pregled moguce zarazenosti racunara

1

pregled moguce zarazenosti racunara

offline
  • Pridružio: 27 Sep 2013
  • Poruke: 94

s obzirom na dosadasnje iskustvo sa besplatnim antivirusima trenutno ne koristim duze vreme nijedan antivirus ali sam primetio da mi komp radi sporije i da mu treba vise vremena za otvaranje nekih stranica na internetu





Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:28-11-2015
Ran by pc centar (administrator) on PC-C464735FA91F (28-11-2015 18:05:25)
Running from C:\Documents and Settings\pc centar\My Documents\Downloads
Loaded Profiles: pc centar (Available Profiles: pc centar)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(TP-LINK TECHNOLOGIES CO., LTD.) C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\uTorrent\uTorrent.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\BitTorrent\BitTorrent.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\uTorrent\updates\3.4.5_41202\utorrentie.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\uTorrent\updates\3.4.5_41202\utorrentie.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\uTorrent\updates\3.4.5_41202\utorrentie.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
() C:\Documents and Settings\pc centar\My Documents\Downloads\FRST.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20026472 2011-01-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [TWCU] => C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe [479412 2008-03-26] (TP-LINK TECHNOLOGIES CO., LTD.)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11] (ATI Technologies Inc.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [BitTorrent] => C:\Documents and Settings\pc centar\Application Data\BitTorrent\BitTorrent.exe [1738840 2015-03-28] (BitTorrent Inc.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [uTorrent] => C:\Documents and Settings\pc centar\Application Data\uTorrent\uTorrent.exe [1822048 2015-10-08] (BitTorrent Inc.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [57987712 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\MountPoints2: {55fc355c-0088-11e5-ace8-54e6fcdab77c} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [9216 2008-04-14] (Microsoft Corporation)
SecurityProviders: msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Documents and Settings\pc centar\Local Settings\Application Data\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Documents and Settings\pc centar\Local Settings\Application Data\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Documents and Settings\pc centar\Local Settings\Application Data\MEGAsync\ShellExtX32.dll No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 79.143.160.20 79.143.168.8
Tcpip\..\Interfaces\{C484CC6E-2C73-4572-809C-2A37E878A58E}: [DhcpNameServer] 8.8.8.8 79.143.160.20 79.143.168.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> Yandex URL = hxxp://yandex.ru/yandsearch?clid=154468&text={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> Moikrug URL = hxxp://moikrug.ru/persons/?clid=154468&charset=utf-8&keywords={searchTerms}&submitted=1
SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> Yandex URL = hxxp://yandex.ru/yandsearch?clid=154468&text={searchTerms}
SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-19] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default
FF NewTab: chrome://LVD-SAE/content/unpackedcrx/newtab/newtab.html
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-19] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-436374069-1637723038-1801674531-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\pc centar\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll [2007-04-30] (Adobe Systems, Inc.)
FF Extension: iLivid - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\LVD-SAE@iacsearchandmedia.com.xpi [2015-05-08] [not signed]
FF Extension: Adblock Plus - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-20] [not signed]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR DefaultSearchURL: Default -> hxxp://dts.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Music Box) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaddliknddhjhjcofimffekgonpkom [2015-06-24] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION
CHR Extension: (Ask Search) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaddmbejlljmjbmlpnpfpmimmglbae [2015-09-27]
CHR Extension: (Ask Search) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [2015-09-27]
CHR Extension: (iLivid) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-09-27]
CHR Extension: (Google Novčanik) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-24] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION
CHR Extension: (CuutThheaPriicue) - C:\Documents and Settings\All Users\Application Data\epcldjeigghlcocbgfhgfodfipipmpae\ []

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACS; C:\WINDOWS\system32\acs.exe [364629 2007-02-12] (Atheros) [File not signed]
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [543712 2007-03-27] (Atheros Communications, Inc.) [File not signed]
S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1938272 2010-11-05] (Atheros Communications, Inc.)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
R3 ATIAVAIW; C:\WINDOWS\System32\DRIVERS\atinavt2.sys [170496 2009-04-01] (ATI Technologies Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [14184 2013-03-13] (Marvell Semiconductor Inc.)
R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2013-03-13] (Marvell Semiconductor Inc.) [File not signed]
R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [14184 2013-03-13] (Marvell Semiconductor Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [55840 2006-11-15] (Atheros Communications, Inc.) [File not signed]
S3 cpuz134; \??\C:\DOCUME~1\PCCENT~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S4 IntelIde; no ImagePath
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-28 18:04 - 2015-11-28 18:05 - 00000000 ____D C:\FRST
2015-11-28 18:03 - 2015-11-28 18:04 - 01720320 _____ (Farbar) C:\Documents and Settings\pc centar\Desktop\FRST.exe
2015-11-28 17:45 - 2015-11-28 17:45 - 00000000 ____D C:\Documents and Settings\All Users\Kaspersky Lab Setup Files
2015-11-24 18:29 - 2015-11-24 18:29 - 00000000 ____D C:\Program Files\LG Electronics
2015-11-19 14:09 - 2015-11-19 14:09 - 00000000 ____D C:\Program Files\Common Files\Java
2015-11-14 16:10 - 2009-05-26 19:54 - 00000000 ____D C:\Documents and Settings\pc centar\GTA San Andreas Turbo_XD Mod
2015-10-31 16:56 - 2015-10-31 16:56 - 00000000 ____D C:\Documents and Settings\pc centar\My Documents\KONAMI
2015-10-31 16:50 - 2015-10-31 16:50 - 00001571 _____ C:\Documents and Settings\pc centar\Desktop\Pro Evolution Soccer 6.lnk
2015-10-31 16:50 - 2015-10-31 16:50 - 00000000 ____D C:\Program Files\KONAMI
2015-10-31 16:50 - 2015-10-31 16:50 - 00000000 ____D C:\Documents and Settings\pc centar\Start Menu\Programs\KONAMI

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-28 18:05 - 2015-05-18 11:49 - 00000000 ____D C:\Documents and Settings\pc centar\Local Settings\Temp
2015-11-28 18:05 - 2015-03-28 09:08 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\BitTorrent
2015-11-28 18:04 - 2014-06-05 12:55 - 00000000 ____D C:\WINDOWS
2015-11-28 18:02 - 2015-08-20 11:53 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\uTorrent
2015-11-28 18:02 - 2014-12-09 11:28 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\Skype
2015-11-28 17:59 - 2014-07-08 16:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-28 17:58 - 2015-03-16 15:48 - 00000430 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{EEFADBE6-CEC8-4327-8EE6-CEC618EE7532}.job
2015-11-28 17:58 - 2014-06-05 11:16 - 00032512 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-28 17:45 - 2014-06-05 12:58 - 00000000 ____D C:\Documents and Settings\All Users
2015-11-28 17:26 - 2015-08-19 17:48 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-28 17:26 - 2015-04-20 11:39 - 00000230 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-11-28 17:26 - 2014-06-05 11:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-28 17:26 - 2008-04-14 12:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-11-27 22:06 - 2014-06-05 11:17 - 00000278 ___SH C:\Documents and Settings\pc centar\ntuser.ini
2015-11-27 21:11 - 2015-08-19 17:48 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-27 21:05 - 2015-06-22 14:05 - 00000450 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[973b].job
2015-11-27 20:19 - 2015-07-12 07:19 - 00000466 _____ C:\WINDOWS\Tasks\XFinder.job
2015-11-27 14:43 - 2014-06-05 11:17 - 00000000 ____D C:\Documents and Settings\pc centar
2015-11-27 14:26 - 2014-06-30 15:07 - 00000000 ___RD C:\Documents and Settings\pc centar\Desktop\MUZIKA
2015-11-25 13:08 - 2015-10-10 21:40 - 00000000 ____D C:\Documents and Settings\pc centar\Desktop\New Folder (2)
2015-11-24 18:58 - 2014-06-30 20:35 - 00656896 __SHC C:\Documents and Settings\pc centar\Desktop\Thumbs.db
2015-11-24 18:29 - 2014-06-05 12:55 - 00000000 ___HD C:\WINDOWS\inf
2015-11-21 10:05 - 2014-12-26 10:52 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-20 20:27 - 2015-04-23 19:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-20 20:27 - 2014-06-05 11:43 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-20 20:27 - 2014-06-05 11:43 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2015-11-19 14:11 - 2015-01-05 12:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Oracle
2015-11-19 14:10 - 2014-12-20 21:57 - 00000000 ____D C:\Program Files\Java
2015-11-19 14:09 - 2015-09-04 11:04 - 00000000 ____D C:\Documents and Settings\pc centar\.oracle_jre_usage
2015-11-19 14:09 - 2014-12-20 21:58 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2015-11-19 14:08 - 2014-12-20 21:58 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-11-19 14:08 - 2014-12-20 21:58 - 00095840 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-11-19 14:04 - 2014-12-26 11:01 - 00000000 ____D C:\Documents and Settings\pc centar\My Documents\Преузимања
2015-11-15 14:05 - 2015-02-11 13:18 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\.minecraft
2015-11-14 16:21 - 2014-06-29 19:54 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-11-12 22:20 - 2015-04-21 17:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-12 22:15 - 2013-03-13 19:22 - 143250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt.exe
2015-11-11 15:09 - 2014-07-13 15:07 - 00000000 ___RD C:\Documents and Settings\pc centar\Desktop\RECEPTI
2015-11-10 21:00 - 2008-04-14 12:00 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-11-10 21:00 - 2008-04-14 12:00 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-11-08 17:14 - 2015-04-20 11:39 - 00000224 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-11-02 16:28 - 2015-08-20 11:54 - 00002606 _____ C:\Documents and Settings\pc centar\Start Menu\µTorrent.lnk
2015-10-31 16:56 - 2014-06-05 11:17 - 00000000 ___RD C:\Documents and Settings\pc centar\My Documents
2015-10-31 12:32 - 2015-07-28 14:47 - 00012800 _____ C:\Documents and Settings\pc centar\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-30 14:50 - 2015-10-24 18:59 - 00000000 ____D C:\Documents and Settings\pc centar\Desktop\Muzika za novu godinu
2015-10-30 14:41 - 2015-08-21 10:01 - 00000000 ____D C:\Program Files\Counter-Strike
2015-10-29 14:26 - 2014-06-05 11:17 - 00000000 ___RD C:\Documents and Settings\pc centar\My Documents\My Pictures

==================== Files in the root of some directories =======

2015-07-28 14:47 - 2015-10-31 12:32 - 0012800 _____ () C:\Documents and Settings\pc centar\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-31 18:35 - 2015-01-31 18:35 - 0000218 ____C () C:\Documents and Settings\pc centar\Local Settings\Application Data\recently-used.xbel

Some files in TEMP:
====================
C:\Documents and Settings\pc centar\Local Settings\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================



a posto ste mi i dosad pomagali po ovom pitanju verujem da cete i ovaj put


mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8448
  • Gde živiš: Novi Beograd

Zdravo,

Chrome je ostecen i potrebno je da ga reinstalira, ukoliko zelis da sacuvas bookmarke, pogledaj uputstvo kako to da uradis:
http://trikytipz.blogspot.rs/2013/06/how-to-backup.....hrome.html
-----
Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt
------

Preuzmi Junkware Removal Tool ( JRT ) i sacuvaj ga na desktop.

zatvori browser i ostale pokrenute programe;

Privremeno deaktiviraj zastitni softver (Uputstvo);

dvoklikom na ikonicu ( )pokreni program JRT;

Kod obavestenja "press any key" pritisnuti bilo koji taster i alat ce zapoceti skeniranje.
Napomena: u zavisnosti od sistemske specifikacije vreme skeniranja u nekim slucajevima moze da potraje.

Kada zavrsi otvorice se log sa izvestajem koji ce biti sacuvan na desktopu pod nazivom JRT.txt


Arrow Kopiraj sadrzaj tog loga u temu.
-------
Zatim mi postavi novi FRST i Addition log.

offline
  • Pridružio: 27 Sep 2013
  • Poruke: 94

Napisano: 28 Nov 2015 22:49

mycity.rs/must-login.png

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Microsoft Windows XP x86
Ran by pc centar (Administrator) on sub 28.11.2015 at 22:42:32,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5

Successfully deleted: C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_klbibkeccnjlkjkiokjodocebajanakg_0.localstorage (File)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GXPYY536 (Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\S2OAS2D2 (Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\TVX7Z0WS (Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\X1C2YGIH (Folder)

Deleted the following from C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js
user_pref(avg.wtu.ext.dnsWhiteList, toolbarhome.com,avg.com);



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on sub 28.11.2015 at 22:44:30,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dopuna: 28 Nov 2015 22:57

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:28-11-2015
Ran by pc centar (administrator) on PC-C464735FA91F (28-11-2015 22:50:33)
Running from C:\Documents and Settings\pc centar\Desktop
Loaded Profiles: pc centar (Available Profiles: pc centar)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20026472 2011-01-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [TWCU] => C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe [479412 2008-03-26] (TP-LINK TECHNOLOGIES CO., LTD.)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11] (ATI Technologies Inc.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [BitTorrent] => C:\Documents and Settings\pc centar\Application Data\BitTorrent\BitTorrent.exe [1738840 2015-03-28] (BitTorrent Inc.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [uTorrent] => C:\Documents and Settings\pc centar\Application Data\uTorrent\uTorrent.exe [1822048 2015-10-08] (BitTorrent Inc.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [57987712 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\MountPoints2: {55fc355c-0088-11e5-ace8-54e6fcdab77c} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [9216 2008-04-14] (Microsoft Corporation)
SecurityProviders: msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Documents and Settings\pc centar\Local Settings\Application Data\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Documents and Settings\pc centar\Local Settings\Application Data\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Documents and Settings\pc centar\Local Settings\Application Data\MEGAsync\ShellExtX32.dll No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 79.143.160.20 79.143.168.8
Tcpip\..\Interfaces\{C484CC6E-2C73-4572-809C-2A37E878A58E}: [DhcpNameServer] 8.8.8.8 79.143.160.20 79.143.168.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> Yandex URL = hxxp://yandex.ru/yandsearch?clid=154468&text={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> Moikrug URL = hxxp://moikrug.ru/persons/?clid=154468&charset=utf-8&keywords={searchTerms}&submitted=1
SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> Yandex URL = hxxp://yandex.ru/yandsearch?clid=154468&text={searchTerms}
SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-19] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default
FF NewTab: chrome://LVD-SAE/content/unpackedcrx/newtab/newtab.html
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-19] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-436374069-1637723038-1801674531-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\pc centar\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll [2007-04-30] (Adobe Systems, Inc.)
FF Extension: Adblock Plus - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-20] [not signed]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR DefaultSearchURL: Default -> hxxp://dts.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Music Box) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaddliknddhjhjcofimffekgonpkom [2015-06-24] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION
CHR Extension: (Ask Search) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaddmbejlljmjbmlpnpfpmimmglbae [2015-09-27]
CHR Extension: (Google Novčanik) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-24] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ACS; C:\WINDOWS\system32\acs.exe [364629 2007-02-12] (Atheros) [File not signed]
S2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [543712 2007-03-27] (Atheros Communications, Inc.) [File not signed]
S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1938272 2010-11-05] (Atheros Communications, Inc.)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
R3 ATIAVAIW; C:\WINDOWS\System32\DRIVERS\atinavt2.sys [170496 2009-04-01] (ATI Technologies Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [14184 2013-03-13] (Marvell Semiconductor Inc.)
R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2013-03-13] (Marvell Semiconductor Inc.) [File not signed]
R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [14184 2013-03-13] (Marvell Semiconductor Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [55840 2006-11-15] (Atheros Communications, Inc.) [File not signed]
S3 cpuz134; \??\C:\DOCUME~1\PCCENT~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S4 IntelIde; no ImagePath
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-28 22:44 - 2015-11-28 22:44 - 00001503 _____ C:\Documents and Settings\pc centar\Desktop\JRT.txt
2015-11-28 22:37 - 2015-11-28 22:37 - 00005570 _____ C:\Documents and Settings\pc centar\Desktop\AdwCleaner[C1].txt
2015-11-28 22:30 - 2015-11-28 22:32 - 00000000 ____D C:\AdwCleaner
2015-11-28 18:06 - 2015-11-28 18:06 - 00025471 _____ C:\Documents and Settings\pc centar\Desktop\Addition.txt
2015-11-28 18:05 - 2015-11-28 22:50 - 00012081 _____ C:\Documents and Settings\pc centar\Desktop\FRST.txt
2015-11-28 18:04 - 2015-11-28 22:50 - 00000000 ____D C:\FRST
2015-11-28 18:03 - 2015-11-28 18:04 - 01720320 _____ (Farbar) C:\Documents and Settings\pc centar\Desktop\FRST.exe
2015-11-28 17:45 - 2015-11-28 17:45 - 00000000 ____D C:\Documents and Settings\All Users\Kaspersky Lab Setup Files
2015-11-24 18:29 - 2015-11-24 18:29 - 00000000 ____D C:\Program Files\LG Electronics
2015-11-19 14:09 - 2015-11-19 14:09 - 00000000 ____D C:\Program Files\Common Files\Java
2015-11-14 16:10 - 2009-05-26 19:54 - 00000000 ____D C:\Documents and Settings\pc centar\GTA San Andreas Turbo_XD Mod
2015-10-31 16:56 - 2015-10-31 16:56 - 00000000 ____D C:\Documents and Settings\pc centar\My Documents\KONAMI
2015-10-31 16:50 - 2015-10-31 16:50 - 00001571 _____ C:\Documents and Settings\pc centar\Desktop\Pro Evolution Soccer 6.lnk
2015-10-31 16:50 - 2015-10-31 16:50 - 00000000 ____D C:\Program Files\KONAMI
2015-10-31 16:50 - 2015-10-31 16:50 - 00000000 ____D C:\Documents and Settings\pc centar\Start Menu\Programs\KONAMI

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-28 22:50 - 2015-05-18 11:49 - 00000000 ____D C:\Documents and Settings\pc centar\Local Settings\Temp
2015-11-28 22:50 - 2014-12-09 11:28 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\Skype
2015-11-28 22:44 - 2015-03-16 15:48 - 00000430 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{EEFADBE6-CEC8-4327-8EE6-CEC618EE7532}.job
2015-11-28 22:39 - 2015-03-28 09:08 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\BitTorrent
2015-11-28 22:38 - 2015-08-20 11:53 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\uTorrent
2015-11-28 22:33 - 2015-08-19 17:48 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-28 22:33 - 2015-04-20 11:39 - 00000230 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-11-28 22:33 - 2014-06-05 11:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-28 22:32 - 2014-06-05 11:17 - 00000278 ___SH C:\Documents and Settings\pc centar\ntuser.ini
2015-11-28 22:32 - 2014-06-05 11:16 - 00032512 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-28 22:11 - 2015-08-19 17:48 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-28 21:59 - 2014-07-08 16:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-28 20:19 - 2015-07-12 07:19 - 00000466 _____ C:\WINDOWS\Tasks\XFinder.job
2015-11-28 18:04 - 2014-06-05 12:55 - 00000000 ____D C:\WINDOWS
2015-11-28 17:45 - 2014-06-05 12:58 - 00000000 ____D C:\Documents and Settings\All Users
2015-11-28 17:26 - 2008-04-14 12:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-11-27 14:43 - 2014-06-05 11:17 - 00000000 ____D C:\Documents and Settings\pc centar
2015-11-27 14:26 - 2014-06-30 15:07 - 00000000 ___RD C:\Documents and Settings\pc centar\Desktop\MUZIKA
2015-11-25 13:08 - 2015-10-10 21:40 - 00000000 ____D C:\Documents and Settings\pc centar\Desktop\New Folder (2)
2015-11-24 18:58 - 2014-06-30 20:35 - 00656896 __SHC C:\Documents and Settings\pc centar\Desktop\Thumbs.db
2015-11-24 18:29 - 2014-06-05 12:55 - 00000000 ___HD C:\WINDOWS\inf
2015-11-21 10:05 - 2014-12-26 10:52 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-20 20:27 - 2015-04-23 19:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-20 20:27 - 2014-06-05 11:43 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-20 20:27 - 2014-06-05 11:43 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2015-11-19 14:11 - 2015-01-05 12:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Oracle
2015-11-19 14:10 - 2014-12-20 21:57 - 00000000 ____D C:\Program Files\Java
2015-11-19 14:09 - 2015-09-04 11:04 - 00000000 ____D C:\Documents and Settings\pc centar\.oracle_jre_usage
2015-11-19 14:09 - 2014-12-20 21:58 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2015-11-19 14:08 - 2014-12-20 21:58 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-11-19 14:08 - 2014-12-20 21:58 - 00095840 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-11-19 14:04 - 2014-12-26 11:01 - 00000000 ____D C:\Documents and Settings\pc centar\My Documents\Преузимања
2015-11-15 14:05 - 2015-02-11 13:18 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\.minecraft
2015-11-14 16:21 - 2014-06-29 19:54 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-11-12 22:20 - 2015-04-21 17:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-12 22:15 - 2013-03-13 19:22 - 143250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt.exe
2015-11-11 15:09 - 2014-07-13 15:07 - 00000000 ___RD C:\Documents and Settings\pc centar\Desktop\RECEPTI
2015-11-10 21:00 - 2008-04-14 12:00 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-11-10 21:00 - 2008-04-14 12:00 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-11-08 17:14 - 2015-04-20 11:39 - 00000224 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-11-02 16:28 - 2015-08-20 11:54 - 00002606 _____ C:\Documents and Settings\pc centar\Start Menu\µTorrent.lnk
2015-10-31 16:56 - 2014-06-05 11:17 - 00000000 ___RD C:\Documents and Settings\pc centar\My Documents
2015-10-31 12:32 - 2015-07-28 14:47 - 00012800 _____ C:\Documents and Settings\pc centar\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-30 14:50 - 2015-10-24 18:59 - 00000000 ____D C:\Documents and Settings\pc centar\Desktop\Muzika za novu godinu
2015-10-30 14:41 - 2015-08-21 10:01 - 00000000 ____D C:\Program Files\Counter-Strike
2015-10-29 14:26 - 2014-06-05 11:17 - 00000000 ___RD C:\Documents and Settings\pc centar\My Documents\My Pictures

==================== Files in the root of some directories =======

2015-07-28 14:47 - 2015-10-31 12:32 - 0012800 _____ () C:\Documents and Settings\pc centar\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-31 18:35 - 2015-01-31 18:35 - 0000218 ____C () C:\Documents and Settings\pc centar\Local Settings\Application Data\recently-used.xbel

Some files in TEMP:
====================
C:\Documents and Settings\pc centar\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\pc centar\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Dopuna: 28 Nov 2015 23:04

mycity.rs/must-login.png

Dopuna: 28 Nov 2015 23:06

posto je kasno google cu sutra reinstalirati

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8448
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\MountPoints2: {55fc355c-0088-11e5-ace8-54e6fcdab77c} - E:\LG_PC_Programs.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> Yandex URL = hxxp://yandex.ru/yandsearch?clid=154468&text={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> Moikrug URL = hxxp://moikrug.ru/persons/?clid=154468&charset=utf-8&keywords={searchTerms}&submitted=1
SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> Yandex URL = hxxp://yandex.ru/yandsearch?clid=154468&text={searchTerms}
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:10D14739
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:472FBBAF
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:FB6A21E3
CHR DefaultSearchURL: Default -> hxxp://dts.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
[UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION
CHR Extension: (Ask Search) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaddmbejlljmjbmlpnpfpmimmglbae [2015-09-27]
[UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 27 Sep 2013
  • Poruke: 94

Fix result of Farbar Recovery Scan Tool (x86) Version:28-11-2015
Ran by pc centar (2015-11-29 17:43:04) Run:2
Running from C:\Documents and Settings\pc centar\Desktop
Loaded Profiles: pc centar (Available Profiles: pc centar)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\MountPoints2: {55fc355c-0088-11e5-ace8-54e6fcdab77c} - E:\LG_PC_Programs.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> Yandex URL = hxxp://yandex.ru/yandsearch?clid=154468&text={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> Moikrug URL = hxxp://moikrug.ru/persons/?clid=154468&charset=utf-8&keywords={searchTerms}&submitted=1
SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> Yandex URL = hxxp://yandex.ru/yandsearch?clid=154468&text={searchTerms}
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:10D14739
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:472FBBAF
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:FB6A21E3
CHR DefaultSearchURL: Default -> hxxp://dts.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
[UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION
CHR Extension: (Ask Search) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaddmbejlljmjbmlpnpfpmimmglbae [2015-09-27]
[UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION
EmptyTemp:


*****************

Restore point was successfully created.
HKLM\SOFTWARE\Policies\Google => key not found.
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{55fc355c-0088-11e5-ace8-54e6fcdab77c} => key not found.
HKCR\CLSID\{55fc355c-0088-11e5-ace8-54e6fcdab77c} => key not found.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\Yandex => key not found.
HKCR\CLSID\Yandex => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-436374069-1637723038-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\Moikrug" => key removed successfully.
HKCR\CLSID\Moikrug => key not found.
"HKU\S-1-5-21-436374069-1637723038-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\Yandex" => key removed successfully.
HKCR\CLSID\Yandex => key not found.
C:\Documents and Settings\All Users\Application Data\TEMP => ":10D14739" ADS removed successfully..
C:\Documents and Settings\All Users\Application Data\TEMP => ":472FBBAF" ADS removed successfully..
C:\Documents and Settings\All Users\Application Data\TEMP => ":FB6A21E3" ADS removed successfully..
Chrome DefaultSearchURL => removed successfully.
Chrome DefaultSearchKeyword => removed successfully.
Chrome DefaultSuggestURL => removed successfully.
[UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaddmbejlljmjbmlpnpfpmimmglbae => moved successfully
[UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
EmptyTemp: => 912.5 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 17:44:11 ====

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8448
  • Gde živiš: Novi Beograd

Da li si reinstalirao Chrome? Ako jesi, postavi novi FRST log da vidim da li je to to.

offline
  • Pridružio: 27 Sep 2013
  • Poruke: 94

instalirao sam ponovo google i evo novi frstScan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-11-2015
Ran by pc centar (administrator) on PC-C464735FA91F (29-11-2015 19:47:38)
Running from C:\Documents and Settings\pc centar\Desktop
Loaded Profiles: pc centar (Available Profiles: pc centar)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(TP-LINK TECHNOLOGIES CO., LTD.) C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\uTorrent\uTorrent.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\uTorrent\updates\3.4.5_41202\utorrentie.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\uTorrent\updates\3.4.5_41202\utorrentie.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\uTorrent\updates\3.4.5_41202\utorrentie.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\BitTorrent\updates\7.9.5_41203.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\BitTorrent\updates\updates\7.9.5_41203\utorrentie.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\BitTorrent\updates\updates\7.9.5_41203\utorrentie.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\BitTorrent\updates\updates\7.9.5_41203\utorrentie.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20026472 2011-01-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [TWCU] => C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe [479412 2008-03-26] (TP-LINK TECHNOLOGIES CO., LTD.)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11] (ATI Technologies Inc.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [BitTorrent] => C:\Documents and Settings\pc centar\Application Data\BitTorrent\updates\7.9.5_41203.exe [1977192 2015-11-29] (BitTorrent Inc.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [uTorrent] => C:\Documents and Settings\pc centar\Application Data\uTorrent\uTorrent.exe [1822048 2015-10-08] (BitTorrent Inc.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [57987712 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [9216 2008-04-14] (Microsoft Corporation)
SecurityProviders: msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Documents and Settings\pc centar\Local Settings\Application Data\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Documents and Settings\pc centar\Local Settings\Application Data\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Documents and Settings\pc centar\Local Settings\Application Data\MEGAsync\ShellExtX32.dll No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 79.143.160.20 79.143.168.8
Tcpip\..\Interfaces\{C484CC6E-2C73-4572-809C-2A37E878A58E}: [DhcpNameServer] 8.8.8.8 79.143.160.20 79.143.168.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-19] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default
FF NewTab: chrome://LVD-SAE/content/unpackedcrx/newtab/newtab.html
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-19] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-436374069-1637723038-1801674531-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\pc centar\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll [2007-04-30] (Adobe Systems, Inc.)
FF Extension: Adblock Plus - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-20] [not signed]

Chrome:
=======
CHR Profile: C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Music Box) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaddliknddhjhjcofimffekgonpkom [2015-06-24] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Novčanik) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-24] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACS; C:\WINDOWS\system32\acs.exe [364629 2007-02-12] (Atheros) [File not signed]
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [543712 2007-03-27] (Atheros Communications, Inc.) [File not signed]
S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1938272 2010-11-05] (Atheros Communications, Inc.)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
R3 ATIAVAIW; C:\WINDOWS\System32\DRIVERS\atinavt2.sys [170496 2009-04-01] (ATI Technologies Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [14184 2013-03-13] (Marvell Semiconductor Inc.)
R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2013-03-13] (Marvell Semiconductor Inc.) [File not signed]
R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [14184 2013-03-13] (Marvell Semiconductor Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [55840 2006-11-15] (Atheros Communications, Inc.) [File not signed]
S3 cpuz134; \??\C:\DOCUME~1\PCCENT~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S4 IntelIde; no ImagePath
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-29 19:47 - 2015-11-29 19:47 - 00000000 ____D C:\Documents and Settings\pc centar\Desktop\FRST-OlderVersion
2015-11-29 17:59 - 2015-11-29 17:59 - 00001809 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-11-29 17:40 - 2015-11-29 17:44 - 00005360 _____ C:\Documents and Settings\pc centar\Desktop\Fixlog.txt
2015-11-28 22:44 - 2015-11-28 22:44 - 00001503 _____ C:\Documents and Settings\pc centar\Desktop\JRT.txt
2015-11-28 22:37 - 2015-11-28 22:37 - 00005570 _____ C:\Documents and Settings\pc centar\Desktop\AdwCleaner[C1].txt
2015-11-28 22:30 - 2015-11-28 22:32 - 00000000 ____D C:\AdwCleaner
2015-11-28 18:06 - 2015-11-28 23:02 - 00024883 _____ C:\Documents and Settings\pc centar\Desktop\Addition.txt
2015-11-28 18:05 - 2015-11-29 19:48 - 00011556 _____ C:\Documents and Settings\pc centar\Desktop\FRST.txt
2015-11-28 18:04 - 2015-11-29 19:47 - 00000000 ____D C:\FRST
2015-11-28 18:03 - 2015-11-29 19:47 - 01721344 _____ (Farbar) C:\Documents and Settings\pc centar\Desktop\FRST.exe
2015-11-28 17:45 - 2015-11-28 17:45 - 00000000 ____D C:\Documents and Settings\All Users\Kaspersky Lab Setup Files
2015-11-24 18:29 - 2015-11-24 18:29 - 00000000 ____D C:\Program Files\LG Electronics
2015-11-19 14:09 - 2015-11-19 14:09 - 00000000 ____D C:\Program Files\Common Files\Java
2015-11-14 16:10 - 2009-05-26 19:54 - 00000000 ____D C:\Documents and Settings\pc centar\GTA San Andreas Turbo_XD Mod
2015-10-31 16:56 - 2015-10-31 16:56 - 00000000 ____D C:\Documents and Settings\pc centar\My Documents\KONAMI
2015-10-31 16:50 - 2015-10-31 16:50 - 00001571 _____ C:\Documents and Settings\pc centar\Desktop\Pro Evolution Soccer 6.lnk
2015-10-31 16:50 - 2015-10-31 16:50 - 00000000 ____D C:\Program Files\KONAMI
2015-10-31 16:50 - 2015-10-31 16:50 - 00000000 ____D C:\Documents and Settings\pc centar\Start Menu\Programs\KONAMI

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-29 19:48 - 2015-05-18 11:49 - 00000000 ____D C:\Documents and Settings\pc centar\Local Settings\Temp
2015-11-29 19:46 - 2015-08-20 11:53 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\uTorrent
2015-11-29 19:45 - 2015-03-28 09:08 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\BitTorrent
2015-11-29 19:45 - 2014-12-09 11:28 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\Skype
2015-11-29 19:44 - 2015-03-16 15:48 - 00000430 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{EEFADBE6-CEC8-4327-8EE6-CEC618EE7532}.job
2015-11-29 19:11 - 2015-08-19 17:48 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-29 18:59 - 2014-07-08 16:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-29 17:45 - 2015-08-19 17:48 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-29 17:45 - 2015-04-20 11:39 - 00000230 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-11-29 17:45 - 2014-06-05 11:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-29 17:44 - 2014-06-05 11:17 - 00000278 ___SH C:\Documents and Settings\pc centar\ntuser.ini
2015-11-29 17:44 - 2014-06-05 11:16 - 00032392 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-28 23:02 - 2014-06-05 12:55 - 00000000 ____D C:\WINDOWS
2015-11-28 20:19 - 2015-07-12 07:19 - 00000466 _____ C:\WINDOWS\Tasks\XFinder.job
2015-11-28 17:45 - 2014-06-05 12:58 - 00000000 ____D C:\Documents and Settings\All Users
2015-11-28 17:26 - 2008-04-14 12:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-11-27 14:43 - 2014-06-05 11:17 - 00000000 ____D C:\Documents and Settings\pc centar
2015-11-27 14:26 - 2014-06-30 15:07 - 00000000 ___RD C:\Documents and Settings\pc centar\Desktop\MUZIKA
2015-11-25 13:08 - 2015-10-10 21:40 - 00000000 ____D C:\Documents and Settings\pc centar\Desktop\New Folder (2)
2015-11-24 18:58 - 2014-06-30 20:35 - 00656896 __SHC C:\Documents and Settings\pc centar\Desktop\Thumbs.db
2015-11-24 18:29 - 2014-06-05 12:55 - 00000000 ___HD C:\WINDOWS\inf
2015-11-21 10:05 - 2014-12-26 10:52 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-20 20:27 - 2015-04-23 19:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-20 20:27 - 2014-06-05 11:43 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-20 20:27 - 2014-06-05 11:43 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2015-11-19 14:11 - 2015-01-05 12:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Oracle
2015-11-19 14:10 - 2014-12-20 21:57 - 00000000 ____D C:\Program Files\Java
2015-11-19 14:09 - 2015-09-04 11:04 - 00000000 ____D C:\Documents and Settings\pc centar\.oracle_jre_usage
2015-11-19 14:09 - 2014-12-20 21:58 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2015-11-19 14:08 - 2014-12-20 21:58 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-11-19 14:08 - 2014-12-20 21:58 - 00095840 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-11-19 14:04 - 2014-12-26 11:01 - 00000000 ____D C:\Documents and Settings\pc centar\My Documents\Преузимања
2015-11-15 14:05 - 2015-02-11 13:18 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\.minecraft
2015-11-14 16:21 - 2014-06-29 19:54 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-11-12 22:20 - 2015-04-21 17:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-12 22:15 - 2013-03-13 19:22 - 143250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt.exe
2015-11-11 15:09 - 2014-07-13 15:07 - 00000000 ___RD C:\Documents and Settings\pc centar\Desktop\RECEPTI
2015-11-10 21:00 - 2008-04-14 12:00 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-11-10 21:00 - 2008-04-14 12:00 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-11-08 17:14 - 2015-04-20 11:39 - 00000224 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-11-02 16:28 - 2015-08-20 11:54 - 00002606 _____ C:\Documents and Settings\pc centar\Start Menu\µTorrent.lnk
2015-10-31 16:56 - 2014-06-05 11:17 - 00000000 ___RD C:\Documents and Settings\pc centar\My Documents
2015-10-31 12:32 - 2015-07-28 14:47 - 00012800 _____ C:\Documents and Settings\pc centar\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-30 14:50 - 2015-10-24 18:59 - 00000000 ____D C:\Documents and Settings\pc centar\Desktop\Muzika za novu godinu
2015-10-30 14:41 - 2015-08-21 10:01 - 00000000 ____D C:\Program Files\Counter-Strike

==================== Files in the root of some directories =======

2015-07-28 14:47 - 2015-10-31 12:32 - 0012800 _____ () C:\Documents and Settings\pc centar\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-31 18:35 - 2015-01-31 18:35 - 0000218 ____C () C:\Documents and Settings\pc centar\Local Settings\Application Data\recently-used.xbel

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8448
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:


CreateRestorePoint:
CHR Extension: (Music Box) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaddliknddhjhjcofimffekgonpkom [2015-06-24] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Novčanik) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-24] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

-------

Arrow Ponovo pokreni alat FRST i štikliraj polja za sledeće opcije:

Shortcut.txt
Addition.txt

Klikni na dugme Scan;
• Po završetku skeniranja, iskopiraj sadržaj sveže formiranog FRST.txt izveštaja u poruku.
• Alat bi takođe trebao formirati i dodatni izveštaj Shortcut.txt i Addition. Te izvestaje okači uz poruku koristeći opciju Prikači fajl

offline
  • Pridružio: 27 Sep 2013
  • Poruke: 94

Fix result of Farbar Recovery Scan Tool (x86) Version:29-11-2015
Ran by pc centar (2015-11-30 23:15:18) Run:3
Running from C:\Documents and Settings\pc centar\Desktop
Loaded Profiles: pc centar (Available Profiles: pc centar)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CreateRestorePoint:
CHR Extension: (Music Box) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaddliknddhjhjcofimffekgonpkom [2015-06-24] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Novcanik) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-24] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION


*****************

Restore point was successfully created.
C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaddliknddhjhjcofimffekgonpkom <==== ATTENTION => not found.
C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda <==== ATTENTION => not found.

==== End of Fixlog 23:15:22 ====
mycity.rs/must-login.png

mycity.rs/must-login.png
Samo da napomenem da mi se racunar od sinoc nekoliko puta sam startovao sto se dosada nije desavalo

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-11-2015
Ran by pc centar (administrator) on PC-C464735FA91F (30-11-2015 23:18:40)
Running from C:\Documents and Settings\pc centar\Desktop
Loaded Profiles: pc centar (Available Profiles: pc centar)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(TP-LINK TECHNOLOGIES CO., LTD.) C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\uTorrent\uTorrent.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\BitTorrent\BitTorrent.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\uTorrent\updates\3.4.5_41202\utorrentie.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\uTorrent\updates\3.4.5_41202\utorrentie.exe
(BitTorrent Inc.) C:\Documents and Settings\pc centar\Application Data\uTorrent\updates\3.4.5_41202\utorrentie.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20026472 2011-01-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [TWCU] => C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe [479412 2008-03-26] (TP-LINK TECHNOLOGIES CO., LTD.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11] (ATI Technologies Inc.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [BitTorrent] => C:\Documents and Settings\pc centar\Application Data\BitTorrent\BitTorrent.exe [1738840 2015-03-28] (BitTorrent Inc.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [uTorrent] => C:\Documents and Settings\pc centar\Application Data\uTorrent\uTorrent.exe [1822048 2015-10-08] (BitTorrent Inc.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [57987712 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-436374069-1637723038-1801674531-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [9216 2008-04-14] (Microsoft Corporation)
SecurityProviders: msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Documents and Settings\pc centar\Local Settings\Application Data\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Documents and Settings\pc centar\Local Settings\Application Data\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Documents and Settings\pc centar\Local Settings\Application Data\MEGAsync\ShellExtX32.dll No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 79.143.160.20 79.143.168.8
Tcpip\..\Interfaces\{C484CC6E-2C73-4572-809C-2A37E878A58E}: [DhcpNameServer] 8.8.8.8 79.143.160.20 79.143.168.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
SearchScopes: HKU\S-1-5-21-436374069-1637723038-1801674531-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-19] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default
FF NewTab: chrome://LVD-SAE/content/unpackedcrx/newtab/newtab.html
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-19] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-436374069-1637723038-1801674531-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\pc centar\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll [2007-04-30] (Adobe Systems, Inc.)
FF Extension: Adblock Plus - C:\Documents and Settings\pc centar\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-20] [not signed]

Chrome:
=======
CHR Profile: C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Music Box) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaddliknddhjhjcofimffekgonpkom [2015-06-24] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Novčanik) - C:\Documents and Settings\pc centar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-24] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== ATTENTION

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACS; C:\WINDOWS\system32\acs.exe [364629 2007-02-12] (Atheros) [File not signed]
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [543712 2007-03-27] (Atheros Communications, Inc.) [File not signed]
S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1938272 2010-11-05] (Atheros Communications, Inc.)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
R3 ATIAVAIW; C:\WINDOWS\System32\DRIVERS\atinavt2.sys [170496 2009-04-01] (ATI Technologies Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [14184 2013-03-13] (Marvell Semiconductor Inc.)
R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2013-03-13] (Marvell Semiconductor Inc.) [File not signed]
R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [14184 2013-03-13] (Marvell Semiconductor Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [55840 2006-11-15] (Atheros Communications, Inc.) [File not signed]
S3 cpuz134; \??\C:\DOCUME~1\PCCENT~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S4 IntelIde; no ImagePath
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-30 23:10 - 2015-11-30 23:10 - 00000000 _____ C:\Documents and Settings\pc centar\Desktop\New Text Document.txt
2015-11-30 23:06 - 2015-11-30 23:06 - 00086016 _____ C:\WINDOWS\Minidump\Mini113015-03.dmp
2015-11-30 02:06 - 2015-11-30 02:06 - 00086016 _____ C:\WINDOWS\Minidump\Mini113015-02.dmp
2015-11-30 01:52 - 2015-11-30 01:52 - 00086016 _____ C:\WINDOWS\Minidump\Mini113015-01.dmp
2015-11-29 21:58 - 2015-11-30 23:06 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-29 21:58 - 2015-11-29 21:58 - 00086016 _____ C:\WINDOWS\Minidump\Mini112915-01.dmp
2015-11-29 19:47 - 2015-11-29 19:47 - 00000000 ____D C:\Documents and Settings\pc centar\Desktop\FRST-OlderVersion
2015-11-29 17:59 - 2015-11-29 17:59 - 00001809 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-11-29 17:40 - 2015-11-30 23:15 - 00001349 _____ C:\Documents and Settings\pc centar\Desktop\Fixlog.txt
2015-11-28 22:44 - 2015-11-28 22:44 - 00001503 _____ C:\Documents and Settings\pc centar\Desktop\JRT.txt
2015-11-28 22:37 - 2015-11-28 22:37 - 00005570 _____ C:\Documents and Settings\pc centar\Desktop\AdwCleaner[C1].txt
2015-11-28 22:30 - 2015-11-28 22:32 - 00000000 ____D C:\AdwCleaner
2015-11-28 18:06 - 2015-11-28 23:02 - 00024883 _____ C:\Documents and Settings\pc centar\Desktop\Addition.txt
2015-11-28 18:05 - 2015-11-30 23:18 - 00011088 _____ C:\Documents and Settings\pc centar\Desktop\FRST.txt
2015-11-28 18:04 - 2015-11-30 23:18 - 00000000 ____D C:\FRST
2015-11-28 18:03 - 2015-11-29 19:47 - 01721344 _____ (Farbar) C:\Documents and Settings\pc centar\Desktop\FRST.exe
2015-11-28 17:45 - 2015-11-28 17:45 - 00000000 ____D C:\Documents and Settings\All Users\Kaspersky Lab Setup Files
2015-11-24 18:29 - 2015-11-24 18:29 - 00000000 ____D C:\Program Files\LG Electronics
2015-11-19 14:09 - 2015-11-19 14:09 - 00000000 ____D C:\Program Files\Common Files\Java
2015-11-14 16:10 - 2009-05-26 19:54 - 00000000 ____D C:\Documents and Settings\pc centar\GTA San Andreas Turbo_XD Mod
2015-10-31 16:56 - 2015-10-31 16:56 - 00000000 ____D C:\Documents and Settings\pc centar\My Documents\KONAMI
2015-10-31 16:50 - 2015-10-31 16:50 - 00001571 _____ C:\Documents and Settings\pc centar\Desktop\Pro Evolution Soccer 6.lnk
2015-10-31 16:50 - 2015-10-31 16:50 - 00000000 ____D C:\Program Files\KONAMI
2015-10-31 16:50 - 2015-10-31 16:50 - 00000000 ____D C:\Documents and Settings\pc centar\Start Menu\Programs\KONAMI

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-30 23:19 - 2015-05-18 11:49 - 00000000 ____D C:\Documents and Settings\pc centar\Local Settings\Temp
2015-11-30 23:19 - 2015-03-16 15:48 - 00000430 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{EEFADBE6-CEC8-4327-8EE6-CEC618EE7532}.job
2015-11-30 23:17 - 2014-12-09 11:28 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\Skype
2015-11-30 23:16 - 2015-08-20 11:53 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\uTorrent
2015-11-30 23:16 - 2015-03-28 09:08 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\BitTorrent
2015-11-30 23:11 - 2015-08-19 17:48 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-30 23:06 - 2015-08-19 17:48 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-30 23:06 - 2015-04-20 11:39 - 00000230 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-11-30 23:06 - 2014-06-05 12:55 - 00000000 ____D C:\WINDOWS
2015-11-30 23:06 - 2014-06-05 11:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-30 22:59 - 2014-07-08 16:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-30 20:19 - 2015-07-12 07:19 - 00000466 _____ C:\WINDOWS\Tasks\XFinder.job
2015-11-30 20:19 - 2014-06-05 11:16 - 00032254 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-29 17:44 - 2014-06-05 11:17 - 00000278 ___SH C:\Documents and Settings\pc centar\ntuser.ini
2015-11-28 17:45 - 2014-06-05 12:58 - 00000000 ____D C:\Documents and Settings\All Users
2015-11-28 17:26 - 2008-04-14 12:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-11-27 14:43 - 2014-06-05 11:17 - 00000000 ____D C:\Documents and Settings\pc centar
2015-11-27 14:26 - 2014-06-30 15:07 - 00000000 ___RD C:\Documents and Settings\pc centar\Desktop\MUZIKA
2015-11-25 13:08 - 2015-10-10 21:40 - 00000000 ____D C:\Documents and Settings\pc centar\Desktop\New Folder (2)
2015-11-24 18:58 - 2014-06-30 20:35 - 00656896 __SHC C:\Documents and Settings\pc centar\Desktop\Thumbs.db
2015-11-24 18:29 - 2014-06-05 12:55 - 00000000 ___HD C:\WINDOWS\inf
2015-11-21 10:05 - 2014-12-26 10:52 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-20 20:27 - 2015-04-23 19:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-20 20:27 - 2014-06-05 11:43 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-20 20:27 - 2014-06-05 11:43 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2015-11-19 14:11 - 2015-01-05 12:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Oracle
2015-11-19 14:10 - 2014-12-20 21:57 - 00000000 ____D C:\Program Files\Java
2015-11-19 14:09 - 2015-09-04 11:04 - 00000000 ____D C:\Documents and Settings\pc centar\.oracle_jre_usage
2015-11-19 14:09 - 2014-12-20 21:58 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2015-11-19 14:08 - 2014-12-20 21:58 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-11-19 14:08 - 2014-12-20 21:58 - 00095840 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-11-19 14:04 - 2014-12-26 11:01 - 00000000 ____D C:\Documents and Settings\pc centar\My Documents\Преузимања
2015-11-15 14:05 - 2015-02-11 13:18 - 00000000 ____D C:\Documents and Settings\pc centar\Application Data\.minecraft
2015-11-14 16:21 - 2014-06-29 19:54 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-11-12 22:20 - 2015-04-21 17:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-12 22:15 - 2013-03-13 19:22 - 143250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt.exe
2015-11-11 15:09 - 2014-07-13 15:07 - 00000000 ___RD C:\Documents and Settings\pc centar\Desktop\RECEPTI
2015-11-10 21:00 - 2008-04-14 12:00 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-11-10 21:00 - 2008-04-14 12:00 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-11-08 17:14 - 2015-04-20 11:39 - 00000224 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-11-02 16:28 - 2015-08-20 11:54 - 00002606 _____ C:\Documents and Settings\pc centar\Start Menu\µTorrent.lnk
2015-10-31 16:56 - 2014-06-05 11:17 - 00000000 ___RD C:\Documents and Settings\pc centar\My Documents
2015-10-31 12:32 - 2015-07-28 14:47 - 00012800 _____ C:\Documents and Settings\pc centar\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Files in the root of some directories =======

2015-07-28 14:47 - 2015-10-31 12:32 - 0012800 _____ () C:\Documents and Settings\pc centar\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-31 18:35 - 2015-01-31 18:35 - 0000218 ____C () C:\Documents and Settings\pc centar\Local Settings\Application Data\recently-used.xbel

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8448
  • Gde živiš: Novi Beograd

Zdravo,

imas neku novu vrstu infekcije koja pogadja Chrome.

Sistem je cist, samo je Chrome u problemu.

Potrebno je da reinstaliras Chrome ponovo, ali ovaj put da iskljucis sinhonizaciju, procitaj uputstvo: https://support.google.com/chrome/answer/2390059?hl=en

Kada budes deinstalirao Chrome, obavezno stikliraj opciju, Also delete your browsing data, da bi se uklonio chrome profil sa svim extenzijama.

Zatim, kad ponovo instaliras Chrome, uradi opet reset browsera na default podesavanja.

Ko je trenutno na forumu
 

Ukupno su 773 korisnika na forumu :: 41 registrovanih, 7 sakrivenih i 725 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -[CoA]-, _Sale, A.R.Chafee.Jr., Apok, aramis s, ArmyBoss, Brankoni, dac, djboj, Djokislav, draggan, dragoljub11987, gorantrojka, goxin, Hoegaarden, ILGromovnik, Kruger, ljuba, manda87, MB120mm, mercedesamg, Milan A. Nikolic, milos.cbr, moldway, riva, rovac, sabros, shone34, Smd, sokars, Stanlio, Steeeefan, stegonosa, Toni, Toper, trajkoni018, vlvl, Voivoda, YU-UKI, zoranis, Živković