:\windows\system32\msieftp.dll 2013-10-25 04:45:11 1767936 ----a-w- c:\windows\system32\wininet.dll 2013-10-25 04:43:42 2877952 ----a-w- c:\windows\system32\jscript9.dll 2013-10-25 04:43:38 61440 ----a-w- c:\windows\system32\iesetup.dll 2013-10-25 04:43:38 109056 ----a-w- c:\windows\system32\iesysprep.dll 2013-10-25 03:41:01 2706432 ----a-w- c:\windows\system32\mshtml.tlb 2013-10-25 02:49:34 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe . ============= FINISH: 3:24:16,69 =============== https://www.mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 21 Jan 2014 08:22 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Izvrsicemo par provera. Uzgred, da li si instalirao nesto nakon cega se ovo pocelo desavati? Preuzmi Farbar Recovery Scan Tool i sacuvaj ga na Desktop Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom. Tvoj Windows je 32bitna verzija. Dvoklikom pokreni FRST; Kada se alat startuje, klikni Yes na disclaimer. Klikni na dugme Scan; Alat ce kreirati izvestaj (FRST.txt) u isti direktorijum gde je i FRST.exe sacuvan. Iskopiraj sadrzaj tog loga u poruku. Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvestaj (Addition.txt). Taj izvestaj okaci u poruku koristeci opciju "Prikaci file".

Profil

Dusan Poslao: 21 Jan 2014 09:15 Idi na vrh
offline Dusan SuperModerator Supermoderator opštih foruma Pridružio: 26 Jul 2006 Poruke: 11118	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pozdrav i tebi... AMF ekspeditivan kao uvek ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-01-2014 Ran by User (administrator) on USER-PC on 21-01-2014 09:06:00 Running from C:\Users\User\Desktop Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) =================== (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Google) C:\Users\User\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11942984 2013-04-22] (Realtek Semiconductor) HKLM\...\Run: [GfxServiceInstall] - C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2013-03-20] () HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-21] (AVAST Software) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKCU\...\Run: [MCShield Monitor] - C:\Program Files\MCShield\mcshieldrtm.exe [607232 2013-10-26] (MyCity) HKCU\...\Run: [Google Update] - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-22] (Google Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com SearchScopes: HKLM - DefaultScope value is missing. BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\user.js FF Homepage: chrome://speeddial/content/speeddial.xul FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF Extension: OnlineHD V6.0 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\a3b3de30-8b00-42aa-97ba-f30e986fec77@cf0a3118-0f89-4b0c-855d-35348a5d04ec.com [2013-12-21] FF Extension: EHTip - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\ehtip@robertkatic [2013-10-05] FF Extension: Xmarks - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\foxmarks@kei.com [2013-11-01] FF Extension: Qualys BrowserCheck - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2013-12-04] FF Extension: Default Full Zoom Level - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D} [2013-10-08] FF Extension: YouTube Caption Downloader - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\captiondownloader@hiephm.com.xpi [2013-10-05] FF Extension: GoPhotoIt - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\gophoto@gophoto.it.xpi [2013-08-08] FF Extension: 1-Click YouTube Video Downloader - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2013-10-05] FF Extension: Scribblies Kids - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\{33A8946C-B859-4f7d-8382-ADAB29623DEE}.xpi [2013-12-04] FF Extension: X-notifier - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2013-10-29] FF Extension: Speed Dial - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2013-10-05] FF Extension: Easy Youtube Video Downloader Express - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2013-10-05] FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-07] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-01] ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-21] (AVAST Software) S2 HDDlife HDD Access service; C:\Program Files\Common Files\BinarySense\hldasvc.exe [2050312 2013-09-13] (BinarySense, Inc.) R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) ==================== Drivers (Whitelisted) ==================== R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2013-12-21] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-10-21] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-10-21] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2013-12-21] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2013-12-21] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2013-12-21] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-21] () R3 e1qexpress; C:\Windows\System32\DRIVERS\e1q6232.sys [367880 2013-03-27] (Intel Corporation) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22688 2014-01-11] (REALiX(tm)) R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-02-22] (Intel Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) S3 cpuz134; \??\C:\Users\User\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] U3 mbr; \??\C:\Users\User\AppData\Local\Temp\mbr.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-21 09:06 - 2014-01-21 09:06 - 00010918 _____ C:\Users\User\Desktop\FRST.txt 2014-01-21 09:05 - 2014-01-21 09:05 - 00000000 ____D C:\FRST 2014-01-21 09:03 - 2014-01-21 09:03 - 01222144 _____ (Farbar) C:\Users\User\Desktop\FRST.exe 2014-01-21 03:24 - 2014-01-21 03:24 - 00012369 _____ C:\Users\User\Desktop\dds.txt 2014-01-21 03:24 - 2014-01-21 03:24 - 00005049 _____ C:\Users\User\Desktop\attach.txt 2014-01-21 03:20 - 2014-01-21 03:20 - 00688992 ____R (Swearware) C:\Users\User\Desktop\dds.com 2014-01-21 01:59 - 2014-01-21 01:59 - 00000000 _____ C:\Users\User\Desktop\Ambulanta.txt 2014-01-17 23:30 - 2014-01-17 23:30 - 00094015 _____ C:\Users\User\Downloads\sjeti se Mujo 2014-01-16 15:54 - 2014-01-16 15:54 - 01340496 _____ (BitTorrent Inc.) C:\Users\User\Downloads\utorrent.exe 2014-01-16 09:53 - 2014-01-21 00:59 - 00000000 ____D C:\Program Files\Pravoslavac 2014-01-16 09:53 - 2014-01-16 09:53 - 00001001 _____ C:\Users\Public\Desktop\Pravoslavac.lnk 2014-01-16 09:50 - 2014-01-16 09:50 - 03315650 _____ (www.pravoslavnikalendar.iz.rs ) C:\Users\User\Downloads\pravoslavac_2014.exe 2014-01-16 07:32 - 2014-01-16 07:32 - 00005232 _____ C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-01-16 07:32 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-01-16 07:32 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-01-16 07:32 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-01-16 07:32 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-01-15 04:49 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 04:49 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 04:49 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 04:49 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 04:49 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 04:49 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 04:49 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 04:49 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 04:49 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-12 15:33 - 2014-01-12 15:33 - 00000798 _____ C:\Users\User\Desktop\Cimet i med.txt 2014-01-11 22:44 - 2014-01-11 23:10 - 00005239 _____ C:\Users\User\Downloads\Podaci.txt 2014-01-11 22:40 - 2014-01-11 22:40 - 00083195 _____ C:\Users\User\Downloads\HWiNFO32.LOG 2014-01-11 22:35 - 2014-01-11 22:35 - 00022688 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS 2014-01-11 22:35 - 2014-01-11 22:35 - 00000000 ____D C:\Program Files\HWiNFO32 2014-01-11 22:34 - 2014-01-11 22:34 - 02892128 _____ (Martin Malík - REALiX ) C:\Users\User\Downloads\hw32_430.exe 2014-01-10 19:29 - 2014-01-10 19:29 - 00120370 _____ C:\Users\User\Downloads\+ street art wall_57.jpeg 2014-01-10 19:29 - 2014-01-10 19:29 - 00088889 _____ C:\Users\User\Downloads\+ na zidu....jpeg 2014-01-06 15:48 - 2014-01-06 18:53 - 00000000 ____D C:\Users\User\Downloads\Krugovi [Circles] 2013 DVDRip XviD titler 2014-01-06 15:46 - 2014-01-06 15:46 - 00014598 _____ C:\Users\User\Downloads\[kickass.to]krugovi.circles.2013.dvdrip.xvid.titler.torrent 2014-01-02 19:02 - 2014-01-02 21:21 - 1400653824 _____ C:\Users\User\Downloads\The Mission.avi 2014-01-02 17:26 - 2014-01-02 17:26 - 00054502 _____ C:\Users\User\Downloads\the-mission.avi.torrent 2014-01-02 17:20 - 2014-01-02 18:12 - 734924800 _____ C:\Users\User\Downloads\The.Mission[1986]DvDrip]-Zeus_Dias.avi 2014-01-02 17:19 - 2014-01-02 17:19 - 00014835 _____ C:\Users\User\Downloads\71B0A25FAAD507EA8E41B2DE38C53F1A6754C386.torrent 2014-01-02 17:16 - 2014-01-03 01:05 - 00000000 ____D C:\Users\User\Downloads\The.Mission.1986.BluRay.576p.H264 2014-01-02 17:14 - 2014-01-02 17:14 - 00059750 _____ C:\Users\User\Downloads\[kickass.to]the.mission.1986.bluray.576p.h264.torrent 2013-12-30 02:03 - 2014-01-21 00:09 - 00004948 _____ C:\Users\User\Desktop\za jutro.txt 2013-12-27 22:35 - 2013-12-27 22:36 - 06517760 _____ C:\Users\User\Downloads\Photos_Magnifiques.pps 2013-12-24 22:10 - 2014-01-08 13:55 - 00000000 ____D C:\Users\User\Downloads\Dostojevski 2013-12-23 23:31 - 2013-12-23 23:31 - 00677108 _____ C:\Users\User\Downloads\restreetart.zip ==================== One Month Modified Files and Folders ======= 2014-01-21 09:06 - 2014-01-21 09:06 - 00010918 _____ C:\Users\User\Desktop\FRST.txt 2014-01-21 09:05 - 2014-01-21 09:05 - 00000000 ____D C:\FRST 2014-01-21 09:04 - 2013-10-05 23:51 - 00000000 ____D C:\Users\User\AppData\Roaming\Free Download Manager 2014-01-21 09:03 - 2014-01-21 09:03 - 01222144 _____ (Farbar) C:\Users\User\Desktop\FRST.exe 2014-01-21 08:57 - 2013-10-22 00:45 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1054066515-847444414-1389286237-1000UA.job 2014-01-21 08:49 - 2013-10-01 15:20 - 01697921 _____ C:\Windows\WindowsUpdate.log 2014-01-21 08:48 - 2013-10-05 12:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-21 04:56 - 2013-10-22 00:45 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1054066515-847444414-1389286237-1000Core.job 2014-01-21 03:24 - 2014-01-21 03:24 - 00012369 _____ C:\Users\User\Desktop\dds.txt 2014-01-21 03:24 - 2014-01-21 03:24 - 00005049 _____ C:\Users\User\Desktop\attach.txt 2014-01-21 03:20 - 2014-01-21 03:20 - 00688992 ____R (Swearware) C:\Users\User\Desktop\dds.com 2014-01-21 01:59 - 2014-01-21 01:59 - 00000000 _____ C:\Users\User\Desktop\Ambulanta.txt 2014-01-21 01:07 - 2009-07-14 05:34 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-21 01:07 - 2009-07-14 05:34 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-21 01:00 - 2013-10-05 18:01 - 00000000 ____D C:\ProgramData\MCShield 2014-01-21 01:00 - 2013-10-04 20:14 - 00015222 _____ C:\Windows\setupact.log 2014-01-21 01:00 - 2013-10-01 10:14 - 00000292 _____ C:\Windows\Tasks\AutoKMS.job 2014-01-21 01:00 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-21 00:59 - 2014-01-16 09:53 - 00000000 ____D C:\Program Files\Pravoslavac 2014-01-21 00:59 - 2013-10-25 00:36 - 00000000 ____D C:\ProgramData\Licenses 2014-01-21 00:59 - 2013-10-05 22:05 - 00000000 ____D C:\Users\User\AppData\Roaming\foobar2000 2014-01-21 00:59 - 2013-10-05 13:34 - 00000000 ____D C:\Program Files\Common Files\Adobe 2014-01-21 00:59 - 2013-10-05 12:52 - 00000000 ____D C:\Program Files\Java 2014-01-21 00:59 - 2013-10-04 07:49 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent 2014-01-21 00:59 - 2013-10-03 17:08 - 00000000 ____D C:\Windows\pss 2014-01-21 00:59 - 2013-10-03 11:40 - 00000000 ____D C:\Users\User\AppData\Roaming\GHISLER 2014-01-21 00:59 - 2013-10-01 15:46 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype 2014-01-21 00:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp 2014-01-21 00:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration 2014-01-21 00:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\AppCompat 2014-01-21 00:54 - 2010-11-21 01:46 - 00000000 ___RD C:\Users\Public\Recorded TV 2014-01-21 00:09 - 2013-12-30 02:03 - 00004948 _____ C:\Users\User\Desktop\za jutro.txt 2014-01-20 18:19 - 2013-12-07 08:46 - 00000000 ____D C:\Users\User\Downloads\Akrus 2014-01-20 10:27 - 2013-10-07 21:11 - 00051966 _____ C:\Users\User\Desktop\Muzika.txt 2014-01-19 09:06 - 2013-10-04 08:10 - 00000000 ____D C:\Program Files\Weather Watcher 2014-01-18 23:45 - 2013-10-05 12:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-01-18 23:45 - 2013-10-01 10:03 - 00000000 ____D C:\Users\User\AppData\Local\Adobe 2014-01-18 23:45 - 2013-10-01 09:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-01-17 23:56 - 2010-11-20 22:01 - 00785302 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-17 23:30 - 2014-01-17 23:30 - 00094015 _____ C:\Users\User\Downloads\sjeti se Mujo 2014-01-17 08:57 - 2010-11-20 22:48 - 00187182 _____ C:\Windows\PFRO.log 2014-01-16 15:54 - 2014-01-16 15:54 - 01340496 _____ (BitTorrent Inc.) C:\Users\User\Downloads\utorrent.exe 2014-01-16 09:53 - 2014-01-16 09:53 - 00001001 _____ C:\Users\Public\Desktop\Pravoslavac.lnk 2014-01-16 09:50 - 2014-01-16 09:50 - 03315650 _____ (www.pravoslavnikalendar.iz.rs ) C:\Users\User\Downloads\pravoslavac_2014.exe 2014-01-16 07:33 - 2013-10-16 08:16 - 00000000 ____D C:\ProgramData\Oracle 2014-01-16 07:32 - 2014-01-16 07:32 - 00005232 _____ C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-01-16 07:22 - 2013-10-04 00:44 - 00000000 ____D C:\ProgramData\RFA_Backups 2014-01-15 05:17 - 2009-07-14 05:33 - 00409096 _____ C:\Windows\system32\FNTCACHE.DAT 2014-01-15 05:13 - 2013-10-01 11:34 - 00000000 ____D C:\Windows\system32\MRT 2014-01-15 05:09 - 2013-10-01 11:34 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-14 18:37 - 2013-11-25 15:27 - 00004574 _____ C:\Users\User\Desktop\Doskočice.txt 2014-01-12 15:33 - 2014-01-12 15:33 - 00000798 _____ C:\Users\User\Desktop\Cimet i med.txt 2014-01-11 23:10 - 2014-01-11 22:44 - 00005239 _____ C:\Users\User\Downloads\Podaci.txt 2014-01-11 22:40 - 2014-01-11 22:40 - 00083195 _____ C:\Users\User\Downloads\HWiNFO32.LOG 2014-01-11 22:35 - 2014-01-11 22:35 - 00022688 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS 2014-01-11 22:35 - 2014-01-11 22:35 - 00000000 ____D C:\Program Files\HWiNFO32 2014-01-11 22:34 - 2014-01-11 22:34 - 02892128 _____ (Martin Malík - REALiX ) C:\Users\User\Downloads\hw32_430.exe 2014-01-11 16:09 - 2013-10-03 21:01 - 00007608 _____ C:\Users\User\AppData\Local\resmon.resmoncfg 2014-01-10 19:29 - 2014-01-10 19:29 - 00120370 _____ C:\Users\User\Downloads\+ street art wall_57.jpeg 2014-01-10 19:29 - 2014-01-10 19:29 - 00088889 _____ C:\Users\User\Downloads\+ na zidu....jpeg 2014-01-08 13:55 - 2013-12-24 22:10 - 00000000 ____D C:\Users\User\Downloads\Dostojevski 2014-01-06 18:53 - 2014-01-06 15:48 - 00000000 ____D C:\Users\User\Downloads\Krugovi [Circles] 2013 DVDRip XviD titler 2014-01-06 15:46 - 2014-01-06 15:46 - 00014598 _____ C:\Users\User\Downloads\[kickass.to]krugovi.circles.2013.dvdrip.xvid.titler.torrent 2014-01-06 14:00 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF 2014-01-03 01:05 - 2014-01-02 17:16 - 00000000 ____D C:\Users\User\Downloads\The.Mission.1986.BluRay.576p.H264 2014-01-02 21:21 - 2014-01-02 19:02 - 1400653824 _____ C:\Users\User\Downloads\The Mission.avi 2014-01-02 18:12 - 2014-01-02 17:20 - 734924800 _____ C:\Users\User\Downloads\The.Mission[1986]DvDrip]-Zeus_Dias.avi 2014-01-02 17:26 - 2014-01-02 17:26 - 00054502 _____ C:\Users\User\Downloads\the-mission.avi.torrent 2014-01-02 17:19 - 2014-01-02 17:19 - 00014835 _____ C:\Users\User\Downloads\71B0A25FAAD507EA8E41B2DE38C53F1A6754C386.torrent 2014-01-02 17:14 - 2014-01-02 17:14 - 00059750 _____ C:\Users\User\Downloads\[kickass.to]the.mission.1986.bluray.576p.h264.torrent 2014-01-01 17:59 - 2013-11-30 10:47 - 00000000 ____D C:\Wall 2013-12-30 19:38 - 2013-10-05 14:37 - 00001179 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk 2013-12-27 22:36 - 2013-12-27 22:35 - 06517760 _____ C:\Users\User\Downloads\Photos_Magnifiques.pps 2013-12-23 23:31 - 2013-12-23 23:31 - 00677108 _____ C:\Users\User\Downloads\restreetart.zip Some content of TEMP: ==================== C:\Users\User\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\User\AppData\Local\Temp\Quarantine.exe C:\Users\User\AppData\Local\Temp\setupA9_.exe C:\Users\User\AppData\Local\Temp\Shockwave_Installer_FF.exe C:\Users\User\AppData\Local\Temp\vsdel.exe C:\Users\User\AppData\Local\Temp\~GLBS914.EXE C:\Users\User\AppData\Local\Temp\~GLBS915.EXE ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-19 09:25 ==================== End Of Log ============================ https://www.mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 21 Jan 2014 09:32 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: FF Extension: OnlineHD V6.0 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\a3b3de30-8b00-42aa-97ba-f30e986fec77@cf0a3118-0f89-4b0c-855d-35348a5d04ec.com [2013-12-21] C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\a3b3de30-8b00-42aa-97ba-f30e986fec77@cf0a3118-0f89-4b0c-855d-35348a5d04ec.com FF Extension: GoPhotoIt - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\gophoto@gophoto.it.xpi [2013-08-08] C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\gophoto@gophoto.it.xpi C:\Users\User\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\User\AppData\Local\Temp\Quarantine.exe C:\Users\User\AppData\Local\Temp\setupA9_.exe C:\Users\User\AppData\Local\Temp\Shockwave_Installer_FF.exe C:\Users\User\AppData\Local\Temp\vsdel.exe C:\Users\User\AppData\Local\Temp\~GLBS914.EXE C:\Users\User\AppData\Local\Temp\~GLBS915.EXE AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A cmd: ipconfig /flushdns 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

Dusan Poslao: 21 Jan 2014 09:39 Idi na vrh
offline Dusan SuperModerator Supermoderator opštih foruma Pridružio: 26 Jul 2006 Poruke: 11118	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-01-2014 Ran by User at 2014-01-21 09:36:37 Run:1 Running from C:\Users\User\Desktop Boot Mode: Normal ============================================== Content of fixlist: *************** FF Extension: OnlineHD V6.0 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\a3b3de30-8b00-42aa-97ba-f30e986fec77@cf0a3118-0f89-4b0c-855d-35348a5d04ec.com [2013-12-21] C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\a3b3de30-8b00-42aa-97ba-f30e986fec77@cf0a3118-0f89-4b0c-855d-35348a5d04ec.com FF Extension: GoPhotoIt - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\gophoto@gophoto.it.xpi [2013-08-08] C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\gophoto@gophoto.it.xpi C:\Users\User\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\User\AppData\Local\Temp\Quarantine.exe C:\Users\User\AppData\Local\Temp\setupA9_.exe C:\Users\User\AppData\Local\Temp\Shockwave_Installer_FF.exe C:\Users\User\AppData\Local\Temp\vsdel.exe C:\Users\User\AppData\Local\Temp\~GLBS914.EXE C:\Users\User\AppData\Local\Temp\~GLBS915.EXE AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A cmd: ipconfig /flushdns *************** C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\a3b3de30-8b00-42aa-97ba-f30e986fec77@cf0a3118-0f89-4b0c-855d-35348a5d04ec.com => Moved successfully. "C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\a3b3de30-8b00-42aa-97ba-f30e986fec77@cf0a3118-0f89-4b0c-855d-35348a5d04ec.com" => File/Directory not found. C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\gophoto@gophoto.it.xpi => Moved successfully. "C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m3h4bdv6.default\Extensions\gophoto@gophoto.it.xpi" => File/Directory not found. C:\Users\User\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\Quarantine.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\setupA9_.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\Shockwave_Installer_FF.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\vsdel.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\~GLBS914.EXE => Moved successfully. C:\Users\User\AppData\Local\Temp\~GLBS915.EXE => Moved successfully. C:\ProgramData\TEMP => ":55B41E6A" ADS removed successfully. ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ==== End of Fixlog ====

Profil

TwinHeadedEagle Poslao: 21 Jan 2014 09:42 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje?

Profil

Dusan Poslao: 21 Jan 2014 09:44 Idi na vrh
offline Dusan SuperModerator Supermoderator opštih foruma Pridružio: 26 Jul 2006 Poruke: 11118	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 21 Jan 2014 9:43 I nema više pojave inkriminisane manifestacije... sve izgleda regularno Dopuna: 21 Jan 2014 9:44 kako "zaradih" to.... što je manje važno. Pre je pitanje, kako da ga opet ne "pokupim"?

Profil

TwinHeadedEagle Poslao: 21 Jan 2014 09:47 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imao si dve maliciozne ekstenzije instalirane, kako si ih instalirao zaista ne znam...to je do tebe, nisu se mogle same instalirati...

Profil

Dusan Poslao: 21 Jan 2014 09:50 Idi na vrh
offline Dusan SuperModerator Supermoderator opštih foruma Pridružio: 26 Jul 2006 Poruke: 11118	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Naravno, sam sebi "smestio"... o kojim extenzijama je reč - da ih ne "priuštim sebi ponovo"?

Profil

TwinHeadedEagle Poslao: 21 Jan 2014 09:53 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Prva ima naziv OnlineHD V6.0 , a druga GoPhotoIt. Pretragom neces naci nikakav info o njima, osim da su maliciozne... Zaboravih da kazem, pocetnu stranu izmeni rucno, nadam se da znas kako to uraditi.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pomeren izgled stranice - nezvani "gosti"?

Ko je trenutno na forumu

Ukupno su 953 korisnika na forumu :: 51 registrovanih, 8 sakrivenih i 894 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Petar, A.R.Chafee.Jr., Andrija357, anta, babaroga, Bluper, Boris90, Bubimir, ccoogg123, darios, dejoglina, Dimitrise93, Djokislav, doktor123, DPera, Dr.Strangelove, DragoslavS, esx66, Fog of War, goxin, havoc995, HrcAk47, ikan, ILGromovnik, Ilija Cvorovic, Još malo pa deda, Karla, Koridor, kubura91, KUZMAR, Levi, Luka Blažević, MiroslavD, mrav pesadinac, pein, pera bager, Petarvu, randja26, royst33, saputnik plavetnila, sombrero, Srle993, t84dar, Tas011, theNedjeljko, tmanda323, voja64, Webb, |_MeD_|, šumar bk2, žeks62

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by