MyCity » Ambulanta -> Arhiva Ambulante » Racunar bez zastite

Racunar bez zastite

Napisano na dan: 25.1.2014

Racunar bez zastite

Sledeća strana

Pagination

Odgovori

miloscapa Poslao: 25 Jan 2014 17:49 Idi na vrh
offline miloscapa Novi MyCity građanin Pridružio: 25 Jan 2014 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: morando ovde Trenutno se nalazim kod drugara, njegov racunar je bez antivirusne zastite vec odavno pa sam pomislio da bi bilo najbolje da neko od stucnjaka sa MC foruma pomogne i analizira racunar ako nije problem i ako moze da posavetuje koji free AV da skinemo i instaliramo. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.17.2 Run by Chapa at 17:42:05 on 2014-01-26 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3584.2311 [GMT 1:00] . SP: Windows Defender Enabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\atiesrxx.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe C:\Windows\system32\taskhost.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\Dwm.exe C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe C:\Windows\Explorer.EXE C:\Program Files\Movies Toolbar\Datamngr\DatamngrUI.exe C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\DllHost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\MCShield\MCShieldRTM.exe C:\Windows\system32\taskeng.exe C:\Program Files\HDvid Codec V6.0\HDvid Codec V6.0-firefoxinstaller.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k secsvcs . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-420&v=u10781-177&t=4 BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.): {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - c:\program files\movies toolbar\datamngr\srtool~2\ie\searchresultsDx.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Movies Toolbar (Dist. by Bandoo Media, Inc.): {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - c:\program files\movies toolbar\datamngr\srtool~2\ie\searchresultsDx.dll uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [iLivid] "c:\users\chapa\appdata\local\ilivid\iLivid.exe" -autorun uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_9_900_170_Plugin.exe -update plugin mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll TCP: NameServer = 192.168.100.1 TCP: Interfaces\{F9625C79-3EEA-4F92-9038-E682B553C932} : DHCPNameServer = 192.168.100.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll AppInit_DLLs= c:\progra~2\wincert\win32c~1.dll c:\progra~1\movies~1\datamngr\mgrldr.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\32.0.1700.76\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome IFEO: bitguard.exe - tasklist.exe IFEO: bprotect.exe - tasklist.exe IFEO: bpsvc.exe - tasklist.exe IFEO: browsemngr.exe - tasklist.exe IFEO: browserdefender.exe - tasklist.exe . Note: multiple IFEO entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - c:\users\chapa\appdata\roaming\mozilla\firefox\profiles\zkepk4p4.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&CUI=UN32732393056024692&UM=1&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/ FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&CUI=UN32732393056024692&UM=&q= FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\veetle\player\npvlc.dll FF - plugin: c:\program files\veetle\plugins\npVeetle.dll FF - plugin: c:\users\chapa\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll FF - plugin: c:\users\chapa\appdata\roaming\mozilla\firefox\profiles\zkepk4p4.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\plugins\np-mswmp.dll FF - plugin: c:\users\chapa\appdata\roaming\mozilla\firefox\profiles\zkepk4p4.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\plugins\npConduitFirefoxPlugin.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll . ============= SERVICES / DRIVERS =============== . R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2013-1-20 20712] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 219136] R2 DatamngrCoordinator;Datamngr Coordinator;c:\program files\movies toolbar\datamngr\DatamngrCoordinator.exe [2013-12-25 3447808] R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-10-9 3275136] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-11-6 84992] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-7 161384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] . =============== Created Last 30 ================ . 2014-01-26 16:32:01 -------- d-----w- c:\users\chapa\appdata\local\Thunderbird 2014-01-26 16:26:50 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2014-01-26 16:25:04 -------- d-----w- c:\programdata\MCShield 2014-01-26 16:25:03 -------- d-----w- c:\program files\MCShield 2014-01-19 05:26:11 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{829f6d40-5162-402b-b277-5f562ccccec9}\offreg.dll 2014-01-12 17:30:56 -------- d-----w- c:\users\chapa\appdata\local\Microsoft Games 2014-01-01 01:05:59 782240 ----a-w- c:\windows\system32\deployJava1.dll 2014-01-01 01:05:43 861088 ----a-w- c:\windows\system32\npDeployJava1.dll 2014-01-01 00:54:10 -------- d-----w- c:\programdata\Datamngr . ==================== Find3M ==================== . 2013-12-12 18:27:32 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-12-12 18:27:32 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe . ============= FINISH: 17:42:25.99 =============== mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 25 Jan 2014 19:57 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	1Ovo se svidja korisniku: miloscapa Registruj se da bi pohvalio/la poruku! Pozdrav, Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop: Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom. Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija. dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor; pričekati koji trenutak dok alat proverava postoji li novija verzija; klikni na dugme Scan; po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj FRST.txt izveštaja u poruku; po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt); okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

Profil

miloscapa Poslao: 25 Jan 2014 20:06 Idi na vrh
offline miloscapa Novi MyCity građanin Pridružio: 25 Jan 2014 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-01-2014 01 Ran by Chapa (administrator) on CHAPA-PC on 26-01-2014 20:03:18 Running from C:\Users\Chapa\Desktop Microsoft Windows 7 Ultimate (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) =================== (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrUI.exe (Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation) HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [17729128 2013-02-07] (Skype Technologies S.A.) HKCU\...\Run: [iLivid] - "C:\Users\Chapa\AppData\Local\iLivid\iLivid.exe" -autorun HKCU\...\Run: [MCShield Monitor] - C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-01-20] (MyCity) HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe -update plugin [839560 2013-12-12] (Adobe Systems Incorporated) MountPoints2: F - F:\autorun.exe MountPoints2: {33686293-b8c9-11e2-8046-00241da95e32} - G:\Startme.exe AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL => C:\ProgramData\Wincert\win32cert.dll [7168 2013-11-04] () AppInit_DLLs: C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll => C:\Program Files\Movies Toolbar\Datamngr\mgrldr.dll [20480 2013-12-23] () IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browsemngr.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browsermngr.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe IFEO\cltmngsvc.exe: [Debugger] tasklist.exe IFEO\delta babylon.exe: [Debugger] tasklist.exe IFEO\delta tb.exe: [Debugger] tasklist.exe IFEO\delta2.exe: [Debugger] tasklist.exe IFEO\deltainstaller.exe: [Debugger] tasklist.exe IFEO\deltasetup.exe: [Debugger] tasklist.exe IFEO\deltatb.exe: [Debugger] tasklist.exe IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe IFEO\iminentsetup.exe: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\rjatydimofu.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\sweetimsetup.exe: [Debugger] tasklist.exe IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll [485376 2013-12-23] () <===== ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.ask.com/?o=APN10645A&gct=hp&d=406-420&v=u10781-177&t=4 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x40EB0E1116F7CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = dts.search.ask.com/sr?src=ieb&gct=ds&appid=.....nrs=AG6&q={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = dts.search.ask.com/sr?src=ieb&gct=ds&appid=.....nrs=AG6&q={searchTerms} BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\Program Files\Movies Toolbar\Datamngr\SRTOOL~2\IE\searchresultsDx.dll () BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\Program Files\Movies Toolbar\Datamngr\SRTOOL~2\IE\searchresultsDx.dll () Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 FireFox: ======== FF ProfilePath: C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default FF user.js: detected! => C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\user.js FF SearchEngineOrder.1: Ask.com FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", ""); FF Homepage: hxxp://www.google.rs/ FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&CUI=UN32732393056024692&UM=&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Chapa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF SearchPlugin: C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\searchplugins\Ask.xml FF SearchPlugin: C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\searchplugins\bs-player-controlbar-customized-web-search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml FF Extension: HDvid Codec V6.0 - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com [2013-11-26] FF Extension: Vaauudixu - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\iaio2ckla@lrwncqo.edu [2013-12-24] FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} [2014-01-01] FF Extension: New tab - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\{6F977649-B06D-7809-9725-1FCFD3AC8308} [2013-12-25] FF Extension: BS Player ControlBar - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} [2013-12-12] FF Extension: Adblock Plus - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-26] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-21] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-21] Chrome: ======= CHR HomePage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-420&v=u10781-177&t=4 CHR RestoreOnStartup: "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-420&v=u10781-177&t=4" CHR DefaultSearchProvider: Ask.com CHR DefaultSearchURL: dts.search.ask.com/sr?src=crb&gct=ds&appid=.....nrs=AG6&q={searchTerms} CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll No File CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Movies Toolbar) - C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob [2013-11-25] CHR Extension: (Google Docs) - C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-21] CHR Extension: (Google Drive) - C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-21] CHR Extension: (YouTube) - C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-21] CHR Extension: (Google Search) - C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-21] CHR Extension: (Skype Click to Call) - C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-03-06] CHR Extension: (Google Wallet) - C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-25] CHR Extension: (Vaauudixu) - C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ollkbckgbhjbdgaccendlfffhofjfpie [2013-12-24] CHR Extension: (Gmail) - C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-21] CHR HKLM\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Users\Chapa\AppData\Local\ilividmoviestoolbarha\GC\toolbar.crx [2013-08-20] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09] ========================== Services (Whitelisted) ================= R2 DatamngrCoordinator; C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3447808 2013-12-23] (Bandoo Media Inc.) R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.) ==================== Drivers (Whitelisted) ==================== R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [20712 2013-01-20] (REALiX(tm)) R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [112096 2012-02-09] (Power Software Ltd) U3 mbr; \??\C:\Users\Chapa\AppData\Local\Temp\mbr.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-26 20:03 - 2014-01-26 20:03 - 00014289 _____ C:\Users\Chapa\Desktop\FRST.txt 2014-01-26 20:03 - 2014-01-26 20:03 - 00000000 ____D C:\FRST 2014-01-26 20:02 - 2014-01-26 20:02 - 01222144 _____ (Farbar) C:\Users\Chapa\Desktop\FRST.exe 2014-01-26 19:02 - 2014-01-26 19:02 - 00000912 _____ C:\Users\Chapa\Desktop\Windows Mobile Device Center.lnk 2014-01-26 19:02 - 2014-01-26 19:02 - 00000828 _____ C:\Users\Chapa\Desktop\Documents on belphegor's GT-B7610.LNK 2014-01-26 19:02 - 2014-01-26 19:02 - 00000000 ____D C:\Users\Chapa\Documents\Documents on belphegor's GT-B7610 2014-01-26 19:01 - 2014-01-26 19:01 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdRapi2_01_00_00.Wdf 2014-01-26 18:58 - 2014-01-26 19:01 - 00000000 ____D C:\Windows\WindowsMobile 2014-01-26 18:56 - 2014-01-26 18:57 - 00000000 ____D C:\Users\Chapa\Desktop\100SSCAM 2014-01-26 17:42 - 2014-01-26 17:42 - 00008159 _____ C:\Users\Chapa\Desktop\dds.txt 2014-01-26 17:42 - 2014-01-26 17:42 - 00003886 _____ C:\Users\Chapa\Desktop\attach.txt 2014-01-26 17:40 - 2014-01-26 17:41 - 00688992 ____R (Swearware) C:\Users\Chapa\Desktop\dds.scr 2014-01-26 17:32 - 2014-01-26 17:32 - 00000000 ____D C:\Users\Chapa\AppData\Roaming\Thunderbird 2014-01-26 17:32 - 2014-01-26 17:32 - 00000000 ____D C:\Users\Chapa\AppData\Local\Thunderbird 2014-01-26 17:31 - 2014-01-26 17:31 - 00002032 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-01-26 17:31 - 2014-01-26 17:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird 2014-01-26 17:29 - 2014-01-26 17:30 - 23236352 _____ (Mozilla) C:\Users\Chapa\Downloads\Thunderbird Setup 24.2.0.exe 2014-01-26 17:26 - 2014-01-26 17:26 - 00000340 _____ C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-01-26 17:26 - 2014-01-01 02:05 - 00262560 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-01-26 17:26 - 2014-01-01 02:05 - 00174496 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-01-26 17:26 - 2014-01-01 02:05 - 00174496 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-01-26 17:26 - 2014-01-01 02:05 - 00094112 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-01-26 17:25 - 2014-01-26 18:55 - 00000000 ____D C:\ProgramData\MCShield 2014-01-26 17:25 - 2014-01-26 17:25 - 00000000 ____D C:\Program Files\MCShield 2014-01-26 17:19 - 2014-01-26 17:19 - 02854696 _____ (MyCity) C:\Users\Chapa\Downloads\MCShield-Setup.exe 2014-01-12 18:30 - 2014-01-12 18:31 - 00000000 ____D C:\Users\Chapa\AppData\Local\Microsoft Games 2014-01-06 19:15 - 2014-01-07 03:23 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk 2014-01-06 19:13 - 2014-01-06 19:14 - 24097311 _____ C:\Users\Chapa\Downloads\vlc-2.1.2-win32.exe 2014-01-01 02:05 - 2014-01-01 02:05 - 00861088 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll 2014-01-01 02:05 - 2014-01-01 02:05 - 00782240 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll 2014-01-01 01:58 - 2014-01-01 01:58 - 00915368 _____ (Oracle Corporation) C:\Users\Chapa\Downloads\jxpiinstall(10).exe 2014-01-01 01:54 - 2014-01-26 20:02 - 00000000 ____D C:\ProgramData\Datamngr 2014-01-01 01:53 - 2014-01-01 01:53 - 01645424 _____ (Bandoo Media Inc) C:\Users\Chapa\Downloads\iLividSetup-r420-n-bf(2).exe 2013-12-30 20:52 - 2013-12-30 20:52 - 01645424 _____ (Bandoo Media Inc) C:\Users\Chapa\Downloads\iLividSetup-r420-n-bf(1).exe 2013-12-30 20:50 - 2014-01-26 17:26 - 00000000 ____D C:\Program Files\Java 2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Program Files\Common Files\Java 2013-12-30 20:48 - 2013-12-30 20:48 - 00915368 _____ (Oracle Corporation) C:\Users\Chapa\Downloads\jxpiinstall(9).exe 2013-12-28 08:35 - 2013-12-28 08:35 - 00915368 _____ (Oracle Corporation) C:\Users\Chapa\Downloads\jxpiinstall(8).exe ==================== One Month Modified Files and Folders ======= 2014-01-26 20:03 - 2014-01-26 20:03 - 00014289 _____ C:\Users\Chapa\Desktop\FRST.txt 2014-01-26 20:03 - 2014-01-26 20:03 - 00000000 ____D C:\FRST 2014-01-26 20:02 - 2014-01-26 20:02 - 01222144 _____ (Farbar) C:\Users\Chapa\Desktop\FRST.exe 2014-01-26 20:02 - 2014-01-01 01:54 - 00000000 ____D C:\ProgramData\Datamngr 2014-01-26 19:48 - 2013-02-09 10:43 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3674969213-773107719-3183302825-1000UA.job 2014-01-26 19:40 - 2013-01-21 12:51 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-26 19:27 - 2013-01-20 15:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-26 19:05 - 2009-07-14 05:34 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-26 19:05 - 2009-07-14 05:34 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-26 19:02 - 2014-01-26 19:02 - 00000912 _____ C:\Users\Chapa\Desktop\Windows Mobile Device Center.lnk 2014-01-26 19:02 - 2014-01-26 19:02 - 00000828 _____ C:\Users\Chapa\Desktop\Documents on belphegor's GT-B7610.LNK 2014-01-26 19:02 - 2014-01-26 19:02 - 00000000 ____D C:\Users\Chapa\Documents\Documents on belphegor's GT-B7610 2014-01-26 19:02 - 2013-01-20 02:40 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-26 19:01 - 2014-01-26 19:01 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdRapi2_01_00_00.Wdf 2014-01-26 19:01 - 2014-01-26 18:58 - 00000000 ____D C:\Windows\WindowsMobile 2014-01-26 19:01 - 2013-01-20 11:31 - 01551986 _____ C:\Windows\WindowsUpdate.log 2014-01-26 19:01 - 2009-07-14 05:39 - 00038573 _____ C:\Windows\setupact.log 2014-01-26 19:01 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles 2014-01-26 18:57 - 2014-01-26 18:56 - 00000000 ____D C:\Users\Chapa\Desktop\100SSCAM 2014-01-26 18:55 - 2014-01-26 17:25 - 00000000 ____D C:\ProgramData\MCShield 2014-01-26 17:44 - 2013-11-26 17:39 - 00002148 _____ C:\Windows\Tasks\HDvid Codec V6.0-firefoxinstaller.job 2014-01-26 17:42 - 2014-01-26 17:42 - 00008159 _____ C:\Users\Chapa\Desktop\dds.txt 2014-01-26 17:42 - 2014-01-26 17:42 - 00003886 _____ C:\Users\Chapa\Desktop\attach.txt 2014-01-26 17:41 - 2014-01-26 17:40 - 00688992 ____R (Swearware) C:\Users\Chapa\Desktop\dds.scr 2014-01-26 17:39 - 2013-11-26 17:39 - 00001314 _____ C:\Windows\Tasks\HDvid Codec V6.0-updater.job 2014-01-26 17:32 - 2014-01-26 17:32 - 00000000 ____D C:\Users\Chapa\AppData\Roaming\Thunderbird 2014-01-26 17:32 - 2014-01-26 17:32 - 00000000 ____D C:\Users\Chapa\AppData\Local\Thunderbird 2014-01-26 17:31 - 2014-01-26 17:31 - 00002032 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-01-26 17:31 - 2014-01-26 17:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird 2014-01-26 17:31 - 2013-01-20 15:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2014-01-26 17:30 - 2014-01-26 17:29 - 23236352 _____ (Mozilla) C:\Users\Chapa\Downloads\Thunderbird Setup 24.2.0.exe 2014-01-26 17:26 - 2014-01-26 17:26 - 00000340 _____ C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-01-26 17:26 - 2013-12-30 20:50 - 00000000 ____D C:\Program Files\Java 2014-01-26 17:25 - 2014-01-26 17:25 - 00000000 ____D C:\Program Files\MCShield 2014-01-26 17:19 - 2014-01-26 17:19 - 02854696 _____ (MyCity) C:\Users\Chapa\Downloads\MCShield-Setup.exe 2014-01-26 17:12 - 2013-01-21 12:51 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-26 17:07 - 2013-02-09 10:43 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3674969213-773107719-3183302825-1000Core.job 2014-01-26 16:58 - 2013-02-22 12:53 - 00000000 ____D C:\Users\Chapa\AppData\Roaming\Skype 2014-01-18 06:43 - 2013-01-21 12:57 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2014-01-18 06:23 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-12 18:31 - 2014-01-12 18:30 - 00000000 ____D C:\Users\Chapa\AppData\Local\Microsoft Games 2014-01-07 03:23 - 2014-01-06 19:15 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk 2014-01-06 19:24 - 2013-12-24 10:31 - 00000000 ____D C:\ProgramData\Viaudix 2014-01-06 19:24 - 2013-01-30 18:45 - 00102022 _____ C:\Windows\PFRO.log 2014-01-06 19:22 - 2013-12-24 10:31 - 00000000 ____D C:\ProgramData\c17ac72fb7229ed0 2014-01-06 19:22 - 2013-12-24 10:31 - 00000000 ____D C:\Program Files\Viaudix 2014-01-06 19:16 - 2013-01-20 15:42 - 00000000 ____D C:\Users\Chapa\AppData\Roaming\vlc 2014-01-06 19:14 - 2014-01-06 19:13 - 24097311 _____ C:\Users\Chapa\Downloads\vlc-2.1.2-win32.exe 2014-01-01 02:05 - 2014-01-26 17:26 - 00262560 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-01-01 02:05 - 2014-01-26 17:26 - 00174496 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-01-01 02:05 - 2014-01-26 17:26 - 00174496 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-01-01 02:05 - 2014-01-26 17:26 - 00094112 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-01-01 02:05 - 2014-01-01 02:05 - 00861088 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll 2014-01-01 02:05 - 2014-01-01 02:05 - 00782240 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll 2014-01-01 01:58 - 2014-01-01 01:58 - 00915368 _____ (Oracle Corporation) C:\Users\Chapa\Downloads\jxpiinstall(10).exe 2014-01-01 01:54 - 2013-11-25 02:47 - 00000000 ____D C:\ProgramData\Wincert 2014-01-01 01:53 - 2014-01-01 01:53 - 01645424 _____ (Bandoo Media Inc) C:\Users\Chapa\Downloads\iLividSetup-r420-n-bf(2).exe 2013-12-30 20:52 - 2013-12-30 20:52 - 01645424 _____ (Bandoo Media Inc) C:\Users\Chapa\Downloads\iLividSetup-r420-n-bf(1).exe 2013-12-30 20:50 - 2013-12-30 20:50 - 00000000 ____D C:\Program Files\Common Files\Java 2013-12-30 20:50 - 2013-11-03 14:45 - 00000000 ____D C:\ProgramData\Oracle 2013-12-30 20:48 - 2013-12-30 20:48 - 00915368 _____ (Oracle Corporation) C:\Users\Chapa\Downloads\jxpiinstall(9).exe 2013-12-28 08:35 - 2013-12-28 08:35 - 00915368 _____ (Oracle Corporation) C:\Users\Chapa\Downloads\jxpiinstall(8).exe Files to move or delete: ==================== C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll Some content of TEMP: ==================== C:\Users\Chapa\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-19 06:27 ==================== End Of Log ============================ mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 25 Jan 2014 20:42 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	1Ovo se svidja korisniku: miloscapa Registruj se da bi pohvalio/la poruku! Iz Control Panel-a obrisi sledece: - HDvid Codec V6.0 - HDVidCodec - Movies Toolbar for Chrome - Movies Toolbar for Firefox - Movies Toolbar for Internet Explorer Restartuj racunar. ZATIM 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: (Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrUI.exe (Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe HKCU\...\Run: [iLivid] - "C:\Users\Chapa\AppData\Local\iLivid\iLivid.exe" -autorun C:\Program Files\Movies Toolbar C:\Users\Chapa\AppData\Local\iLivid MountPoints2: F - F:\autorun.exe MountPoints2: {33686293-b8c9-11e2-8046-00241da95e32} - G:\Startme.exe AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL => C:\ProgramData\Wincert\win32cert.dll [7168 2013-11-04] () AppInit_DLLs: C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll => C:\Program Files\Movies Toolbar\Datamngr\mgrldr.dll [20480 2013-12-23] () C:\PROGRA~1\MOVIES~1 C:\ProgramData\Wincert IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browsemngr.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browsermngr.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe IFEO\cltmngsvc.exe: [Debugger] tasklist.exe IFEO\delta babylon.exe: [Debugger] tasklist.exe IFEO\delta tb.exe: [Debugger] tasklist.exe IFEO\delta2.exe: [Debugger] tasklist.exe IFEO\deltainstaller.exe: [Debugger] tasklist.exe IFEO\deltasetup.exe: [Debugger] tasklist.exe IFEO\deltatb.exe: [Debugger] tasklist.exe IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe IFEO\iminentsetup.exe: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\rjatydimofu.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\sweetimsetup.exe: [Debugger] tasklist.exe IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll [485376 2013-12-23] () <===== ATTENTION HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-420&v=u10781-177&t=4 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x40EB0E1116F7CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=.....nrs=AG6&q={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=.....nrs=AG6&q={searchTerms} BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\Program Files\Movies Toolbar\Datamngr\SRTOOL~2\IE\searchresultsDx.dll () Toolbar: HKLM - Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\Program Files\Movies Toolbar\Datamngr\SRTOOL~2\IE\searchresultsDx.dll () FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&CUI=UN32732393056024692&UM=&q= FF SearchEngineOrder.1: Ask.com FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", ""); FF SearchPlugin: C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\searchplugins\Ask.xml FF SearchPlugin: C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\searchplugins\bs-player-controlbar-customized-web-search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml FF Extension: HDvid Codec V6.0 - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com [2013-11-26] FF Extension: Vaauudixu - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\iaio2ckla@lrwncqo.edu [2013-12-24] FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} [2014-01-01] FF Extension: New tab - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\{6F977649-B06D-7809-9725-1FCFD3AC8308} [2013-12-25] FF Extension: BS Player ControlBar - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} [2013-12-12] CHR Extension: (Movies Toolbar) - C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob [2013-11-25] CHR Extension: (Vaauudixu) - C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ollkbckgbhjbdgaccendlfffhofjfpie [2013-12-24] CHR HKLM\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Users\Chapa\AppData\Local\ilividmoviestoolbarha\GC\toolbar.crx [2013-08-20] R2 DatamngrCoordinator; C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3447808 2013-12-23] (Bandoo Media Inc.) C:\ProgramData\Datamngr cmd: del C:\Users\Chapa\Downloads\*.exe Task: {4986CD74-00E5-4F67-BA88-95DA01519BA4} - System32\Tasks\HDvid Codec V6.0-firefoxinstaller => C:\Program Files\HDvid Codec V6.0\HDvid Codec V6.0-firefoxinstaller.exe [2013-11-26] (installdaddy) <==== ATTENTION Task: {BBC7D2B2-19F3-461E-B1D5-78DE0449F654} - System32\Tasks\HDvid Codec V6.0-updater => C:\Program Files\HDvid Codec V6.0\HDvid Codec V6.0-updater.exe [2013-11-26] (installdaddy) <==== ATTENTION Task: C:\Windows\Tasks\HDvid Codec V6.0-firefoxinstaller.job => C:\Program Files\HDvid Codec V6.0\HDvid Codec V6.0-firefoxinstaller.exe Task: C:\Windows\Tasks\HDvid Codec V6.0-updater.job => C:\Program Files\HDvid Codec V6.0\HDvid Codec V6.0-updater.exe cmd: ipconfig /flushdns 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. ZATIM Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Clean i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl" Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

Profil

miloscapa Poslao: 25 Jan 2014 21:17 Idi na vrh
offline miloscapa Novi MyCity građanin Pridružio: 25 Jan 2014 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-01-2014 01 Ran by Chapa at 2014-01-26 20:59:05 Run:1 Running from C:\Users\Chapa\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** (Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrUI.exe (Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe HKCU\...\Run: [iLivid] - "C:\Users\Chapa\AppData\Local\iLivid\iLivid.exe" -autorun C:\Program Files\Movies Toolbar C:\Users\Chapa\AppData\Local\iLivid MountPoints2: F - F:\autorun.exe MountPoints2: {33686293-b8c9-11e2-8046-00241da95e32} - G:\Startme.exe AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL => C:\ProgramData\Wincert\win32cert.dll [7168 2013-11-04] () AppInit_DLLs: C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll => C:\Program Files\Movies Toolbar\Datamngr\mgrldr.dll [20480 2013-12-23] () C:\PROGRA~1\MOVIES~1 C:\ProgramData\Wincert IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browsemngr.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browsermngr.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe IFEO\cltmngsvc.exe: [Debugger] tasklist.exe IFEO\delta babylon.exe: [Debugger] tasklist.exe IFEO\delta tb.exe: [Debugger] tasklist.exe IFEO\delta2.exe: [Debugger] tasklist.exe IFEO\deltainstaller.exe: [Debugger] tasklist.exe IFEO\deltasetup.exe: [Debugger] tasklist.exe IFEO\deltatb.exe: [Debugger] tasklist.exe IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe IFEO\iminentsetup.exe: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\rjatydimofu.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\sweetimsetup.exe: [Debugger] tasklist.exe IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll [485376 2013-12-23] () <===== ATTENTION HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.ask.com/?o=APN10645A&gct=hp&d=406-420&v=u10781-177&t=4 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x40EB0E1116F7CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = dts.search.ask.com/sr?src=ieb&gct=ds&appid=.....nrs=AG6&q={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = dts.search.ask.com/sr?src=ieb&gct=ds&appid=.....nrs=AG6&q={searchTerms} BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\Program Files\Movies Toolbar\Datamngr\SRTOOL~2\IE\searchresultsDx.dll () Toolbar: HKLM - Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\Program Files\Movies Toolbar\Datamngr\SRTOOL~2\IE\searchresultsDx.dll () FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&CUI=UN32732393056024692&UM=&q= FF SearchEngineOrder.1: Ask.com FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", ""); FF SearchPlugin: C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\searchplugins\Ask.xml FF SearchPlugin: C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\searchplugins\bs-player-controlbar-customized-web-search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml FF Extension: HDvid Codec V6.0 - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com [2013-11-26] FF Extension: Vaauudixu - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\iaio2ckla@lrwncqo.edu [2013-12-24] FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} [2014-01-01] FF Extension: New tab - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\{6F977649-B06D-7809-9725-1FCFD3AC8308} [2013-12-25] FF Extension: BS Player ControlBar - C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} [2013-12-12] CHR Extension: (Movies Toolbar) - C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob [2013-11-25] CHR Extension: (Vaauudixu) - C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ollkbckgbhjbdgaccendlfffhofjfpie [2013-12-24] CHR HKLM\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Users\Chapa\AppData\Local\ilividmoviestoolbarha\GC\toolbar.crx [2013-08-20] R2 DatamngrCoordinator; C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3447808 2013-12-23] (Bandoo Media Inc.) C:\ProgramData\Datamngr cmd: del C:\Users\Chapa\Downloads\.exe Task: {4986CD74-00E5-4F67-BA88-95DA01519BA4} - System32\Tasks\HDvid Codec V6.0-firefoxinstaller => C:\Program Files\HDvid Codec V6.0\HDvid Codec V6.0-firefoxinstaller.exe [2013-11-26] (installdaddy) <==== ATTENTION Task: {BBC7D2B2-19F3-461E-B1D5-78DE0449F654} - System32\Tasks\HDvid Codec V6.0-updater => C:\Program Files\HDvid Codec V6.0\HDvid Codec V6.0-updater.exe [2013-11-26] (installdaddy) <==== ATTENTION Task: C:\Windows\Tasks\HDvid Codec V6.0-firefoxinstaller.job => C:\Program Files\HDvid Codec V6.0\HDvid Codec V6.0-firefoxinstaller.exe Task: C:\Windows\Tasks\HDvid Codec V6.0-updater.job => C:\Program Files\HDvid Codec V6.0\HDvid Codec V6.0-updater.exe cmd: ipconfig /flushdns **************** C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe => No running process found C:\Program Files\Movies Toolbar\Datamngr\DatamngrUI.exe => No running process found C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe => No running process found HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\iLivid => Value deleted successfully. "C:\Program Files\Movies Toolbar" => File/Directory not found. "C:\Users\Chapa\AppData\Local\iLivid" => File/Directory not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => Key deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{33686293-b8c9-11e2-8046-00241da95e32} => Key deleted successfully. HKCR\CLSID\{33686293-b8c9-11e2-8046-00241da95e32} => Key not found. "C:\\PROGRA~2\\Wincert\\WIN32C~1.DLL" => Value Data not found. "C:\\PROGRA~1\\MOVIES~1\\Datamngr\\mgrldr.dll" => Value Data not found. "C:\PROGRA~1\MOVIES~1" => File/Directory not found. "C:\ProgramData\Wincert" => File/Directory not found. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsemngr.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsermngr.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bundlesweetimsetup.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cltmngsvc.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\delta babylon.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\delta tb.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\delta2.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\deltainstaller.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\deltasetup.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\deltatb.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\deltatb_2501-c733154b.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iminentsetup.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rjatydimofu.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\sweetimsetup.exe => Key deleted successfully. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\tbdelta.exetoolbar783881609.exe => Key deleted successfully. HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value deleted successfully. HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => Value not found. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs => Value deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} => Key not found. HKCR\CLSID\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} => Value not found. HKCR\CLSID\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} => Key not found. Firefox Keyword.URL deleted successfully. Firefox SearchEngineOrder.1 deleted successfully. C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\searchplugins\Ask.xml => Moved successfully. C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\searchplugins\bs-player-controlbar-customized-web-search.xml => Moved successfully. C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml => Moved successfully. C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com => not found. C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\iaio2ckla@lrwncqo.edu => Moved successfully. C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} => not found. C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\{6F977649-B06D-7809-9725-1FCFD3AC8308} => not found. C:\Users\Chapa\AppData\Roaming\Mozilla\Firefox\Profiles\zkepk4p4.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => Moved successfully. C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob => Moved successfully. C:\Users\Chapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ollkbckgbhjbdgaccendlfffhofjfpie => Moved successfully. HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob => Key not found. "C:\Users\Chapa\AppData\Local\ilividmoviestoolbarha\GC\toolbar.crx" => File/Directory not found. DatamngrCoordinator => Service not found. "C:\ProgramData\Datamngr" => File/Directory not found. ========= del C:\Users\Chapa\Downloads\*.exe ========= ========= End of CMD: ========= HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4986CD74-00E5-4F67-BA88-95DA01519BA4} => Key not found. C:\Windows\System32\Tasks\HDvid Codec V6.0-firefoxinstaller not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HDvid Codec V6.0-firefoxinstaller => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BBC7D2B2-19F3-461E-B1D5-78DE0449F654} => Key not found. C:\Windows\System32\Tasks\HDvid Codec V6.0-updater not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HDvid Codec V6.0-updater => Key not found. C:\Windows\Tasks\HDvid Codec V6.0-firefoxinstaller.job not found. C:\Windows\Tasks\HDvid Codec V6.0-updater.job not found. ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ==== End of Fixlog ==== mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 25 Jan 2014 23:32 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	1Ovo se svidja korisniku: morando Registruj se da bi pohvalio/la poruku! U redu, pocistili smo Toolbarove i Adware i imamo jos jednu proveru. Uzgred, kazi mi, kakvo je stanje? Preuzmi aswMBR i sacuvaj ga na Desktop. Dvoklikom pokreni aswMBR. Ukoliko dobijes sledecu poruku: Would you like to download latest Avast! virus definitions? Klikni na dugme Yes i pricekaj da se proces preuzimanja definicija zavrsi. Proveri da je pod AV Scan: izabrana opcija QuickScan Klikni na Scan. Kada zavrsi skeniranje ( Scan finished successfully ) klikni Save log. Sacuvaj aswMBR log na Desktop. Sadrzaj tog loga iskopiraj u temi.

Profil

morando Poslao: 26 Jan 2014 01:51 Idi na vrh
offline morando Građanin Pridružio: 19 Maj 2011 Poruke: 297	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ja sam morao da odem od njega. Moram ovo nastaviti neki drugi put, jer smo imali malo vremena. :/ Hvala za sad, videcu sto pre da nastavim.

Profil

miloscapa Poslao: 27 Jan 2014 18:00 Idi na vrh
offline miloscapa Novi MyCity građanin Pridružio: 25 Jan 2014 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo nas malo sa zakasnjenjem. :/ aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software Run date: 2014-01-28 17:42:20 ----------------------------- 17:42:20.590 OS Version: Windows 6.1.7600 17:42:20.590 Number of processors: 2 586 0x602 17:42:20.593 ComputerName: CHAPA-PC UserName: Chapa 17:42:22.916 Initialize success 17:48:01.575 AVAST engine defs: 14012700 17:49:42.759 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005b 17:49:42.767 Disk 0 Vendor: WDC_WD16 05.0 Size: 152626MB BusType: 3 17:49:42.909 Disk 0 MBR read successfully 17:49:42.920 Disk 0 MBR scan 17:49:42.930 Disk 0 Windows 7 default MBR code 17:49:42.939 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 17:49:42.953 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 79900 MB offset 206848 17:49:42.985 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 72624 MB offset 163842048 17:49:42.996 Disk 0 scanning sectors +312576000 17:49:43.081 Disk 0 scanning C:\Windows\system32\drivers 17:49:50.247 Service scanning 17:50:06.624 Modules scanning 17:50:11.589 Disk 0 trace - called modules: 17:50:11.617 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor.sys 17:50:11.638 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x865f6438] 17:50:11.652 3 CLASSPNP.SYS[8c79c59e] -> nt!IofCallDriver -> [0x86016320] 17:50:11.660 5 ACPI.sys[833b13b2] -> nt!IofCallDriver -> \Device\0000005b[0x86016560] 17:50:12.041 AVAST engine scan C:\Windows 17:50:13.479 AVAST engine scan C:\Windows\system32 17:52:48.200 AVAST engine scan C:\Windows\system32\drivers 17:52:56.453 AVAST engine scan C:\Users\Chapa 17:53:31.018 File: C:\Users\Chapa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6SOMO8VZ\agent2[1].exe INFECTED Win32:Agent-ASOC [Adw] 17:56:42.828 AVAST engine scan C:\ProgramData 17:57:05.332 Scan finished successfully 17:58:22.822 Disk 0 MBR has been saved successfully to "C:\Users\Chapa\Desktop\MBR.dat" 17:58:22.829 The log file has been saved successfully to "C:\Users\Chapa\Desktop\aswMBR.txt"

Profil

TwinHeadedEagle Poslao: 27 Jan 2014 20:47 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	2Ovo se svidja korisnicima: miloscapa, morando Registruj se da bi pohvalio/la poruku! Racunar je cist Ono sto bih jos dodatno uradio jeste praznjenje Temp foldera. To mozes uraditi sa alatom ispod: Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop. Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje. Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu. Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu. Nakon toga da pocistimo koriscene alate: Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop Dvoklikom pokreni program. Štikliraj sledeće opcije: Remove disinfection tools Purge System Restore Reset system settings Klikni na dugme "Run" i pričekaj da program završi rad. Alat ce ukloniti sve koriscene alate u ovoj temi... Kada alat završi, otvoriće izvestaj u notepadu. Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt Nije potrebno dostavljati izvestaj. ========================================================== Neke moje dodatne preporuke, koje mozes, a i ne moras da uradis: Preporučujem da za zaštitu USB memorijskih uredjaja koristiš MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad, a pokazao se kao jedan od najboljih vidova zaštite od malware-a koji se prenosi putem USB mem. uređaja. Skineš, instaliraš, ubodeš USB mem. uređaj, izvrši se skeniranje nakon čega dobiješ obaveštenje da je uređaj čist (ukoliko je stvarno tako); ili dobiješ log u kome vidiš informacije o malware-u koji je nađen i obrisan. Home Page MCShield-a ::Anti-Malware Tool:: v2: http://amf.mycity.rs/mcshield/ Više o MCShield-u možeš saznati u ovim temama: v1: http://www.mycity.rs/MyCity-Laboratorija/MCShield.html v2: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj. Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html Takode, isprati i temu "Kako izbeci i ukloniti toolbar-ove" , procitaj i isprati korake u njoj. Link do teme je: http://www.mycity.rs/Zastita/Kako-izbeci-i-ukloniti-toolbar-ove.html TwinHeadedEagle (AMF Tim)

Profil

miloscapa Poslao: 27 Jan 2014 21:24 Idi na vrh
offline miloscapa Novi MyCity građanin Pridružio: 25 Jan 2014 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala na izdvojenom vremenu i pomoci.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Racunar bez zastite

Ko je trenutno na forumu

Ukupno su 1022 korisnika na forumu :: 25 registrovanih, 2 sakrivenih i 995 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., dekir, djuradj, doloress, flash12, Grond, hyla, kybonacci, Marko Marković, Mercury, Milos1389, nebojsag, nemkea71, nenad81, pein, Povratak1912, raykan, ruma, sabros, tmanda323, Viceroy, voja64, zbazin, Žoržo, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by