MyCity » Ambulanta -> Arhiva Ambulante » Virus Diablo6

Virus Diablo6

Napisano na dan: 10.8.2017

Virus Diablo6

Odgovori

Medinamama Poslao: 10 Avg 2017 11:19 Idi na vrh
offline Medinamama Novi MyCity građanin Pridružio: 10 Avg 2017 Poruke: 2	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pozdrav, imam problem-otvorila u mejlu zipovan folder i nakon toga ne mogu da otvorim dokumente, slike. Virus :-( (pored svakog pise Diablo6 file i sifra umesto imena). I ne radi nista sem interneta :-) HELP! mycity.rs/must-login.png mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2017 Ran by Nikola (administrator) on IVAN (10-08-2017 12:06:32) Running from C:\Users\Nikola\Downloads Loaded Profiles: Nikola (Available Profiles: Nikola) Platform: Windows 8 (X64) Language: English (United States) Internet Explorer Version 10 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe () C:\Program Files (x86)\Vip mobilni internet\AssistantServices.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (TOSHIBA CORPORATION) C:\Program Files\Toshiba\HDD Accelerator\THAccelSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe (Microsoft Corporation) C:\Windows\System32\LogonUI.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe () C:\Program Files (x86)\Vip mobilni internet\UIExec.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe () C:\Program Files (x86)\Vip mobilni internet\CancelAutoPlay.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe\LiveComm.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Farbar) C:\Users\Nikola\Downloads\FRST64 (2).exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-14] (Realtek Semiconductor) HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-14] (TOSHIBA Corporation) HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation) HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] () HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba) HKLM-x32\...\Run: [CancelAutoPlay] => C:\Program Files (x86)\Vip mobilni internet\CancelAutoPlay.exe [414544 2012-03-12] () HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Vip mobilni internet\UIExec.exe [156448 2012-05-11] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49904 2014-08-14] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\ScCertProp: wlnotify.dll [X] HKU\S-1-5-21-4167515356-3470986416-1549138154-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom) HKU\S-1-5-21-4167515356-3470986416-1549138154-1001\...\MountPoints2: {5ca7dd50-51eb-11e3-be76-008cfa34fbeb} - "G:\Windows/AutoRun.exe" HKU\S-1-5-21-4167515356-3470986416-1549138154-1001\...\MountPoints2: {f1c5c537-795a-11e5-be85-008cfa34fbeb} - "G:\Autorun.exe" HKU\S-1-5-21-4167515356-3470986416-1549138154-1001\...\MountPoints2: {f1c5c546-795a-11e5-be85-008cfa34fbeb} - "G:\Autorun.exe" HKU\S-1-5-21-4167515356-3470986416-1549138154-1001\...\MountPoints2: {f1c5c5bb-795a-11e5-be85-008cfa34fbeb} - "G:\Autorun.exe" HKU\S-1-5-21-4167515356-3470986416-1549138154-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\WLXPGSS.SCR [321472 2012-07-28] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{191E7D48-2F1D-48A2-8492-E750999701CF}: [DhcpNameServer] 192.168.1.10 192.168.1.1 Tcpip\..\Interfaces\{23FC1987-20D2-4896-8E8B-BD1911B2BC6F}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com HKU\S-1-5-21-4167515356-3470986416-1549138154-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com SearchScopes: HKU\S-1-5-21-4167515356-3470986416-1549138154-1001 -> DefaultScope {81F99BF4-7733-4ECA-B173-DA8149AA1671} URL = SearchScopes: HKU\S-1-5-21-4167515356-3470986416-1549138154-1001 -> {81F99BF4-7733-4ECA-B173-DA8149AA1671} URL = BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-05] (Google Inc.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-05] (Google Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-05] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-05] (Google Inc.) FireFox: ======== FF ProfilePath: C:\Users\Nikola\AppData\Roaming\TomTom\HOME\Profiles\dg9jcx46.default [2014-08-08] FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2014-01-29] [not signed] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-11-20] [not signed] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.google.rs/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default [2017-08-10] CHR Extension: (Google Docs) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25] CHR Extension: (Google Drive) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27] CHR Extension: (YouTube) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02] CHR Extension: (Google Search) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Docs Offline) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-11] CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-25] CHR Extension: (Gmail) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-16] CHR Extension: (Chrome Media Router) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-10] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET) R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed] R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation) R2 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [214488 2012-08-10] (TOSHIBA CORPORATION) R2 UI Assistant Service; C:\Program Files (x86)\Vip mobilni internet\AssistantServices.exe [274760 2012-08-02] () S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 ccSet_NAT; C:\windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation) S3 cxbu0x64; C:\windows\system32\DRIVERS\cxbu0x64.sys [147576 2014-04-05] (HID Global Corporation) S3 dot4; C:\windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider) R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET) R0 edevmon; C:\windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET) R1 ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET) R2 epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET) S3 RTL8192Ce; C:\windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation ) R3 RTWlanE; C:\windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation ) R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-17] (Synaptics Incorporated) R0 THAccel; C:\windows\System32\DRIVERS\THAccel.sys [131520 2012-08-10] (TOSHIBA CORPORATION) R3 Thotkey; C:\windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider) S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation) S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-08-10 12:06 - 2017-08-10 12:07 - 000015131 _____ C:\Users\Nikola\Downloads\FRST.txt 2017-08-10 12:04 - 2017-08-10 12:06 - 000000000 ____D C:\FRST 2017-08-10 12:03 - 2017-08-10 12:03 - 002381824 _____ (Farbar) C:\Users\Nikola\Downloads\FRST64 (2).exe 2017-08-10 10:28 - 2017-08-10 10:37 - 000000000 ____D C:\ProgramData\HitmanPro 2017-08-10 10:27 - 2017-08-10 10:27 - 011584088 _____ (SurfRight B.V.) C:\Users\Nikola\Downloads\hitmanpro_x64.exe 2017-08-10 09:13 - 2017-08-10 09:13 - 009858119 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-E0074886-F3A2198D102B.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 002490501 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-29BE676E-199B71EC6136.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 001719950 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-D7292ECF-6F4B19519D2B.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 001604207 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-A1BCCF5E-CAD27B2428E2.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 001251032 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-A01344BD-DAD6A0F4374E.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 000256324 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-EACE9FBA-738B235C04AD.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 000216900 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-0007EB9D-8129E60B9FF3.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 000202052 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-74EA85AE-204F5B10C9D8.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 000191300 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-591C2C47-2D312B5EA8C5.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 000131396 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-E313757F-38ACC687EEBF.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 000127595 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-50E7EBC4-B894E2729B55.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 000096068 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-213FC829-7D8E835590E5.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 000070468 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-6D9A582A-905667021BC2.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 000055700 _____ C:\Users\Nikola\Downloads\KFZWCM05-H639-1AX6-6B79D4E2-FDED285C5863.diablo6 2017-08-10 09:13 - 2017-08-10 09:13 - 000008584 ____C C:\Users\Nikola\Downloads\diablo6-3dff.htm 2017-08-10 09:09 - 2017-08-10 09:09 - 000000000 ____D C:\Users\Nikola\AppData\Roaming\WinRAR 2017-08-05 12:09 - 2017-08-10 09:13 - 000000000 ____D C:\Users\Nikola\Desktop\stankovic radmilo 2017-08-02 11:28 - 2017-08-10 09:13 - 000000000 ____D C:\Users\Nikola\Desktop\Dragan Nikolić 2017-07-31 09:49 - 2017-08-10 09:13 - 000000000 ____D C:\Users\Nikola\Desktop\Sonja Savić 2017-07-29 11:14 - 2017-07-29 11:14 - 000062976 _____ C:\Users\Nikola\Desktop\LAGER MAZDA jul.xls ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-08-10 12:03 - 2015-10-23 09:54 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task 2017-08-10 12:02 - 2017-05-12 12:32 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-08-10 11:56 - 2015-03-19 15:15 - 000000000 ____D C:\Users\Nikola\AppData\Roaming\ClassicShell 2017-08-10 11:29 - 2015-09-28 11:19 - 000000916 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1d0f9cebda1b878.job 2017-08-10 11:29 - 2014-01-23 14:42 - 000000000 ____D C:\windows\system32\MRT 2017-08-10 11:27 - 2014-01-23 14:42 - 140394280 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2017-08-10 11:24 - 2014-08-08 12:04 - 000000916 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1cfb2f02c7f4aef.job 2017-08-10 10:30 - 2013-11-20 16:16 - 000000912 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2017-08-10 10:17 - 2015-12-02 11:25 - 000000912 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1d12ce3714a69af.job 2017-08-10 09:57 - 2014-08-21 13:04 - 000491008 ___SH C:\Users\Nikola\Desktop\Thumbs.db 2017-08-10 09:54 - 2012-07-26 10:12 - 000000000 ____D C:\windows\AUInstallAgent 2017-08-10 09:53 - 2012-07-26 10:12 - 000000000 ___HD C:\Program Files\WindowsApps 2017-08-10 09:15 - 2013-11-20 16:03 - 000000000 ____D C:\YuRecnik 2017-08-10 09:13 - 2017-06-14 12:45 - 000000000 ____D C:\Users\Nikola\Desktop\Jankovski Vangel 2017-08-10 09:13 - 2017-04-28 15:21 - 000000000 ___RD C:\Users\Nikola\Desktop\Marina 2017-08-10 09:13 - 2015-03-10 11:40 - 000000000 ___RD C:\Users\Nikola\Documents\Scanned Documents 2017-08-10 09:13 - 2013-11-20 16:02 - 000000000 ____D C:\ProgramData\Book Place 2017-08-10 09:13 - 2013-05-21 02:48 - 000000000 ____D C:\TOSHIBA 2017-08-08 14:18 - 2013-11-20 16:17 - 000002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-01 15:14 - 2012-07-26 09:28 - 000848230 _____ C:\windows\system32\PerfStringBackup.INI 2017-08-01 15:14 - 2012-07-26 07:37 - 000000000 ____D C:\windows\Inf 2017-07-29 09:18 - 2012-07-26 09:22 - 000000006 ____H C:\windows\Tasks\SA.DAT 2017-07-29 09:17 - 2012-07-26 07:26 - 000262144 ___SH C:\windows\system32\config\BBI Some files in TEMP: ==================== 2017-08-10 10:38 - 2017-08-10 10:27 - 011584088 _____ (SurfRight B.V.) C:\Users\Nikola\AppData\Local\Temp\HitmanPro.exe 2014-12-23 16:48 - 2015-01-08 11:05 - 000000000 _____ () C:\Users\Nikola\AppData\Local\Temp\{44E5E3AC-F36B-4DB1-88A7-C1314B97CE43}-39.0.2171.95_chrome_installer.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\wininit.exe => File is digitally signed C:\windows\explorer.exe => File is digitally signed C:\windows\SysWOW64\explorer.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\SysWOW64\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\SysWOW64\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\SysWOW64\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\dnsapi.dll => File is digitally signed C:\windows\SysWOW64\dnsapi.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-08-10 11:27 ==================== End of FRST.txt ============================

Profil

softwaremaniac Poslao: 11 Avg 2017 13:00 Idi na vrh
offline softwaremaniac AMF pripravnik Pridružio: 14 Jun 2016 Poruke: 535	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 11 Avg 2017 13:30 Pozdrav, nažalost imaš ransomware i kao posljedica njega fajlovi su ti zaključani. Ja mogu da uklonim malver ako želiš, ali pristup datotekama ne mogu da vratim. One su izgubljene ako nemaš backup. Žao mi je. Dopuna: 11 Avg 2017 14:00 Imaš li kojim slučajem još uvek taj mejl negde?

Profil

Medinamama Poslao: 14 Avg 2017 08:16 Idi na vrh
offline Medinamama Novi MyCity građanin Pridružio: 10 Avg 2017 Poruke: 2	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala. Nadala se "boljem" odgovoru za mene :-) Mejla nema.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Virus Diablo6

Ko je trenutno na forumu

Ukupno su 1109 korisnika na forumu :: 41 registrovanih, 6 sakrivenih i 1062 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Andrija357, Apok, babaroga, bobomicek, bojcistv, cemix, darcaud, darios, debeli, DeerHunter, dekir, DENIRO, DPera, draggan, Frunze, Hans Gajger, havoc995, ivan979, Klecaviks, kokodakalo, ladro, Lidija, madza, Mercury, Milan A. Nikolic, mile23, milenko crazy north, Motocar, nenad81, okopanja, procesor, raketaš, sasa87, savaskytec, shaja1, Trpe Grozni, tubular, vranjanac29, wizzardone, wolverined4, zdrebac

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by