MyCity » Ambulanta -> Arhiva Ambulante » Virus mi je napao kompjuter

Virus mi je napao kompjuter

Napisano na dan: 23.8.2017

Strana:
1
2

Virus mi je napao kompjuter

Sledeća strana

Pagination

Odgovori

Strana:
1
2

amar54k Poslao: 23 Avg 2017 14:46 Idi na vrh
offline amar54k Ugledni građanin Pridružio: 11 Okt 2014 Poruke: 358	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Danas sam skinuo neki torrent i sa njim mi se instaliralo 5 programa koje sam deinstalirao. Kada uđem na browser ne mogu ništa da pretražim. Obrisao sam i torrent. Skenirao sam pc sa eset nod 32 antivirusom i on je od 60 riješio 30 threats (prijetnji). Može pomoć. Skenirao sam sa FRST64: https://www.mycity.rs/must-login.png Pogledajte video da vidite o čemu se radi: https://www.mycity.rs/must-login.png Može pomoć? Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017 Ran by Amar (administrator) on AMAR-PC (23-08-2017 15:28:25) Running from C:\Users\Amar\Desktop Loaded Profiles: Amar & UpdatusUser (Available Profiles: Amar & UpdatusUser & amar-PC) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (ESET) C:\Program Files\ESET\ESET Security\egui.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Users\Amar\AppData\Roaming\uosto512l0q\uccd0xg5xmw.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Vicky's Cool Softwares) C:\Program Files (x86)\ShutDown After\SA.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamRecorder.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Camtasia Studio 8\TscHelp.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Camtasia Studio 8\TscHelp.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2017-05-17] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\...\Run: [SysMon] => C:\Program Files\Common Files\YQMIYM\ir1q0JMxui.exe [183808 2017-08-08] () HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\...\Run: [1fvf33dwljx] => C:\Users\Amar\AppData\Roaming\uosto512l0q\uccd0xg5xmw.exe [8192 2017-08-23] () HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\...\Run: [J3XNGS2DTJZGWC7] => C:\Program Files\3M5RLCBQEU\3M5RLCBQE.exe [1040384 2017-08-23] (JIXYM6) HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\...\MountPoints2: {e6dc0f70-42b6-11e7-8c59-005056c00008} - F:\Startme.exe HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) Startup: C:\Users\Amar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShutDown After.lnk [2017-08-08] ShortcutTarget: ShutDown After.lnk -> C:\Program Files (x86)\ShutDown After\SA.exe (Vicky's Cool Softwares) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) AutoConfigURL: [S-1-5-21-3894383191-3516363779-2002392177-1001] => hxxp://no-blocked.org/wpad.dat?44fc2c240c7d7e5cd59604da907a890024506622 Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{115EF0E8-F4C7-45ED-93B3-5CF4FB330A84}: [DhcpNameServer] 192.168.1.1 ManualProxies: 0hxxp://no-blocked.org/wpad.dat?44fc2c240c7d7e5cd59604da907a890024506622 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X9L-FG7456sMIYiXYggE0omJlxMrYt8aYO6hmXy0cWooRCSuZkUicv3BEC6_OAtWzBOLS0jj-enSeUnYAhfNDIgs0sM1 HKU\S-1-5-21-3894383191-3516363779-2002392177-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X9L-FG7456sMIYiXYggE0omJlxMrYt8aYO6hmXy0cWooRCSuZkUicv3BEC6_OAtWzBOLS0jj-enSeUnYAhfNDIgs0sM1 HKU\S-1-5-21-3894383191-3516363779-2002392177-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1003 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1003 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-06] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => No File BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: º£ÌÔÄ£¿éÖúÊÖ -> {97510FAC-ED50-46BF-B2A1-25F434BF1030} -> C:\Users\Amar\AppData\Local\htyh\application\HTDataView64.dll => No File BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll => No File BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-06] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: º£ÌÔÄ£¿éÖúÊÖ -> {97510FAC-ED50-46BF-B2A1-25F434BF1030} -> C:\Users\Amar\AppData\Local\htyh\application\HTDataView.dll => No File BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll => No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File Toolbar: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File FireFox: ======== FF DefaultProfile: iv62gla3.default FF ProfilePath: C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\iv62gla3.default [2017-08-23] FF NewTab: Mozilla\Firefox\Profiles\iv62gla3.default -> C:\\ProgramData\\Plusdaxs\\ff.NT FF Homepage: Mozilla\Firefox\Profiles\iv62gla3.default -> C:\\ProgramData\\Plusdaxs\\ff.HP FF Extension: (Auto Shutdown NG) - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\iv62gla3.default\Extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack.xpi [2017-07-20] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-12-31] [not signed] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\findit.xml [2017-08-23] FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-06] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-06] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File] FF Plugin-x32: @haitao.com/npHaitaoPlugin -> C:\Users\Amar\AppData\Local\htyh\application\htwebHelper.dll [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-05] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\15306584.js [2017-01-27] <==== ATTENTION (Points to *.cfg file) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\15306584.cfg [2017-01-27] <==== ATTENTION Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X970ACcx9QsB4fE76WctQNCmjbpVi1QOiGbshfqYp-4XPvNSusnk3VR7js9gvfKhv4enW_B16ldKgfcA8D4vmKyKLCnL CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR DefaultSearchURL: Default -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X974if4r9ohTUpP7Kg7zcfQOPQSoFqiz7hZj1gglWM_0kEfRy39-U946_kxEzDZYdJkISG8OdsKPkFogb8vip9tH8Ey-&q={searchTerms} CHR DefaultSearchKeyword: Default -> feed.sonic-search.com CHR Profile: C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default [2017-08-23] CHR Extension: (Google Slides) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-06] CHR Extension: (Google Docs) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-06] CHR Extension: (Google Drive) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-06] CHR Extension: (Adguard AdBlocker) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2017-07-17] CHR Extension: (YouTube) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-06] CHR Extension: (GreenAssistant) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bncccjepkagemgfhbeknoggaadchfcfb [2017-08-08] CHR Extension: (Adobe Acrobat) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06] CHR Extension: (Google Sheets) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-06] CHR Extension: (Google Docs Offline) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-06] CHR Extension: (Chrome Web Store Payments) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23] CHR Extension: (Gmail) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-06] CHR Extension: (Chrome Media Router) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-10] CHR HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bncccjepkagemgfhbeknoggaadchfcfb] - <not found> CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AppCheckVersion; C:\Windows\SysWow64\AppCheckVersion.dll [478504 2017-08-23] () R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2625368 2017-06-13] (ESET) R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X] S4 LenovoPcManagerService; "C:\Program Files (x86)\Lenovo\PCManager\LenovoPcManagerService.exe" [X] S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132824 2017-06-22] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178056 2017-05-04] (ESET) R1 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [77224 2017-05-04] (ESET) R3 netfitsprocadapter; C:\Windows\System32\DRIVERS\netfitsproc.sys [30480 2016-11-05] (Netfits) R2 UefGdstor; C:\Windows\system32\drivers\UefGdster.sys [198688 2015-09-29] () <==== ATTENTION S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-08-23 15:17 - 2017-08-23 15:17 - 000014121 _____ C:\Users\Amar\Desktop\Chrome.lnk 2017-08-23 15:07 - 2017-08-23 15:07 - 000000000 ____D C:\ProgramData\Origin 2017-08-23 13:10 - 2017-08-23 13:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2017-08-23 13:10 - 2017-08-23 13:10 - 000000000 ____D C:\ProgramData\ESET 2017-08-23 13:10 - 2017-08-23 13:10 - 000000000 ____D C:\Program Files\ESET 2017-08-23 13:07 - 2017-08-23 13:08 - 000001795 _____ C:\Users\Amar\Downloads\444d17d5-8b49-4277-bfa7-ac48246d7856 2017-08-23 12:55 - 2017-08-23 12:55 - 000003584 _____ C:\Windows\System32\Tasks\{B85E00EF-B2F3-4F2E-825E-B31377DBC8F3} 2017-08-23 12:53 - 2017-08-23 15:29 - 000018935 _____ C:\Users\Amar\Desktop\FRST.txt 2017-08-23 12:48 - 2017-08-23 12:48 - 000000000 ____D C:\Program Files\SEQ2XQTCLD 2017-08-23 12:41 - 2017-08-23 12:41 - 000000000 ____D C:\Users\Amar\AppData\Roaming\chroma 2017-08-23 12:41 - 2017-08-23 12:41 - 000000000 ____D C:\Users\Amar\AppData\Local\Chromium 2017-08-23 12:40 - 2017-08-23 12:49 - 000003002 _____ C:\Windows\System32\Tasks\RunAtStartup 2017-08-23 12:39 - 2017-08-23 13:19 - 000000000 ____D C:\Program Files (x86)\WindowsTM 2017-08-23 12:39 - 2017-08-23 12:39 - 000000000 ____D C:\Users\Public\Documents\XMUpdate 2017-08-23 12:38 - 2017-08-23 12:58 - 000000000 ____D C:\Program Files (x86)\ShutdownTime 2017-08-23 12:38 - 2017-08-23 12:46 - 000000000 ____D C:\ProgramData\Windows 2017-08-23 12:38 - 2017-08-23 12:38 - 000014906 _____ C:\Windows\System32\Tasks\{4EEDD51C-C0B6-4481-8D64-C590156D203B} 2017-08-23 12:38 - 2017-08-23 12:38 - 000000000 ____D C:\ProgramData\Microleaves 2017-08-23 12:37 - 2017-08-23 13:15 - 000000000 ____D C:\ProgramData\Logic Cramble 2017-08-23 12:37 - 2017-08-23 13:14 - 000000000 ____D C:\ProgramData\PrefsSecure 2017-08-23 12:37 - 2017-08-23 12:38 - 000000000 ____D C:\ProgramData\Plusdaxs 2017-08-23 12:37 - 2017-08-23 12:37 - 007324160 _____ C:\Users\Amar\AppData\Local\agent.dat 2017-08-23 12:37 - 2017-08-23 12:37 - 001899372 _____ C:\Users\Amar\AppData\Local\Yeardax.tst 2017-08-23 12:37 - 2017-08-23 12:37 - 000126464 _____ C:\Users\Amar\AppData\Local\noah.dat 2017-08-23 12:37 - 2017-08-23 12:37 - 000070800 _____ C:\Users\Amar\AppData\Local\Config.xml 2017-08-23 12:37 - 2017-08-23 12:37 - 000018432 _____ C:\Users\Amar\AppData\Local\Main.dat 2017-08-23 12:37 - 2017-08-23 12:37 - 000005568 _____ C:\Users\Amar\AppData\Local\md.xml 2017-08-23 12:37 - 2017-08-23 12:37 - 000000000 ____D C:\ProgramData\5e7a20ae-6343-0 2017-08-23 12:37 - 2017-08-23 12:37 - 000000000 ____D C:\ProgramData\5e7a20ae-0e35-1 2017-08-23 12:36 - 2017-08-23 14:22 - 000000000 ____D C:\Program Files (x86)\YeaDesktop 2017-08-23 12:36 - 2017-08-23 13:00 - 001847296 _____ C:\Users\Amar\AppData\Local\po.db 2017-08-23 12:36 - 2017-08-23 12:37 - 000019008 _____ C:\Users\Amar\AppData\Local\InstallationConfiguration.xml 2017-08-23 12:36 - 2017-08-23 12:36 - 000140800 _____ C:\Users\Amar\AppData\Local\installer.dat 2017-08-23 12:35 - 2017-08-23 12:38 - 000000374 _____ C:\Windows\Tasks\Updater_Online_Application.job 2017-08-23 12:35 - 2017-08-23 12:35 - 000003206 _____ C:\Windows\System32\Tasks\Updater_Online_Application 2017-08-23 12:35 - 2017-08-23 12:35 - 000000000 ____D C:\Users\Amar\AppData\Roaming\Microleaves 2017-08-23 12:35 - 2017-08-23 12:35 - 000000000 ____D C:\Users\Amar\AppData\Local\AdvinstAnalytics 2017-08-23 12:35 - 2017-08-23 12:35 - 000000000 ____D C:\Program Files (x86)\Microleaves 2017-08-23 12:29 - 2017-08-23 12:29 - 000079821 _____ C:\Users\Amar\Desktop\test.pdf 2017-08-14 14:15 - 2017-08-14 14:16 - 008185288 _____ (Malwarebytes) C:\Users\Amar\Downloads\AdwCleaner.exe 2017-08-14 14:14 - 2017-08-23 15:28 - 000000000 ____D C:\FRST 2017-08-14 14:14 - 2017-08-23 07:32 - 002395648 _____ (Farbar) C:\Users\Amar\Desktop\FRST64.exe 2017-08-14 14:12 - 2017-08-14 14:12 - 001766912 _____ (Farbar) C:\Users\Amar\Downloads\FRST_19-04-17.exe 2017-08-14 14:04 - 2017-08-14 14:06 - 014435104 _____ (IObit) C:\Users\Amar\Downloads\iobituninstaller.exe 2017-08-14 13:45 - 2017-08-14 13:54 - 000000000 ____D C:\Program Files (x86)\Google 2017-08-08 12:42 - 2017-08-08 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShutDown After 2017-08-08 12:42 - 2017-08-08 12:42 - 000000000 ____D C:\Program Files (x86)\ShutDown After 2017-08-08 12:42 - 2004-04-12 17:26 - 000152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx 2017-08-08 12:42 - 2004-04-12 17:26 - 000118064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msadodc.ocx 2017-08-08 12:42 - 2004-04-12 17:26 - 000073728 _____ C:\Windows\sadata.v 2017-08-08 12:40 - 2017-08-23 15:10 - 000000000 ____D C:\Users\Amar\AppData\Roaming\Event Monitor 2017-08-08 12:39 - 2017-08-23 15:10 - 000000000 ____D C:\Program Files (x86)\pccleanplus 2017-08-08 12:39 - 2017-08-23 12:39 - 000478504 _____ C:\Windows\SysWOW64\AppCheckVersion.dll 2017-08-08 12:39 - 2017-08-23 12:39 - 000000000 ____D C:\Users\Amar\AppData\Roaming\uosto512l0q 2017-08-08 12:39 - 2017-08-23 12:39 - 000000000 ____D C:\Program Files\3M5RLCBQEU 2017-08-08 12:39 - 2017-08-08 12:39 - 000000000 ____D C:\Users\Amar\AppData\Roaming\baidu 2017-08-08 12:39 - 2017-08-08 12:39 - 000000000 ____D C:\Users\Amar\AppData\Roaming\360se6 2017-08-08 12:39 - 2017-08-08 12:39 - 000000000 ____D C:\Users\Amar\AppData\Local\UCBrowser 2017-08-08 12:39 - 2017-08-08 12:39 - 000000000 ____D C:\Users\Amar\AppData\Local\Tencent 2017-08-08 12:39 - 2017-08-08 12:39 - 000000000 ____D C:\Users\Amar\AppData\Local\360chrome 2017-08-08 12:39 - 2017-08-08 12:39 - 000000000 ____D C:\Users\Amar\AppData\Local\2345explorer 2017-08-08 12:39 - 2017-08-08 12:39 - 000000000 ____D C:\ProgramData\Cache 2017-08-08 12:39 - 2017-08-08 12:39 - 000000000 ____D C:\Program Files\Common Files\YQMIYM 2017-07-26 16:32 - 2017-07-26 16:32 - 007288281 _____ C:\Users\Amar\Downloads\Free Youtube & Avatar Rebrand Template.zip 2017-07-26 16:19 - 2017-07-26 16:20 - 031056281 _____ C:\Users\Amar\Downloads\Banner_template.psd 2017-07-26 15:05 - 2017-08-23 12:32 - 000000000 ____D C:\Users\Amar\AppData\LocalLow\uTorrent 2017-07-26 13:52 - 2017-07-26 13:52 - 002805701 _____ C:\Users\Amar\Downloads\Android Studio for beginners.pdf 2017-07-26 13:37 - 2017-07-26 13:38 - 000000000 ____D C:\Users\Amar\AppData\Roaming\Notepad++ 2017-07-26 12:49 - 2017-07-26 12:49 - 000587434 _____ C:\Users\Amar\Downloads\Uvod u JavaScript.pdf 2017-07-26 12:48 - 2017-07-26 12:48 - 004440720 _____ C:\Users\Amar\Downloads\Uvod u (X)HTML, HTML i CSS.pdf 2017-07-26 12:31 - 2017-07-26 12:31 - 000000000 ____D C:\Users\Amar\AppData\Local\Android 2017-07-26 11:42 - 2017-07-26 13:11 - 2020009280 _____ (Google Inc.) C:\Users\Amar\Downloads\android-studio-bundle-162.4069837-windows.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-08-23 15:27 - 2015-04-27 11:35 - 000000000 ____D C:\Users\Amar\Documents\Camtasia Studio 2017-08-23 15:18 - 2015-04-27 12:11 - 000005120 _____ C:\Users\Amar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-08-23 13:59 - 2016-11-05 11:13 - 000000000 ____D C:\Users\Amar\AppData\Roaming\MinesweeperApp 2017-08-23 13:56 - 2015-04-20 14:30 - 000000000 ____D C:\Users\Amar\AppData\Local\ESET 2017-08-23 13:55 - 2016-12-31 02:31 - 000000000 ____D C:\Users\Amar\AppData\LocalLow\Mozilla 2017-08-23 13:47 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-08-23 13:47 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-08-23 13:42 - 2017-06-06 19:36 - 000000000 ____D C:\Users\Amar\AppData\Local\LogMeIn Hamachi 2017-08-23 13:42 - 2015-06-27 18:42 - 000000000 ____D C:\Users\Amar\AppData\Local\CrashDumps 2017-08-23 13:19 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-08-23 13:18 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\MegaDialer 2017-08-23 13:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2017-08-23 12:53 - 2009-07-14 07:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI 2017-08-23 12:39 - 2017-07-20 17:58 - 000001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-08-23 12:39 - 2017-03-06 09:00 - 000002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-23 12:38 - 2015-08-31 20:04 - 000001405 _____ C:\Users\amar-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-08-23 12:38 - 2015-06-17 16:28 - 000001132 _____ C:\Users\Amar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-08-23 12:19 - 2015-04-26 11:27 - 000000000 ____D C:\Users\Amar\AppData\Local\Adobe 2017-08-23 07:58 - 2015-04-20 14:12 - 000000000 ____D C:\Users\Amar\AppData\LocalLow\Temp 2017-08-23 07:13 - 2009-07-14 07:08 - 000032610 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-08-15 13:06 - 2015-06-14 22:11 - 000000000 ____D C:\Users\Amar\Documents\SonyVegasPro13 2017-08-14 14:01 - 2017-05-05 14:59 - 000000000 ____D C:\Users\Amar\Desktop\icons 2 2017-08-14 13:57 - 2017-06-30 22:45 - 000000000 ____D C:\Users\Amar\AppData\Roaming\Visual Studio Setup 2017-08-14 13:57 - 2016-12-17 13:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2017-08-14 13:57 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2017-08-14 13:56 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\MSBuild 2017-08-12 10:04 - 2015-10-23 20:08 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-08-12 10:03 - 2015-10-23 20:08 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-08-08 12:10 - 2015-04-26 11:44 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-08-08 12:10 - 2015-04-26 11:28 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-08-08 12:10 - 2015-04-26 11:28 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-08-08 12:10 - 2015-04-26 11:28 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-08-08 12:10 - 2015-04-26 11:28 - 000000000 ____D C:\Windows\system32\Macromed 2017-08-08 12:04 - 2017-05-19 14:41 - 000000000 ____D C:\ProgramData\YTD Video Downloader 2017-07-26 12:42 - 2017-04-20 11:10 - 000000000 ____D C:\Users\Amar\.android ==================== Files in the root of some directories ======= 2016-11-13 08:28 - 2016-11-13 09:53 - 007065600 _____ () C:\Program Files (x86)\GUTE244.tmp 2015-09-29 15:45 - 2015-09-29 15:46 - 225111747 _____ () C:\Users\Amar\AppData\Local\ACCCx3_3_0_151.zip.aamdownload 2015-09-29 15:45 - 2015-09-29 15:46 - 000002615 _____ () C:\Users\Amar\AppData\Local\ACCCx3_3_0_151.zip.aamdownload.aamd 2017-08-23 12:37 - 2017-08-23 12:37 - 007324160 _____ () C:\Users\Amar\AppData\Local\agent.dat 2017-08-23 12:37 - 2017-08-23 12:37 - 000070800 _____ () C:\Users\Amar\AppData\Local\Config.xml 2015-04-27 12:11 - 2017-08-23 15:18 - 000005120 _____ () C:\Users\Amar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-08-23 12:36 - 2017-08-23 12:37 - 000019008 _____ () C:\Users\Amar\AppData\Local\InstallationConfiguration.xml 2017-08-23 12:36 - 2017-08-23 12:36 - 000140800 _____ () C:\Users\Amar\AppData\Local\installer.dat 2017-08-23 12:37 - 2017-08-23 12:37 - 000018432 _____ () C:\Users\Amar\AppData\Local\Main.dat 2017-08-23 12:37 - 2017-08-23 12:37 - 000005568 _____ () C:\Users\Amar\AppData\Local\md.xml 2017-08-23 12:37 - 2017-08-23 12:37 - 000126464 _____ () C:\Users\Amar\AppData\Local\noah.dat 2017-08-23 12:36 - 2017-08-23 13:00 - 001847296 _____ () C:\Users\Amar\AppData\Local\po.db 2016-09-30 15:43 - 2016-09-30 15:43 - 000000017 _____ () C:\Users\Amar\AppData\Local\resmon.resmoncfg 2015-05-24 17:54 - 2015-05-24 17:54 - 000000000 _____ () C:\Users\Amar\AppData\Local\Temp.dat 2017-08-23 12:39 - 2017-08-23 12:39 - 000001150 _____ () C:\Users\Amar\AppData\Local\uninstall_temp.ico 2015-06-08 23:30 - 2015-06-08 23:30 - 000000424 _____ () C:\Users\Amar\AppData\Local\UserProducts.xml 2017-08-23 12:37 - 2017-08-23 12:37 - 001899372 _____ () C:\Users\Amar\AppData\Local\Yeardax.tst 2015-09-16 22:24 - 2015-09-16 22:25 - 000000000 _____ () C:\Users\Amar\AppData\Local\{504D41A7-5467-424F-BF52-2A2F4EB85207} 2016-11-11 14:26 - 2016-11-11 14:26 - 000000000 _____ () C:\Users\Amar\AppData\Local\{79C96F4C-FD07-4039-8A40-42F8A3753A40} Some files in TEMP: ==================== 2017-08-23 12:58 - 2017-08-23 12:58 - 000005095 _____ () C:\Users\Amar\AppData\Local\Temp\C4XG9259B958.exe 2017-08-22 09:09 - 2017-08-22 09:09 - 001984204 _____ () C:\Users\Amar\AppData\Local\Temp\setup.dll 2017-08-23 12:38 - 2017-08-23 12:38 - 000374181 _____ (WeMonetize ) C:\Users\Amar\AppData\Local\Temp\UGJB2NB.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-07-24 14:12 ==================== End of FRST.txt ============================

Profil

Sass Drake Poslao: 23 Avg 2017 14:50 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisi postavio Addition.txt izvještaj.

Profil

amar54k Poslao: 23 Avg 2017 14:53 Idi na vrh
offline amar54k Ugledni građanin Pridružio: 11 Okt 2014 Poruke: 358	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Addition: https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 23 Avg 2017 15:25 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. CreateRestorePoint: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\...\Run: [SysMon] => C:\Program Files\Common Files\YQMIYM\ir1q0JMxui.exe [183808 2017-08-08] () HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\...\Run: [1fvf33dwljx] => C:\Users\Amar\AppData\Roaming\uosto512l0q\uccd0xg5xmw.exe [8192 2017-08-23] () HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\...\Run: [J3XNGS2DTJZGWC7] => C:\Program Files\3M5RLCBQEU\3M5RLCBQE.exe [1040384 2017-08-23] (JIXYM6) HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\...\MountPoints2: {e6dc0f70-42b6-11e7-8c59-005056c00008} - F:\Startme.exe AutoConfigURL: [S-1-5-21-3894383191-3516363779-2002392177-1001] => hxxp://no-blocked.org/wpad.dat?44fc2c240c7d7e5cd59604da907a890024506622 ManualProxies: 0hxxp://no-blocked.org/wpad.dat?44fc2c240c7d7e5cd59604da907a890024506622 RemoveProxy: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X9L-FG7456sMIYiXYggE0omJlxMrYt8aYO6hmXy0cWooRCSuZkUicv3BEC6_OAtWzBOLS0jj-enSeUnYAhfNDIgs0sM1 HKU\S-1-5-21-3894383191-3516363779-2002392177-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X9L-FG7456sMIYiXYggE0omJlxMrYt8aYO6hmXy0cWooRCSuZkUicv3BEC6_OAtWzBOLS0jj-enSeUnYAhfNDIgs0sM1 HKU\S-1-5-21-3894383191-3516363779-2002392177-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1003 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1003 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X97vaqXgpstxaF97vn7s-kwE0xVZxdnfDRVs8CWILsLkP-Mw6V5FD6Gm1GjRjbAVPE4Ecg7p0dQ_viJlSg54LSwaKLPJ&q={searchTerms} BHO: º£ÌÔÄ£¿éÖúÊÖ -> {97510FAC-ED50-46BF-B2A1-25F434BF1030} -> C:\Users\Amar\AppData\Local\htyh\application\HTDataView64.dll => No File BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll => No File BHO-x32: º£ÌÔÄ£¿éÖúÊÖ -> {97510FAC-ED50-46BF-B2A1-25F434BF1030} -> C:\Users\Amar\AppData\Local\htyh\application\HTDataView.dll => No File FF NewTab: Mozilla\Firefox\Profiles\iv62gla3.default -> C:\\ProgramData\\Plusdaxs\\ff.NT FF Homepage: Mozilla\Firefox\Profiles\iv62gla3.default -> C:\\ProgramData\\Plusdaxs\\ff.HP FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\findit.xml [2017-08-23] FF Plugin-x32: @haitao.com/npHaitaoPlugin -> C:\Users\Amar\AppData\Local\htyh\application\htwebHelper.dll [No File] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\15306584.js [2017-01-27] <==== ATTENTION (Points to *.cfg file) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\15306584.cfg [2017-01-27] <==== ATTENTION CHR HomePage: Default -> hxxps://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X970ACcx9QsB4fE76WctQNCmjbpVi1QOiGbshfqYp-4XPvNSusnk3VR7js9gvfKhv4enW_B16ldKgfcA8D4vmKyKLCnL CHR DefaultSearchURL: Default -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqePRm9wWNFlj_CnPl7-cmWIOf5UeAN6Sp9TrPb7J51FejWE9Ffk8h1_AKwlBmHiGHQQiTEPFrHC1X974if4r9ohTUpP7Kg7zcfQOPQSoFqiz7hZj1gglWM_0kEfRy39-U946_kxEzDZYdJkISG8OdsKPkFogb8vip9tH8Ey-&q={searchTerms} CHR DefaultSearchKeyword: Default -> feed.sonic-search.com CHR Extension: (GreenAssistant) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bncccjepkagemgfhbeknoggaadchfcfb [2017-08-08] R2 AppCheckVersion; C:\Windows\SysWow64\AppCheckVersion.dll [478504 2017-08-23] () R2 UefGdstor; C:\Windows\system32\drivers\UefGdster.sys [198688 2015-09-29] () <==== ATTENTION Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.6.0 - Microleaves) Hidden <==== ATTENTION ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMGCShellExt64.dll -> No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll -> No File ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-06-13] (ESET) ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File Task: {3D5CDA69-D0EA-42A4-949A-8D5B803FC62D} - System32\Tasks\{E6F26AAD-9F61-4583-803B-70B8D8EB34FC} => C:\Windows\system32\pcalua.exe -a C:\Users\Amar\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=obw Task: {4274391B-FB4E-4C71-B915-8957DD0414E0} - System32\Tasks\{B85E00EF-B2F3-4F2E-825E-B31377DBC8F3} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\CofHottough\uninstall.exe" -c shuz -f "C:\Program Files (x86)\Common Files\CofHottough\uninstall.dat" -a uninstallme BCBC9992-3B7A-49EA-BAAD-B869438544E6 DeviceId=d9737a24-aabe-f142-7c29-4ff1ace5f483 BarcodeId=50027003 ChannelId=3 DistributerName=APSnapdoAMRev Task: {9F4D26A4-4136-4C85-B9EF-ACF4F4FC22F9} - System32\Tasks\{8D3A1597-5F0F-4657-AA3B-09569A148C72} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\CinemaP-1.9cV09.07\Uninstall.exe" -c /fcp=1 Task: {A32931DC-6063-423A-B1A2-F30ED02C1A96} - System32\Tasks\RunAtStartup => C:\Users\Amar\AppData\Roaming\Event Monitor\em.exe <==== ATTENTION Task: {AFC2A1F5-821D-4A3C-BA6B-AAAA4E4A5F24} - System32\Tasks\{BC7C1AEC-7D00-4550-B188-5E7B185D1804} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\TymraSaq\Uninstaller.exe -c /ga=1503 /ai=120 /bi=0 Task: {D7C21268-35EB-4456-B679-717146FFFC05} - System32\Tasks\{4EEDD51C-C0B6-4481-8D64-C590156D203B} => rundll32.exe "C:\Users\Amar\AppData\Local\Microsoft\TaskPlay\caches.dat",StaticCache VirusTotal: C:\Users\Amar\AppData\Local\Microsoft\TaskPlay\caches.dat Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION ShortcutWithArgument: C:\Users\Amar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP% ShortcutWithArgument: C:\Users\Amar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% ShortcutWithArgument: C:\Users\Amar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP% ShortcutWithArgument: C:\Users\Amar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% ShortcutWithArgument: C:\Users\Amar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF% ShortcutWithArgument: C:\Users\Amar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF% C:\Program Files\Common Files\YQMIYM C:\Users\Amar\AppData\Roaming\uosto512l0q C:\Program Files\3M5RLCBQEU C:\Users\Amar\AppData\Local\htyh C:\Windows\SysWow64\AppCheckVersion.dll C:\Windows\system32\drivers\UefGdster.sys C:\Users\Public\Documents\XMUpdate C:\ProgramData\Microleaves C:\ProgramData\Logic Cramble C:\ProgramData\PrefsSecure C:\ProgramData\Plusdaxs C:\Users\Amar\AppData\Local\agent.dat C:\Users\Amar\AppData\Local\Yeardax.tst C:\Users\Amar\AppData\Local\noah.dat C:\Users\Amar\AppData\Local\Config.xml C:\Users\Amar\AppData\Local\Main.dat C:\Users\Amar\AppData\Local\md.xml C:\ProgramData\5e7a20ae-6343-0 C:\ProgramData\5e7a20ae-0e35-1 C:\Program Files (x86)\YeaDesktop C:\Users\Amar\AppData\Roaming\Microleaves C:\Users\Amar\AppData\Local\AdvinstAnalytics C:\Program Files (x86)\Microleaves C:\Program Files (x86)\pccleanplus C:\Users\Amar\AppData\Roaming\baidu C:\Users\Amar\AppData\Roaming\360se6 C:\Users\Amar\AppData\Local\UCBrowser C:\Users\Amar\AppData\Local\Tencent C:\Users\Amar\AppData\Local\360chrome C:\Users\Amar\AppData\Local\2345explorer 2016-11-13 08:28 - 2016-11-13 09:53 - 007065600 _____ () C:\Program Files (x86)\GUTE244.tmp 2015-09-29 15:45 - 2015-09-29 15:46 - 225111747 _____ () C:\Users\Amar\AppData\Local\ACCCx3_3_0_151.zip.aamdownload 2015-09-29 15:45 - 2015-09-29 15:46 - 000002615 _____ () C:\Users\Amar\AppData\Local\ACCCx3_3_0_151.zip.aamdownload.aamd 2017-08-23 12:37 - 2017-08-23 12:37 - 007324160 _____ () C:\Users\Amar\AppData\Local\agent.dat 2017-08-23 12:37 - 2017-08-23 12:37 - 000070800 _____ () C:\Users\Amar\AppData\Local\Config.xml 2015-04-27 12:11 - 2017-08-23 15:18 - 000005120 _____ () C:\Users\Amar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-08-23 12:36 - 2017-08-23 12:37 - 000019008 _____ () C:\Users\Amar\AppData\Local\InstallationConfiguration.xml 2017-08-23 12:36 - 2017-08-23 12:36 - 000140800 _____ () C:\Users\Amar\AppData\Local\installer.dat 2017-08-23 12:37 - 2017-08-23 12:37 - 000018432 _____ () C:\Users\Amar\AppData\Local\Main.dat 2017-08-23 12:37 - 2017-08-23 12:37 - 000005568 _____ () C:\Users\Amar\AppData\Local\md.xml 2017-08-23 12:37 - 2017-08-23 12:37 - 000126464 _____ () C:\Users\Amar\AppData\Local\noah.dat 2017-08-23 12:36 - 2017-08-23 13:00 - 001847296 _____ () C:\Users\Amar\AppData\Local\po.db 2016-09-30 15:43 - 2016-09-30 15:43 - 000000017 _____ () C:\Users\Amar\AppData\Local\resmon.resmoncfg 2015-05-24 17:54 - 2015-05-24 17:54 - 000000000 _____ () C:\Users\Amar\AppData\Local\Temp.dat 2017-08-23 12:39 - 2017-08-23 12:39 - 000001150 _____ () C:\Users\Amar\AppData\Local\uninstall_temp.ico 2015-06-08 23:30 - 2015-06-08 23:30 - 000000424 _____ () C:\Users\Amar\AppData\Local\UserProducts.xml 2017-08-23 12:37 - 2017-08-23 12:37 - 001899372 _____ () C:\Users\Amar\AppData\Local\Yeardax.tst 2015-09-16 22:24 - 2015-09-16 22:25 - 000000000 _____ () C:\Users\Amar\AppData\Local\{504D41A7-5467-424F-BF52-2A2F4EB85207} 2016-11-11 14:26 - 2016-11-11 14:26 - 000000000 _____ () C:\Users\Amar\AppData\Local\{79C96F4C-FD07-4039-8A40-42F8A3753A40} 2017-08-23 12:58 - 2017-08-23 12:58 - 000005095 _____ () C:\Users\Amar\AppData\Local\Temp\C4XG9259B958.exe 2017-08-22 09:09 - 2017-08-22 09:09 - 001984204 _____ () C:\Users\Amar\AppData\Local\Temp\setup.dll 2017-08-23 12:38 - 2017-08-23 12:38 - 000374181 _____ (WeMonetize ) C:\Users\Amar\AppData\Local\Temp\UGJB2NB.exe C:\Program Files (x86)\Common Files\CofHottough C:\Program Files (x86)\CinemaP-1.9cV09.07 C:\Users\Amar\AppData\Roaming\Event Monitor C:\ProgramData\TymraSaq U okviru Notepad-a klikni na File --> Save As Pod Encoding izaberi UTF-8. Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Profil

amar54k Poslao: 23 Avg 2017 18:16 Idi na vrh
offline amar54k Ugledni građanin Pridružio: 11 Okt 2014 Poruke: 358	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 23 Avg 2017 17:54 https://www.mycity.rs/must-login.png Dopuna: 23 Avg 2017 17:57 I dalje ne mogu da pretražujem u browseru Dopuna: 23 Avg 2017 19:16 Fixlog: https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 23 Avg 2017 18:59 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Postavi mi nove FRST.txt i Addition.txt izvještaje (označi opciju Addition.txt kad opet pokreneš FRST).

Profil

amar54k Poslao: 24 Avg 2017 03:42 Idi na vrh
offline amar54k Ugledni građanin Pridružio: 11 Okt 2014 Poruke: 358	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: FRST: https://www.mycity.rs/must-login.png Addition: https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 24 Avg 2017 07:13 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. CreateSystemRestore: R2 UefGdstor; C:\Windows\system32\drivers\UefGdster.sys [198688 2015-09-29] () <==== ATTENTION R2 AppCheckVersion; C:\Windows\SysWow64\AppCheckVersion.dll [478504 2017-08-23] () C:\Windows\system32\drivers\UefGdster.sys C:\Windows\SysWow64\AppCheckVersion.dll Task: {63D8D917-C7D6-472B-8443-67737B54A78C} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION C:\Program Files (x86)\Microleaves U okviru Notepad-a klikni na File --> Save As Pod Encoding izaberi UTF-8. Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Otvori CHrome i obriši ekstenziju Green Assistant.

Profil

amar54k Poslao: 24 Avg 2017 09:17 Idi na vrh
offline amar54k Ugledni građanin Pridružio: 11 Okt 2014 Poruke: 358	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Fixlog: https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 24 Avg 2017 10:10 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sad stanje? Potrebno je da spakuješ folder C:\FRST\Quarantine u arhivu i pošalješ nam ga. Uđi u folder C:\FRST Desnim tasterom miša klini na folder Quarantine i izaberi opciju Add to archive... kao na slici Kao Archive format izaberi 7z Za Compression level odaberi Ultra (napomena: ako dobiješ grešku da nema dovoljno memorije, stavi na Maximum ili Normal) Za Compression method stavi LZMA2 ili LZMA U polje Split to volumes, bytes unesi 5000000 (slovima: pet miliona) Na desnoj strani označi opciju Compress Shared Files (pogledaj sliku dole) Klikni na OK Kada 7-Zip završi sa kompresovanjem, dobijene fajlove uploaduj (jedan po jedan) na: https://www.mycity.rs/ambulanta-upload.php

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Virus mi je napao kompjuter

Ko je trenutno na forumu

Ukupno su 1118 korisnika na forumu :: 34 registrovanih, 8 sakrivenih i 1076 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, Bobrock1, cavatina, cenejac111, CikaKURE, comi_pfc, dankisha, Dimitrise93, Dorcolac, FileFinder, galerija, HrcAk47, kybonacci, Leonov, ljuba, Luka1998, Marex, MB120mm, mercedesamg, Mi lao shu, Milenaaa, Milos ZA, mocnijogurt, Ne doznajem se u oružje, nebkv, nemkea71, Parker, rodoljub, Singidunumac, Srle993, styg, suton, tomigun, wolverined4

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by