Možda tražite i:
Nestali folderi
Vista explorer i nestale ikonice
Nepobedivi virus VIRUT W32.CF
virus,virusi ili....

MyCity » Ambulanta -> Arhiva Ambulante » Virus nestali folderi i ikonice

Virus nestali folderi i ikonice

Napisano na dan: 1.12.2014

Strana:
1
2
3

Virus nestali folderi i ikonice

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

Cyrax Poslao: 01 Dec 2014 18:11 Idi na vrh
offline Cyrax Građanin Pridružio: 13 Maj 2008 Poruke: 113	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Drugari, moj mali burazer pokusao je da skine neku igricu preko torrenta i izasla mu opcija da snimi fajl na desktop i on je to uradioi onda nije mogao da pokrene torrent posto je bila potreba neka nova instalacija nekog programa i on je sve to prekinuo posto je znao da je virus Znaci samo je snimio na desktop i nista vise. Onda su poceli da nestaju folderi iikonice sa desktopa i da se menja izgled, i pojavila se ikonica za OPERA pretrazivac koji nisam pre imao niti koristio. Pa ako bi ste mogli da mi pomognete da ocistim i sredim komp. Takodje sam pokusao System Restore ali nije bilo moguce da se uradi. Hvala unapred. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-12-2014 Ran by Cyrax (administrator) on CYRAX-PC on 01-12-2014 18:02:25 Running from C:\Users\Cyrax\Desktop Loaded Profile: Cyrax (Available profiles: Cyrax) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Cool Mirage) C:\Users\Cyrax\AppData\Roaming\TornTV.com\TornTVSvc.exe (WinAbility® Software Corporation) C:\PROGRAMS\FGUARD\FGKey.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [FG_Monitor] => C:\PROGRAMS\FGUARD\FGKey.exe [118600 2008-01-04] (WinAbility® Software Corporation) HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKU\S-1-5-21-580165240-721162046-3227699501-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-580165240-721162046-3227699501-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.) HKU\S-1-5-21-580165240-721162046-3227699501-1001\...\MountPoints2: {2affdf6d-e0cd-11e3-9c1c-001fd0b5bc2f} - F:\autorun.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Start Page = mystartsearch.com/?type=hp&ts=14174.....4_3C2DC8C6 HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4015E9A44970CF01 HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mystartsearch.com/?type=hp&ts=14174.....4_3C2DC8C6 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mystartsearch.com/?type=hp&ts=14174.....4_3C2DC8C6 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mystartsearch.com/?type=hp&ts=14174.....4_3C2DC8C6 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe mystartsearch.com/?type=sc&ts=14174.....4_3C2DC8C6 SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} SearchScopes: HKU\S-1-5-21-580165240-721162046-3227699501-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} SearchScopes: HKU\S-1-5-21-580165240-721162046-3227699501-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-580165240-721162046-3227699501-1001 -> {115BE84A-2FAA-4BDF-9A7A-CDFB1D73DFA0} URL = google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-580165240-721162046-3227699501-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50 FireFox: ======== FF ProfilePath: C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default FF NewTab: hxxp://www.mystartsearch.com/newtab/?type=nt&ts=1417451768&from=ild&uid=395049983_397234_3C2DC8C6 FF DefaultSearchEngine: mystartsearch FF SelectedSearchEngine: mystartsearch FF Homepage: hxxp://www.mystartsearch.com/?type=hp&ts=1417451768&from=ild&uid=395049983_397234_3C2DC8C6 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-580165240-721162046-3227699501-1001: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml FF Extension: United States English Spellchecker - C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default\Extensions\en-US@dictionaries.addons.mozilla.org [2014-06-19] FF Extension: Fast Start - C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default\Extensions\faststartff@gmail.com [2014-12-01] FF Extension: DownloadHelper - C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-24] FF Extension: Adblock Plus - C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default\extensions\faststartff@gmail.com FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe mystartsearch.com/?type=sc&ts=14174.....4_3C2DC8C6 Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.rs/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google презентације) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-23] CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2014-11-23] CHR Extension: (Google диск) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-23] CHR Extension: (YouTube) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-23] CHR Extension: (wger Workout Manager) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdokcfidmpmcponlnkmmbenfpnpkbmch [2014-11-23] CHR Extension: (Google претрага) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-23] CHR Extension: (Photo Zoom for Facebook) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-11-23] CHR Extension: (Google табеле) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-23] CHR Extension: (AdBlock) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-23] CHR Extension: (Skype Click to Call) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-11-23] CHR Extension: (English vocabulary) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmklfohhllfpjjmjejencmaodgiknmj [2014-11-23] CHR Extension: (Google новчаник) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-23] CHR Extension: (FitnessBliss) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\opdgckbdimehmjcfoddoghjieapefide [2014-11-23] CHR Extension: (Gmail) - C:\Users\Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-23] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe mystartsearch.com/?type=sc&ts=14174.....4_3C2DC8C6 ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 trntv; C:\Users\Cyrax\AppData\Roaming\TornTV.com\TornTVSvc.exe [19456 2014-11-18] (Cool Mirage) [File not signed] R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [484352 2014-12-01] (Fuyu LIMITED) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [213784 2014-10-29] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-05-18] (AVG Technologies) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-05-21] (Disc Soft Ltd) R2 FGUARD32; C:\PROGRAMS\FGUARD\FGUARD32.SYS [54008 2008-01-04] (WinAbility® Software Corporation) S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [454656 2007-11-08] (PixArt Imaging Inc.) S3 cpudrv; No ImagePath S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-01 18:02 - 2014-12-01 18:02 - 00015981 _____ () C:\Users\Cyrax\Desktop\FRST.txt 2014-12-01 18:01 - 2014-12-01 18:02 - 00000000 ____D () C:\FRST 2014-12-01 17:59 - 2014-12-01 18:00 - 01109504 _____ (Farbar) C:\Users\Cyrax\Desktop\FRST.exe 2014-12-01 17:38 - 2014-12-01 17:38 - 00001600 _____ () C:\Windows\PFRO.log 2014-12-01 17:37 - 2014-12-01 17:37 - 00001093 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-12-01 17:37 - 2014-12-01 17:37 - 00001093 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-12-01 17:37 - 2014-12-01 17:37 - 00000000 ____D () C:\Users\Cyrax\AppData\Roaming\Opera Software 2014-12-01 17:37 - 2014-12-01 17:37 - 00000000 ____D () C:\Users\Cyrax\AppData\Local\Opera Software 2014-12-01 17:36 - 2014-12-01 17:51 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2014-12-01 17:36 - 2014-12-01 17:51 - 00000000 ____D () C:\Program Files\Opera 2014-12-01 17:34 - 2014-12-01 17:51 - 00000000 ____D () C:\Users\Cyrax\AppData\Roaming\TornTV.com 2014-12-01 17:34 - 2014-12-01 17:51 - 00000000 ____D () C:\Users\Cyrax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com 2014-12-01 10:44 - 2014-12-01 17:56 - 00000224 _____ () C:\Windows\setupact.log 2014-12-01 10:44 - 2014-12-01 10:44 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-28 13:25 - 2014-11-28 13:41 - 00000000 ____D () C:\Users\Cyrax\Desktop\DOVRSI 2014-11-26 19:09 - 2014-11-28 13:39 - 00000000 ____D () C:\Users\Cyrax\Desktop\BackOnBoard( Princess and Royal Caribbean ) 2014-11-26 19:03 - 2014-11-26 19:03 - 02931179 _____ () C:\Users\Cyrax\Desktop\BackOnBoard( Princess and Royal Caribbean ).zip 2014-11-25 22:10 - 2014-11-25 22:10 - 21118464 _____ () C:\Users\Cyrax\Downloads\ViewRightWebInstaller (1).msi 2014-11-25 22:10 - 2014-11-25 22:10 - 00000000 ____D () C:\Users\Cyrax\AppData\Roaming\Verimatrix 2014-11-25 22:09 - 2014-11-25 22:09 - 00000000 ____D () C:\Program Files\Verimatrix 2014-11-25 20:54 - 2014-11-25 20:54 - 21118464 _____ () C:\Users\Cyrax\Downloads\ViewRightWebInstaller.msi 2014-11-25 14:08 - 2014-11-25 14:08 - 00029696 _____ () C:\Users\Cyrax\Desktop\BACK2SEA REQUEST FORM NEW.xls 2014-11-23 21:17 - 2014-11-23 22:03 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-11-23 21:17 - 2014-11-23 21:17 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-23 21:17 - 2014-11-23 21:17 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-23 21:15 - 2014-11-23 21:15 - 00079576 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-23 21:09 - 2014-12-01 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-11-23 21:08 - 2014-12-01 17:56 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-23 21:08 - 2014-12-01 17:13 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-23 21:08 - 2014-11-23 21:08 - 00880784 _____ (Google Inc.) C:\Users\Cyrax\Downloads\ChromeSetup.exe 2014-11-23 21:00 - 2014-11-23 21:00 - 00000000 __SHD () C:\Users\Cyrax\AppData\Local\EmieUserList 2014-11-23 21:00 - 2014-11-23 21:00 - 00000000 __SHD () C:\Users\Cyrax\AppData\Local\EmieSiteList 2014-11-23 21:00 - 2014-11-23 21:00 - 00000000 __SHD () C:\Users\Cyrax\AppData\Local\EmieBrowserModeList 2014-11-23 20:40 - 2014-11-23 20:25 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-11-19 15:03 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-19 15:03 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2014-11-12 19:59 - 2000-06-08 17:00 - 00119568 _____ (Microsoft Corporation) C:\Windows\system32\KSPRaccb.rra 2014-11-12 11:39 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-12 11:39 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-12 11:39 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-12 11:39 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-12 11:39 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-12 11:39 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-12 11:39 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-12 11:39 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-12 11:39 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-12 11:39 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-12 11:39 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-12 11:39 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-12 11:39 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-12 11:39 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-12 11:39 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-12 11:39 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-12 11:39 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-12 11:39 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-12 11:39 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-12 11:39 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-12 11:39 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-12 11:39 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-12 11:39 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-12 11:39 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-12 11:39 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-12 11:39 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-12 11:38 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-12 11:38 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-12 11:38 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-12 11:38 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-12 11:38 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-12 11:38 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-12 11:38 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-12 11:38 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-12 11:38 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-12 11:38 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-12 11:38 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-12 11:38 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-12 11:38 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-12 11:38 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-12 11:38 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-12 11:38 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-12 11:38 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-12 11:38 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-12 11:38 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-12 11:38 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-12 11:38 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-12 11:38 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-12 11:38 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-12 11:38 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-12 11:38 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-12 11:38 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-12 11:38 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-12 11:38 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-12 11:38 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-12 11:38 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-04 23:30 - 2014-11-04 23:30 - 00000000 ____D () C:\Users\Cyrax\Desktop\Drina 2014-11-04 21:49 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-01 18:01 - 2009-07-14 05:34 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-01 18:01 - 2009-07-14 05:34 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-01 18:00 - 2014-06-24 13:26 - 01996871 _____ () C:\Windows\WindowsUpdate.log 2014-12-01 17:57 - 2014-05-15 20:56 - 00000000 ____D () C:\Users\Cyrax\AppData\Roaming\Skype 2014-12-01 17:56 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-01 17:54 - 2014-05-15 15:21 - 00000000 ____D () C:\Users\Cyrax 2014-12-01 17:54 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration 2014-12-01 17:51 - 2014-05-15 21:05 - 00000000 ____D () C:\ProgramData\MFAData 2014-12-01 17:41 - 2014-10-21 13:15 - 00000000 ____D () C:\Users\Cyrax\AppData\Local\Avg2015 2014-12-01 17:37 - 2014-10-25 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-12-01 17:37 - 2014-10-22 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2013 Patch 2014-12-01 17:37 - 2014-10-03 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-12-01 17:37 - 2014-06-09 19:30 - 00000000 ____D () C:\Users\Cyrax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-12-01 17:37 - 2014-06-07 09:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player 2014-12-01 17:37 - 2014-05-24 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 2014-12-01 17:37 - 2014-05-21 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-12-01 17:37 - 2014-05-17 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-12-01 17:37 - 2014-05-15 18:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Guard 2014-12-01 17:37 - 2014-05-15 15:21 - 00000000 ___RD () C:\Users\Cyrax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-12-01 17:37 - 2014-05-15 15:21 - 00000000 ___RD () C:\Users\Cyrax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-12-01 17:37 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-12-01 17:37 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-12-01 17:37 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-12-01 17:36 - 2014-06-09 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-12-01 17:36 - 2014-05-27 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2014-12-01 17:36 - 2014-05-24 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2014-12-01 17:36 - 2014-05-21 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2014-12-01 17:36 - 2014-05-15 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-12-01 17:09 - 2014-06-10 09:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-28 13:33 - 2014-05-15 15:08 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-26 00:09 - 2014-06-10 09:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-11-26 00:09 - 2014-06-10 09:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-11-24 12:08 - 2014-04-12 20:32 - 00000000 ____D () C:\Users\Cyrax\Desktop\New folder 2014-11-23 23:28 - 2014-05-27 19:21 - 00000697 _____ () C:\DelFix.txt 2014-11-23 21:09 - 2014-05-15 15:28 - 00000000 ____D () C:\Program Files\Google 2014-11-23 21:09 - 2014-05-15 15:27 - 00000000 ____D () C:\Users\Cyrax\AppData\Local\Google 2014-11-23 20:39 - 2014-10-22 12:21 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-11-23 20:39 - 2014-10-22 12:21 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-11-23 20:39 - 2014-10-22 12:21 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google 2014-11-23 20:39 - 2014-10-22 12:21 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo 2014-11-23 20:39 - 2014-10-22 12:21 - 00000000 ____D () C:\Users\Cyrax\AppData\Local\Comodo 2014-11-23 20:39 - 2014-10-22 12:21 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-11-23 20:39 - 2014-10-22 12:21 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-11-23 20:38 - 2009-07-14 03:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-11-23 17:09 - 2014-10-22 12:21 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2014-11-22 14:21 - 2014-05-21 20:42 - 00000000 ____D () C:\Users\Cyrax\AppData\Roaming\uTorrent 2014-11-17 13:50 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\twain_32 2014-11-12 22:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-11-12 20:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-11-12 20:28 - 2009-07-14 03:04 - 00000765 _____ () C:\Windows\win.ini 2014-11-12 20:23 - 2009-07-14 05:33 - 00279336 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-12 20:20 - 2014-05-28 15:43 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-12 20:17 - 2014-05-15 16:09 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-12 20:12 - 2014-05-15 16:09 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-12 11:34 - 2014-05-15 21:08 - 00000000 ___HD () C:\$AVG Some content of TEMP: ==================== C:\Users\Cyrax\AppData\Local\Temp\Runner2.exe C:\Users\Cyrax\AppData\Local\Temp\Runner4.exe C:\Users\Cyrax\AppData\Local\Temp\ttv.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-25 03:03 ==================== End Of Log ============================ mycity.rs/must-login.png

Profil

Sass Drake Poslao: 01 Dec 2014 22:37 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imaš li još taj fajl koji je skinut i čijim je pokretanjem nastala havarija? Ako imaš, uploaduj ga preko sljedećeg linka: Korak 1 Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe: TornTV WindowsMangerProtect20.0.0.1277 Korak 2 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. HKU\S-1-5-21-580165240-721162046-3227699501-1001\...\MountPoints2: {2affdf6d-e0cd-11e3-9c1c-001fd0b5bc2f} - F:\autorun.exe HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=14174.....4_3C2DC8C6 HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=14174.....4_3C2DC8C6 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=14174.....4_3C2DC8C6 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=14174.....4_3C2DC8C6 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=14174.....4_3C2DC8C6 SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} SearchScopes: HKU\S-1-5-21-580165240-721162046-3227699501-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} SearchScopes: HKU\S-1-5-21-580165240-721162046-3227699501-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} FF NewTab: hxxp://www.mystartsearch.com/newtab/?type=nt&ts=1417451768&from=ild&uid=395049983_397234_3C2DC8C6 FF DefaultSearchEngine: mystartsearch FF SelectedSearchEngine: mystartsearch FF Homepage: hxxp://www.mystartsearch.com/?type=hp&ts=1417451768&from=ild&uid=395049983_397234_3C2DC8C6 FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml FF Extension: Fast Start - C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default\Extensions\faststartff@gmail.com [2014-12-01] R2 trntv; C:\Users\Cyrax\AppData\Roaming\TornTV.com\TornTVSvc.exe [19456 2014-11-18] (Cool Mirage) [File not signed] Task: {81663D60-2DEC-4085-928C-745F2980BC28} - System32\Tasks\Opera scheduled Autoupdate 1417451843 => C:\Program Files\Opera\launcher.exe [2014-11-20] (Opera Software) C:\Users\Cyrax\AppData\Roaming\TornTV.com C:\ProgramData\WindowsMangerProtect EmptyTemp: U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Profil

Cyrax Poslao: 01 Dec 2014 22:58 Idi na vrh
offline Cyrax Građanin Pridružio: 13 Maj 2008 Poruke: 113	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Na zalost ne nemam ga. Ja se ne secam da sam ga izbrisao sto znaci da je moguce da je i on jedan od fajlova koji je nestao. Sada reci mi dal da odradim ovaj postupak koji si naveo pod korak 2 ili... ?

Profil

Sass Drake Poslao: 01 Dec 2014 23:28 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odradi i korak 1 i korak 2.

Profil

Cyrax Poslao: 01 Dec 2014 23:44 Idi na vrh
offline Cyrax Građanin Pridružio: 13 Maj 2008 Poruke: 113	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odradio sam oba koraka, stim sto mogu da prometim da imam OPERA pretrazivac medju programima koji takodje na mogu da deinstaliram a nisam ga u opste instalirao. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 01-12-2014 Ran by Cyrax at 2014-12-01 23:34:47 Run:1 Running from C:\Users\Cyrax\Desktop Loaded Profile: Cyrax (Available profiles: Cyrax) Boot Mode: Normal ============================================== Content of fixlist: *************** HKU\S-1-5-21-580165240-721162046-3227699501-1001\...\MountPoints2: {2affdf6d-e0cd-11e3-9c1c-001fd0b5bc2f} - F:\autorun.exe HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Start Page = mystartsearch.com/?type=hp&ts=14174.....4_3C2DC8C6 HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mystartsearch.com/?type=hp&ts=14174.....4_3C2DC8C6 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mystartsearch.com/?type=hp&ts=14174.....4_3C2DC8C6 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mystartsearch.com/?type=hp&ts=14174.....4_3C2DC8C6 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe mystartsearch.com/?type=sc&ts=14174.....4_3C2DC8C6 SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} SearchScopes: HKU\S-1-5-21-580165240-721162046-3227699501-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} SearchScopes: HKU\S-1-5-21-580165240-721162046-3227699501-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = mystartsearch.com/web/?type=ds&ts=1.....8C6&q={searchTerms} FF NewTab: hxxp://www.mystartsearch.com/newtab/?type=nt&ts=1417451768&from=ild&uid=395049983_397234_3C2DC8C6 FF DefaultSearchEngine: mystartsearch FF SelectedSearchEngine: mystartsearch FF Homepage: hxxp://www.mystartsearch.com/?type=hp&ts=1417451768&from=ild&uid=395049983_397234_3C2DC8C6 FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml FF Extension: Fast Start - C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default\Extensions\faststartff@gmail.com [2014-12-01] R2 trntv; C:\Users\Cyrax\AppData\Roaming\TornTV.com\TornTVSvc.exe [19456 2014-11-18] (Cool Mirage) [File not signed] Task: {81663D60-2DEC-4085-928C-745F2980BC28} - System32\Tasks\Opera scheduled Autoupdate 1417451843 => C:\Program Files\Opera\launcher.exe [2014-11-20] (Opera Software) C:\Users\Cyrax\AppData\Roaming\TornTV.com C:\ProgramData\WindowsMangerProtect EmptyTemp: *************** "HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2affdf6d-e0cd-11e3-9c1c-001fd0b5bc2f}" => Key deleted successfully. "HKCR\CLSID\{2affdf6d-e0cd-11e3-9c1c-001fd0b5bc2f}" => Key not found. "HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKU\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. "HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key not found. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully. "HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found. HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. "HKU\S-1-5-21-580165240-721162046-3227699501-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully. "HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found. Firefox newtab deleted successfully. Firefox DefaultSearchEngine deleted successfully. Firefox SelectedSearchEngine deleted successfully. Firefox homepage deleted successfully. C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml => Moved successfully. C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default\Extensions\faststartff@gmail.com => Moved successfully. trntv => Service not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{81663D60-2DEC-4085-928C-745F2980BC28}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81663D60-2DEC-4085-928C-745F2980BC28}" => Key deleted successfully. C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1417451843 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1417451843" => Key deleted successfully. "C:\Users\Cyrax\AppData\Roaming\TornTV.com" => File/Directory not found. C:\ProgramData\WindowsMangerProtect => Moved successfully. EmptyTemp: => Removed 345.3 MB temporary data. The system needed a reboot. ==== End of Fixlog ====

Profil

Sass Drake Poslao: 02 Dec 2014 02:16 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. u EULA prozoru klikni na I agree. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Clean i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl" Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt Korak 2 Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: `process; startupall; drivers-services-list; skipfix-iedefaults; firefoxlook; chromelook; filesrcm;` Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku.

Profil

Cyrax Poslao: 02 Dec 2014 12:58 Idi na vrh
offline Cyrax Građanin Pridružio: 13 Maj 2008 Poruke: 113	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 02 Dec 2014 12:43 Imam pitanje, pokrenuo sam prvi korak i skeniranje predugo traje (vise od sat vremena) stim da je prvo pocelo da ucitava a onda kao da se sve ponistilo i sada sve stoji na pocetku i izgleda da kao da nije ni poceo da skenitra. Sada da li je to normalno ili ne ? Ovo je drugi put da pokrecem skeniranje posto sam prvi put mislio da je zakucao ali evo i drugi put je sve isto. Da li da predjem na drugi korak ili da ostavim ovo da navodno zavrsi skeniranje ? Dopuna: 02 Dec 2014 12:58 Mislim da sam sredio stvar. Zoek.exe v5.0.0.0 Updated 29-11-2014 Tool run by Cyrax on 02-Dec-14 at 12:50:16.55. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Cyrax\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 02-Dec-14 12:51:18 PM Zoek.exe System Restore Point Created Succesfully. ==== Running Processes ====================== C:\Windows\System32\smss.exe c:\PROGRA~1\AVG\AVG2015\avgrsx.exe C:\Program Files\AVG\AVG2015\avgcsrvx.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\atiesrxx.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\AVG\AVG2015\avgidsagent.exe C:\Program Files\AVG\AVG2015\avgwdsvc.exe C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Windows\system32\taskhost.exe C:\Program Files\AVG\AVG2015\avgnsx.exe C:\Program Files\AVG\AVG2015\avgemcx.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\PROGRAMS\FGUARD\FGKey.exe C:\Program Files\AVG\AVG2015\avgui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\ctfmon.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\servicing\TrustedInstaller.exe C:\Users\Cyrax\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\conhost.exe C:\Windows\system32\vssvc.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k swprv ==== Services(whitelist) ====================== Powered by E Dev R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files\common files\adobe\arm\1.0\armsvc.exe R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe R2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files\avg\avg2015\avgidsagent.exe R2 - [avgwd] - AVG WatchDog - c:\program files\avg\avg2015\avgwdsvc.exe R2 - [c2cautoupdatesvc] - Skype Click to Call Updater - c:\program files\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe R2 - [c2cpnrsvc] - Skype Click to Call PNR Service - c:\program files\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe S2 - [gupdate] - Google Update Service (gupdate) - c:\program files\google\update\googleupdate.exe S2 - [SkypeUpdate] - Skype Updater - c:\program files\skype\updater\updater.exe S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\system32\macromed\flash\flashplayerupdateservice.exe S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework\v4.0.30319\aspnet_state.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe S3 - [gupdatem] - Google Update Service (gupdatem) - c:\program files\google\update\googleupdate.exe S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files\mozilla maintenance service\maintenanceservice.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [ose] - Office Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe ==== Drivers(whitelist) ====================== Powered by E Dev R0 - [AVGIDSHX] - AVGIDSHX - C:\Windows\system32\Drivers\AVGIDSHX.sys R0 - [Avglogx] - AVG Logging Driver - C:\Windows\system32\Drivers\Avglogx.sys R0 - [Avgmfx86] - AVG Mini-Filter Resident Anti-Virus Shield - C:\Windows\system32\Drivers\Avgmfx86.sys R0 - [Avgrkx86] - AVG Anti-Rootkit Driver - C:\Windows\system32\Drivers\Avgrkx86.sys R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys R3 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys R0 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x] R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys R0 - [Disk] - Disk Driver - C:\Windows\system32\Drivers\Disk.sys R0 - [fvevol] - Bitlocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys R0 - [nvstor] - nvstor - C:\Windows\system32\Drivers\nvstor.sys R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys R0 - [storflt] - Disk Virtual Machine Bus Acceleration Filter Driver - C:\Windows\system32\Drivers\storflt.sys [x] R0 - [Tcpip] - TCP/IP Protocol Driver - C:\Windows\system32\Drivers\Tcpip.sys R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys R0 - [vmbus] - Virtual Machine Bus - C:\Windows\system32\Drivers\vmbus.sys R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys R1 - [tdx] - NetIO Legacy TDI Support Driver - C:\Windows\system32\Drivers\tdx.sys R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Cyrax\AppData\Local\Temp ==== ====== Java Cache ===== 2014-11-29 16:14:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Cyrax\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-1cdbc445 ====== C:\Windows\system32 ===== 2014-11-19 14:03:55 ADFB31FA72AFE0298A60BF4AC1045A42 550912 ----a-w- C:\Windows\System32\kerberos.dll 2014-11-19 14:03:55 98B3C919C6B9C5F810FF2CAFA339822B 186880 ----a-w- C:\Windows\System32\pku2u.dll ====== C:\Windows\system32\drivers ===== 2014-11-23 20:17:12 5CA4A22D15763AF10FD20B4CBCB176ED 119000 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-11-23 20:15:58 CD85463E3AB753443D77B4A04638E418 79576 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-11-12 10:39:11 1E1845606C5A4579F7F3D95796CC1ED1 136632 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== 2014-11-23 20:08:50 8415D638206261A1E142669D2D63D9B8 3914 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2014-11-23 20:08:50 6BEE8C78B19BE04DD7DC706292710C8C 918 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-23 20:08:50 030896171519C6DF50063B881D13DC2E 3662 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2014-11-23 20:08:49 F7CBA656FDAB8E37FEEA74DF2A9FAD61 914 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-12-01 16:36:47 -------- d-----w- C:\Program Files\Opera 2014-11-25 21:09:37 -------- d-----w- C:\Program Files\Verimatrix ======= C: ===== ====== C:\Users\Cyrax\AppData\Roaming ====== 2014-12-01 16:37:43 -------- d-----w- C:\Users\Cyrax\AppData\Roaming\Opera Software 2014-12-01 16:37:43 -------- d-----w- C:\Users\Cyrax\AppData\Local\Opera Software 2014-11-25 21:10:26 -------- d-----w- C:\Users\Cyrax\AppData\Roaming\Verimatrix 2014-11-23 20:00:56 -------- d-sh--w- C:\Users\Cyrax\AppData\Local\EmieUserList 2014-11-23 20:00:56 -------- d-sh--w- C:\Users\Cyrax\AppData\Local\EmieSiteList 2014-11-23 20:00:56 -------- d-sh--w- C:\Users\Cyrax\AppData\Local\EmieBrowserModeList 2014-11-23 19:40:44 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-11-23 19:40:44 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-11-23 19:40:44 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-11-23 19:40:44 -------- d-----w- C:\Users\Cyrax\AppData\Local\Temp ====== C:\Users\Cyrax ====== 2014-12-02 10:04:56 CBDDB6C4BCD895F8879FD6AC588007A0 2154496 ----a-w- C:\Users\Cyrax\Desktop\AdwCleaner.exe 2014-12-01 21:29:40 1425ED66AB875496E5F4E4B5AE951FFC 480176 ----a-w- C:\Users\Cyrax\Downloads\Pro_Evolution_Soccer_2015-RELOADED.exe 2014-12-01 16:59:59 0D61699EEC9A6ACFE0710A4AE33CE09A 1109504 ----a-w- C:\Users\Cyrax\Desktop\FRST.exe 2014-12-01 16:33:57 C3499F064798C2EEF46D5BBF4A7AEFF2 482000 ----a-w- C:\Users\Cyrax\Downloads\PES_2015_Full_PC_Game-(zabranjeno)ED-RELOADED.exe 2014-11-23 20:09:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome ====== C: exe-files == 2014-12-02 10:04:56 CBDDB6C4BCD895F8879FD6AC588007A0 2154496 ----a-w- C:\Users\Cyrax\Desktop\AdwCleaner.exe 2014-12-01 23:28:50 C10E5EF1B85DE5B79AC2815C9A677D1F 1385808 ----a-w- C:\Users\Cyrax\AppData\Roaming\uTorrent\updates\3.4.2_35702.exe 2014-12-01 21:29:40 1425ED66AB875496E5F4E4B5AE951FFC 480176 ----a-w- C:\Users\Cyrax\Downloads\Pro_Evolution_Soccer_2015-RELOADED.exe 2014-12-01 16:59:59 0D61699EEC9A6ACFE0710A4AE33CE09A 1109504 ----a-w- C:\Users\Cyrax\Desktop\FRST.exe 2014-12-01 16:37:35 A818DDDE7B3C9097B0B2BBBF0D37FEB3 466040 ----a-w- C:\Program Files\Opera\launcher.exe 2014-12-01 16:37:34 EB76BA19CBB7D50F9B96F12AAB9BF1CB 73336 ----a-w- C:\Program Files\Opera\26.0.1656.24\wow_helper.exe 2014-12-01 16:37:32 B0DE4AB3F83076EE5F282995EAD81888 535160 ----a-w- C:\Program Files\Opera\26.0.1656.24\opera_crashreporter.exe 2014-12-01 16:37:31 7789309B087E949E10A74DDF87FFE8B7 3228280 ----a-w- C:\Program Files\Opera\26.0.1656.24\opera_autoupdate.exe 2014-12-01 16:37:30 B8F2CED10E068E8539D9E1ECCDD34417 50335352 ----a-w- C:\Program Files\Opera\26.0.1656.24\opera.exe 2014-12-01 16:37:24 BBB45D3412A9F4B0D67E09D59ECC112B 1264760 ----a-w- C:\Program Files\Opera\26.0.1656.24\installer.exe 2014-12-01 16:36:37 FFF502B10BC4B91D8357A243F709B8AD 484352 ----a-w- C:\FRST\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe 2014-12-01 16:33:57 C3499F064798C2EEF46D5BBF4A7AEFF2 482000 ----a-w- C:\Users\Cyrax\Downloads\PES_2015_Full_PC_Game-(zabranjeno)ED-RELOADED.exe 2014-11-26 22:14:43 9D83E2859AC027E8C505CB4D1931AF47 1117264 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.71\39.0.2171.71_39.0.2171.65_chrome_updater.exe === C: other files == 2014-11-26 18:03:35 60A7D3B7F38B2C95AB66A4FEF175E483 2931179 ----a-w- C:\Users\Cyrax\Desktop\BackOnBoard( Princess and Royal Caribbean ).zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-580165240-721162046-3227699501-1001\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "FG_Monitor"="C:\PROGRAMS\FGUARD\FGKey.exe /Start" "PAC7302_Monitor"="C:\Windows\PixArt\PAC7302\Monitor.exe" "AVG_UI"="C:\Program Files\AVG\AVG2015\avgui.exe /TRAYONLY" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [26-Nov-14 12:09 AM] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\{AE169846-7DE2-4B1E-902E-9A4812573169}" [C:\PROGRAMS\FGUARD\FGuard.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default - United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org - DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Cyrax\AppData\Roaming\Mozilla\Firefox\Profiles\wbhf7oii.default 8303B3CEC05500F763B4FA75210598BB - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash D2377C9458EFEB094E38B8C874AA214C - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update BBF0479C2D30519A2E746D12CAE54B43 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U71 1ED046D972B98E0ADEC4D4D61BF37695 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.710.14 64C4ADE063A9C93D3BAE09922AD90C27 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 446BCAE59E26321802E000FC3E0C390A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat BA320B0A76BAF9DE67093FDBC2F958AD - C:\Program Files\Verimatrix\ViewRight Web\npViewRight.dll - Verimatrix ViewRight ==== Chromium Look ====================== Google Slides - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek BIODIGITAL HUMAN - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak Google Drive - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo wger Workout Manager - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdokcfidmpmcponlnkmmbenfpnpkbmch Google Search - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Photo Zoom for Facebook - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi Google Sheets - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap AdBlock - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom English vocabulary - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmklfohhllfpjjmjejencmaodgiknmj Google Wallet - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda FitnessBliss - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\opdgckbdimehmjcfoddoghjieapefide Gmail - Cyrax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {115BE84A-2FAA-4BDF-9A7A-CDFB1D73DFA0} Google Url="https://www.google.com/search?q={searchTerms}" ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on 02-Dec-14 at 12:55:14.86 ====================== mycity.rs/must-login.png

Profil

Sass Drake Poslao: 02 Dec 2014 16:26 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovo izgleda čisto. Korak 1 Pošalji mi ova dva fajla preko ovog linka http://www.mycity.rs/ambulanta-upload.php C:\Users\Cyrax\Downloads\Pro_Evolution_Soccer_2015-RELOADED.exe C:\Users\Cyrax\Downloads\PES_2015_Full_PC_Game-(zabranjeno)ED-RELOADED.exe

Profil

Cyrax Poslao: 02 Dec 2014 16:36 Idi na vrh
offline Cyrax Građanin Pridružio: 13 Maj 2008 Poruke: 113	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo odradio sam i poslao sam ti oba fajla preko navedenog linka .

Profil

Sass Drake Poslao: 02 Dec 2014 16:47 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OK. Sada uradi sljedeće: Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: `shortcutfix; emptyclsid; emptyalltemp; autoclean;` Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Virus nestali folderi i ikonice

Ko je trenutno na forumu

Ukupno su 902 korisnika na forumu :: 52 registrovanih, 11 sakrivenih i 839 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Alibaba1981, bojank, Boris90, Brana01, Bubimir, ccoogg123, CikaKURE, DejanSt, dekao, Dimitrije Paunovic, Dogma21, dragoljub11987, Frunze, galerija, Georgius, HrcAk47, Krusarac, kybonacci, M1los, maiden6657, MB120mm, mercedesamg, Metanoja, milan.vukovic, minmatar34957, mkukoleca, moldway, Motocar, Nemanja.M, nobutado, opt1, Oscar, Rogan33, S1Mk3, Sančo, sasa87, slonic_tonic, Srle993, Stanlio, stegonosa, suton, TheBeastOfMG, Tragač, vathra, VJ, vukovi, x9, zeo, zlly, Zoca, |_MeD_|

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by