MyCity » Ambulanta -> Arhiva Ambulante » Previse virusa

Previse virusa

Napisano na dan: 6.6.2016

Previse virusa

Sledeća strana

Pagination

Odgovori

LoXo Poslao: 06 Jun 2016 19:34 Idi na vrh
offline LoXo Super građanin Pridružio: 14 Okt 2011 Poruke: 1212	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Mali brat je koristio laptop i unistio ga je sto se tice virusa i reklama. [Link mogu videti samo ulogovani korisnici] Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-06-2016 02 Ran by -Laki (administrator) on LAKI-PC (05-06-2016 20:53:45) Running from C:\Users\-Laki\Desktop Loaded Profiles: -Laki (Available Profiles: -Laki) Platform: Microsoft Windows 7 Ultimate (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: "C:\Program Files\chroomium Browser\chroomium\chrome.exe" "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (tsvr.com) C:\Users\-Laki\AppData\Roaming\TSv\TSvr.exe (Popcorn Time) C:\Program Files\Popcorn Time\Updater.exe (Cinema PlusV18.04) C:\Program Files\CinemaP-1.8cV18.04\e12d05b2-f6b2-48dc-94c6-01c8a1bb4537-1-6.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (BitTorrent Inc.) C:\Users\-Laki\AppData\Roaming\BitTorrent\BitTorrent.exe (Skillbrains) C:\Program Files\Skillbrains\lightshot\5.3.0.0\Lightshot.exe (Electronic Arts) C:\Program Files\Origin\Origin.exe (Facebook Inc.) C:\Users\-Laki\AppData\Local\Facebook\Update\FacebookUpdate.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (CyberGhost S.R.L.) C:\Program Files\CyberGhost 5\CyberGhost.exe (BitTorrent Inc.) C:\Users\-Laki\AppData\Roaming\BitTorrent\updates\7.9.7_42331\utorrentie.exe () C:\Program Files\Music Recorder\Music Recorder 2016\AudialsNotifier.exe (BitTorrent Inc.) C:\Users\-Laki\AppData\Roaming\BitTorrent\updates\7.9.7_42331\utorrentie.exe (Viber Media S.Ã r.l.) C:\Users\-Laki\AppData\Local\Viber\Viber.exe () C:\ProgramData\Google\update\GoogleUpdate.exe () C:\ProgramData\Google\update\GoogleUpdate.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe (Nero AG) C:\Program Files\Nero\Update\NASvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\bd19e2e7-c69c-485a-b1fe-43c1efb58bda\AvastEmUpdate.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [YTDownloader] => "C:\Program Files\YTDownloader\YTDownloader.exe" /boot HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare) HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-12-30] () HKU\S-1-5-21-3890536223-1254265134-210378819-1000\...\Run: [BitTorrent] => C:\Users\-Laki\AppData\Roaming\BitTorrent\BitTorrent.exe [1972232 2016-05-23] (BitTorrent Inc.) HKU\S-1-5-21-3890536223-1254265134-210378819-1000\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3639280 2016-02-06] (Electronic Arts) HKU\S-1-5-21-3890536223-1254265134-210378819-1000\...\Run: [Facebook Update] => C:\Users\-Laki\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-12] (Facebook Inc.) HKU\S-1-5-21-3890536223-1254265134-210378819-1000\...\Run: [YTDownloader] => "C:\Program Files\YTDownloader\YTDownloader.exe" /boot HKU\S-1-5-21-3890536223-1254265134-210378819-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-3890536223-1254265134-210378819-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50615936 2016-01-19] (Skype Technologies S.A.) HKU\S-1-5-21-3890536223-1254265134-210378819-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [426600 2016-01-11] (CyberGhost S.R.L.) HKU\S-1-5-21-3890536223-1254265134-210378819-1000\...\Run: [AudialsNotifier] => C:\Program Files\Music Recorder\Music Recorder 2016\AudialsNotifier.exe [4535192 2016-03-15] () HKU\S-1-5-21-3890536223-1254265134-210378819-1000\...\Run: [Viber] => C:\Users\-Laki\AppData\Local\Viber\Viber.exe [69268048 2016-04-13] (Viber Media S.Ã r.l.) HKU\S-1-5-21-3890536223-1254265134-210378819-1000\...\MountPoints2: F - F:\Startme.exe HKU\S-1-5-21-3890536223-1254265134-210378819-1000\...\MountPoints2: {7c3e0f8f-db86-11e4-bed0-54bef727caaf} - F:\Startme.exe HKU\S-1-5-21-3890536223-1254265134-210378819-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2009-07-14] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-29] (AVAST Software) GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50 Tcpip\..\Interfaces\{45F5FB28-9DE1-4F2A-9D21-4CE021FC16EC}: [DhcpNameServer] 89.216.1.30 89.216.1.50 ManualProxies: [Link mogu videti samo ulogovani korisnici] Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]{searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] HKU\S-1-5-21-3890536223-1254265134-210378819-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKU\S-1-5-21-3890536223-1254265134-210378819-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKU\S-1-5-21-3890536223-1254265134-210378819-1000 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKU\S-1-5-21-3890536223-1254265134-210378819-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKU\S-1-5-21-3890536223-1254265134-210378819-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = BHO: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-12-30] (Wondershare) BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2014-08-02] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-29] (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-08-02] (Oracle Corporation) Toolbar: HKU\S-1-5-21-3890536223-1254265134-210378819-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe [Link mogu videti samo ulogovani korisnici] FireFox: ======== FF ProfilePath: C:\Users\-Laki\AppData\Roaming\Mozilla\Firefox\Profiles\z45f08gi.default FF NewTab: chrome://quick_start/content/index.html FF SearchEngineOrder.1: V9 FF SelectedSearchEngine: V9 FF Homepage: [Link mogu videti samo ulogovani korisnici]^BBQ^xdm027^YYA^rs&si=downloadispeed FF Keyword.URL: [Link mogu videti samo ulogovani korisnici]^AYY^xdm067^YYA^rs&si=flvrunner&searchfor= FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2014-08-02] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2014-08-02] (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-04-20] (globalUpdate) FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-04-20] (globalUpdate) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3890536223-1254265134-210378819-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\-Laki\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-3890536223-1254265134-210378819-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\-Laki\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-18] (Unity Technologies ApS) FF user.js: detected! => C:\Users\-Laki\AppData\Roaming\Mozilla\Firefox\Profiles\z45f08gi.default\user.js [2016-02-11] FF SearchPlugin: C:\Users\-Laki\AppData\Roaming\Mozilla\Firefox\Profiles\z45f08gi.default\searchplugins\ask-web-search.xml [2015-04-11] FF SearchPlugin: C:\Users\-Laki\AppData\Roaming\Mozilla\Firefox\Profiles\z45f08gi.default\searchplugins\so-v.xml [2016-04-25] FF SearchPlugin: C:\Users\-Laki\AppData\Roaming\Mozilla\Firefox\Profiles\z45f08gi.default\searchplugins\V9.xml [2015-12-31] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml [2015-10-14] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yoursites123.xml [2016-01-14] FF Extension: Default NewTab - C:\Users\-Laki\AppData\Roaming\Mozilla\Firefox\Profiles\z45f08gi.default\extensions\default_newtabff@gmail.com [2015-10-14] [not signed] FF Extension: Allin1Convert - C:\Users\-Laki\AppData\Roaming\Mozilla\Firefox\Profiles\z45f08gi.default\Extensions\_8hMembers_@download.allin1convert.com [2016-01-03] FF Extension: Internet Speed Tracker - C:\Users\-Laki\AppData\Roaming\Mozilla\Firefox\Profiles\z45f08gi.default\Extensions\_9tMembers_@download.internetspeedtracker.com [2016-01-03] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10] FF HKLM\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\-Laki\AppData\Roaming\Mozilla\Firefox\Profiles\z45f08gi.default\extensions\default_newtabff@gmail.com FF HKLM\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2016-01-31] [not signed] StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe [Link mogu videti samo ulogovani korisnici] Chrome: ======= CHR Profile: C:\Users\-Laki\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\-Laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-18] CHR Extension: (Google Docs) - C:\Users\-Laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-18] CHR Extension: (Google Drive) - C:\Users\-Laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\-Laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google Search) - C:\Users\-Laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Sheets) - C:\Users\-Laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-18] CHR Extension: (Google Docs Offline) - C:\Users\-Laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20] CHR Extension: (Avast Online Security) - C:\Users\-Laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03] CHR Extension: (Chrome Web Store Payments) - C:\Users\-Laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-30] CHR Extension: (Gmail) - C:\Users\-Laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-29] Opera: ======= OPR Extension: (Discover Treasure) - C:\Users\-Laki\AppData\Roaming\Opera Software\Opera Stable\Extensions\cbdeahboalakcndjbimdiichgebbjooh [2016-04-25] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-29] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-08-29] (Avast Software) R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L) S2 DeskTop_F; C:\ProgramData\desktopfind\desktop254.exe [236728 2016-03-16] (DeskTopService) [File not signed] S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2015-04-20] (globalUpdate) [File not signed] <==== ATTENTION S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2015-04-20] (globalUpdate) [File not signed] <==== ATTENTION R2 gprotect; C:\ProgramData\Google\update\GoogleUpdate.exe [315008 2016-02-02] () R2 IhPul; C:\Users\-Laki\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com) R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [792944 2016-01-28] (Nero AG) S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2104840 2016-02-06] (Electronic Arts) R2 Update service; C:\Program Files\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) R2 WMModules; C:\ProgramData\Google\update\GoogleUpdate.exe [315008 2016-02-02] () S2 WSModules; C:\Program Files\chroomium Browser\chroomium\bin\browserServer.exe [507008 2016-02-02] () ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [86184 2012-11-28] (Advanced Micro Devices, INC.) R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [178856 2012-11-28] (Advanced Micro Devices, INC.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-08-29] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-08-29] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-08-29] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-08-29] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-06] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-06] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-08-29] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-08-29] (AVAST Software) R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3200000 2013-06-24] (Qualcomm Atheros Communications, Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-08-02] (Disc Soft Ltd) R3 Larmkanal; C:\Windows\System32\DRIVERS\Larmkanal.sys [27560 2015-06-09] (Adoriasoft LLC) R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-08-29] (AVAST Software) R0 PxHelp20; C:\Windows\System32\DRIVERS\PxHelp20.sys [20016 2003-10-28] (Sonic Solutions) [File not signed] R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-08-29] (Avast Software) R1 {528cee47-7291-4264-bfa5-cfe581415f9d}Gw; C:\Windows\System32\drivers\{528cee47-7291-4264-bfa5-cfe581415f9d}Gw.sys [43144 2015-04-17] (StdLib) S3 cpuz134; \??\C:\Users\-Laki\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-06-05 20:53 - 2016-06-05 20:55 - 00021830 _____ C:\Users\-Laki\Desktop\FRST.txt 2016-06-05 20:53 - 2016-06-05 20:53 - 00000000 ____D C:\FRST 2016-06-05 20:53 - 2016-06-05 20:51 - 03677248 _____ C:\Users\-Laki\Desktop\AdwCleaner.exe 2016-06-05 20:53 - 2016-06-05 20:51 - 01735680 _____ (Farbar) C:\Users\-Laki\Desktop\FRST.exe 2016-05-30 17:15 - 2016-06-05 20:46 - 00000000 ____D C:\Users\-Laki\AppData\LocalLow\BitTorrent 2016-05-29 16:21 - 2016-06-05 20:46 - 00000001 _____ C:\Windows\system32\en.html 2016-05-28 23:11 - 2016-05-28 23:11 - 00000132 _____ C:\Users\-Laki\Desktop\photo.php.url ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-06-05 20:55 - 2014-08-02 00:33 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-05 20:54 - 2016-04-29 20:17 - 00001982 _____ C:\Users\-Laki\Desktop\Google Chrome (2).lnk 2016-06-05 20:54 - 2016-03-17 00:34 - 00001982 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-06-05 20:54 - 2014-08-04 19:11 - 00000000 ____D C:\Users\-Laki\AppData\Roaming\BitTorrent 2016-06-05 20:54 - 2014-08-02 00:35 - 00001994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-05 20:52 - 2015-04-18 10:26 - 00000000 ____D C:\Program Files\Opera 2016-06-05 20:49 - 2016-04-23 22:19 - 00000000 ____D C:\Users\-Laki\AppData\Local\Viber 2016-06-05 20:49 - 2015-03-09 23:04 - 00000000 ____D C:\Users\-Laki\AppData\Roaming\ViberPC 2016-06-05 20:48 - 2014-08-02 11:21 - 00000000 ____D C:\Users\-Laki\AppData\Roaming\Skype 2016-06-05 20:46 - 2015-04-20 21:28 - 00002074 _____ C:\Windows\Tasks\0959ef42-5558-4368-9bbd-2b8eaae7b59c-10_user.job 2016-06-05 20:44 - 2015-04-20 21:29 - 00004456 _____ C:\Windows\Tasks\0959ef42-5558-4368-9bbd-2b8eaae7b59c-4.job 2016-06-05 20:44 - 2015-04-20 21:29 - 00003780 _____ C:\Windows\Tasks\0959ef42-5558-4368-9bbd-2b8eaae7b59c-1-7.job 2016-06-05 20:44 - 2015-04-20 21:29 - 00002752 _____ C:\Windows\Tasks\0959ef42-5558-4368-9bbd-2b8eaae7b59c-5_user.job 2016-06-05 20:44 - 2015-04-20 21:29 - 00002752 _____ C:\Windows\Tasks\0959ef42-5558-4368-9bbd-2b8eaae7b59c-5.job 2016-06-05 20:44 - 2015-04-20 21:28 - 00005824 _____ C:\Windows\Tasks\0959ef42-5558-4368-9bbd-2b8eaae7b59c-6.job 2016-06-05 20:44 - 2015-04-20 21:28 - 00005480 _____ C:\Windows\Tasks\0959ef42-5558-4368-9bbd-2b8eaae7b59c-7.job 2016-06-05 20:44 - 2015-04-18 12:02 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 2016-06-05 20:44 - 2015-04-18 10:25 - 00005500 _____ C:\Windows\Tasks\e12d05b2-f6b2-48dc-94c6-01c8a1bb4537-6.job 2016-06-05 20:44 - 2015-04-18 10:25 - 00005164 _____ C:\Windows\Tasks\e12d05b2-f6b2-48dc-94c6-01c8a1bb4537-7.job 2016-06-05 20:44 - 2015-04-18 10:25 - 00004476 _____ C:\Windows\Tasks\e12d05b2-f6b2-48dc-94c6-01c8a1bb4537-4.job 2016-06-05 20:44 - 2015-04-18 10:25 - 00003120 _____ C:\Windows\Tasks\e12d05b2-f6b2-48dc-94c6-01c8a1bb4537-1-6.job 2016-06-05 20:44 - 2015-04-18 10:25 - 00000612 _____ C:\Windows\Tasks\b5c69f6b-ba88-45c0-8589-1eec694b3860.job 2016-06-05 20:44 - 2015-04-18 10:24 - 00004140 _____ C:\Windows\Tasks\e12d05b2-f6b2-48dc-94c6-01c8a1bb4537-3.job 2016-06-05 20:44 - 2015-04-18 10:24 - 00002094 _____ C:\Windows\Tasks\e12d05b2-f6b2-48dc-94c6-01c8a1bb4537-10_user.job 2016-06-05 20:44 - 2015-04-18 10:24 - 00000886 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2016-06-05 20:44 - 2014-08-02 00:33 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-05 20:43 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-30 17:23 - 2015-04-18 12:19 - 00000376 _____ C:\Windows\Tasks\update-sys.job 2016-05-30 17:13 - 2015-04-18 10:24 - 00000890 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2016-05-30 17:13 - 2009-07-14 06:34 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-05-30 17:13 - 2009-07-14 06:34 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-05-30 17:12 - 2014-09-12 21:31 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3890536223-1254265134-210378819-1000UA.job 2016-05-30 17:12 - 2014-09-12 21:31 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3890536223-1254265134-210378819-1000Core.job 2016-05-30 17:08 - 2016-01-14 00:29 - 00000000 ____D C:\Program Files\chroomium Browser 2016-05-30 17:05 - 2014-08-02 00:33 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-05-30 17:04 - 2015-04-18 12:19 - 00000376 _____ C:\Windows\Tasks\update-S-1-5-21-3890536223-1254265134-210378819-1000.job 2016-05-29 09:25 - 2015-11-07 15:13 - 00000000 ____D C:\Users\-Laki\AppData\Roaming\.minecraft 2016-05-28 21:34 - 2014-08-02 11:24 - 00000000 ____D C:\Users\-Laki\AppData\Roaming\vlc 2016-05-28 21:10 - 2016-01-28 15:41 - 00000000 ____D C:\Users\-Laki\Downloads\PopcornTime 2016-05-27 08:43 - 2016-02-12 13:01 - 00000000 ___SD C:\Users\-Laki\AppData\LocalLow\Temp 2016-05-17 10:39 - 2015-03-09 23:05 - 00000000 ____D C:\Users\-Laki\Documents\ViberDownloads 2016-05-14 20:18 - 2014-08-02 11:26 - 00000000 ____D C:\Users\-Laki\AppData\Roaming\AIMP3 2016-05-14 20:02 - 2014-08-02 17:59 - 02326528 ___SH C:\Users\-Laki\Desktop\Thumbs.db 2016-05-13 16:00 - 2014-08-02 00:33 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-05-13 16:00 - 2014-08-02 00:33 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-05-12 14:43 - 2014-08-02 15:00 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-05-12 14:43 - 2014-08-02 15:00 - 00000000 ____D C:\Program Files\Common Files\Adobe ==================== Files in the root of some directories ======= 2016-01-24 13:57 - 2016-01-24 13:57 - 0040017 _____ () C:\Program Files\fb-inv.zip 2015-03-26 21:14 - 2015-03-26 21:14 - 0005542 _____ () C:\Users\-Laki\AppData\Roaming\DQIQVSVP 2015-03-26 21:14 - 2015-03-26 21:14 - 0004185 _____ () C:\Users\-Laki\AppData\Roaming\TMDS 2015-04-18 19:37 - 2015-04-18 10:29 - 1903616 _____ (Sense+) C:\Users\-Laki\AppData\Roaming\trz781F.tmp 2015-04-18 20:07 - 2015-04-18 10:30 - 1508352 _____ (Sense+) C:\Users\-Laki\AppData\Roaming\trzE600.tmp 2015-04-18 12:19 - 2015-04-18 12:19 - 0000003 _____ () C:\Users\-Laki\AppData\Local\updater.log 2015-04-18 12:19 - 2015-10-02 20:31 - 0000412 _____ () C:\Users\-Laki\AppData\Local\UserProducts.xml 2016-04-23 22:20 - 2016-04-23 22:20 - 0000000 _____ () C:\Users\-Laki\AppData\Local\{29D7A3F8-06C1-4277-84FA-220BDB77B3F3} 2015-08-29 18:59 - 2009-07-14 03:14 - 70930432 ___SH () C:\ProgramData\trzD90F.tmp 2015-10-14 12:36 - 2016-01-14 11:26 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Files to move or delete: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Some files in TEMP: ==================== C:\Users\-Laki\AppData\Local\Temp\cdo1370696446.dll C:\Users\-Laki\AppData\Local\Temp\clrvu.exe C:\Users\-Laki\AppData\Local\Temp\drm_dyndata_7400009.dll C:\Users\-Laki\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpefbmyg.dll C:\Users\-Laki\AppData\Local\Temp\genteert.dll C:\Users\-Laki\AppData\Local\Temp\i4jdel0.exe C:\Users\-Laki\AppData\Local\Temp\i4jdel1.exe C:\Users\-Laki\AppData\Local\Temp\kernel32.dll C:\Users\-Laki\AppData\Local\Temp\lrwgf4vn.dll C:\Users\-Laki\AppData\Local\Temp\ReimagePackage.exe C:\Users\-Laki\AppData\Local\Temp\setup.exe C:\Users\-Laki\AppData\Local\Temp\Setup_lightshot-5.3.0.0.exe C:\Users\-Laki\AppData\Local\Temp\sqlite3.exe C:\Users\-Laki\AppData\Local\Temp\tu17p84.exe C:\Users\-Laki\AppData\Local\Temp\UNTD5CB.tmp.exe C:\Users\-Laki\AppData\Local\Temp\UNTD5CC.tmp.exe C:\Users\-Laki\AppData\Local\Temp\UNTD5DC.tmp.exe C:\Users\-Laki\AppData\Local\Temp\UNTD5DD.tmp.exe C:\Users\-Laki\AppData\Local\Temp\UNTD5EE.tmp.exe C:\Users\-Laki\AppData\Local\Temp\UNTD60E.tmp.exe C:\Users\-Laki\AppData\Local\Temp\UNTD60F.tmp.exe C:\Users\-Laki\AppData\Local\Temp\UNTD620.tmp.exe C:\Users\-Laki\AppData\Local\Temp\wxjCa7QdVa.exe C:\Users\-Laki\AppData\Local\Temp\xmlUpdater.exe C:\Users\-Laki\AppData\Local\Temp\yvdmfinu.dll C:\Users\-Laki\AppData\Local\Temp\{0138DA6F-430E-4EB3-B836-75D10DFB4BBB}.dll C:\Users\-Laki\AppData\Local\Temp\{03BD7E6A-4AAB-47FD-AA47-A20D0E74990E}.dll C:\Users\-Laki\AppData\Local\Temp\{0FD31C19-1817-4216-9330-73C1CBE87EE8}.dll C:\Users\-Laki\AppData\Local\Temp\{11D83C94-70D6-464C-9D00-EBDD00B7DE2E}.dll C:\Users\-Laki\AppData\Local\Temp\{19B40F1F-8817-468D-AC34-4B97EC1AE692}.dll C:\Users\-Laki\AppData\Local\Temp\{2FAD2D81-DD9D-4363-87CC-DBE8447B72A4}.dll C:\Users\-Laki\AppData\Local\Temp\{2FC59CA4-AF15-4E33-9486-2D8A74AD3FBC}.dll C:\Users\-Laki\AppData\Local\Temp\{38514B2E-C301-44BB-B61F-1F78F0B9BAA4}.dll C:\Users\-Laki\AppData\Local\Temp\{51179FF3-FD20-4662-98B8-2BBEFDEB7A80}.dll C:\Users\-Laki\AppData\Local\Temp\{5458078D-EC18-4ED4-8BEC-967681B956AD}.dll C:\Users\-Laki\AppData\Local\Temp\{58CB3C0D-2AE6-44AB-AB1F-A0BB00769FDD}.dll C:\Users\-Laki\AppData\Local\Temp\{63C8FDA6-7AEC-4B09-84E8-10A5835027D1}.dll C:\Users\-Laki\AppData\Local\Temp\{63E12AF5-AB4F-49F9-95FA-A629D36F77D3}.dll C:\Users\-Laki\AppData\Local\Temp\{6880A8BB-5F7C-47D4-BD4C-BDFEC5C9DE67}.dll C:\Users\-Laki\AppData\Local\Temp\{6C1E723F-7CDE-4A72-B313-8431DAAAD81B}.dll C:\Users\-Laki\AppData\Local\Temp\{758248C7-5B46-4C8F-8F9D-714F26F7C6D8}.dll C:\Users\-Laki\AppData\Local\Temp\{81391A3C-858A-4CE0-B238-A30DE575B9BC}.dll C:\Users\-Laki\AppData\Local\Temp\{85B2CEB8-5814-4DFA-B945-A918573907FD}.dll C:\Users\-Laki\AppData\Local\Temp\{88019D68-7CFE-438E-AE64-8BE5C25491A0}.dll C:\Users\-Laki\AppData\Local\Temp\{8AA3CAC2-2001-466B-827A-DDEAE45EB7B9}.dll C:\Users\-Laki\AppData\Local\Temp\{909536B7-9C51-4BA6-B178-16DF6796CF0E}.dll C:\Users\-Laki\AppData\Local\Temp\{9A98C5E5-ED95-447D-9D4E-ECA71BF6273A}.dll C:\Users\-Laki\AppData\Local\Temp\{A7558C67-D313-470C-90D3-D2616E601E51}.dll C:\Users\-Laki\AppData\Local\Temp\{A83D5C92-E6B0-4C7F-8949-4354ABCB5DFF}.dll C:\Users\-Laki\AppData\Local\Temp\{AFFEF2AC-7106-4798-AB2D-0706F1F99A39}.dll C:\Users\-Laki\AppData\Local\Temp\{B91B5CB6-FD55-4FD6-BFE1-477922FF19F6}.dll C:\Users\-Laki\AppData\Local\Temp\{BA6175D7-1BD1-4EFD-BAD2-345553BACA86}.dll C:\Users\-Laki\AppData\Local\Temp\{C1D17358-DCBA-4EF4-A1AF-C039BB8646CB}.dll C:\Users\-Laki\AppData\Local\Temp\{D38FB709-128E-400D-B657-1FB2374F7AC5}.dll C:\Users\-Laki\AppData\Local\Temp\{D7D6CF44-9211-4972-9EDE-086768B4225F}-49.0.2623.87_48.0.2564.116_chrome_updater.exe C:\Users\-Laki\AppData\Local\Temp\{D8FFB0E8-6D25-4414-A392-122739AB8A78}.dll C:\Users\-Laki\AppData\Local\Temp\{F05D389C-04D8-4430-8A51-B772F338A544}.dll C:\Users\-Laki\AppData\Local\Temp\{F70AEC57-BF9A-4396-81C7-66F5045B1E9F}.dll C:\Users\-Laki\AppData\Local\Temp\{FA83C3A5-BA73-4722-97D9-A082BA93055E}.dll C:\Users\-Laki\AppData\Local\Temp\{FF81AB1E-96B3-481C-976F-0B3A686E5792}.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-04-18 21:05 ==================== End of FRST.txt ============================ [Link mogu videti samo ulogovani korisnici]

Profil

helen1 Poslao: 06 Jun 2016 22:18 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8628 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, deinstaliraj: Ge-Force Popcorn Time YTD Video Downloader --------------------- Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt ---------- Zatim mi ponovo postavi FRST log i Addition log kao prvi put sto si odradio.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Previse virusa

Ko je trenutno na forumu

Ukupno su 1839 korisnika na forumu :: 89 registrovanih, 8 sakrivenih i 1742 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 6018 - dana 19 Dec 2025 13:41

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: -Max-, 357magnum, Areal84, Badja, bbogdan, Belac91, Boban0312, bokicacar, BraneS, brkan1, Bubimir, Comyymoc, darth bane, debeli, Denaya, divison, djboj, Dolinc, doloress, draganca, DrNeoCortex, Dukelander, dusan.l, ElvisP, Ercomero, Filip1, Fog of War, gale48, galerija, goxin, Great White, gregorxix, Hitri, HogarStrashni, iceburn, ILGromovnik, Imperator_Aleksandr_lll, Jakonjveliki, jalos, janezek67, Jaz, Joint Chief, kaisarevic1, Kajzer Soze, Kapetan Hadok, M74AB3, markolopin, markusx, Medojed, mercedesamg, Mercury, MIG-3, miki kv, mile.ilic75, Milos1389, mkukoleca, moldway, mrvica78, nemkea71, nesa1962, Orc, pceklic, pfc74, Pilence, ping15, proka89, radza1, rovac, royst33, sabros, sekretar, Sevetar, Sir Budimir, Smiljkovich, SOVO515, sspp, stokssone, suton, Tastatura ratnik, Username1000, vandrej, vathra, Velizar, vujv, Weah88, zexon, zivojin32, Zoran1959, Žoržo

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by