MyCity » Ambulanta -> Arhiva Ambulante » Špijunski softver da li ga ima na mom računaru i koji još problemi postoje

Špijunski softver da li ga ima na mom računaru i koji još problemi postoje

Napisano na dan: 3.8.2016

Špijunski softver da li ga ima na mom računaru i koji još problemi postoje

Sledeća strana

Pagination

Odgovori

Sasa81 Poslao: 03 Avg 2016 21:24 Idi na vrh
offline Sasa81 Novi MyCity građanin Pridružio: 03 Avg 2016 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 03 Avg 2016 11:42 da li postoji špijunski softver na mom računaru .. prilažem izveštaj skeniranja mycity.rs/must-login.png Izveštaj skeniranja od Farbar Recovery Scan Tool (FRST) (x64) Verzija: 03-08-2016 Pokrenuo Master080216 (administrator) na DESKTOP-8A1RS88 (03-08-2016 11:28:48) Pokrenuto sa C:\Users\Master080216\Downloads Učitani Profili: Master080216 (Dostupani Profili: Master080216) Platform: Windows 10 Pro (X64) Jezik: srpski (latinica, Srbija) Internet Explorer Verzija 11 (Podrazumevani pregledač: FF) Režim pokretanja sistema: Normal Vodič za Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Procesi (Na Beloj Listi) ================= (Ukoliko je stavka unešena u fixlist, proces ce biti zatvoren. Datoteka nece biti premešten.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Windows\KMS-R@1n.exe (Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe (The Privoxy team - privoxy.org) C:\Program Files (x86)\Megasoft Security\privoxy.exe (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe () C:\Users\Master080216\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe () C:\Program Files (x86)\Winamp\winampa.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (The CefSharp Authors) C:\Users\Master080216\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) C:\Users\Master080216\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe () C:\Program Files (x86)\Omega Computer\sswworker.exe () C:\Windows\KMS-R@1nhook.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe ==================== Registar (Na Beloj Listi) =========================== (Ukoliko je stavka unešena u fixlist, registru stavka ce biti vraćena na podrazumevanu vrednost ili uklonjena. Datoteka neće biti premeštena.) HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [33792 2004-12-20] () HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-19] (AVAST Software) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] () HKU\S-1-5-21-1061431312-3188768099-2055545890-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-1061431312-3188768099-2055545890-1001\...\Run: [LightShot] => C:\Users\Master080216\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue HKU\S-1-5-21-1061431312-3188768099-2055545890-1001\...\RunOnce: [Uninstall C:\Users\Master080216\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Master080216\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" HKU\S-1-5-21-1061431312-3188768099-2055545890-1001\...\RunOnce: [Uninstall C:\Users\Master080216\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Master080216\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-1061431312-3188768099-2055545890-1001\...\RunOnce: [Uninstall C:\Users\Master080216\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Master080216\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\S-1-5-21-1061431312-3188768099-2055545890-1001\...\RunOnce: [Uninstall C:\Users\Master080216\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Master080216\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-03] (AVAST Software) Startup: C:\Users\Master080216\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacebookGamesNotifier.exe.lnk [2016-07-15] ShortcutTarget: FacebookGamesNotifier.exe.lnk -> C:\Users\Master080216\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe () ==================== Internet (Na Beloj Listi) ==================== (Ukoliko je stavka unešena u fixlist, ako je to registru stavka, biće uklonjena ili vraćena na podrazumevanu vrednost.) ProxyEnable: [S-1-5-21-1061431312-3188768099-2055545890-1001] => Proxy je omogućen ProxyServer: [S-1-5-21-1061431312-3188768099-2055545890-1001] => 127.0.0.1:8118 Hosts: Postoji više od jednog unosa u Hosts. Pogledati Hosts sekciju iz Addition.txt Tcpip\Parameters: [DhcpNameServer] 178.79.22.8 8.8.8.8 Tcpip\..\Interfaces\{c1fb9c14-1750-4e3c-943f-d5addcb07723}: [DhcpNameServer] 178.79.22.8 8.8.8.8 ManualProxies: 1127.0.0.1:8118 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1061431312-3188768099-2055545890-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms} HKU\S-1-5-21-1061431312-3188768099-2055545890-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.protectedio.com/?u=fc9e3fe08122c3640c93fc91c8747ca3&c=p1&src=hp&inst=1468514476 HKU\S-1-5-21-1061431312-3188768099-2055545890-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://search.avast.com/AV772/ SearchScopes: HKLM-x32 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=fc9e3fe08122c3640c93fc91c8747ca3&c=p1&src=srch&inst=1468514476 SearchScopes: HKLM-x32 -> {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=fc9e3fe08122c3640c93fc91c8747ca3&c=p1&src=srch&inst=1468514476 SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-1061431312-3188768099-2055545890-1001 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=fc9e3fe08122c3640c93fc91c8747ca3&c=p1&src=srch&inst=1468514476 SearchScopes: HKU\S-1-5-21-1061431312-3188768099-2055545890-1001 -> {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=fc9e3fe08122c3640c93fc91c8747ca3&c=p1&src=srch&inst=1468514476 SearchScopes: HKU\S-1-5-21-1061431312-3188768099-2055545890-1001 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKU\S-1-5-21-1061431312-3188768099-2055545890-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security) Toolbar: HKU\S-1-5-21-1061431312-3188768099-2055545890-1001 -> Nema Imena - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - Nema Datoteke FireFox: ======== FF ProfilePath: C:\Users\Master080216\AppData\Roaming\Mozilla\Firefox\Profiles\tfxs00id.default-1460137536652 FF DefaultSearchEngine: Avast Search FF DefaultSearchUrl: hxxps://search.avast.com/AV772/search/web?q={searchTerms} FF SearchEngineOrder.1: Avast Search FF SelectedSearchEngine: Avast Search FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [Nema Datoteke] FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [Nema Datoteke] FF Plugin HKU\S-1-5-21-1061431312-3188768099-2055545890-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Master080216\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS) FF SearchPlugin: C:\Users\Master080216\AppData\Roaming\Mozilla\Firefox\Profiles\tfxs00id.default-1460137536652\searchplugins\avast-search.xml [2016-07-04] FF SearchPlugin: C:\Users\Master080216\AppData\Roaming\Mozilla\Firefox\Profiles\tfxs00id.default-1460137536652\searchplugins\google-avast.xml [2016-05-25] FF SearchPlugin: C:\Users\Master080216\AppData\Roaming\Mozilla\Firefox\Profiles\tfxs00id.default-1460137536652\searchplugins\search.xml [2016-07-14] FF Extension: Firefox Helper2 - C:\Users\Master080216\AppData\Roaming\Mozilla\Firefox\Profiles\tfxs00id.default-1460137536652\extensions\firefox@helper2 [2016-07-25] [nije potpisana] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-19] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-19] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF Chrome: ======= CHR StartupUrls: Default -> "hxxps://search.protectedio.com/?u=fc9e3fe08122c3640c93fc91c8747ca3&c=p1&src=hp&inst=1467460345" CHR DefaultSearchURL: Default -> hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=fc9e3fe08122c3640c93fc91c8747ca3&c=p1&src=srch&inst=1467460345 CHR DefaultSearchKeyword: Default -> psearchsearch CHR Profile: C:\Users\Master080216\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Master080216\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-08] CHR Extension: (Google Drive) - C:\Users\Master080216\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-08] CHR Extension: (YouTube) - C:\Users\Master080216\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-08] CHR Extension: (Google Search) - C:\Users\Master080216\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-08] CHR Extension: (Google Docs Offline) - C:\Users\Master080216\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-06] CHR Extension: (Avast Online Security) - C:\Users\Master080216\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-20] CHR Extension: (Chrome Web Store Payments) - C:\Users\Master080216\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06] CHR Extension: (Gmail) - C:\Users\Master080216\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-08] CHR Extension: (fc9e3fe08122c3640c93fc91c8747ca3) - C:\Program Files (x86)\Google\Chrome\Application\fc9e3fe08122c3640c93fc91c8747ca3 [2016-04-05] CHR Extension: (fc9e3fe08122c3640c93fc91c8747ca3_2) - C:\Program Files (x86)\Google\Chrome\Application\fc9e3fe08122c3640c93fc91c8747ca3_2 [2016-06-01] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-04-16] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-16] ==================== Servisi (Na Beloj Listi) ======================== (Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-03] (AVAST Software) R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation) R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-02-08] () [Datoteka nije potpisana] R2 PrivoxyService; C:\Program Files (x86)\Megasoft Security\privoxy.exe [371200 2016-07-26] (The Privoxy team - privoxy.org) [Datoteka nije potpisana] <==== Pažnja! R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7806848 2016-05-27] (Reimage®) R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-14] (McAfee, Inc.) R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-14] (McAfee, Inc.) S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-14] (McAfee, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Drajveri (Na Beloj Listi) ========================== (Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-03] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-03] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-03] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-03] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-03] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-03] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-19] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-03] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-02] (AVAST Software) R3 IFXTPM; C:\Windows\system32\DRIVERS\IFXTPM.SYS [58880 2008-07-31] (Infineon Technologies AG) S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2204304 2015-07-10] (MediaTek Inc.) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Na Beloj Listi) =================== (Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..) ==================== Mesec Dana Kreirane Datoteke i Fascikli ======== (Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.) 2016-08-03 11:28 - 2016-08-03 11:30 - 00016602 _____ C:\Users\Master080216\Downloads\FRST.txt 2016-08-03 11:24 - 2016-08-03 11:28 - 00000000 ____D C:\FRST 2016-08-03 11:21 - 2016-08-03 11:24 - 02393600 _____ (Farbar) C:\Users\Master080216\Downloads\FRST64.exe 2016-08-03 09:48 - 2016-08-03 09:48 - 00016148 _____ C:\Windows\system32\DESKTOP-8A1RS88_Master080216_HistoryPrediction.bin 2016-08-01 21:47 - 2016-08-01 21:47 - 00000297 _____ C:\Users\Master080216\Desktop\Shadow Fight на Фејсбуку.URL 2016-08-01 10:59 - 2016-08-01 10:59 - 00000294 _____ C:\Users\Master080216\Desktop\美式八球【桌球●台球●撞球】 на Фејсбуку.URL 2016-08-01 10:55 - 2016-08-01 10:55 - 00000297 _____ C:\Users\Master080216\Desktop\生死狙擊：漆黑特工 Death Shooting на Фејсбуку.URL 2016-08-01 10:54 - 2016-08-01 10:54 - 00000333 _____ C:\Users\Master080216\Desktop\null.URL 2016-08-01 10:13 - 2016-08-01 10:13 - 00000269 _____ C:\Users\Master080216\Desktop\Deer Hunter 2014 на Фејсбуку.URL 2016-08-01 10:11 - 2016-08-01 10:11 - 00000275 _____ C:\Users\Master080216\Desktop\Red Crucible Reloaded на Фејсбуку.URL 2016-08-01 10:08 - 2016-08-01 10:08 - 00000296 _____ C:\Users\Master080216\Desktop\Global Strike на Фејсбуку.URL 2016-08-01 00:27 - 2016-08-01 00:27 - 00000263 _____ C:\Users\Master080216\Desktop\Bad Max Battle Royale на Фејсбуку.URL 2016-08-01 00:27 - 2016-08-01 00:27 - 00000259 _____ C:\Users\Master080216\Desktop\Ball Game Mobile - Demo levels 1 to 7 - YouTube.URL 2016-08-01 00:26 - 2016-08-01 00:26 - 00000597 _____ C:\Users\Master080216\Desktop\First Blood - Er Meydanı на Фејсбуку.URL 2016-07-30 12:01 - 2016-07-30 12:01 - 00340696 _____ C:\Windows\system32\FNTCACHE.DAT 2016-07-25 16:28 - 2016-08-02 10:51 - 00003424 _____ C:\Windows\System32\Tasks\Omega Computer Service 2016-07-19 12:32 - 2016-07-03 16:41 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2016-07-17 18:43 - 2016-07-17 18:43 - 00004366 _____ C:\Windows\System32\Tasks\ReimageUpdater 2016-07-17 18:43 - 2016-07-17 18:43 - 00000000 ____D C:\ProgramData\Reimage Protector 2016-07-17 18:42 - 2016-08-01 20:24 - 00000000 ____D C:\rei 2016-07-17 18:42 - 2016-07-17 18:43 - 00000000 ____D C:\Program Files\Reimage 2016-07-17 18:42 - 2016-07-17 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair 2016-07-15 17:30 - 2016-07-15 17:30 - 00000000 ____D C:\Users\Master080216\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook 2016-07-13 09:39 - 2016-06-29 06:33 - 21861888 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2016-07-13 09:39 - 2016-06-29 05:54 - 18799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2016-07-13 09:39 - 2016-06-25 07:38 - 01119744 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-07-13 09:39 - 2016-06-24 06:58 - 08016728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-07-13 09:39 - 2016-06-24 06:58 - 00442208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2016-07-13 09:39 - 2016-06-24 06:56 - 02115936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2016-07-13 09:39 - 2016-06-24 06:56 - 01823760 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2016-07-13 09:39 - 2016-06-24 06:50 - 00660320 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll 2016-07-13 09:39 - 2016-06-24 06:49 - 03626952 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-07-13 09:39 - 2016-06-24 06:25 - 01522632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2016-07-13 09:39 - 2016-06-24 06:19 - 00468832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll 2016-07-13 09:39 - 2016-06-24 06:18 - 02882136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-07-13 09:39 - 2016-06-24 06:07 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll 2016-07-13 09:39 - 2016-06-24 06:06 - 00694784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-07-13 09:39 - 2016-06-24 06:04 - 24604160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-07-13 09:39 - 2016-06-24 05:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll 2016-07-13 09:39 - 2016-06-24 05:55 - 01012736 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2016-07-13 09:39 - 2016-06-24 05:54 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-07-13 09:39 - 2016-06-24 05:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll 2016-07-13 09:39 - 2016-06-24 05:48 - 03119616 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-07-13 09:39 - 2016-06-24 05:48 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll 2016-07-13 09:39 - 2016-06-24 05:47 - 01606656 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-07-13 09:39 - 2016-06-24 05:46 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2016-07-13 09:39 - 2016-06-24 05:46 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-07-13 09:39 - 2016-06-24 05:45 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-07-13 09:39 - 2016-06-24 05:45 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll 2016-07-13 09:39 - 2016-06-24 05:44 - 05510656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2016-07-13 09:39 - 2016-06-24 05:44 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll 2016-07-13 09:39 - 2016-06-24 05:43 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-07-13 09:39 - 2016-06-24 05:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2016-07-13 09:39 - 2016-06-24 05:42 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2016-07-13 09:39 - 2016-06-24 05:41 - 03584000 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2016-07-13 09:39 - 2016-06-24 05:40 - 07523840 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2016-07-13 09:39 - 2016-06-24 05:40 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2016-07-13 09:39 - 2016-06-24 05:39 - 19336704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-07-13 09:39 - 2016-06-24 05:39 - 04791296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-07-13 09:39 - 2016-06-24 05:26 - 02587136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-07-13 09:39 - 2016-06-24 05:26 - 01387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-07-13 09:39 - 2016-06-24 05:26 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-07-13 09:39 - 2016-06-24 05:25 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll 2016-07-13 09:39 - 2016-06-24 05:22 - 04737536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2016-07-13 09:39 - 2016-06-24 05:22 - 03579392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-07-13 09:39 - 2016-06-24 05:22 - 00309248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll 2016-07-13 09:39 - 2016-06-24 05:19 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2016-07-13 09:39 - 2016-06-24 05:15 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll ==================== Mesec Dana Modifikovane Datoteke i Fascikli ======== (Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.) 2016-08-03 11:14 - 2016-04-10 22:56 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-08-03 11:03 - 2016-02-08 12:25 - 00000938 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-03 09:50 - 2016-04-02 20:03 - 00004188 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E0D7151A-87D9-4B37-8015-E20C4124AB10} 2016-08-03 09:48 - 2016-02-08 12:25 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-03 00:37 - 2016-02-08 12:13 - 00000000 ____D C:\Users\Master080216 2016-08-02 23:37 - 2016-06-23 21:23 - 00000434 _____ C:\Windows\Tasks\update-sys.job 2016-08-02 21:35 - 2016-06-23 21:23 - 00000434 _____ C:\Windows\Tasks\update-S-1-5-21-1061431312-3188768099-2055545890-1001.job 2016-08-02 15:57 - 2016-04-16 14:00 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys 2016-08-02 15:49 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-08-01 20:22 - 2016-06-23 14:34 - 00000000 ____D C:\Program Files (x86)\Lead Pursuit 2016-08-01 20:19 - 2016-05-16 21:47 - 00000000 ____D C:\windows htp 2016-08-01 01:32 - 2016-02-08 11:47 - 00000000 ____D C:\Windows\Panther 2016-08-01 01:28 - 2016-04-27 09:09 - 00000000 ___HD C:\$WINDOWS.~BT 2016-08-01 01:27 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF 2016-07-31 13:35 - 2016-04-16 14:00 - 00004278 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2016-07-31 12:26 - 2015-07-10 11:05 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-07-31 09:26 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness 2016-07-31 07:56 - 2016-04-02 16:07 - 00000000 ____D C:\Program Files (x86)\Megasoft Security 2016-07-30 08:25 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps 2016-07-25 16:28 - 2016-04-05 15:34 - 00000000 ____D C:\Program Files (x86)\Omega Computer 2016-07-21 14:03 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\NDF 2016-07-21 10:19 - 2016-04-10 22:56 - 00000000 ____D C:\Program Files\TrueKey 2016-07-20 23:58 - 2016-04-10 23:09 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk 2016-07-20 23:58 - 2016-04-10 23:08 - 00000000 ____D C:\ProgramData\McAfee 2016-07-19 12:33 - 2016-04-16 14:02 - 00004018 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1460808130 2016-07-19 12:33 - 2016-04-16 14:02 - 00001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2016-07-19 12:33 - 2016-04-16 14:00 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2016-07-19 12:33 - 2016-04-16 14:00 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2016-07-19 12:33 - 2016-04-16 14:00 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2016-07-17 18:43 - 2016-04-16 12:19 - 00000150 _____ C:\Windows\Reimage.ini 2016-07-15 08:39 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\rescache 2016-07-13 18:58 - 2015-07-10 18:00 - 00000000 ____D C:\Program Files\Windows Journal 2016-07-13 16:56 - 2016-02-08 19:44 - 00000000 ____D C:\Windows\system32\MRT 2016-07-13 16:52 - 2016-02-08 19:44 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-07-13 16:52 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp 2016-07-12 13:14 - 2016-04-08 07:16 - 06079168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2016-07-12 13:14 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-07-12 13:14 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\Macromed 2016-07-06 17:18 - 2016-06-27 10:05 - 00905816 _____ C:\Users\Master080216\AppData\Roaming\gameboxsetup.exe 2016-07-04 09:12 - 2016-04-06 12:04 - 00001208 _____ C:\Users\Public\Desktop\mozila.lnk 2016-07-04 09:12 - 2016-04-06 12:04 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-07-04 09:11 - 2016-04-06 12:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Datoteke u korenu nekih direktorijuma ======= 2016-06-27 10:05 - 2016-07-06 17:18 - 0905816 _____ () C:\Users\Master080216\AppData\Roaming\gameboxsetup.exe 2016-06-23 21:23 - 2016-06-23 21:23 - 0000003 _____ () C:\Users\Master080216\AppData\Local\updater.log 2016-06-23 21:23 - 2016-06-23 21:24 - 0000424 _____ () C:\Users\Master080216\AppData\Local\UserProducts.xml Neke Datoteke u TEMP: ==================== C:\Users\Master080216\AppData\Local\Temp\GPUpd57A0A78A0.exe ==================== Bamital & volsnap ================= (Ne postoji automatizovan popravak za datoteke koji nisu prošle verifikaciju.) C:\Windows\system32\winlogon.exe => Datoteka je digitalno potpisana C:\Windows\system32\wininit.exe => Datoteka je digitalno potpisana C:\Windows\explorer.exe => Datoteka je digitalno potpisana C:\Windows\SysWOW64\explorer.exe => Datoteka je digitalno potpisana C:\Windows\system32\svchost.exe => Datoteka je digitalno potpisana C:\Windows\SysWOW64\svchost.exe => Datoteka je digitalno potpisana C:\Windows\system32\services.exe => Datoteka je digitalno potpisana C:\Windows\system32\User32.dll => Datoteka je digitalno potpisana C:\Windows\SysWOW64\User32.dll => Datoteka je digitalno potpisana C:\Windows\system32\userinit.exe => Datoteka je digitalno potpisana C:\Windows\SysWOW64\userinit.exe => Datoteka je digitalno potpisana C:\Windows\system32\rpcss.dll => Datoteka je digitalno potpisana C:\Windows\system32\dnsapi.dll => Datoteka je digitalno potpisana C:\Windows\SysWOW64\dnsapi.dll => Datoteka je digitalno potpisana C:\Windows\system32\Drivers\volsnap.sys => Datoteka je digitalno potpisana LastRegBack: 2016-07-31 10:19 ==================== Kraj od FRST.txt ============================ mycity.rs/must-login.png ne znam da li je ovako dobro ,recite ako nije pokušaću ponovo hvala Dopuna: 03 Avg 2016 22:24 Da nisam promašio ambulantu haha ,ovde je jel?

Profil

Sass Drake Poslao: 03 Avg 2016 23:53 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: Sasa81 Registruj se da bi pohvalio/la poruku! Ovo što vidim u izvještajima je adware, a ne spyware no dobro. Korak 1 Deinstaliraj Reimage Repair. Korak 2 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. ProxyEnable: [S-1-5-21-1061431312-3188768099-2055545890-1001] => Proxy je omogućen ProxyServer: [S-1-5-21-1061431312-3188768099-2055545890-1001] => 127.0.0.1:8118 SearchScopes: HKLM-x32 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=fc9e3fe08122c3640c93fc91c8747ca3&c=p1&src=srch&inst=1468514476 FF Extension: Firefox Helper2 - C:\Users\Master080216\AppData\Roaming\Mozilla\Firefox\Profiles\tfxs00id.default-1460137536652\extensions\firefox@helper2 [2016-07-25] [nije potpisana] CHR StartupUrls: Default -> "hxxps://search.protectedio.com/?u=fc9e3fe08122c3640c93fc91c8747ca3&c=p1&src=hp&inst=1467460345" CHR DefaultSearchURL: Default -> hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=fc9e3fe08122c3640c93fc91c8747ca3&c=p1&src=srch&inst=1467460345 CHR DefaultSearchKeyword: Default -> psearchsearch CHR Extension: (fc9e3fe08122c3640c93fc91c8747ca3) - C:\Program Files (x86)\Google\Chrome\Application\fc9e3fe08122c3640c93fc91c8747ca3 [2016-04-05] CHR Extension: (fc9e3fe08122c3640c93fc91c8747ca3_2) - C:\Program Files (x86)\Google\Chrome\Application\fc9e3fe08122c3640c93fc91c8747ca3_2 [2016-06-01] 2016-06-27 10:05 - 2016-07-06 17:18 - 0905816 _____ () C:\Users\Master080216\AppData\Roaming\gameboxsetup.exe 2016-06-23 21:23 - 2016-06-23 21:23 - 0000003 _____ () C:\Users\Master080216\AppData\Local\updater.log 2016-06-23 21:23 - 2016-06-23 21:24 - 0000424 _____ () C:\Users\Master080216\AppData\Local\UserProducts.xml Task: {05AB82D6-A7B1-499B-8838-D47B3F72B258} - System32\Tasks\Windows Installer => C:\Users\Master080216\AppData\Roaming\Windows Installer\Windows Installer.exe [2016-04-03] () <==== Pažnja! Task: {0C565085-8651-4AC8-B4F0-751590333D3D} - System32\Tasks\Omega Computer Service => C:\Program Files (x86)\Omega Computer\sswworker.exe [2016-07-25] () <==== Pažnja! Task: {A0F306F1-A012-46CD-BF7C-2DEECAF45BD8} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2016-05-27] (Reimage®) <==== Pažnja! C:\Program Files (x86)\Megasoft Security C:\Users\Master080216\AppData\Roaming\Windows Installer C:\Program Files (x86)\Omega Computer C:\Program Files\Reimage EmptyTemp: U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Korak 3 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. U EULA prozoru klikni na I agree. U Options isključi Reset Winsock settings ako je uključen. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Cleaning i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C1].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Profil

Sasa81 Poslao: 04 Avg 2016 00:53 Idi na vrh
offline Sasa81 Novi MyCity građanin Pridružio: 03 Avg 2016 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 04 Avg 2016 1:08 ok hvala puno da probam Dopuna: 04 Avg 2016 1:28 Izveštaj ispravaka od Farbar Recovery Scan Tool (x64) Verzija: 03-08-2016 Pokrenuo Master080216 (2016-08-04 01:21:22) Run:1 Pokrenuto sa C:\Users\Master080216\Downloads Učitani Profili: Master080216 (Dostupani Profili: Master080216) Režim pokretanja sistema: Normal ============================================== fixlist sadržaj: *************** ProxyEnable: [S-1-5-21-1061431312-3188768099-2055545890-1001] => Proxy je omogućen ProxyServer: [S-1-5-21-1061431312-3188768099-2055545890-1001] => 127.0.0.1:8118 SearchScopes: HKLM-x32 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=fc9e3fe08122c3640c93fc91c8747ca3&c=p1&src=srch&inst=1468514476 FF Extension: Firefox Helper2 - C:\Users\Master080216\AppData\Roaming\Mozilla\Firefox\Profiles\tfxs00id.default-1460137536652\extensions\firefox@helper2 [2016-07-25] [nije potpisana] CHR StartupUrls: Default -> "hxxps://search.protectedio.com/?u=fc9e3fe08122c3640c93fc91c8747ca3&c=p1&src=hp&inst=1467460345" CHR DefaultSearchURL: Default -> hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=fc9e3fe08122c3640c93fc91c8747ca3&c=p1&src=srch&inst=1467460345 CHR DefaultSearchKeyword: Default -> psearchsearch CHR Extension: (fc9e3fe08122c3640c93fc91c8747ca3) - C:\Program Files (x86)\Google\Chrome\Application\fc9e3fe08122c3640c93fc91c8747ca3 [2016-04-05] CHR Extension: (fc9e3fe08122c3640c93fc91c8747ca3_2) - C:\Program Files (x86)\Google\Chrome\Application\fc9e3fe08122c3640c93fc91c8747ca3_2 [2016-06-01] 2016-06-27 10:05 - 2016-07-06 17:18 - 0905816 _____ () C:\Users\Master080216\AppData\Roaming\gameboxsetup.exe 2016-06-23 21:23 - 2016-06-23 21:23 - 0000003 _____ () C:\Users\Master080216\AppData\Local\updater.log 2016-06-23 21:23 - 2016-06-23 21:24 - 0000424 _____ () C:\Users\Master080216\AppData\Local\UserProducts.xml Task: {05AB82D6-A7B1-499B-8838-D47B3F72B258} - System32\Tasks\Windows Installer => C:\Users\Master080216\AppData\Roaming\Windows Installer\Windows Installer.exe [2016-04-03] () <==== Pažnja! Task: {0C565085-8651-4AC8-B4F0-751590333D3D} - System32\Tasks\Omega Computer Service => C:\Program Files (x86)\Omega Computer\sswworker.exe [2016-07-25] () <==== Pažnja! Task: {A0F306F1-A012-46CD-BF7C-2DEECAF45BD8} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2016-05-27] (Reimage®) <==== Pažnja! C:\Program Files (x86)\Megasoft Security C:\Users\Master080216\AppData\Roaming\Windows Installer C:\Program Files (x86)\Omega Computer C:\Program Files\Reimage EmptyTemp: *************** HKU\S-1-5-21-1061431312-3188768099-2055545890-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => vrednost uspešno uklonjeno HKU\S-1-5-21-1061431312-3188768099-2055545890-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => vrednost uspešno uklonjeno HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => vrednost uspešno vraćeno u predhodno stanje C:\Users\Master080216\AppData\Roaming\Mozilla\Firefox\Profiles\tfxs00id.default-1460137536652\extensions\firefox@helper2 => uspešno premešteno C:\Users\Master080216\AppData\Roaming\Mozilla\Firefox\Profiles\tfxs00id.default-1460137536652\extensions\firefox@helper2 => pitanja uspešno uklonjeno Chrome StartupUrls => uspešno uklonjeno Chrome DefaultSearchURL => uspešno uklonjeno Chrome DefaultSearchKeyword => uspešno uklonjeno C:\Program Files (x86)\Google\Chrome\Application\fc9e3fe08122c3640c93fc91c8747ca3 => uspešno premešteno C:\Program Files (x86)\Google\Chrome\Application\fc9e3fe08122c3640c93fc91c8747ca3_2 => uspešno premešteno C:\Users\Master080216\AppData\Roaming\gameboxsetup.exe => uspešno premešteno C:\Users\Master080216\AppData\Local\updater.log => uspešno premešteno C:\Users\Master080216\AppData\Local\UserProducts.xml => uspešno premešteno "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05AB82D6-A7B1-499B-8838-D47B3F72B258}" => ključ uspešno uklonjeno "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05AB82D6-A7B1-499B-8838-D47B3F72B258}" => ključ uspešno uklonjeno C:\Windows\System32\Tasks\Windows Installer => uspešno premešteno "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Windows Installer" => ključ uspešno uklonjeno HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C565085-8651-4AC8-B4F0-751590333D3D} => ključ nije pronađena. C:\Windows\System32\Tasks\Omega Computer Service => uspešno premešteno "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Omega Computer Service" => ključ uspešno uklonjeno "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A0F306F1-A012-46CD-BF7C-2DEECAF45BD8}" => ključ uspešno uklonjeno "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0F306F1-A012-46CD-BF7C-2DEECAF45BD8}" => ključ uspešno uklonjeno C:\Windows\System32\Tasks\ReimageUpdater => uspešno premešteno "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater" => ključ uspešno uklonjeno "C:\Program Files (x86)\Megasoft Security" Fascikla premeštanje: Nije uspelo premeštanje "C:\Program Files (x86)\Megasoft Security" => Planirano za premeštanje po ponovnom pokretanju. C:\Users\Master080216\AppData\Roaming\Windows Installer => uspešno premešteno C:\Program Files (x86)\Omega Computer => uspešno premešteno C:\Program Files\Reimage => uspešno premešteno =========== EmptyTemp: ========== BITS transfer queue => 3273751 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6426066 B Java, Flash, Steam htmlcache => 506 B Windows/system/drivers => -3540 B Edge => 670 B Chrome => 123904 B Firefox => 13339140 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 9221 B LocalService => 0 B NetworkService => 1536 B Master080216 => 7032740 B RecycleBin => 0 B EmptyTemp: => 28.8 MB privremeni podaci Uklonjeni. ================================ Rezultat planiranih datoteka za premeštanje (Režim pokretanja sistema: Normal) (Datum&Vreme: 2016-08-04 01:24:35) C:\Program Files (x86)\Megasoft Security => Je premešten uspešno ==== Kraj od Fixlog 01:24:35 ==== Dopuna: 04 Avg 2016 1:38 moram da pitam sad koji od ova dva da ostavim ili uklonim ? Privoxy Service je dao i ReimageRealTimeProtector ,nece da slika ekran... Dopuna: 04 Avg 2016 1:53 mycity.rs/must-login.png

Profil

Sass Drake Poslao: 04 Avg 2016 09:19 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi instalaciju za Malwarebytes Anti-Malware (MBAM) ver.2.0 i instaliraj aplikaciju. Dvoklik na mbam-setup.exe i prati uputstva za instalaciju. Instalacija je klasicna, "Next > I Agree . . > Next > Install" princip. Po zavrsenoj instalaciji, klikni Finish. Napomena: 14 dana besplatna trail verzija je pre-selektovana. Mozes decekirati ovu opciju ako zelis. - Po prvom pokretanju, MBAM ce zapoceti "Update" u nameri da preuzme najsvezije definicije. Ili ... klik na 'Update Now >>' link ili dugme radi preuzimanja svezih definicija. • Konfigurisati skener; Na 'Settings' tabu, Detection and Protection podesiti sledece opcije: 1. pod-tab Detection Options, cekirati kucicu za 'Scan for rootkits'; 2. pod-tab Non-Malware Protection, za 'PUP detections', prostarati se da je selektovana 'Threat detections as malware' opcija. • Izvrsiti 'Threat Scan'; Klik na Scan tab, zatim na 'Scan Now >>' da bi izvrsio skeniranje. Ukoliko MBAM prijavi da je 'update' dostupan, klik na 'Update Now' a potom nastaviti do skeniranja. Obavestenje: kod nekih teskih infekcija, moguce je dobiti sledecu poruku "Could not load DDA driver". U tom slucaju, klik Yes na tu poruku, dopustiti ucitavanje drajvera po restartu racunara, dozvoliti restart. Potom, nastaviti sa ostatkom instrukcija. • Po zavrsenom skeniranju, klik na Apply Action dugme ukoliko je pretnja detektovana. Sacekati da program zatrazi restart! - Klik na Yes na poruku koja govori da ce se sistem restartovati. • Postaviti izvestaj (export-ovati logfile) na uvid; Ponovo pokrenuti MBAM, klik na History tab > Application Logs. Dvoklik na 'Scan Log' koji pokazuje vreme i datum upravo izvrsenog skeniranja. 1. U novom prozoru klik na 'Export' dugme, pa izabrati 'Text file (*.txt)'; 2. Kada se pojavi Save File dialog, izabrati da se log sacuva na Desktop. U tom istom prozoru, dole pod File name: upisi 'mbam' kao naziv izvestaja i klikni dugme Save. - Po dobijenoj poruci ("Your file has been successfully exported") izvestaj koji si nazvao kao 'mbam' bice sacuvan na Desktop. Okaci mbam.txt uz poruku koristeci opciju Prikači fajl.

Profil

Sasa81 Poslao: 04 Avg 2016 19:08 Idi na vrh
offline Sasa81 Novi MyCity građanin Pridružio: 03 Avg 2016 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 04 Avg 2016 20:04 mycity.rs/must-login.png Dopuna: 04 Avg 2016 20:08 mycity.rs/must-login.png mycity.rs/must-login.png

Profil

Sass Drake Poslao: 04 Avg 2016 20:48 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Spakuj u ZIP, RAR ili 7Z arhivu sljedeći folder: C:\FRST\Quarantine i pošalji ga preko sljedećeg linka: http://www.mycity.rs/ambulanta-upload.php Javi kada to uradiš i sačekaj dalja uputstva.

Profil

Sasa81 Poslao: 16 Avg 2016 12:30 Idi na vrh
offline Sasa81 Novi MyCity građanin Pridružio: 03 Avg 2016 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! kompijuter mi je crkao

Profil

Sass Drake Poslao: 16 Avg 2016 15:01 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Je li ti instlairan novi sistem ili je još uvijek onaj stari koji si imao tokom riejšavanja slučaja ovdje?

Profil

Sasa81 Poslao: 13 Sep 2016 09:28 Idi na vrh
offline Sasa81 Novi MyCity građanin Pridružio: 03 Avg 2016 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ma stari,otislo napajanje nisam jos odneo na popravku ,kad ga popravim nastavicemo ulazim sa laptopa sad hvala na pomoci u svakom slucaju , kod nas struja zeza izgleda je zato i otislo ..pozz

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Špijunski softver da li ga ima na mom računaru i koji još problemi postoje

Ko je trenutno na forumu

Ukupno su 1168 korisnika na forumu :: 67 registrovanih, 8 sakrivenih i 1093 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 39mm, _Rade, aboris, amaterSRB, awathorn, bankulen, bladesu, Bobrock1, Bojan85, bojank, Bubili, bufanje, cavatina, chichabg, CrazyDiablo, ddjxxi, Doca, Dragan Smiljanić, dragoljub11987, dragon986, Duh sa sekirom, dule10savic, FileFinder, Folkstar, Georgius, ikan, JOntra, Kaplar2, kobaja77, kokodakalo, krkalon, Krusarac, kuntalo, mackenzie, Marko Marković, mačković, Metanoja, Mihajlo, Miki01, Milan A. Nikolic, MiroslavD, mkukoleca, mrav pesadinac, naki011, nenooo, Niko Bitan, niksa517, nuke92, oldtimer, Paško, Perkele, raketaš, rikirubio, ruso, S-lash, Srle993, Stoilkovic, Toni, Vis10, voja64, Wisdomseeker, wizzardone, wulfy, zdrebac, zorzpapadubi, Zvrk, |_MeD_|

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by