MyCity » Ambulanta -> Arhiva Ambulante » Blokiran AV

Blokiran AV

Napisano na dan: 3.11.2016

Strana:
1
2

Blokiran AV

Pagination

Prethodna strana

Odgovori

Strana:
1
2

Vera55555 Poslao: 06 Nov 2016 16:14 Idi na vrh
offline Vera55555 Ugledni građanin Pridružio: 28 Okt 2008 Poruke: 312	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 06 Nov 2016 10:34 Uporno instaliram taj 360TS jer je i on pravi AV. Koristim ga već dosta dugo i veoma sam zadovoljna. On u sebi sadrži mašinu Bitdefendera i Avire, između ostalog. On je legalan, free AV. Do sada nisam imala sa njim nikakvih problema. Volela bih da mogu i dalje da ga koristim. Prema tvom uputstvu, izbrisala sam njegove tragove i tragove Avire koju sam jedino i pokušala da instaliram, posle ovog 360. Dopuna: 06 Nov 2016 16:14 Ništa se nije promenilo. Ne mogu da instaliram Aviru, a verovatno ni neki drugi AV.

Profil

magna86 Poslao: 06 Nov 2016 18:23 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Izvini, malo sam zauzet licnim stvarima...postavi mi oba sveza FRST loga da vidim sveze stanje.

Profil

Vera55555 Poslao: 07 Nov 2016 11:01 Idi na vrh
offline Vera55555 Ugledni građanin Pridružio: 28 Okt 2008 Poruke: 312	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Kod mene ni FRST neće da uradi update Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-11-2016 Ran by Novi korisnik (administrator) on KORISNIK-E8450A (07-11-2016 10:48:12) Running from C:\Documents and Settings\Novi korisnik\desktop Loaded Profiles: Novi korisnik (Available Profiles: Novi korisnik & Administrator) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 6 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe ( ) C:\WINDOWS\system32\lxeecoms.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL$PCTOOLS\Binn\sqlservr.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-04-24] (Check Point Software Technologies Ltd.) Winlogon\Notify\!SASWinLogon: Winlogon\Notify\AtiExtEvent: HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-583907252-261478967-725345543-1013\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-583907252-261478967-725345543-1013\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-583907252-261478967-725345543-1013\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\sstext3d.scr [679936 2008-04-14] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ YndCase0Sync] -> {63D48440-63AB-44D0-B323-4731DFCDE9E9} => C:\Program Files\Yandex\YandexDisk\bin\YandexDiskOverlays-2398.dll [2016-08-18] (Yandex) ShellIconOverlayIdentifiers: [ YndCase1Modified] -> {7E7DC279-E6BE-4D57-9DEC-14FA0339DBC0} => C:\Program Files\Yandex\YandexDisk\bin\YandexDiskOverlays-2398.dll [2016-08-18] (Yandex) ShellIconOverlayIdentifiers: [ YndCase2Error] -> {FB2FE984-05F5-4512-9D9B-69D3DE61F6D9} => C:\Program Files\Yandex\YandexDisk\bin\YandexDiskOverlays-2398.dll [2016-08-18] (Yandex) ShellIconOverlayIdentifiers: [ YndCase3Shared] -> {AF8D197E-7022-4c3d-BD88-68AD35C9C169} => C:\Program Files\Yandex\YandexDisk\bin\YandexDiskOverlays-2398.dll [2016-08-18] (Yandex) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [147456 2008-08-29] (Apple Inc.) Winsock: Catalog9 01 C:\WINDOWS\system32\LavasoftTcpService.dll [347976 2015-05-25] (Lavasoft Limited) Winsock: Catalog9 02 C:\WINDOWS\system32\LavasoftTcpService.dll [347976 2015-05-25] (Lavasoft Limited) Winsock: Catalog9 08 C:\WINDOWS\system32\LavasoftTcpService.dll [347976 2015-05-25] (Lavasoft Limited) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{65766D64-DA15-44B6-8306-2B1EADD0DA3B}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-583907252-261478967-725345543-1013\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=up97&ocid=up97dhp HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-583907252-261478967-725345543-1013\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=up97&ocid=up97dhp HKU\S-1-5-21-583907252-261478967-725345543-1013\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-583907252-261478967-725345543-1013\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/UP97_FRPage URLSearchHook: HKU\S-1-5-21-583907252-261478967-725345543-1013 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) SearchScopes: HKU\S-1-5-21-583907252-261478967-725345543-1013 -> {5C5360F5-5F2D-4E4A-84B1-ABD053DB35A9} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\LastPass\LPToolbar.dll [2015-07-23] (LastPass) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-07] (Oracle Corporation) Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\LastPass\LPToolbar.dll [2015-07-23] (LastPass) Toolbar: HKU\.DEFAULT -> Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06] () Toolbar: HKU\S-1-5-21-583907252-261478967-725345543-1013 -> Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06] () Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\l7iju6cc.default-1457426780453 [2016-11-07] FF Extension: (Ghostery) - C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\l7iju6cc.default-1457426780453\Extensions\firefox@ghostery.com.xpi [2016-09-20] FF Extension: (Redirect Bypasser) - C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\l7iju6cc.default-1457426780453\Extensions\redirectbypasser@moonlight21.com [2016-06-05] FF Extension: (LastPass) - C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\l7iju6cc.default-1457426780453\Extensions\support@lastpass.com [2016-07-03] FF Extension: (NoScript) - C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\l7iju6cc.default-1457426780453\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-09] FF Extension: (WOT) - C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\l7iju6cc.default-1457426780453\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-03-08] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-31] () FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-06-07] (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-06-07] (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-06-07] (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-06-07] (Foxit Corporation) FF Plugin: @lastpass.com/NPLastPass -> C:\LastPass\nplastpass.dll [2015-07-23] (LastPass) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2010-08-09] (Foxit Software Company) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2010-07-12] (Nullsoft, Inc.) Opera: ======= OPR Extension: (Redirect Bypasser) - C:\Documents and Settings\Novi korisnik\Application Data\Opera Software\Opera Stable\Extensions\akalifnifmgdmgmjoaiaflkeahpbkghe [2016-07-28] OPR Extension: (Ghostery) - C:\Documents and Settings\Novi korisnik\Application Data\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2016-11-02] OPR Extension: (Redirect Bypasser) - C:\Documents and Settings\Novi korisnik\Application Data\Opera Software\Opera Stable\Extensions\cfbekbndggmbdkfhjandenfihkdkndil [2016-05-04] OPR Extension: (WOT) - C:\Documents and Settings\Novi korisnik\Application Data\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2015-12-01] OPR Extension: (LastPass: Free Password Manager) - C:\Documents and Settings\Novi korisnik\Application Data\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2016-09-14] OPR Extension: (NoScript Suite Lite) - C:\Documents and Settings\Novi korisnik\Application Data\Opera Software\Opera Stable\Extensions\ipiopppcaojnchgoepoemlbdccogeije [2016-07-28] OPR Extension: (uBlock Origin) - C:\Documents and Settings\Novi korisnik\Application Data\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2016-11-02] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2008-12-01] () [File not signed] S3 FoxitReaderService; C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1647808 2016-06-21] (Foxit Software Inc.) R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2751816 2015-05-25] (Lavasoft Limited) S3 lxeeCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeeserv.exe [98984 2009-05-07] (Lexmark International, Inc.) R2 lxee_device; C:\WINDOWS\system32\lxeecoms.exe [602792 2009-05-07] ( ) R2 MSSQL$PCTOOLS; C:\Program Files\Microsoft SQL Server\MSSQL$PCTOOLS\Binn\sqlservr.exe [9150464 2005-05-04] (Microsoft Corporation) [File not signed] S2 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [73728 2005-05-03] (Microsoft Corporation) [File not signed] S2 SQLAgent$PCTOOLS; C:\Program Files\Microsoft SQL Server\MSSQL$PCTOOLS\Binn\sqlagent.EXE [323584 2005-05-03] (Microsoft Corporation) [File not signed] R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-04-24] (Check Point Software Technologies Ltd.) R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [92176 2014-04-09] (Check Point Software Technologies, Ltd.) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 CAM1210; C:\WINDOWS\System32\Drivers\cam1210.sys [93824 2007-08-30] (USB video camera) [File not signed] S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R3 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-01-09] (Disc Soft Ltd) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [14944 2014-11-18] () S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10208 2014-11-18] () S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed] S3 ksapi; C:\WINDOWS\system32\drivers\ksapi.sys [81768 2015-04-04] (Kingsoft Corporation) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [13120 2016-02-21] () S3 tbhsd; C:\WINDOWS\System32\drivers\tbhsd.sys [39048 2013-02-05] (RapidSolution Software AG) R1 vsdatant; C:\WINDOWS\System32\vsdatant.sys [534152 2014-04-24] (Check Point Software Technologies Ltd.) R1 xlkfs; C:\WINDOWS\System32\DRIVERS\xlkfs.sys [18432 2012-05-05] (XOSLAB.COM) [File not signed] S3 catchme; \??\C:\DOCUME~1\NOVIKO~1\LOCALS~1\Temp\catchme.sys [X] S4 IntelIde; no ImagePath U5 P3; C:\Windows\System32\Drivers\P3.sys [42752 2008-04-14] (Microsoft Corporation) S1 qutmipc; \??\C:\WINDOWS\system32\drivers\qutmipc.sys [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [225856 2008-06-20] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2086-11-12 12:04 - 2086-11-12 12:04 - 00000000 _____ C:\Documents and Settings\Novi korisnik\desktop\avremover_nt32_enu.exe 2016-11-07 10:48 - 2016-11-07 10:48 - 00014740 _____ C:\Documents and Settings\Novi korisnik\desktop\FRST.txt 2016-11-07 10:41 - 2016-11-07 10:42 - 00000000 ____D C:\Documents and Settings\Novi korisnik\desktop\prvi 2016-11-06 23:09 - 2016-11-06 23:09 - 00055296 ___SH C:\Documents and Settings\Novi korisnik\desktop\Thumbs.db 2016-11-06 15:26 - 2016-11-06 15:26 - 00269392 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-11-06 12:09 - 2016-11-06 12:09 - 00001548 _____ C:\Documents and Settings\All Users\desktop\PrivaZer.lnk 2016-11-05 19:24 - 2016-11-05 19:24 - 03105184 _____ C:\Documents and Settings\Novi korisnik\desktop\BitDefender_Uninstall_Tool.exe 2016-11-05 19:24 - 2016-11-05 19:24 - 02975136 _____ (Avira Operations GmbH & Co. KG) C:\Documents and Settings\Novi korisnik\desktop\avira_registry_cleaner_en.exe 2016-11-05 19:24 - 2016-11-05 19:24 - 00101832 _____ (SUPERAntiSpyware.com) C:\Documents and Settings\Novi korisnik\desktop\SASUNINST.EXE 2016-11-04 21:29 - 2016-11-06 12:16 - 00000000 ___SD C:\Documents and Settings\Novi korisnik\UserData 2016-11-04 21:25 - 2016-11-04 21:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\360safe 2016-11-04 20:55 - 2016-11-04 20:57 - 00002483 _____ C:\Documents and Settings\Novi korisnik\desktop\Fixlog.txt 2016-11-04 20:53 - 2016-11-04 20:53 - 00000766 _____ C:\Documents and Settings\Novi korisnik\desktop\fixlist.txt 2016-11-04 19:55 - 2016-11-04 19:55 - 00000000 ____D C:\spoolerlogs 2016-11-04 15:37 - 2016-11-04 15:37 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp 2016-11-04 15:37 - 2016-11-04 15:37 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp 2016-11-04 15:37 - 2016-11-04 15:37 - 00000000 ____D C:\Documents and Settings\korisnik\Local Settings\temp 2016-11-04 15:37 - 2016-11-04 15:37 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\temp 2016-11-04 15:37 - 2016-11-04 15:37 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp 2016-11-04 15:36 - 2016-11-04 15:36 - 00148024 _____ C:\ComboFix.txt 2016-11-04 15:14 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe 2016-11-04 15:14 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe 2016-11-04 15:14 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe 2016-11-04 15:14 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe 2016-11-04 15:14 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe 2016-11-04 15:14 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe 2016-11-04 15:14 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe 2016-11-04 15:14 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe 2016-11-04 15:14 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe 2016-11-04 15:12 - 2016-11-04 15:37 - 00000000 ____D C:\Qoobox 2016-11-04 15:09 - 2016-11-04 15:09 - 05658651 ____R (Swearware) C:\Documents and Settings\Novi korisnik\desktop\ComboFix.exe 2016-11-03 20:25 - 2016-11-07 10:48 - 00000000 ____D C:\FRST 2016-11-03 20:24 - 2016-11-03 20:24 - 02409984 _____ (Farbar) C:\Documents and Settings\Novi korisnik\desktop\FRST64.exe 2016-11-03 20:23 - 2016-11-03 20:24 - 01759744 _____ (Farbar) C:\Documents and Settings\Novi korisnik\desktop\FRST.exe 2016-11-03 17:16 - 2016-11-06 15:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache 2016-10-23 12:08 - 2016-10-23 12:07 - 00453289 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20161023-130837.backup 2016-10-23 12:07 - 2016-10-16 13:23 - 00453289 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20161023-130746.backup 2016-10-20 23:12 - 2016-10-21 04:10 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-10-20 19:25 - 2016-10-20 19:25 - 00000788 _____ C:\Documents and Settings\NetworkService\Start Menu\Programs\Windows Media Player.lnk 2016-10-20 16:36 - 2016-10-20 16:36 - 00000719 _____ C:\Documents and Settings\All Users\desktop\VLC media player.lnk 2016-10-20 16:36 - 2016-10-20 16:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN 2016-10-20 16:35 - 2016-10-20 16:35 - 00000000 ____D C:\Program Files\VideoLAN 2016-10-20 16:06 - 2006-09-25 16:58 - 00014640 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll 2016-10-20 16:05 - 2016-10-20 16:05 - 00000000 ____D C:\Program Files\Windows Media Connect 2 2016-10-20 14:10 - 2016-11-06 11:15 - 00000000 ___SD C:\Documents and Settings\Novi korisnik\YandexDisk 2016-10-20 14:10 - 2016-10-20 14:10 - 00000000 ____D C:\Program Files\Yandex 2016-10-20 14:10 - 2016-10-20 14:10 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Yandex.Disk 2016-10-20 14:08 - 2016-10-20 14:08 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Yandex 2016-10-16 13:23 - 2016-09-25 13:48 - 00453289 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20161016-142327.backup ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-11-07 10:48 - 2013-02-25 16:42 - 00000000 ____D C:\Documents and Settings\Novi korisnik\Local Settings\Temp 2016-11-07 10:43 - 2014-07-23 16:04 - 00000000 ____D C:\Documents and Settings\Novi korisnik\desktop\gole radni 2016-11-07 04:52 - 2008-12-27 14:59 - 00589992 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-11-07 04:48 - 2012-03-27 20:48 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MCShield 2016-11-07 04:47 - 2016-07-29 19:41 - 00000644 _____ C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job 2016-11-07 04:47 - 2008-12-27 14:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-11-07 00:45 - 2014-07-05 19:35 - 00287598 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat 2016-11-07 00:45 - 2008-12-27 14:08 - 00032514 _____ C:\WINDOWS\SchedLgU.Txt 2016-11-07 00:44 - 2011-07-14 03:11 - 00000178 ___SH C:\Documents and Settings\Novi korisnik\ntuser.ini 2016-11-06 23:53 - 2016-02-20 18:26 - 00000000 ____D C:\Documents and Settings\Novi korisnik\desktop\master 2016-11-06 23:09 - 2015-02-18 22:09 - 00000000 ____D C:\Documents and Settings\Novi korisnik\desktop\V 2016-11-06 16:10 - 2015-07-23 18:45 - 00000000 ____D C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\LastPass 2016-11-06 15:27 - 2011-07-14 03:11 - 00000000 ____D C:\Documents and Settings\Novi korisnik 2016-11-06 15:27 - 2008-12-27 14:08 - 00000000 __SHD C:\Documents and Settings\NetworkService 2016-11-06 15:27 - 2008-12-27 14:08 - 00000000 __SHD C:\Documents and Settings\LocalService 2016-11-06 15:03 - 2014-07-12 11:48 - 03038649 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-583907252-261478967-725345543-1013-0.dat 2016-11-06 15:03 - 2012-01-26 22:25 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt 2016-11-06 15:03 - 2009-03-01 14:36 - 00065536 _____ C:\WINDOWS\system32\config\ODiag.evt 2016-11-06 15:03 - 2008-12-27 14:19 - 00065536 _____ C:\WINDOWS\system32\config\ACEEvent.evt 2016-11-06 12:34 - 2014-03-27 14:31 - 00000000 ____D C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\PrivaZer 2016-11-06 12:09 - 2016-07-24 12:02 - 00000000 ____D C:\Program Files\PrivaZer 2016-11-06 12:09 - 2014-03-27 14:31 - 00001554 _____ C:\Documents and Settings\All Users\Start Menu\Programs\PrivaZer.lnk 2016-11-06 11:48 - 2014-07-02 11:54 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-11-06 11:21 - 2011-07-14 03:11 - 00000000 ___SD C:\Documents and Settings\Novi korisnik\My Documents 2016-11-06 01:55 - 2016-07-29 19:29 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Foxit Software 2016-11-04 15:34 - 2013-05-12 17:35 - 00000000 ____D C:\WINDOWS\erdnt 2016-11-04 15:33 - 2001-08-23 11:00 - 00000227 _____ C:\WINDOWS\system.ini 2016-11-04 15:32 - 2008-12-27 14:54 - 00000000 ____D C:\WINDOWS\system 2016-11-03 16:14 - 2008-12-27 14:11 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2016-11-03 16:13 - 2012-08-22 13:31 - 00000000 ____D C:\Program Files\Samsung 2016-11-03 16:13 - 2008-12-27 14:54 - 00000000 ___HD C:\WINDOWS\inf 2016-11-03 16:08 - 2012-08-22 13:32 - 00000000 ____D C:\Documents and Settings\Novi korisnik\Application Data\Samsung 2016-11-02 19:37 - 2015-11-01 22:01 - 00000000 ____D C:\Documents and Settings\Novi korisnik\Application Data\vlc 2016-11-02 00:33 - 2016-07-29 19:41 - 00000616 _____ C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job 2016-11-01 00:33 - 2016-07-29 19:41 - 00000446 _____ C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job 2016-10-31 20:46 - 2016-07-19 08:33 - 20477632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe 2016-10-31 20:46 - 2012-04-13 09:39 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2016-10-31 20:46 - 2011-06-22 09:53 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2016-10-31 20:46 - 2008-12-27 14:03 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-10-31 20:04 - 2014-10-20 10:12 - 00000000 ____D C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Adobe 2016-10-31 20:03 - 2012-08-25 12:50 - 00000000 ____D C:\Documents and Settings\Novi korisnik\Application Data\Audacity 2016-10-30 22:43 - 2011-08-02 10:19 - 00000000 ____D C:\Documents and Settings\Novi korisnik\Application Data\Skype 2016-10-26 15:36 - 2014-12-01 12:15 - 00000000 ____D C:\Documents and Settings\Novi korisnik\desktop\Cistaci 2016-10-24 04:09 - 2001-08-23 11:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2016-10-21 18:17 - 2012-05-03 00:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-10-20 19:25 - 2010-01-30 11:00 - 00023392 _____ C:\WINDOWS\system32\nscompat.tlb 2016-10-20 19:25 - 2010-01-30 11:00 - 00016832 _____ C:\WINDOWS\system32\amcompat.tlb 2016-10-20 16:06 - 2011-07-14 03:11 - 00000788 _____ C:\Documents and Settings\Novi korisnik\Start Menu\Programs\Windows Media Player.lnk 2016-10-20 16:05 - 2008-12-27 14:54 - 00000000 RSHDC C:\WINDOWS\system32\dllcache 2016-10-20 16:05 - 2008-12-27 14:54 - 00000000 ____D C:\WINDOWS\Help 2016-10-20 14:11 - 2015-10-09 16:24 - 00000000 ____D C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Yandex 2016-10-20 14:11 - 2015-10-09 16:24 - 00000000 ____D C:\Documents and Settings\Novi korisnik\Application Data\Yandex 2016-10-16 12:33 - 2008-12-27 14:28 - 00000000 ____D C:\Program Files\Winamp ==================== Files in the root of some directories ======= 2013-05-15 23:42 - 2003-05-16 22:30 - 0001504 _____ () C:\Program Files\grugtavc11bcd.nfo 2015-07-23 18:46 - 2015-07-23 18:46 - 12363288 _____ (LastPass) C:\Program Files\Common Files\lpuninstall.exe 2012-08-22 13:32 - 2012-08-22 13:32 - 0002528 _____ () C:\Documents and Settings\Novi korisnik\Application Data\$_hpcst$.hpc 2011-07-14 03:22 - 2011-03-27 14:35 - 0000098 ____N () C:\Documents and Settings\Novi korisnik\Application Data\MPUI.ini 2016-07-29 20:22 - 2008-07-07 12:22 - 0000014 _____ () C:\Documents and Settings\Novi korisnik\Application Data\options.ini 2016-07-29 20:22 - 2012-07-07 12:04 - 0000003 _____ () C:\Documents and Settings\Novi korisnik\Application Data\options_pdfcombine.ini 2016-07-29 20:22 - 2013-02-23 11:15 - 0000003 _____ () C:\Documents and Settings\Novi korisnik\Application Data\options_pdfrotator.ini 2016-07-29 20:22 - 2013-08-17 11:53 - 0000701 _____ () C:\Documents and Settings\Novi korisnik\Application Data\pdfsound.dll 2016-07-29 20:22 - 2013-06-09 08:38 - 0000053 _____ () C:\Documents and Settings\Novi korisnik\Application Data\setting.ini 2016-07-29 20:22 - 2013-06-08 12:43 - 0000030 _____ () C:\Documents and Settings\Novi korisnik\Application Data\setup.ini 2016-07-29 20:22 - 2013-06-09 08:30 - 0000043 _____ () C:\Documents and Settings\Novi korisnik\Application Data\setup_pdfcombine.ini 2016-07-29 20:22 - 2013-06-09 09:34 - 0000043 _____ () C:\Documents and Settings\Novi korisnik\Application Data\setup_pdfrotator.ini 2012-05-03 12:12 - 2012-05-03 12:12 - 0000532 _____ () C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\datos.txt 2011-07-14 10:56 - 2012-06-09 10:10 - 0172032 _____ () C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-02-05 21:08 - 2014-02-05 21:08 - 0193744 _____ () C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\lateral1.bmp 2010-11-12 10:10 - 2010-11-12 10:10 - 0193744 _____ () C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\lateral2.bmp 2014-02-05 21:10 - 2014-02-05 21:10 - 0195108 _____ () C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\lateral3.bmp 2014-02-05 22:50 - 2014-02-05 22:50 - 0043976 _____ () C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\save_en.bmp 2014-02-05 22:49 - 2014-02-05 22:49 - 0043976 _____ () C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\save_es.bmp 2014-02-18 16:49 - 2014-02-18 16:49 - 0000000 _____ () C:\Documents and Settings\All Users\cmn_upld.log 2014-02-18 17:19 - 2016-09-16 17:08 - 0109370 _____ () C:\Documents and Settings\All Users\lxeescan.log 2014-02-18 16:49 - 2014-02-18 16:49 - 0000000 _____ () C:\Documents and Settings\All Users\LxWbGwLog.log 2014-02-18 16:49 - 2014-02-18 16:49 - 0000000 _____ () C:\Documents and Settings\All Users\UpdaterLog.txt ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================ https://www.mycity.rs/must-login.png

Profil

magna86 Poslao: 07 Nov 2016 12:33 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Taj update je samo dorada jedne direktive, nista bitno ... Ja ovde ne vidim aktivan malware a ni razlog zbog cega ti imas problem sa AV azuriranjima. Event log govori da njegov (360 AV) kernel driver se ne ucitava, on pravi problem. `Error: (11/07/2016 04:48:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: qutmipc`qutmipc info: http://www.herdprotect.com/qutmipc.sys-dcadf0cb12d.....27ad1.aspx Problem koji ti imas je Windows related, ne malware related. Da se ponovim, Windows XP je OS koji je ostao bez podrske. OS koji je otisao u penziju. Zastititi ga ce postati sve teze. Moj savet jeste da se predje na neki noviji OS ako je to moguce. Za resavanje AV problema, otvori temu u Windows forumu. http://www.mycity.rs/Windows/ • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) - Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix - DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

Vera55555 Poslao: 08 Nov 2016 19:38 Idi na vrh
offline Vera55555 Ugledni građanin Pridružio: 28 Okt 2008 Poruke: 312	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 07 Nov 2016 15:55 Najlepše ti se zahvaljujem na utrošenom vremenu. Pokušaću da nađem rešenje na drugom forumu, kao što si i rekao. Dopuna: 08 Nov 2016 19:38 Samo jos jedno pitanje: kako da uklonim avremover, posto je on ostao?

Profil

magna86 Poslao: 09 Nov 2016 13:44 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Obrisi ga rucno, portabilan je program.

Profil

Vera55555 Poslao: 09 Nov 2016 13:52 Idi na vrh
offline Vera55555 Ugledni građanin Pridružio: 28 Okt 2008 Poruke: 312	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku!

Profil

magna86 Poslao: 09 Nov 2016 22:39 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Vera, probaj posle restarta da obrises app. Ako nece ni tada, onda iz safe mode-a. Neki vitalan process ga drzi. Ako si malo vicna, proveri task manager pa vidi sta ga drzi. ...ali trebao bi da se obrise prostim brisanjem.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Blokiran AV

Ko je trenutno na forumu

Ukupno su 1043 korisnika na forumu :: 34 registrovanih, 9 sakrivenih i 1000 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., aleksmajstor, ArchaBasha, Ben Roj, bobomicek, BORUTUS, Brana01, cemix, dankisha, Djokislav, DPera, dragoljub11987, Frunze, Hans Gajger, havoc995, HrcAk47, Još malo pa deda, Koca Popovic, koom0001, Kubovac, kunktator, ljuba, Mercury, okopanja, Panter, royst33, Sirius, sombrero, vathra, virked, vukdra, wizzardone, Wrangler

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by