Možda tražite i:
Shell32.dll ozbiljno inficiran
"shell32.dll,Control_DLL hotplug.dll"
dll is mising

MyCity » Ambulanta -> Arhiva Ambulante » shell32.dll inficiran

shell32.dll inficiran

Napisano na dan: 12.12.2015

Strana:
1
2

shell32.dll inficiran

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Brksi Poslao: 12 Dec 2015 20:35 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Svi folder su sa svoje standardne ikone presli na ikonu papira sa savijenim uvetom Ikonice diskova takodje su izmenjene...... MBAM je otkrio oko 2500 nezeljenih fajlova, ocistio ali ovo je ostalo. Pokusao sam da kopiram drugi shell32 u windows, kopiranje je uspelo, al sve ostalo isto. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:12-12-2015 01 Ran by ASUS (administrator) on ASUS (12-12-2015 20:18:48) Running from D:\STEFAN\DesktoP Loaded Profiles: ASUS (Available Profiles: ASUS & Guest) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: engleski (SAD) Internet Explorer Version 9 (Default browser not detected!) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE () C:\Windows\System32\PnkBstrA.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (BitTorrent Inc.) C:\Users\ASUS\AppData\Roaming\uTorrent\uTorrent.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe () C:\Users\ASUS\AppData\Local\Viber\Viber.exe (BitTorrent Inc.) C:\Users\ASUS\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe (BitTorrent Inc.) C:\Users\ASUS\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-07] (AVAST Software) HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd) HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\Run: [uTorrent] => C:\Users\ASUS\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-03] (BitTorrent Inc.) HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50137728 2015-11-17] (Skype Technologies S.A.) HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\Run: [Viber] => C:\Users\ASUS\AppData\Local\Viber\Viber.exe [51657424 2015-11-09] () HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: E - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {02c80a0f-1e01-11e2-9fb3-c352a3538ec0} - F:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {04302fe0-b28b-11e2-9de0-d54aea1daec0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {04303075-b28b-11e2-9de0-001e101f36d9} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {05637c89-ec4d-11e4-9f3e-5404a6405976} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {15624d91-10b9-11e3-87f7-aa0a367b6eea} - G:\Setup.Now.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {1f368499-1f70-11e2-bb26-ad081cf7d5c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {1f3684c7-1f70-11e2-bb26-ad081cf7d5c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {2381485f-85cd-11e2-8268-b0eea7f1d0c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {238148bc-85cd-11e2-8268-b0eea7f1d0c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {2d9eeb4d-0032-11e3-9d16-ebbd00ca76c1} - G:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {3606689c-cebf-11e2-9dff-ab8ce7b9b0c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {360668f8-cebf-11e2-9dff-ab8ce7b9b0c0} - F:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {a2850ac7-54c7-11e2-8303-ed29a05557c1} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {abaa1994-26c5-11e2-b945-a84f08ed05c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {abaa19b9-26c5-11e2-b945-a84f08ed05c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {b3a4a59c-1254-11e2-bbe1-8f6abd17dbc0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {b3a4a5d1-1254-11e2-bbe1-8f6abd17dbc0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {bb2c7743-fd96-11e1-bcea-e4f2eb4b93c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {bbf4b1dd-55bb-11e2-a52c-f24b925deacb} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {dba86e70-d4e7-11e1-96d4-e31d47e914c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {dba86e85-d4e7-11e1-96d4-e31d47e914c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {e4f8f838-ed08-11e4-8873-5404a6405976} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {e4f8f847-ed08-11e4-8873-5404a6405976} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f07c6a96-2c15-11e2-9914-b4abf280e7c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f07c6acb-2c15-11e2-9914-b4abf280e7c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f100243e-2690-11e2-9602-c3bf52b990c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f100247c-2690-11e2-9602-c3bf52b990c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f37ddbdc-ec44-11e4-9bb8-5404a6405976} - F:\AutoRun.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-09-20] (AVAST Software) Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2015-12-06] ShortcutTarget: RocketDock.lnk -> C:\Windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (No File) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50 Tcpip\..\Interfaces\{E54AE171-AFBA-4515-8748-9D1782315F0F}: [DhcpNameServer] 89.216.1.30 89.216.1.50 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\.DEFAULT -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKU\S-1-5-21-715214925-209573508-3598326983-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = SearchScopes: HKU\S-1-5-21-715214925-209573508-3598326983-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKU\S-1-5-21-715214925-209573508-3598326983-1000 -> {0E95ED87-018A-48DD-B2D2-D8F6F304BA11} URL = hxxp://www.bing.com/search?q={searchTerms}&r= SearchScopes: HKU\S-1-5-21-715214925-209573508-3598326983-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-715214925-209573508-3598326983-1000 -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04] (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-07-09] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-04] (AVAST Software) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-07-09] (Oracle Corporation) Toolbar: HKU\S-1-5-21-715214925-209573508-3598326983-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2007-03-28] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-07-09] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-07-09] (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-715214925-209573508-3598326983-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File] FF user.js: detected! => C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default\user.js [2015-04-04] FF Extension: SourceApp 1.0.1 - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default\extensions\{f3c2e560-b4ba-442a-b987-381aadf8952d}.xpi [2014-11-30] [not signed] FF Extension: No Name - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2015-12-06] [not signed] FF Extension: OneClickDownloader - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2012-09-25] [not signed] FF Extension: No Name - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2015-12-06] [not signed] FF Extension: Roll Around - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default\Extensions\{e41bf82f-ce12-4984-8183-93023e0c9ea1}.xpi [2015-06-20] [not signed] FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-12] FF HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension => not found FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\!0E91F43324952AA6636149E45FB9C0080E91.js [2015-09-12] <==== ATTENTION FF ExtraCheck: C:\Program Files\mozilla firefox\0E91F43324952AA6636149E45FB9C0080E91 [2015-09-12] <==== ATTENTION Chrome: ======= CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google документи) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-20] CHR Extension: (Instagram tools) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apchgljmbdmgpelofkpfaghmjcgkcmmb [2015-08-19] CHR Extension: (Avast Online Security) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-07] CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-05] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-05] CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path\update_url> CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-20] (AVAST Software) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2014-11-20] () R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) R2 Themes; C:\Windows\system32\themeservice.dll [37888 2009-08-01] (Microsoft Corporation) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-09-20] (AVAST Software) R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [18544 2012-08-21] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-09-20] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-09-20] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-09-20] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-07] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-07] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [115640 2015-09-20] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-09-20] (AVAST Software) R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-10-26] (Disc Soft Ltd) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-08-29] (Duplex Secure Ltd.) U3 aob4y2s9; C:\Windows\system32\Drivers\aob4y2s9.sys [0 ] (Intel Corporation) <==== ATTENTION (zero byte File/Folder) S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X] S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-12 20:18 - 2015-12-12 20:18 - 00000000 ____D C:\FRST 2015-12-06 18:52 - 2015-12-06 18:52 - 00000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-12-06 18:52 - 2015-12-06 18:52 - 00000882 _____ C:\Users\Public\DesktoP\TeamViewer 10.lnk 2015-12-05 13:21 - 2015-12-06 18:49 - 00001019 _____ C:\Users\Public\DesktoP\Malwarebytes Anti-Malware.lnk 2015-12-05 13:21 - 2015-12-06 17:10 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-12-05 13:21 - 2015-12-05 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-12-05 13:21 - 2015-12-05 13:21 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-12-05 13:21 - 2015-12-05 13:21 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2015-12-05 13:21 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-12-05 13:21 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-12-05 13:21 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2015-12-04 19:13 - 2015-12-04 19:13 - 00000000 ____D C:\Program Files\Common Files\AV 2015-11-20 18:22 - 2015-11-20 18:25 - 00000000 ____D C:\Users\ASUS\AppData\Local\Viber ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-12 20:20 - 2014-02-24 18:51 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\uTorrent 2015-12-12 20:18 - 2009-07-14 03:37 - 00000000 ____D C:\Windows 2015-12-12 20:13 - 2012-07-23 20:40 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Skype 2015-12-12 19:49 - 2015-09-26 13:00 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\ViberPC 2015-12-12 19:26 - 2012-12-01 21:20 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-12 18:32 - 2012-12-01 21:21 - 00002136 _____ C:\Users\Public\DesktoP\Google Chrome.lnk 2015-12-12 18:15 - 2009-07-14 05:34 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-12 18:15 - 2009-07-14 05:34 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-12 18:07 - 2015-10-16 20:40 - 00000000 ____D C:\Users\ASUS\AppData\LocalLow\uTorrent 2015-12-12 18:06 - 2012-12-01 21:20 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-12 18:06 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-06 22:00 - 2015-05-15 20:24 - 00000000 ____D C:\Program Files\TeamViewer 2015-12-06 19:50 - 2009-07-14 03:37 - 00000000 ___SD C:\PerfLogs 2015-12-06 19:00 - 2009-07-14 05:41 - 00000749 ___RH C:\Windows\WindowsShell.Manifest 2015-12-06 19:00 - 2009-07-14 03:37 - 00000000 __SHD C:\Users\Public\Libraries 2015-12-06 18:50 - 2012-07-20 14:53 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2015-12-06 18:49 - 2015-09-26 12:56 - 00002679 _____ C:\Users\Public\DesktoP\Skype.lnk 2015-12-06 18:49 - 2015-07-17 15:54 - 00000900 _____ C:\Users\Public\DesktoP\Mozilla Firefox.lnk 2015-12-06 18:49 - 2015-06-06 16:01 - 00000896 _____ C:\Users\Public\DesktoP\Winamp.lnk 2015-12-06 18:49 - 2015-06-05 18:38 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk 2015-12-06 18:49 - 2014-11-17 21:58 - 00002004 _____ C:\Users\Public\DesktoP\Avast Free Antivirus.lnk 2015-12-06 18:49 - 2013-10-26 15:21 - 00001855 _____ C:\Users\Public\DesktoP\DAEMON Tools Lite.lnk 2015-12-06 18:49 - 2013-05-26 19:51 - 00001084 _____ C:\Users\Public\DesktoP\GOM Player.lnk 2015-12-06 18:49 - 2012-07-09 20:57 - 00001466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Commander.lnk 2015-12-06 18:49 - 2009-07-14 05:46 - 00001491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-12-06 18:48 - 2015-09-26 12:59 - 00000939 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk 2015-12-06 18:48 - 2015-06-29 17:17 - 00001962 _____ C:\Users\ASUS\DesktoP\Vista Inspirat 2 Help.lnk 2015-12-06 18:48 - 2015-06-29 17:17 - 00001068 _____ C:\Users\ASUS\DesktoP\Vista Inspirat 2 Config.lnk 2015-12-06 18:48 - 2014-05-16 14:24 - 00000797 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2015-12-06 18:48 - 2013-05-26 19:51 - 00001114 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk 2015-12-06 18:48 - 2012-07-09 20:59 - 00001418 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-12-06 18:47 - 2013-08-29 17:00 - 00000274 __RSH C:\Users\ASUS\ntuser.pol 2015-12-06 18:47 - 2012-07-09 20:56 - 00000000 ____D C:\Users\ASUS 2015-12-06 18:38 - 2012-08-24 03:20 - 00000000 ____D C:\Users\ASUS\AppData\Local\ElevatedDiagnostics 2015-12-06 18:20 - 2012-07-09 20:58 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-12-06 18:19 - 2015-07-17 15:46 - 00000000 ____D C:\Program Files\globalUpdate 2015-12-06 18:19 - 2013-12-07 15:56 - 00000000 ____D C:\ProgramData\Conduit 2015-12-06 18:19 - 2013-03-24 11:41 - 00000000 ____D C:\ProgramData\BrowserProtect 2015-12-06 18:18 - 2015-07-17 15:47 - 00000000 ____D C:\Program Files\f740e3fd-bc2d-4aae-9ffa-21b2ca6b428e 2015-12-06 18:18 - 2014-03-17 18:04 - 00000000 ____D C:\ProgramData\DiggiSaveer 2015-12-06 18:18 - 2014-03-08 14:03 - 00000000 ____D C:\ProgramData\RoboSaaver 2015-12-06 18:18 - 2014-02-24 18:53 - 00000000 ____D C:\Users\ASUS\AppData\Local\genienext 2015-12-06 18:18 - 2013-11-23 22:25 - 00000000 ____D C:\Users\ctefah\AppData\Local\TempDIR 2015-12-06 18:18 - 2013-03-24 12:42 - 00000000 ____D C:\Users\ASUS\AppData\Local\Bundled software uninstaller 2015-12-06 18:18 - 2012-07-20 14:52 - 00000000 ____D C:\Program Files\Adobe 2015-12-05 13:11 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing 2015-12-05 12:20 - 2015-07-17 16:46 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 2015-11-29 21:04 - 2012-07-20 15:09 - 00000000 ____D C:\ProgramData\Skype 2015-11-20 19:48 - 2010-11-20 22:01 - 00730320 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-20 19:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf ==================== Files in the root of some directories ======= 2012-07-20 15:08 - 2012-07-20 15:08 - 0001455 _____ () C:\Users\ASUS\AppData\Roaming\unins000.dat 2012-07-20 15:08 - 2012-07-20 15:08 - 0695642 _____ () C:\Users\ASUS\AppData\Roaming\unins000.exe 2012-08-23 12:07 - 2012-08-23 12:07 - 0023780 _____ () C:\Users\ASUS\AppData\Roaming\UserTile.png 2012-08-26 02:40 - 2012-12-16 10:11 - 0013312 _____ () C:\Users\ASUS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-10-30 20:27 - 2015-10-30 20:27 - 0000000 _____ () C:\Users\ASUS\AppData\Local\{4EEB5F0D-D078-4B8D-A416-35C0F3E4DD5F} 2015-05-16 20:01 - 2015-05-16 20:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\ASUS\AppData\Local\Temp\mytmpinstaller.exe C:\Users\ASUS\AppData\Local\Temp\vcredist12_x86.exe C:\Users\ctefah\AppData\Local\Temp\DataCard_Setup.exe C:\Users\ctefah\AppData\Local\Temp\GomEncDnInstaller.exe C:\Users\ctefah\AppData\Local\Temp\instloffer.exe C:\Users\ctefah\AppData\Local\Temp\msvcp60.dll C:\Users\ctefah\AppData\Local\Temp\not_bundled_icytower15_install.exe C:\Users\ctefah\AppData\Local\Temp\NSISPromotionEx.dll C:\Users\ctefah\AppData\Local\Temp\ResetDevice.exe C:\Users\ctefah\AppData\Local\Temp\twapi-2.0a2.dll C:\Users\ctefah\AppData\Local\Temp\uninstallkit.exe C:\Users\ctefah\AppData\Local\Temp\utt5804.tmp.exe C:\Users\ctefah\AppData\Local\Temp\uttD51F.tmp.exe C:\Users\ctefah\AppData\Local\Temp\uttE4AB.tmp.exe C:\Users\Guest\AppData\Local\Temp\DataCard_Setup.exe C:\Users\Guest\AppData\Local\Temp\ResetDevice.exe C:\Users\Guest\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-11-22 11:02 ==================== End of FRST.txt ============================ https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 13 Dec 2015 16:12 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. Start FF user.js: detected! => C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default\user.js [2015-04-04] FF Extension: SourceApp 1.0.1 - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default\extensions\{f3c2e560-b4ba-442a-b987-381aadf8952d}.xpi [2014-11-30] [not signed] FF Extension: No Name - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2015-12-06] [not signed] FF Extension: OneClickDownloader - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2012-09-25] [not signed] FF Extension: No Name - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2015-12-06] [not signed] FF Extension: Roll Around - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default\Extensions\{e41bf82f-ce12-4984-8183-93023e0c9ea1}.xpi [2015-06-20] [not signed] FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed] FF HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension => not found FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\!0E91F43324952AA6636149E45FB9C0080E91.js [2015-09-12] <==== ATTENTION FF ExtraCheck: C:\Program Files\mozilla firefox\0E91F43324952AA6636149E45FB9C0080E91 [2015-09-12] <==== ATTENTION CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path\update_url> Task: {2C70DE13-F7B9-4BD6-B93C-6B9CC556C26E} - \4d3f86a4-372e-4658-84d6-5fd698706c41-1-6 -> No File <==== ATTENTION Task: {2D09F957-D9B4-49F3-B939-EE80DE22EE3B} - \globalUpdateUpdateTaskMachineCore -> No File <==== ATTENTION Task: {2D76B528-30D0-4B44-B70F-FB886D0447F9} - \4d3f86a4-372e-4658-84d6-5fd698706c41-6 -> No File <==== ATTENTION Task: {3810067B-AB67-40EA-BFF3-78998C17BDAB} - \4d3f86a4-372e-4658-84d6-5fd698706c41-10_user -> No File <==== ATTENTION Task: {6237E81A-F16E-4352-A929-F155152AABD4} - \4d3f86a4-372e-4658-84d6-5fd698706c41-4 -> No File <==== ATTENTION Task: {878A2C69-C7AE-48C2-A923-4B7514BD7BE9} - \4d3f86a4-372e-4658-84d6-5fd698706c41-5_user -> No File <==== ATTENTION Task: {9A299B18-EE5B-4B2C-9B5D-97EFB57C21CC} - \4d3f86a4-372e-4658-84d6-5fd698706c41-1-7 -> No File <==== ATTENTION Task: {AC463A6A-B956-44DA-B3DB-B4C55294A8B5} - \4d3f86a4-372e-4658-84d6-5fd698706c41-7 -> No File <==== ATTENTION Task: {C0E6B958-179B-4552-8D6C-13BF85A9A2C2} - \BackgroundContainer Startup Task -> No File <==== ATTENTION Task: {E8EE1327-0767-46D2-8E0E-F93C49C942D3} - \4d3f86a4-372e-4658-84d6-5fd698706c41-3 -> No File <==== ATTENTION Task: {F7EB4E77-B7EE-437F-9002-0D77A1EDA2FE} - \4d3f86a4-372e-4658-84d6-5fd698706c41-5 -> No File <==== ATTENTION Task: {F9A2C603-80A5-473E-90B6-346D821350B4} - \globalUpdateUpdateTaskMachineUA -> No File <==== ATTENTION C:\ProgramData\Browser Manager C:\Program Files\mozilla firefox\defaults\pref\!0E91F43324952AA6636149E45FB9C0080E91.js C:\Program Files\mozilla firefox\0E91F43324952AA6636149E45FB9C0080E91 C:\Program Files\globalUpdate C:\ProgramData\Conduit C:\ProgramData\BrowserProtect C:\Program Files\f740e3fd-bc2d-4aae-9ffa-21b2ca6b428e C:\ProgramData\DiggiSaveer C:\ProgramData\RoboSaaver C:\Users\ASUS\AppData\Local\Bundled software uninstaller C:\Users\ASUS\AppData\Local\genienext C:\Users\ctefah\AppData\Local\TempDIR HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: E - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {02c80a0f-1e01-11e2-9fb3-c352a3538ec0} - F:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {04302fe0-b28b-11e2-9de0-d54aea1daec0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {04303075-b28b-11e2-9de0-001e101f36d9} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {05637c89-ec4d-11e4-9f3e-5404a6405976} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {15624d91-10b9-11e3-87f7-aa0a367b6eea} - G:\Setup.Now.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {1f368499-1f70-11e2-bb26-ad081cf7d5c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {1f3684c7-1f70-11e2-bb26-ad081cf7d5c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {2381485f-85cd-11e2-8268-b0eea7f1d0c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {238148bc-85cd-11e2-8268-b0eea7f1d0c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {2d9eeb4d-0032-11e3-9d16-ebbd00ca76c1} - G:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {3606689c-cebf-11e2-9dff-ab8ce7b9b0c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {360668f8-cebf-11e2-9dff-ab8ce7b9b0c0} - F:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {a2850ac7-54c7-11e2-8303-ed29a05557c1} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {abaa1994-26c5-11e2-b945-a84f08ed05c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {abaa19b9-26c5-11e2-b945-a84f08ed05c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {b3a4a59c-1254-11e2-bbe1-8f6abd17dbc0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {b3a4a5d1-1254-11e2-bbe1-8f6abd17dbc0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {bb2c7743-fd96-11e1-bcea-e4f2eb4b93c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {bbf4b1dd-55bb-11e2-a52c-f24b925deacb} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {dba86e70-d4e7-11e1-96d4-e31d47e914c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {dba86e85-d4e7-11e1-96d4-e31d47e914c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {e4f8f838-ed08-11e4-8873-5404a6405976} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {e4f8f847-ed08-11e4-8873-5404a6405976} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f07c6a96-2c15-11e2-9914-b4abf280e7c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f07c6acb-2c15-11e2-9914-b4abf280e7c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f100243e-2690-11e2-9602-c3bf52b990c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f100247c-2690-11e2-9602-c3bf52b990c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f37ddbdc-ec44-11e4-9bb8-5404a6405976} - F:\AutoRun.exe Task: {13396D87-36F6-46A1-A033-7E09707BAA16} - \DTReg -> No File <==== ATTENTION AlternateDataStreams: C:\ProgramData:NT AlternateDataStreams: C:\ProgramData:NT2 AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\Users\All Users:NT AlternateDataStreams: C:\Users\All Users:NT2 AlternateDataStreams: C:\ProgramData\Application Data:NT AlternateDataStreams: C:\ProgramData\Application Data:NT2 AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 AlternateDataStreams: C:\Users\ASUS\Application Data:NT AlternateDataStreams: C:\Users\ASUS\Application Data:NT2 AlternateDataStreams: C:\Users\ASUS\AppData\Roaming:NT AlternateDataStreams: C:\Users\ASUS\AppData\Roaming:NT2 EmptyTemp: End U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Korak 2 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. U EULA prozoru klikni na I agree. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Cleaning i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C1].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Profil

Brksi Poslao: 13 Dec 2015 18:16 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Fix result of Farbar Recovery Scan Tool (x86) Version:12-12-2015 01 Ran by ASUS (2015-12-13 17:43:02) Run:1 Running from D:\STEFAN\DesktoP Loaded Profiles: ASUS (Available Profiles: ASUS & Guest) Boot Mode: Normal ============================================== fixlist content: *************** Start FF user.js: detected! => C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default\user.js [2015-04-04] FF Extension: SourceApp 1.0.1 - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default\extensions\{f3c2e560-b4ba-442a-b987-381aadf8952d}.xpi [2014-11-30] [not signed] FF Extension: No Name - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2015-12-06] [not signed] FF Extension: OneClickDownloader - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2012-09-25] [not signed] FF Extension: No Name - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2015-12-06] [not signed] FF Extension: Roll Around - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default\Extensions\{e41bf82f-ce12-4984-8183-93023e0c9ea1}.xpi [2015-06-20] [not signed] FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed] FF HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension => not found FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\!0E91F43324952AA6636149E45FB9C0080E91.js [2015-09-12] <==== ATTENTION FF ExtraCheck: C:\Program Files\mozilla firefox\0E91F43324952AA6636149E45FB9C0080E91 [2015-09-12] <==== ATTENTION CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path\update_url> Task: {2C70DE13-F7B9-4BD6-B93C-6B9CC556C26E} - \4d3f86a4-372e-4658-84d6-5fd698706c41-1-6 -> No File <==== ATTENTION Task: {2D09F957-D9B4-49F3-B939-EE80DE22EE3B} - \globalUpdateUpdateTaskMachineCore -> No File <==== ATTENTION Task: {2D76B528-30D0-4B44-B70F-FB886D0447F9} - \4d3f86a4-372e-4658-84d6-5fd698706c41-6 -> No File <==== ATTENTION Task: {3810067B-AB67-40EA-BFF3-78998C17BDAB} - \4d3f86a4-372e-4658-84d6-5fd698706c41-10_user -> No File <==== ATTENTION Task: {6237E81A-F16E-4352-A929-F155152AABD4} - \4d3f86a4-372e-4658-84d6-5fd698706c41-4 -> No File <==== ATTENTION Task: {878A2C69-C7AE-48C2-A923-4B7514BD7BE9} - \4d3f86a4-372e-4658-84d6-5fd698706c41-5_user -> No File <==== ATTENTION Task: {9A299B18-EE5B-4B2C-9B5D-97EFB57C21CC} - \4d3f86a4-372e-4658-84d6-5fd698706c41-1-7 -> No File <==== ATTENTION Task: {AC463A6A-B956-44DA-B3DB-B4C55294A8B5} - \4d3f86a4-372e-4658-84d6-5fd698706c41-7 -> No File <==== ATTENTION Task: {C0E6B958-179B-4552-8D6C-13BF85A9A2C2} - \BackgroundContainer Startup Task -> No File <==== ATTENTION Task: {E8EE1327-0767-46D2-8E0E-F93C49C942D3} - \4d3f86a4-372e-4658-84d6-5fd698706c41-3 -> No File <==== ATTENTION Task: {F7EB4E77-B7EE-437F-9002-0D77A1EDA2FE} - \4d3f86a4-372e-4658-84d6-5fd698706c41-5 -> No File <==== ATTENTION Task: {F9A2C603-80A5-473E-90B6-346D821350B4} - \globalUpdateUpdateTaskMachineUA -> No File <==== ATTENTION C:\ProgramData\Browser Manager C:\Program Files\mozilla firefox\defaults\pref\!0E91F43324952AA6636149E45FB9C0080E91.js C:\Program Files\mozilla firefox\0E91F43324952AA6636149E45FB9C0080E91 C:\Program Files\globalUpdate C:\ProgramData\Conduit C:\ProgramData\BrowserProtect C:\Program Files\f740e3fd-bc2d-4aae-9ffa-21b2ca6b428e C:\ProgramData\DiggiSaveer C:\ProgramData\RoboSaaver C:\Users\ASUS\AppData\Local\Bundled software uninstaller C:\Users\ASUS\AppData\Local\genienext C:\Users\ctefah\AppData\Local\TempDIR HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: E - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {02c80a0f-1e01-11e2-9fb3-c352a3538ec0} - F:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {04302fe0-b28b-11e2-9de0-d54aea1daec0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {04303075-b28b-11e2-9de0-001e101f36d9} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {05637c89-ec4d-11e4-9f3e-5404a6405976} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {15624d91-10b9-11e3-87f7-aa0a367b6eea} - G:\Setup.Now.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {1f368499-1f70-11e2-bb26-ad081cf7d5c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {1f3684c7-1f70-11e2-bb26-ad081cf7d5c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {2381485f-85cd-11e2-8268-b0eea7f1d0c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {238148bc-85cd-11e2-8268-b0eea7f1d0c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {2d9eeb4d-0032-11e3-9d16-ebbd00ca76c1} - G:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {3606689c-cebf-11e2-9dff-ab8ce7b9b0c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {360668f8-cebf-11e2-9dff-ab8ce7b9b0c0} - F:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {a2850ac7-54c7-11e2-8303-ed29a05557c1} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {abaa1994-26c5-11e2-b945-a84f08ed05c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {abaa19b9-26c5-11e2-b945-a84f08ed05c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {b3a4a59c-1254-11e2-bbe1-8f6abd17dbc0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {b3a4a5d1-1254-11e2-bbe1-8f6abd17dbc0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {bb2c7743-fd96-11e1-bcea-e4f2eb4b93c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {bbf4b1dd-55bb-11e2-a52c-f24b925deacb} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {dba86e70-d4e7-11e1-96d4-e31d47e914c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {dba86e85-d4e7-11e1-96d4-e31d47e914c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {e4f8f838-ed08-11e4-8873-5404a6405976} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {e4f8f847-ed08-11e4-8873-5404a6405976} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f07c6a96-2c15-11e2-9914-b4abf280e7c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f07c6acb-2c15-11e2-9914-b4abf280e7c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f100243e-2690-11e2-9602-c3bf52b990c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f100247c-2690-11e2-9602-c3bf52b990c0} - E:\AutoRun.exe HKU\S-1-5-21-715214925-209573508-3598326983-1000\...\MountPoints2: {f37ddbdc-ec44-11e4-9bb8-5404a6405976} - F:\AutoRun.exe Task: {13396D87-36F6-46A1-A033-7E09707BAA16} - \DTReg -> No File <==== ATTENTION AlternateDataStreams: C:\ProgramData:NT AlternateDataStreams: C:\ProgramData:NT2 AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\Users\All Users:NT AlternateDataStreams: C:\Users\All Users:NT2 AlternateDataStreams: C:\ProgramData\Application Data:NT AlternateDataStreams: C:\ProgramData\Application Data:NT2 AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 AlternateDataStreams: C:\Users\ASUS\Application Data:NT AlternateDataStreams: C:\Users\ASUS\Application Data:NT2 AlternateDataStreams: C:\Users\ASUS\AppData\Roaming:NT AlternateDataStreams: C:\Users\ASUS\AppData\Roaming:NT2 EmptyTemp: End *************** C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default\user.js => moved successfully C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default\extensions\{f3c2e560-b4ba-442a-b987-381aadf8952d}.xpi => moved successfully C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default\extensions\{f3c2e560-b4ba-442a-b987-381aadf8952d}.xpi => path removed successfully. C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions => moved successfully C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com => moved successfully C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins => moved successfully C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\5jhvzq4c.default\Extensions\{e41bf82f-ce12-4984-8183-93023e0c9ea1}.xpi => moved successfully C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => moved successfully HKU\S-1-5-21-715214925-209573508-3598326983-1000\Software\Mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8} => value removed successfully. C:\Program Files\mozilla firefox\defaults\pref\!0E91F43324952AA6636149E45FB9C0080E91.js => moved successfully C:\Program Files\mozilla firefox\0E91F43324952AA6636149E45FB9C0080E91 => moved successfully "HKLM\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2C70DE13-F7B9-4BD6-B93C-6B9CC556C26E}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C70DE13-F7B9-4BD6-B93C-6B9CC556C26E}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4d3f86a4-372e-4658-84d6-5fd698706c41-1-6 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2D09F957-D9B4-49F3-B939-EE80DE22EE3B}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D09F957-D9B4-49F3-B939-EE80DE22EE3B}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2D76B528-30D0-4B44-B70F-FB886D0447F9}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D76B528-30D0-4B44-B70F-FB886D0447F9}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4d3f86a4-372e-4658-84d6-5fd698706c41-6 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3810067B-AB67-40EA-BFF3-78998C17BDAB}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3810067B-AB67-40EA-BFF3-78998C17BDAB}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4d3f86a4-372e-4658-84d6-5fd698706c41-10_user => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6237E81A-F16E-4352-A929-F155152AABD4}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6237E81A-F16E-4352-A929-F155152AABD4}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4d3f86a4-372e-4658-84d6-5fd698706c41-4 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{878A2C69-C7AE-48C2-A923-4B7514BD7BE9}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{878A2C69-C7AE-48C2-A923-4B7514BD7BE9}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4d3f86a4-372e-4658-84d6-5fd698706c41-5_user => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A299B18-EE5B-4B2C-9B5D-97EFB57C21CC}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A299B18-EE5B-4B2C-9B5D-97EFB57C21CC}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4d3f86a4-372e-4658-84d6-5fd698706c41-1-7 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AC463A6A-B956-44DA-B3DB-B4C55294A8B5}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC463A6A-B956-44DA-B3DB-B4C55294A8B5}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4d3f86a4-372e-4658-84d6-5fd698706c41-7 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C0E6B958-179B-4552-8D6C-13BF85A9A2C2}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0E6B958-179B-4552-8D6C-13BF85A9A2C2}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E8EE1327-0767-46D2-8E0E-F93C49C942D3}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8EE1327-0767-46D2-8E0E-F93C49C942D3}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4d3f86a4-372e-4658-84d6-5fd698706c41-3 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F7EB4E77-B7EE-437F-9002-0D77A1EDA2FE}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7EB4E77-B7EE-437F-9002-0D77A1EDA2FE}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4d3f86a4-372e-4658-84d6-5fd698706c41-5 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9A2C603-80A5-473E-90B6-346D821350B4}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9A2C603-80A5-473E-90B6-346D821350B4}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA => key not found. "C:\ProgramData\Browser Manager" => not found. "C:\Program Files\mozilla firefox\defaults\pref\!0E91F43324952AA6636149E45FB9C0080E91.js" => not found. "C:\Program Files\mozilla firefox\0E91F43324952AA6636149E45FB9C0080E91" => not found. C:\Program Files\globalUpdate => moved successfully C:\ProgramData\Conduit => moved successfully C:\ProgramData\BrowserProtect => moved successfully "C:\Program Files\f740e3fd-bc2d-4aae-9ffa-21b2ca6b428e" => not found. C:\ProgramData\DiggiSaveer => moved successfully C:\ProgramData\RoboSaaver => moved successfully C:\Users\ASUS\AppData\Local\Bundled software uninstaller => moved successfully C:\Users\ASUS\AppData\Local\genienext => moved successfully C:\Users\ctefah\AppData\Local\TempDIR => moved successfully "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => key removed successfully. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02c80a0f-1e01-11e2-9fb3-c352a3538ec0}" => key removed successfully. HKCR\CLSID\{02c80a0f-1e01-11e2-9fb3-c352a3538ec0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04302fe0-b28b-11e2-9de0-d54aea1daec0}" => key removed successfully. HKCR\CLSID\{04302fe0-b28b-11e2-9de0-d54aea1daec0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04303075-b28b-11e2-9de0-001e101f36d9}" => key removed successfully. HKCR\CLSID\{04303075-b28b-11e2-9de0-001e101f36d9} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05637c89-ec4d-11e4-9f3e-5404a6405976}" => key removed successfully. HKCR\CLSID\{05637c89-ec4d-11e4-9f3e-5404a6405976} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15624d91-10b9-11e3-87f7-aa0a367b6eea}" => key removed successfully. HKCR\CLSID\{15624d91-10b9-11e3-87f7-aa0a367b6eea} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f368499-1f70-11e2-bb26-ad081cf7d5c0}" => key removed successfully. HKCR\CLSID\{1f368499-1f70-11e2-bb26-ad081cf7d5c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f3684c7-1f70-11e2-bb26-ad081cf7d5c0}" => key removed successfully. HKCR\CLSID\{1f3684c7-1f70-11e2-bb26-ad081cf7d5c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2381485f-85cd-11e2-8268-b0eea7f1d0c0}" => key removed successfully. HKCR\CLSID\{2381485f-85cd-11e2-8268-b0eea7f1d0c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{238148bc-85cd-11e2-8268-b0eea7f1d0c0}" => key removed successfully. HKCR\CLSID\{238148bc-85cd-11e2-8268-b0eea7f1d0c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2d9eeb4d-0032-11e3-9d16-ebbd00ca76c1}" => key removed successfully. HKCR\CLSID\{2d9eeb4d-0032-11e3-9d16-ebbd00ca76c1} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3606689c-cebf-11e2-9dff-ab8ce7b9b0c0}" => key removed successfully. HKCR\CLSID\{3606689c-cebf-11e2-9dff-ab8ce7b9b0c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{360668f8-cebf-11e2-9dff-ab8ce7b9b0c0}" => key removed successfully. HKCR\CLSID\{360668f8-cebf-11e2-9dff-ab8ce7b9b0c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a2850ac7-54c7-11e2-8303-ed29a05557c1}" => key removed successfully. HKCR\CLSID\{a2850ac7-54c7-11e2-8303-ed29a05557c1} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abaa1994-26c5-11e2-b945-a84f08ed05c0}" => key removed successfully. HKCR\CLSID\{abaa1994-26c5-11e2-b945-a84f08ed05c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abaa19b9-26c5-11e2-b945-a84f08ed05c0}" => key removed successfully. HKCR\CLSID\{abaa19b9-26c5-11e2-b945-a84f08ed05c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b3a4a59c-1254-11e2-bbe1-8f6abd17dbc0}" => key removed successfully. HKCR\CLSID\{b3a4a59c-1254-11e2-bbe1-8f6abd17dbc0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b3a4a5d1-1254-11e2-bbe1-8f6abd17dbc0}" => key removed successfully. HKCR\CLSID\{b3a4a5d1-1254-11e2-bbe1-8f6abd17dbc0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb2c7743-fd96-11e1-bcea-e4f2eb4b93c0}" => key removed successfully. HKCR\CLSID\{bb2c7743-fd96-11e1-bcea-e4f2eb4b93c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bbf4b1dd-55bb-11e2-a52c-f24b925deacb}" => key removed successfully. HKCR\CLSID\{bbf4b1dd-55bb-11e2-a52c-f24b925deacb} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dba86e70-d4e7-11e1-96d4-e31d47e914c0}" => key removed successfully. HKCR\CLSID\{dba86e70-d4e7-11e1-96d4-e31d47e914c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dba86e85-d4e7-11e1-96d4-e31d47e914c0}" => key removed successfully. HKCR\CLSID\{dba86e85-d4e7-11e1-96d4-e31d47e914c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4f8f838-ed08-11e4-8873-5404a6405976}" => key removed successfully. HKCR\CLSID\{e4f8f838-ed08-11e4-8873-5404a6405976} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4f8f847-ed08-11e4-8873-5404a6405976}" => key removed successfully. HKCR\CLSID\{e4f8f847-ed08-11e4-8873-5404a6405976} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f07c6a96-2c15-11e2-9914-b4abf280e7c0}" => key removed successfully. HKCR\CLSID\{f07c6a96-2c15-11e2-9914-b4abf280e7c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f07c6acb-2c15-11e2-9914-b4abf280e7c0}" => key removed successfully. HKCR\CLSID\{f07c6acb-2c15-11e2-9914-b4abf280e7c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f100243e-2690-11e2-9602-c3bf52b990c0}" => key removed successfully. HKCR\CLSID\{f100243e-2690-11e2-9602-c3bf52b990c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f100247c-2690-11e2-9602-c3bf52b990c0}" => key removed successfully. HKCR\CLSID\{f100247c-2690-11e2-9602-c3bf52b990c0} => key not found. "HKU\S-1-5-21-715214925-209573508-3598326983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f37ddbdc-ec44-11e4-9bb8-5404a6405976}" => key removed successfully. HKCR\CLSID\{f37ddbdc-ec44-11e4-9bb8-5404a6405976} => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13396D87-36F6-46A1-A033-7E09707BAA16}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13396D87-36F6-46A1-A033-7E09707BAA16}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DTReg => key not found. C:\ProgramData => ":NT" ADS removed successfully.. C:\ProgramData => ":NT2" ADS removed successfully.. "C:\Windows" => ":nlsPreferences" ADS not found. "C:\Users\All Users" => ":NT" ADS not found. "C:\Users\All Users" => ":NT2" ADS not found. "C:\ProgramData\Application Data" => ":NT" ADS not found. "C:\ProgramData\Application Data" => ":NT2" ADS not found. C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully.. C:\ProgramData\MTA San Andreas All => ":NT2" ADS removed successfully.. "C:\Users\ASUS\Application Data" => ":NT" ADS not found. "C:\Users\ASUS\Application Data" => ":NT2" ADS not found. C:\Users\ASUS\AppData\Roaming => ":NT" ADS removed successfully.. C:\Users\ASUS\AppData\Roaming => ":NT2" ADS removed successfully.. EmptyTemp: => 1.7 GB temporary data Removed. The system needed a reboot. ==== End of Fixlog 17:48:00 ==== https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 13 Dec 2015 18:23 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Spakuj u ZIP, RAR ili 7Z arhive sljedeće foldere: C:\FRST\Quarantine i C:\AdwCleaner i pošalji ih preko sljedećeg linka: http://www.mycity.rs/ambulanta-upload.php Kakvo je sada stanje?

Profil

Brksi Poslao: 13 Dec 2015 19:16 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! malo je brzi ali mu RAM pici do 80% dok je viewer aktivan..... ikone iste, ne mogu da zapakujem nijedan od dva trazena direktorijuma.... Win rar kaze cant read putanja do fajla

Profil

Sass Drake Poslao: 13 Dec 2015 19:37 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Stavi da se arhiva bude na Desktopu, a ne u C:\

Profil

Brksi Poslao: 13 Dec 2015 20:14 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nece ni sa preusmerenjem na desktop, ne da ni da sa teamviewerom prebacim kod sebe........ pristup nije dozvoljen

Profil

Sass Drake Poslao: 13 Dec 2015 20:40 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

Brksi Poslao: 13 Dec 2015 22:08 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2015.12.13.04 rootkit: v2015.12.07.01 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 ASUS :: ASUS [administrator] 13.12.15 20:46:54 mbar-log-2015-12-13 (20-46-54).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged. Objects scanned: 488427 Time elapsed: 1 hour(s), 7 minute(s), 15 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 13 Dec 2015 22:25 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja. Vrati default Aero temu, a onda isprati ovo: http://www.sevenforums.com/tutorials/23825-folder-.....-icon.html Ako ni to ne pomogne otvori temu u Windows forumu.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » shell32.dll inficiran

Ko je trenutno na forumu

Ukupno su 1272 korisnika na forumu :: 52 registrovanih, 5 sakrivenih i 1215 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: amaterSRB, amstel, Apok, Areal84, babaroga, Boris90, Brana01, BraneS, cenejac111, cer, CheefCoach, dankisha, Djokkinen, DPera, DragoslavS, Dvojac005, Gargantua, Georgius, goxin, Istman, jukeboxer, kobaja77, ljuba, Luka Blažević, mercedesamg, Mercury, mikrimaus, milenko crazy north, moldway, Nemanja.M, nemkea71, NoOneEver Dreams, ObelixSRB, ozzy, Panter, panzerwaffe, Petar35, procesor, sasa87, shaja1, sokars, srbijaiznadsvega, Srki94, Stoilkovic, theNedjeljko, Toper, Vatreni Zmaj, Viceroy, virked, Vlad000, Vlada1389, zillbg

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by