MyCity » Ambulanta -> Arhiva Ambulante » Hitna dezinfekcija

Hitna dezinfekcija

Napisano na dan: 25.12.2014

Strana:
1
2

Hitna dezinfekcija

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Brksi Poslao: 25 Dec 2014 17:51 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Toshibin laptop sa legalnom 7icom home premium. Do sad je obradjen sa adw cleanerom....... tona adwarea uklonjena, ali ima jos.......... proces sis32.exe ovo je inace drugaricin laptop do cije mi je zahvalnosti jako stalo pa vas molim da ga dezinfikujemo do kraja..... Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2014 Ran by Zorana Sijacki (administrator) on ZOKASANYA on 25-12-2014 17:33:44 Running from C:\Users\Zorana Sijacki\Desktop Loaded Profile: Zorana Sijacki (Available profiles: Zorana Sijacki) Platform: Windows 7 Home Premium (X64) OS Language: srpski (latinica, Srbija i Crna Gora (bivša)) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (rapprenais mouvemente'es) C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe (rapprenais mouvemente'es) C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (rapprenais mouvemente'es) C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe (rapprenais mouvemente'es) C:\Users\Zorana Sijacki\AppData\Roaming\opp\sis32.exe (rapprenais mouvemente'es) C:\Users\Zorana Sijacki\AppData\Roaming\opp\sis32.exe (rapprenais mouvemente'es) C:\Users\Zorana Sijacki\AppData\Roaming\opp\sis32.exe (rapprenais mouvemente'es) C:\Users\Zorana Sijacki\AppData\Roaming\opp\sis32.exe (rapprenais mouvemente'es) C:\Users\Zorana Sijacki\AppData\Roaming\opp\sis32.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation) HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-07-28] (Realtek Semiconductor) HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation) HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation) HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated) HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation) HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation) HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-10-05] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-03-03] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.) HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION.) HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-22] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [svchost.exe] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [svchost.exe] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [svchost] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [adobeupdate] => "C:\Users\Zorana Sijacki\AppData\Roaming\Update1\bat99.bat" HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [updates32] => C:\Users\Zorana Sijacki\AppData\Roaming\opp\sis32.exe [71680 2014-12-25] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\MountPoints2: {5c885ed1-95bb-11e2-88d0-1c750886daee} - F:\Startme.exe HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com HKU\S-1-5-21-2004353239-133581813-3622214978-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKU\S-1-5-21-2004353239-133581813-3622214978-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM -> {D25D4F09-253E-498C-B571-A01A5071890A} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox SearchScopes: HKLM-x32 -> {7BD5203A-F775-42CB-9AAC-60706F686FFF} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2004353239-133581813-3622214978-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-2004353239-133581813-3622214978-1000 -> {7AA88751-E997-4A8A-8B4B-7E84EA4B4F6E} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2 SearchScopes: HKU\S-1-5-21-2004353239-133581813-3622214978-1000 -> {7BD5203A-F775-42CB-9AAC-60706F686FFF} URL = SearchScopes: HKU\S-1-5-21-2004353239-133581813-3622214978-1000 -> {9B6788FF-377C-46E4-A8B6-9162EB1E61C8} URL = http://rover.ebay.com/rover/1/710-71511-9400-6/4?satitle={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50 FireFox: ======== FF ProfilePath: C:\Users\Zorana Sijacki\AppData\Roaming\Mozilla\Firefox\Profiles\paypbpzk.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2004353239-133581813-3622214978-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Zorana Sijacki\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Users\Zorana Sijacki\AppData\Roaming\Mozilla\Firefox\Profiles\paypbpzk.default\Extensions\{2977d8cc-8902-4340-be88-2c676bf96b8d} [2014-06-27] Chrome: ======= CHR Profile: C:\Users\Zorana Sijacki\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Cyti Web) - C:\Users\Zorana Sijacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\imaonoflgcdidkofjhnlbinhjffgpjef [2014-12-24] CHR StartMenuInternet: Google Chrome - C:\Users\Zorana Sijacki\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-30] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-30] (Avira Operations GmbH & Co. KG) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.) [File not signed] S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation) R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2011-01-28] (PC Tools) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH) S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-30] (Avira GmbH) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-30] (Avira GmbH) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-09-15] (Avira GmbH) S3 Tosrfcom; No ImagePath R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [32240 2008-08-08] (Cyberlink Corp.) S2 SPDRIVER_1.38.0.1450; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1450\jsdrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-25 17:33 - 2014-12-25 17:34 - 00018875 _____ () C:\Users\Zorana Sijacki\Desktop\FRST.txt 2014-12-25 17:33 - 2014-12-25 17:33 - 00000000 ____D () C:\FRST 2014-12-25 17:32 - 2014-12-25 17:32 - 02122240 _____ (Farbar) C:\Users\Zorana Sijacki\Desktop\FRST64.exe 2014-12-24 23:01 - 2014-12-24 23:01 - 00000000 ____D () C:\Users\Zorana Sijacki\AppData\Roaming\opp 2014-12-24 22:49 - 2014-12-24 22:49 - 00274656 _____ () C:\Windows\Minidump\122414-28002-01.dmp 2014-12-24 22:30 - 2014-12-24 22:49 - 423697758 _____ () C:\Windows\MEMORY.DMP 2014-12-24 22:30 - 2014-12-24 22:30 - 00274712 _____ () C:\Windows\Minidump\122414-37315-01.dmp 2014-12-24 22:30 - 2014-12-24 22:30 - 00000274 __RSH () C:\ProgramData\ntuser.pol 2014-12-24 22:18 - 2014-12-24 22:59 - 00000000 ____D () C:\AdwCleaner 2014-12-24 22:18 - 2014-12-24 22:18 - 02173952 _____ () C:\Users\Zorana Sijacki\Downloads\AdwCleaner.exe 2014-12-24 21:59 - 2014-12-24 22:59 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2014-12-24 21:59 - 2014-12-24 21:59 - 00001050 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2014-12-24 21:59 - 2014-12-24 21:59 - 00001038 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk 2014-12-24 21:59 - 2014-12-24 21:59 - 00000000 ____D () C:\Users\Zorana Sijacki\AppData\Roaming\TeamViewer 2014-12-24 21:58 - 2014-12-24 21:58 - 07720120 _____ (TeamViewer GmbH) C:\Users\Zorana Sijacki\Downloads\TeamViewer_Setup_sr-ckq.exe 2014-12-24 16:17 - 2014-12-24 16:17 - 00000000 ___RD () C:\Users\Zorana Sijacki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8 2014-12-23 18:14 - 2014-12-23 18:14 - 00091318 _____ () C:\Users\Zorana Sijacki\Desktop\PlayerStubWrapper.exe 2014-12-23 17:54 - 2014-12-25 17:28 - 00001372 _____ () C:\Windows\Tasks\JBJND.job 2014-12-23 17:54 - 2014-12-23 17:54 - 00004418 _____ () C:\Windows\System32\Tasks\JBJND 2014-12-23 17:53 - 2014-12-25 17:28 - 00001722 _____ () C:\Windows\Tasks\OPIVZTWU.job 2014-12-23 17:53 - 2014-12-23 17:53 - 00004768 _____ () C:\Windows\System32\Tasks\OPIVZTWU 2014-12-23 17:53 - 2014-12-23 17:53 - 00000000 ____D () C:\Program Files (x86)\8a244f6d-e8f8-4c65-8ac1-2c02ca9ea240 2014-12-23 17:53 - 2014-12-23 17:53 - 00000000 ____D () C:\Program Files (x86)\6f6ce811-3cbc-43c7-a7ca-4b5b0384dbe0 2014-12-23 17:52 - 2014-12-23 17:52 - 00003592 _____ () C:\Windows\System32\Tasks\YTDownloaderUpd 2014-12-23 17:51 - 2014-12-23 17:51 - 00000000 ____D () C:\Program Files (x86)\0daed16c-c157-495e-a3c3-f32784d5d046 2014-12-23 17:49 - 2014-12-23 17:49 - 00587192 _____ () C:\Users\Zorana Sijacki\Downloads\Installation.exe 2014-12-23 17:49 - 2014-12-23 17:49 - 00586448 _____ () C:\Users\Zorana Sijacki\Downloads\installer_java_English.exe 2014-12-19 23:14 - 2014-12-19 23:15 - 30022585 _____ () C:\Users\Zorana Sijacki\Downloads\JPEG(1).rar 2014-12-19 23:13 - 2014-12-19 23:14 - 30022533 _____ () C:\Users\Zorana Sijacki\Downloads\JPEG.rar 2014-12-19 16:54 - 2014-12-19 16:56 - 00000000 ____D () C:\Users\Zorana Sijacki\Nova fascikla (3) 2014-12-18 17:04 - 2014-12-20 20:47 - 00000000 ____D () C:\Users\Zorana Sijacki\sandra i ja 2014-12-09 20:06 - 2014-12-09 20:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-12-07 19:58 - 2014-12-07 19:59 - 00000000 ____D () C:\Users\Zorana Sijacki\svasta 2014-12-04 16:26 - 2014-09-15 01:44 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-25 17:32 - 2011-02-22 15:49 - 01580923 _____ () C:\Windows\WindowsUpdate.log 2014-12-25 17:31 - 2011-08-26 12:11 - 00003972 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{15C3F2DA-11B6-4FBD-A251-867AF5B56893} 2014-12-25 17:29 - 2012-06-14 19:23 - 00345028 _____ () C:\Windows\system32\FontInfo.bin 2014-12-25 17:29 - 2012-06-14 19:23 - 00101296 _____ () C:\Windows\system32\GlyphInfo.bin 2014-12-25 17:28 - 2013-04-08 01:30 - 00012133 _____ () C:\Windows\setupact.log 2014-12-25 17:28 - 2013-04-06 18:10 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-25 17:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-25 17:14 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-25 17:14 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-25 17:13 - 2012-03-27 18:06 - 01371390 _____ () C:\Windows\system32\perfh01A.dat 2014-12-25 17:13 - 2012-03-27 18:06 - 00478508 _____ () C:\Windows\system32\perfc01A.dat 2014-12-25 17:13 - 2009-07-14 06:13 - 00005398 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-25 17:10 - 2013-04-06 18:10 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-24 23:00 - 2013-04-20 01:15 - 00010302 _____ () C:\Windows\PFRO.log 2014-12-24 22:59 - 2013-04-22 19:35 - 00035840 ___SH () C:\Users\Zorana Sijacki\Thumbs.db 2014-12-24 22:49 - 2012-02-29 23:51 - 00000000 ____D () C:\Windows\Minidump 2014-12-24 22:49 - 2009-07-14 06:08 - 00032546 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-12-24 22:30 - 2011-08-26 12:07 - 00122944 _____ () C:\Users\Zorana Sijacki\AppData\Local\GDIPFONTCACHEV1.DAT 2014-12-24 22:30 - 2009-07-14 05:45 - 00441440 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-24 22:27 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini 2014-12-24 20:52 - 2012-06-02 23:14 - 00000284 _____ () C:\Windows\Tasks\RMSchedule.job 2014-12-24 20:52 - 2011-11-29 13:57 - 00000000 ____D () C:\ProgramData\Temp 2014-12-24 18:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy 2014-12-23 18:16 - 2011-08-26 12:03 - 00000000 ____D () C:\Users\Zorana Sijacki 2014-12-23 17:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System 2014-12-23 17:51 - 2011-02-22 16:07 - 00000000 ____D () C:\Program Files (x86)\Atheros 2014-12-21 14:07 - 2012-06-04 11:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-12-05 01:24 - 2014-05-18 21:10 - 00000000 ____D () C:\Users\Zorana Sijacki\Nova fascikla (2) 2014-12-05 01:24 - 2011-11-29 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2014-12-05 01:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2014-12-04 22:02 - 2011-11-29 13:55 - 00000000 ____D () C:\Users\Zorana Sijacki\AppData\Local\Mozilla 2014-12-04 20:14 - 2013-04-06 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-12-04 18:45 - 2013-04-06 18:10 - 00003928 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-12-04 18:45 - 2013-04-06 18:10 - 00003676 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-12-04 15:42 - 2014-04-20 14:44 - 00068812 _____ () C:\Windows\DPINST.LOG 2014-12-04 15:40 - 2013-03-26 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2014-12-04 15:39 - 2010-11-22 08:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information Some content of TEMP: ==================== C:\Users\Zorana Sijacki\AppData\Local\Temp\1.tmp.exe C:\Users\Zorana Sijacki\AppData\Local\Temp\install_reader11_en_mssa_aih.exe C:\Users\Zorana Sijacki\AppData\Local\Temp\MSNCBC.exe C:\Users\Zorana Sijacki\AppData\Local\Temp\Quarantine.exe C:\Users\Zorana Sijacki\AppData\Local\Temp\Runner.exe C:\Users\Zorana Sijacki\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2013-04-19 13:51 ==================== End Of Log ============================ https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 25 Dec 2014 18:16 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe: uTorrentControl2 Toolbar Korak 2 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. CloseProcesses: HKLM-x32\...\Run: [svchost.exe] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [svchost.exe] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [svchost] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [adobeupdate] => "C:\Users\Zorana Sijacki\AppData\Roaming\Update1\bat99.bat" HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [updates32] => C:\Users\Zorana Sijacki\AppData\Roaming\opp\sis32.exe [71680 2014-12-25] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\MountPoints2: {5c885ed1-95bb-11e2-88d0-1c750886daee} - F:\Startme.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Users\Zorana Sijacki\AppData\Roaming\Mozilla\Firefox\Profiles\paypbpzk.default\Extensions\{2977d8cc-8902-4340-be88-2c676bf96b8d} [2014-06-27] CHR Extension: (Cyti Web) - C:\Users\Zorana Sijacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\imaonoflgcdidkofjhnlbinhjffgpjef [2014-12-24] S2 SPDRIVER_1.38.0.1450; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1450\jsdrv.sys [X] Task: {53A501D3-1994-4576-A0BE-A2B0B432E372} - System32\Tasks\JBJND => C:\Users\Zorana Sijacki\AppData\Roaming\JBJND.exe <==== ATTENTION Task: {6CF4A340-9016-4CDF-BB7E-21ADD76E02E8} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION Task: {E302FDBE-05DA-4621-AE1C-6EF6E3CF7C98} - System32\Tasks\OPIVZTWU => C:\Users\Zorana Sijacki\AppData\Roaming\OPIVZTWU.exe <==== ATTENTION Task: C:\Windows\Tasks\JBJND.job => C:\Users\Zorana Sijacki\AppData\Roaming\JBJND.exe <==== ATTENTION Task: C:\Windows\Tasks\OPIVZTWU.job => C:\Users\Zorana Sijacki\AppData\Roaming\OPIVZTWU.exe <==== ATTENTION cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\updates32" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YTDownloader" /f C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe C:\Users\Zorana Sijacki\AppData\Roaming\opp C:\Users\Zorana Sijacki\AppData\Roaming\Update1 C:\Program Files (x86)\ShopperPro C:\Program Files (x86)\6f6ce811-3cbc-43c7-a7ca-4b5b0384dbe0 C:\Program Files (x86)\8a244f6d-e8f8-4c65-8ac1-2c02ca9ea240 C:\Program Files (x86)\0daed16c-c157-495e-a3c3-f32784d5d046 C:\Users\Zorana Sijacki\Downloads\Installation.exe C:\Users\Zorana Sijacki\Downloads\installer_java_English.exe C:\Users\Zorana Sijacki\AppData\Roaming\JBJND.exe C:\Program Files (x86)\YTDownloader C:\Users\Zorana Sijacki\AppData\Roaming\OPIVZTWU.exe EmptyTemp: U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Profil

Brksi Poslao: 25 Dec 2014 18:31 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ne da da uradim fix izbacuje bsod.... da idem u safe mode?

Profil

Sass Drake Poslao: 25 Dec 2014 18:39 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Brksi ::ne da da uradim fix izbacuje bsod.... da idem u safe mode? Kada klikneš na Fix ti izbaci BSOD?

Profil

Brksi Poslao: 25 Dec 2014 18:40 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! da

Profil

Sass Drake Poslao: 25 Dec 2014 18:43 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sačuvaj ovaj tekst kao fixlist.txt pa probaj opet: HKLM-x32\...\Run: [svchost.exe] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [svchost.exe] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [svchost] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [adobeupdate] => "C:\Users\Zorana Sijacki\AppData\Roaming\Update1\bat99.bat" HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [updates32] => C:\Users\Zorana Sijacki\AppData\Roaming\opp\sis32.exe [71680 2014-12-25] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\MountPoints2: {5c885ed1-95bb-11e2-88d0-1c750886daee} - F:\Startme.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Users\Zorana Sijacki\AppData\Roaming\Mozilla\Firefox\Profiles\paypbpzk.default\Extensions\{2977d8cc-8902-4340-be88-2c676bf96b8d} [2014-06-27] CHR Extension: (Cyti Web) - C:\Users\Zorana Sijacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\imaonoflgcdidkofjhnlbinhjffgpjef [2014-12-24] S2 SPDRIVER_1.38.0.1450; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1450\jsdrv.sys [X] Task: {53A501D3-1994-4576-A0BE-A2B0B432E372} - System32\Tasks\JBJND => C:\Users\Zorana Sijacki\AppData\Roaming\JBJND.exe <==== ATTENTION Task: {6CF4A340-9016-4CDF-BB7E-21ADD76E02E8} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION Task: {E302FDBE-05DA-4621-AE1C-6EF6E3CF7C98} - System32\Tasks\OPIVZTWU => C:\Users\Zorana Sijacki\AppData\Roaming\OPIVZTWU.exe <==== ATTENTION Task: C:\Windows\Tasks\JBJND.job => C:\Users\Zorana Sijacki\AppData\Roaming\JBJND.exe <==== ATTENTION Task: C:\Windows\Tasks\OPIVZTWU.job => C:\Users\Zorana Sijacki\AppData\Roaming\OPIVZTWU.exe <==== ATTENTION cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\updates32" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YTDownloader" /f C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe C:\Users\Zorana Sijacki\AppData\Roaming\opp C:\Users\Zorana Sijacki\AppData\Roaming\Update1 C:\Program Files (x86)\ShopperPro C:\Program Files (x86)\6f6ce811-3cbc-43c7-a7ca-4b5b0384dbe0 C:\Program Files (x86)\8a244f6d-e8f8-4c65-8ac1-2c02ca9ea240 C:\Program Files (x86)\0daed16c-c157-495e-a3c3-f32784d5d046 C:\Users\Zorana Sijacki\Downloads\Installation.exe C:\Users\Zorana Sijacki\Downloads\installer_java_English.exe C:\Users\Zorana Sijacki\AppData\Roaming\JBJND.exe C:\Program Files (x86)\YTDownloader C:\Users\Zorana Sijacki\AppData\Roaming\OPIVZTWU.exe

Profil

Brksi Poslao: 25 Dec 2014 18:51 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-12-2014 Ran by Zorana Sijacki at 2014-12-25 18:45:17 Run:2 Running from C:\Users\Zorana Sijacki\Desktop Loaded Profile: Zorana Sijacki (Available profiles: Zorana Sijacki) Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM-x32\...\Run: [svchost.exe] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [svchost.exe] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [svchost] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [adobeupdate] => "C:\Users\Zorana Sijacki\AppData\Roaming\Update1\bat99.bat" HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [updates32] => C:\Users\Zorana Sijacki\AppData\Roaming\opp\sis32.exe [71680 2014-12-25] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\MountPoints2: {5c885ed1-95bb-11e2-88d0-1c750886daee} - F:\Startme.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Users\Zorana Sijacki\AppData\Roaming\Mozilla\Firefox\Profiles\paypbpzk.default\Extensions\{2977d8cc-8902-4340-be88-2c676bf96b8d} [2014-06-27] CHR Extension: (Cyti Web) - C:\Users\Zorana Sijacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\imaonoflgcdidkofjhnlbinhjffgpjef [2014-12-24] S2 SPDRIVER_1.38.0.1450; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1450\jsdrv.sys [X] Task: {53A501D3-1994-4576-A0BE-A2B0B432E372} - System32\Tasks\JBJND => C:\Users\Zorana Sijacki\AppData\Roaming\JBJND.exe <==== ATTENTION Task: {6CF4A340-9016-4CDF-BB7E-21ADD76E02E8} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION Task: {E302FDBE-05DA-4621-AE1C-6EF6E3CF7C98} - System32\Tasks\OPIVZTWU => C:\Users\Zorana Sijacki\AppData\Roaming\OPIVZTWU.exe <==== ATTENTION Task: C:\Windows\Tasks\JBJND.job => C:\Users\Zorana Sijacki\AppData\Roaming\JBJND.exe <==== ATTENTION Task: C:\Windows\Tasks\OPIVZTWU.job => C:\Users\Zorana Sijacki\AppData\Roaming\OPIVZTWU.exe <==== ATTENTION cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\updates32" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YTDownloader" /f

Profil

Sass Drake Poslao: 25 Dec 2014 18:59 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisi mi postavio kompeltan fixlog.txt. Prikači fixlog.txt uz poruku.

Profil

Brksi Poslao: 25 Dec 2014 19:01 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: https://www.mycity.rs/must-login.png Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-12-2014 Ran by Zorana Sijacki at 2014-12-25 18:45:17 Run:2 Running from C:\Users\Zorana Sijacki\Desktop Loaded Profile: Zorana Sijacki (Available profiles: Zorana Sijacki) Boot Mode: Normal ============================================== Content of fixlist: *************** HKLM-x32\...\Run: [svchost.exe] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [svchost.exe] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [svchost] => C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe [71680 2012-10-16] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [adobeupdate] => "C:\Users\Zorana Sijacki\AppData\Roaming\Update1\bat99.bat" HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\Run: [updates32] => C:\Users\Zorana Sijacki\AppData\Roaming\opp\sis32.exe [71680 2014-12-25] (rapprenais mouvemente'es) HKU\S-1-5-21-2004353239-133581813-3622214978-1000\...\MountPoints2: {5c885ed1-95bb-11e2-88d0-1c750886daee} - F:\Startme.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Users\Zorana Sijacki\AppData\Roaming\Mozilla\Firefox\Profiles\paypbpzk.default\Extensions\{2977d8cc-8902-4340-be88-2c676bf96b8d} [2014-06-27] CHR Extension: (Cyti Web) - C:\Users\Zorana Sijacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\imaonoflgcdidkofjhnlbinhjffgpjef [2014-12-24] S2 SPDRIVER_1.38.0.1450; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1450\jsdrv.sys [X] Task: {53A501D3-1994-4576-A0BE-A2B0B432E372} - System32\Tasks\JBJND => C:\Users\Zorana Sijacki\AppData\Roaming\JBJND.exe <==== ATTENTION Task: {6CF4A340-9016-4CDF-BB7E-21ADD76E02E8} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION Task: {E302FDBE-05DA-4621-AE1C-6EF6E3CF7C98} - System32\Tasks\OPIVZTWU => C:\Users\Zorana Sijacki\AppData\Roaming\OPIVZTWU.exe <==== ATTENTION Task: C:\Windows\Tasks\JBJND.job => C:\Users\Zorana Sijacki\AppData\Roaming\JBJND.exe <==== ATTENTION Task: C:\Windows\Tasks\OPIVZTWU.job => C:\Users\Zorana Sijacki\AppData\Roaming\OPIVZTWU.exe <==== ATTENTION cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\updates32" /f cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YTDownloader" /f C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe C:\Users\Zorana Sijacki\AppData\Roaming\opp C:\Users\Zorana Sijacki\AppData\Roaming\Update1 C:\Program Files (x86)\ShopperPro C:\Program Files (x86)\6f6ce811-3cbc-43c7-a7ca-4b5b0384dbe0 C:\Program Files (x86)\8a244f6d-e8f8-4c65-8ac1-2c02ca9ea240 C:\Program Files (x86)\0daed16c-c157-495e-a3c3-f32784d5d046 C:\Users\Zorana Sijacki\Downloads\Installation.exe C:\Users\Zorana Sijacki\Downloads\installer_java_English.exe C:\Users\Zorana Sijacki\AppData\Roaming\JBJND.exe C:\Program Files (x86)\YTDownloader C:\Users\Zorana Sijacki\AppData\Roaming\OPIVZTWU.exe *************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\svchost.exe => value deleted successfully. HKU\S-1-5-21-2004353239-133581813-3622214978-1000\Software\Microsoft\Windows\CurrentVersion\Run\\svchost.exe => value deleted successfully. HKU\S-1-5-21-2004353239-133581813-3622214978-1000\Software\Microsoft\Windows\CurrentVersion\Run\\svchost => value deleted successfully. HKU\S-1-5-21-2004353239-133581813-3622214978-1000\Software\Microsoft\Windows\CurrentVersion\Run\\adobeupdate => value deleted successfully. HKU\S-1-5-21-2004353239-133581813-3622214978-1000\Software\Microsoft\Windows\CurrentVersion\Run\\updates32 => value deleted successfully. "HKU\S-1-5-21-2004353239-133581813-3622214978-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c885ed1-95bb-11e2-88d0-1c750886daee}" => Key deleted successfully. HKCR\CLSID\{5c885ed1-95bb-11e2-88d0-1c750886daee} => Key not found. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. C:\Users\Zorana Sijacki\AppData\Roaming\Mozilla\Firefox\Profiles\paypbpzk.default\Extensions\{2977d8cc-8902-4340-be88-2c676bf96b8d} => Moved successfully. C:\Users\Zorana Sijacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\imaonoflgcdidkofjhnlbinhjffgpjef => Moved successfully. SPDRIVER_1.38.0.1450 => Service deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{53A501D3-1994-4576-A0BE-A2B0B432E372}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53A501D3-1994-4576-A0BE-A2B0B432E372}" => Key deleted successfully. C:\Windows\System32\Tasks\JBJND => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JBJND" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6CF4A340-9016-4CDF-BB7E-21ADD76E02E8}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CF4A340-9016-4CDF-BB7E-21ADD76E02E8}" => Key deleted successfully. C:\Windows\System32\Tasks\YTDownloaderUpd => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloaderUpd" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E302FDBE-05DA-4621-AE1C-6EF6E3CF7C98}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E302FDBE-05DA-4621-AE1C-6EF6E3CF7C98}" => Key deleted successfully. C:\Windows\System32\Tasks\OPIVZTWU => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OPIVZTWU" => Key deleted successfully. C:\Windows\Tasks\JBJND.job => Moved successfully. C:\Windows\Tasks\OPIVZTWU.job => Moved successfully. ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\updates32" /f ========= Operacija je uspe�no dovr�ena. ========= End of CMD: ========= ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YTDownloader" /f ========= Operacija je uspe�no dovr�ena. ========= End of CMD: ========= C:\Users\Zorana Sijacki\AppData\Roaming\svchost.exe => Moved successfully. C:\Users\Zorana Sijacki\AppData\Roaming\opp => Moved successfully. "C:\Users\Zorana Sijacki\AppData\Roaming\Update1" => File/Directory not found. "C:\Program Files (x86)\ShopperPro" => File/Directory not found. C:\Program Files (x86)\6f6ce811-3cbc-43c7-a7ca-4b5b0384dbe0 => Moved successfully. C:\Program Files (x86)\8a244f6d-e8f8-4c65-8ac1-2c02ca9ea240 => Moved successfully. C:\Program Files (x86)\0daed16c-c157-495e-a3c3-f32784d5d046 => Moved successfully. C:\Users\Zorana Sijacki\Downloads\Installation.exe => Moved successfully. C:\Users\Zorana Sijacki\Downloads\installer_java_English.exe => Moved successfully. "C:\Users\Zorana Sijacki\AppData\Roaming\JBJND.exe" => File/Directory not found. "C:\Program Files (x86)\YTDownloader" => File/Directory not found. "C:\Users\Zorana Sijacki\AppData\Roaming\OPIVZTWU.exe" => File/Directory not found. The system needed a reboot. ==== End of Fixlog 18:45:21 ====

Profil

Sass Drake Poslao: 25 Dec 2014 19:09 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Spakuj u ZIP, RAR ili 7Z arhivu sljedeći folder: C:\FRST\Quarantine i pošalji ga preko sljedećeg linka: http://www.mycity.rs/ambulanta-upload.php Korak 2 Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: `process; startupall; drivers-services-list; skipfix-iedefaults; firefoxlook; chromelook; filesrcm;` Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Hitna dezinfekcija

Ko je trenutno na forumu

Ukupno su 923 korisnika na forumu :: 5 registrovanih, 0 sakrivenih i 918 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bigfoot, djordje92sm, Hans Gajger, kybonacci, zziko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by