|
|
|
|
|
Poslao: 21 Jan 2014 13:24
|
offline
- Sass Drake
- Anti Malware Fighter
Rank 2
- Pridružio: 26 Avg 2010
- Poruke: 10622
- Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building
|
Kolega ima obaveze, pa ću ga ja zamijeniti dok ne bude slobodan.
Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={025C7E4B-094C-4F07-9769-FBF8A65BB4E7}&mid=c77c3034869e42c1840d785b55bd0519-e0867e99bdbc272f7b81bb7b2c7186a11de0fc1c&lang=sr&ds=ad011&coid=avgtbdisad&cmpid=&pr=sa&d=2014-01-20 09:11:34&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {DAD41D93-27A2-4AA1-8F31-8D482365BB68} URL = http://www.mysearchresults.com/search?c=8004&t=11&q={searchTerms}
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://mysearch.avg.com?cid={025C7E4B-094C-4F07-9769-FBF8A65BB4E7}&mid=c77c3034869e42c1840d785b55bd0519-e0867e99bdbc272f7b81bb7b2c7186a11de0fc1c&lang=sr&ds=ad011&coid=avgtbdisad&cmpid=&pr=sa&d=&v=17.3.1.91&pid=safeguard&sg=&sap=hp
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchURL: http://mysearch.avg.com/search?cid={025C7E4B-094C-4F07-9769-FBF8A65BB4E7}&mid=c77c3034869e42c1840d785b55bd0519-e0867e99bdbc272f7b81bb7b2c7186a11de0fc1c&lang=sr&ds=ad011&coid=avgtbdisad&cmpid=&pr=sa&d=2014-01-20 09:11:34&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
FF Extension: WebSite Recommendation - C:\Users\Dragoljub\AppData\Roaming\Mozilla\Firefox\Profiles\a408b5gk.default-1382899517588\Extensions\WebSiteRecommendation@weliketheweb.com
U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum
|
|
|
|
|
|
|
Poslao: 25 Jan 2014 12:12
|
offline
- popaj 2
- Novi MyCity građanin
- Pridružio: 27 Okt 2013
- Poruke: 15
|
Sorry par dana me nije bilo. Uradio sam sve po uputstvu
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2014
Ran by Dragoljub (administrator) on PEJCEVI on 25-01-2014 12:02:37
Running from C:\Users\Dragoljub\Desktop
Windows 8.1 Pro (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Link mogu videti samo ulogovani korisnici]
Download link for 64-Bit Version: [Link mogu videti samo ulogovani korisnici]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Link mogu videti samo ulogovani korisnici]
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Cerulean Studios) C:\Program Files (x86)\Trillian\trillian.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(KoshyJohn.com) C:\Users\Dragoljub\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(BitTorrent Inc.) C:\Users\Dragoljub\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)
HKLM\...\Run: [AsioReg] - REGSVR32.EXE /S CTASIO.DLL
HKLM\...\Run: [ACPW07EN] - C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [1739080 2013-09-25] (ACD Systems)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7780696 2013-08-22] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1103424 2013-01-10] (Acronis)
HKLM-x32\...\Run: [AsioThk32Reg] - REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [CTHelper] - C:\Windows\SysWOW64\CTHELPER.EXE [19456 2007-04-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [CTxfiHlp] - C:\Windows\SysWOW64\CTXFIHLP.EXE [19968 2007-04-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2534936 2014-01-20] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [IncrediMail] - C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444840 2013-08-30] (IncrediMail, Ltd.)
HKCU\...\Run: [MCShield Monitor] - C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-01-20] (MyCity)
HKCU\...\Run: [CCleaner Monitoring] - C:\Program Files\CCleaner\CCleaner64.exe [5973272 2013-12-17] (Piriform Ltd)
HKCU\...\Run: [Memory Cleaner] - C:\Users\Dragoljub\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe [791560 2013-02-03] (KoshyJohn.com)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [457728 2013-08-22] (Microsoft Corporation)
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
IFEO\microsoft.windowslive.platform.server: [Debugger] rundll32.exe
Startup: C:\Users\Dragoljub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
ShortcutTarget: Trillian.lnk -> C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC349756108E9CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.91\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.91\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
Tcpip\..\Interfaces\{BC59499D-5727-4307-9B41-AC05AF9ADBDE}: [NameServer]213.244.255.2,77.105.0.18,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Dragoljub\AppData\Roaming\Mozilla\Firefox\Profiles\a408b5gk.default-1382899517588
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: Ads Removal - C:\Users\Dragoljub\AppData\Roaming\Mozilla\Firefox\Profiles\a408b5gk.default-1382899517588\Extensions\adsremoval@adsremoval.net [2013-12-19]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Dragoljub\AppData\Roaming\Mozilla\Firefox\Profiles\a408b5gk.default-1382899517588\Extensions\ascsurfingprotection@iobit.com [2014-01-20]
FF Extension: Magnet Downloader - C:\Users\Dragoljub\AppData\Roaming\Mozilla\Firefox\Profiles\a408b5gk.default-1382899517588\Extensions\b026053c-c151-481a-a83e-4fb8d5b1b1a4@cb8a450e-83dd-422a-b921-028b1cbf9831.com [2013-11-09]
FF Extension: WebSite Recommendation - C:\Users\Dragoljub\AppData\Roaming\Mozilla\Firefox\Profiles\a408b5gk.default-1382899517588\Extensions\WebSiteRecommendation@weliketheweb.com [2013-12-24]
FF Extension: Youtube MP3 Podcaster - C:\Users\Dragoljub\AppData\Roaming\Mozilla\Firefox\Profiles\a408b5gk.default-1382899517588\Extensions\youtubemp3podcaster@jeremy.d.gregorio.com [2014-01-24]
FF Extension: Adblock Plus - C:\Users\Dragoljub\AppData\Roaming\Mozilla\Firefox\Profiles\a408b5gk.default-1382899517588\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-17]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91 [2014-01-20]
Chrome:
=======
CHR HomePage: [Link mogu videti samo ulogovani korisnici]
CHR Extension: (Google документи) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-29]
CHR Extension: (Google диск) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-29]
CHR Extension: (TV) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-01-04]
CHR Extension: (YouTube) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-29]
CHR Extension: (Adblock Plus) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-11]
CHR Extension: (Linkification) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflchafndefoljnhhholeekfpgmbphaf [2013-11-14]
CHR Extension: (Google претрага) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-29]
CHR Extension: (SimilarWebLite) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnpicgdnjfnbkibnicdnnpkkpklkjkki [2013-11-14]
CHR Extension: (Raindrops(Non-Aero)) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpagcfbbmlebfnkeogkigellbgmfkjfg [2013-11-14]
CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhnkognlohdkpjkjongioociddgoibk [2014-01-19]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2013-11-14]
CHR Extension: (PowerInbox) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmmgljeemhhajnponhffhpjioiclpmbh [2013-11-14]
CHR Extension: (Facebook One) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gceeodfjmkoilhaoehbnhofdpobaohnm [2013-11-14]
CHR Extension: (Facebook for Chrome) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2013-11-14]
CHR Extension: (Ads Removal) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2013-12-19]
CHR Extension: (Google Play) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2013-11-14]
CHR Extension: (FastestFox for Chrome) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-11-14]
CHR Extension: (F.B. Purity Cleans Up Facebook) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2013-11-14]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-20]
CHR Extension: (Додатак RSS претплата (од Google-а)) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2013-11-14]
CHR Extension: (Google новчаник) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-29]
CHR Extension: (Better Pop Up Blocker) - C:\Users\Dragoljub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic [2013-11-14]
|
|
|
|
|
|
|
Poslao: 25 Jan 2014 13:44
|
offline
- Sass Drake
- Anti Malware Fighter
Rank 2
- Pridružio: 26 Avg 2010
- Poruke: 10622
- Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building
|
Pozdrav,
Nisi postavio fixlog.txt, a ni svjež FRST izvještaj nije kompletan.
|
|
|
|
|
|
|
Poslao: 25 Jan 2014 14:49
|
offline
- popaj 2
- Novi MyCity građanin
- Pridružio: 27 Okt 2013
- Poruke: 15
|
Napisano: 25 Jan 2014 14:35
ne znam kako nije kompletan, da nije mozda greska sto sam odmah isao na FIX po uputstvu, valjda je prvo trebalo SCAN?
Dopuna: 25 Jan 2014 14:42
Evo sad sam ponovo probao dva puta da prvo uradim SCAB i nakon dva minuta dobijem ovo sa slike
[url=http://www.mycity.rs/slika.php?slika=334513_46355244_Clip_9.jpg]
A evo FIXLOG-a
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2014
Ran by Dragoljub at 2014-01-25 12:02:22 Run:2
Running from C:\Users\Dragoljub\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = [Link mogu videti samo ulogovani korisnici]{025C7E4B-094C-4F07-9769-FBF8A65BB4E7}&mid=c77c3034869e42c1840d785b55bd0519-e0867e99bdbc272f7b81bb7b2c7186a11de0fc1c&lang=sr&ds=ad011&coid=avgtbdisad&cmpid=&pr=sa&d=2014-01-20 09:11:34&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {DAD41D93-27A2-4AA1-8F31-8D482365BB68} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: [Link mogu videti samo ulogovani korisnici]{025C7E4B-094C-4F07-9769-FBF8A65BB4E7}&mid=c77c3034869e42c1840d785b55bd0519-e0867e99bdbc272f7b81bb7b2c7186a11de0fc1c&lang=sr&ds=ad011&coid=avgtbdisad&cmpid=&pr=sa&d=&v=17.3.1.91&pid=safeguard&sg=&sap=hp
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchURL: [Link mogu videti samo ulogovani korisnici]{025C7E4B-094C-4F07-9769-FBF8A65BB4E7}&mid=c77c3034869e42c1840d785b55bd0519-e0867e99bdbc272f7b81bb7b2c7186a11de0fc1c&lang=sr&ds=ad011&coid=avgtbdisad&cmpid=&pr=sa&d=2014-01-20 09:11:34&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
FF Extension: WebSite Recommendation - C:\Users\Dragoljub\AppData\Roaming\Mozilla\Firefox\Profiles\a408b5gk.default-1382899517588\Extensions\WebSiteRecommendation@weliketheweb.com
*****************
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DAD41D93-27A2-4AA1-8F31-8D482365BB68} => Key deleted successfully.
HKCR\CLSID\{DAD41D93-27A2-4AA1-8F31-8D482365BB68} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
CHR DefaultSearchKeyword: mysearch.avg.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: [Link mogu videti samo ulogovani korisnici]{025C7E4B-094C-4F07-9769-FBF8A65BB4E7}&mid=c77c3034869e42c1840d785b55bd0519-e0867e99bdbc272f7b81bb7b2c7186a11de0fc1c&lang=sr&ds=ad011&coid=avgtbdisad&cmpid=&pr=sa&d=2014-01-20 09:11:34&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
FF Extension: WebSite Recommendation - C:\Users\Dragoljub\AppData\Roaming\Mozilla\Firefox\Profiles\a408b5gk.default-1382899517588\Extensions\WebSiteRecommendation@weliketheweb.com not found.
==== End of Fixlog ====
Dopuna: 25 Jan 2014 14:47
P.S. ne SCAB nego SCAN
Dopuna: 25 Jan 2014 14:49
 [/url]
|
|
|
|
|
|
|
Poslao: 25 Jan 2014 14:50
|
offline
- Sass Drake
- Anti Malware Fighter
Rank 2
- Pridružio: 26 Avg 2010
- Poruke: 10622
- Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building
|
[Link mogu videti samo ulogovani korisnici]
Išao si po uputstvu samo nisi postavio pravi izvještaj i taj koji su postavio nije bio kompletan. Pokreni opet FRST, klikni na scan i psotavi novi izvještaj da vidim kakvo je sada stanje.
|
|
|
|
|
|
|
Poslao: 25 Jan 2014 14:55
|
offline
- popaj 2
- Novi MyCity građanin
- Pridružio: 27 Okt 2013
- Poruke: 15
|
Dopuna: 25 Jan 2014 14:52
O Bože zašto ovde nema EDIT POST?
Dopuna: 25 Jan 2014 14:53
Ne mogu kad pokrenem FIRST nakon dva minuta dobijem ovu poruku sa slike da je FIRST prestao sa radom
Dopuna: 25 Jan 2014 14:55
EDIT :
FRST
|
|
|
|
|
|
|
Poslao: 25 Jan 2014 15:13
|
offline
- Sass Drake
- Anti Malware Fighter
Rank 2
- Pridružio: 26 Avg 2010
- Poruke: 10622
- Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building
|
[Link mogu videti samo ulogovani korisnici]
Skini novu verziju pa probaj opet.
|
|
|
|
|
|
|
|
Da li koristiš Refog Keyloger, tj. da li si ga sam instalirao?
