MyCity » Ambulanta -> Arhiva Ambulante » Windows Shell Common Dll

Windows Shell Common Dll

Napisano na dan: 9.12.2014

Strana:
1
2

Windows Shell Common Dll

Sledeća strana

Pagination

Odgovori

Strana:
1
2

dvojkan Poslao: 09 Dec 2014 14:39 Idi na vrh
offline dvojkan Građanin Pridružio: 01 Mar 2008 Poruke: 245	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kada sam želeo da skinem sliku sa interneta, desnim klikom pa snimi sliku; pojavio mi se ovaj fajl a koji nije slika već nešto što kao da ne postoji , ne može da se obriše, premesti, preimenuje ... fajl je "Windows Shell Common Dll" i ne znam kako da ga uklonim. Ima li neko rešenje za ovo? Hvala

Profil

Sass Drake Poslao: 09 Dec 2014 16:23 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, ako sumnjaš da ti je sistem inficiran isprati uputstvo za otvaranej teme i psotavi tražene izveštaje. http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

dvojkan Poslao: 09 Dec 2014 17:04 Idi na vrh
offline dvojkan Građanin Pridružio: 01 Mar 2008 Poruke: 245	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pa sad ja ne mogu reći da je sistem inficiran jer nemam nekih posebnih problema osim što se taj fajl "uselio" na desktop i nikako ne mogu da ga maknem niti izbrišem. Uradio sam skeniranje koje je portebno za analizu inficiranog sistema ali moj problem je što ne mogu da obrišem neželjeni fajl. Pokušao sam iz sejf moda, i ništa. Prilažem i svojstva fajla. https://www.mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-12-2014 Ran by wolf (administrator) on WERDE-KOM on 09-12-2014 16:52:54 Running from C:\Users\wolf\Downloads Loaded Profile: wolf (Available profiles: wolf) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: engleski (SAD) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE (Lexmark International, Inc.) C:\Windows\System32\LEXPPS.EXE (ABBYY) C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe () C:\Windows\System32\ec27ser.exe ( ) C:\Windows\System32\lxbkcoms.exe (Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9.exe (Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE (Ralink Technology, Corp.) C:\Program Files\Tenda\Common\RaRegistry.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe (SoftPerfect Research) C:\Program Files\NetWorx\networx.exe (DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe (Tenda Technology, Corp.) C:\Program Files\Tenda\Common\RaUI.exe (Nero AG) C:\Program Files\Nero\Update\NASvc.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [4406480 2014-07-08] (SoftPerfect Research) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKU\S-1-5-21-3498366340-2121199911-2437005032-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-05] (DT Soft Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Tenda Wireless Utility.lnk ShortcutTarget: Tenda Wireless Utility.lnk -> C:\Program Files\Tenda\Common\RaUI.exe (Tenda Technology, Corp.) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-3498366340-2121199911-2437005032-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searc-hall.info/?pid=3540&r=2.....p;unqvl=65 HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3498366340-2121199911-2437005032-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-3498366340-2121199911-2437005032-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.rs/ SearchScopes: HKLM -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/11/08&hid=16896022155724968862&lg=EN&cc=RS&unqvl=65 SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?sid=503&a.....=ds&p={searchTerms} SearchScopes: HKLM -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/11/08&hid=16896022155724968862&lg=EN&cc=RS&unqvl=65 SearchScopes: HKU\S-1-5-21-3498366340-2121199911-2437005032-1000 -> DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3498366340-2121199911-2437005032-1000 -> {73C38916-ED0D-4522-8600-08C121ED1B43} URL = http://www.only-search.com/?babsrc=SP_kms&tt=1.....307&q={searchTerms}&r=887 SearchScopes: HKU\S-1-5-21-3498366340-2121199911-2437005032-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?sid=503&a.....=ds&p={searchTerms} SearchScopes: HKU\S-1-5-21-3498366340-2121199911-2437005032-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3498366340-2121199911-2437005032-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/11/08&hid=16896022155724968862&lg=EN&cc=RS&unqvl=65 BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\..\Interfaces\{8D4BD2B6-1FEE-40FC-8165-7C7230F15F28}: [NameServer] 212.200.190.166 212.200.191.166 FireFox: ======== FF ProfilePath: C:\Users\wolf\AppData\Roaming\Mozilla\Firefox\Profiles\o8oe9mp8.default-1411374315458 FF DefaultSearchEngine,S: WebSearch FF DefaultSearchUrl: hxxp://websearch.searc-hall.info/?pid=3540&r=2014/11/08&hid=16896022155724968862&lg=EN&cc=RS&unqvl=65&l=1&q= FF SearchEngineOrder.1: WebSearch FF SearchEngineOrder.1,S: WebSearch FF SelectedSearchEngine,S: WebSearch FF Homepage: https://www.google.rs/?gws_rd=ssl FF Keyword.URL: hxxp://websearch.searc-hall.info/?pid=3540&r=2014/11/08&hid=16896022155724968862&lg=EN&cc=RS&unqvl=65&l=1&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF) FF Plugin: @real.com/nppl3260;version=17.0.13.2 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=17.0.13.2 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml FF Extension: HD-V2.2V25.10 - C:\Users\wolf\AppData\Roaming\Mozilla\Firefox\Profiles\o8oe9mp8.default-1411374315458\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [2014-10-25] FF Extension: TotalPlusHD-3.1V01.12 - C:\Users\wolf\AppData\Roaming\Mozilla\Firefox\Profiles\o8oe9mp8.default-1411374315458\Extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com [2014-12-01] FF Extension: TornPlusTV_version1.11 - C:\Users\wolf\AppData\Roaming\Mozilla\Firefox\Profiles\o8oe9mp8.default-1411374315458\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-12-01] FF Extension: Fast Start - C:\Users\wolf\AppData\Roaming\Mozilla\Firefox\Profiles\o8oe9mp8.default-1411374315458\Extensions\faststartff@gmail.com [2014-09-29] FF HKLM\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-08-25] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\wolf\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Docs) - C:\Users\wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-23] CHR Extension: (YouTube) - C:\Users\wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-23] CHR Extension: (Google Search) - C:\Users\wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-23] CHR Extension: (No Name) - C:\Users\wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb [2014-12-01] CHR Extension: (Google Wallet) - C:\Users\wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-10] CHR Extension: (Gmail) - C:\Users\wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-23] CHR Extension: (HD-V2.2V25.10) - C:\Users\wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa [2014-10-25] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 24c54e38; c:\Program Files\DeltaFix\DeltaFix.dll [4026880 2014-11-08] () [File not signed] S2 699fd52f; c:\ProgramData\Assistant\AssistantSvc.dll [177488 2014-04-02] () [File not signed] R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-10-12] (ABBYY) R2 EC2007Service; C:\Windows\system32\ec27ser.exe [167936 2003-09-25] () [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S2 KMService; C:\Windows\system32\srvany.exe [8192 2013-11-07] () [File not signed] R2 LexBceS; C:\Windows\System32\LEXBCES.EXE [303104 2003-02-25] (Lexmark International, Inc.) R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [537256 2008-02-19] ( ) R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG) R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9.exe [197128 2013-12-17] (Nitro PDF Software) R2 RalinkRegistryWriter; C:\Program Files\Tenda\Common\RaRegistry.exe [375872 2011-03-31] (Ralink Technology, Corp.) S3 RaMediaServer; C:\Program Files\Tenda\Common\RaMediaServer.exe [621632 2011-03-04] () R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] () R2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-08-25] (RealNetworks, Inc.) R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed] S3 SessionEnv; C:\Windows\system32\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed] S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 Themes; C:\Windows\system32\themeservice.dll [37376 2013-11-07] (Microsoft Corporation) [File not signed] S2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X] S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.) R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26080 2012-10-08] (Wondershare) S3 asmthub3; C:\Windows\system32\drivers\asmthub3.sys [100328 2011-03-04] (ASMedia Technology Inc) S3 asmtxhci; C:\Windows\system32\drivers\asmtxhci.sys [309224 2011-03-04] (ASMedia Technology Inc) S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2014-03-01] () S3 b06diag; C:\Windows\system32\drivers\bxdiagx.sys [76840 2010-12-16] (Broadcom Corporation) S3 BFN7x86; C:\Windows\system32\drivers\Xeno7x86.sys [129640 2011-01-14] (Bigfoot Networks, Inc.) S3 BFNVis32; C:\Windows\system32\drivers\XenoVx86.sys [129640 2011-01-14] (Bigfoot Networks, Inc.) R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [34704 2007-05-11] (IVT Corporation.) R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [27792 2007-03-05] (IVT Corporation.) R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [18320 2007-03-05] (IVT Corporation.) S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [36496 2007-05-09] (IVT Corporation.) R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [20880 2007-03-05] (IVT Corporation.) R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [35600 2007-03-05] (IVT Corporation.) S3 BXOIS; C:\Windows\system32\drivers\bxois.sys [431144 2010-12-10] (Broadcom Corporation) S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [11008 2007-11-03] (Intel Corp.) S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [500736 2008-09-11] (Intel Corp.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218176 2013-11-07] (DT Soft Ltd) S3 ETD; C:\Windows\system32\drivers\ETD.sys [109448 2010-02-03] (ELAN Microelectronic Corp.) S3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [33152 2011-03-07] (Etron Technology Inc) S3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [52992 2011-03-07] (Etron Technology Inc) S3 FTDIBUS; C:\Windows\system32\drivers\ftdibus.sys [61704 2011-03-18] (FTDI Ltd.) S3 HWA; C:\Windows\System32\Drivers\HWA.sys [53376 2008-09-29] (Intel Corp.) S3 IFCoEMP; C:\Windows\system32\drivers\ifM60x32.sys [269584 2011-01-13] (Intel(R) Corporation) S3 IFCoEVB; C:\Windows\system32\drivers\ifP60X32.sys [61712 2011-01-13] (Intel(R) Corporation) S3 ioatdma1; C:\Windows\System32\Drivers\qd16032.sys [36552 2009-11-16] (Intel Corporation) S3 ioatdma2; C:\Windows\System32\Drivers\qd26032.sys [37576 2009-11-16] (Intel Corporation) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2014-03-01] () S3 mcdbus; C:\Windows\system32\drivers\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed] S3 MEI; C:\Windows\system32\drivers\HECI.sys [40832 2009-06-23] (Intel Corporation) S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [5810 2004-08-13] () R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1270848 2011-11-16] (Ralink Technology Corp.) S3 nusb3hub; C:\Windows\system32\drivers\nusb3hub.sys [63872 2011-02-10] (Renesas Electronics Corporation) S3 nusb3xhc; C:\Windows\system32\drivers\nusb3xhc.sys [141952 2011-02-10] (Renesas Electronics Corporation) S3 nvamacpi; C:\Windows\system32\drivers\NVAMACPI.sys [24608 2009-07-17] (NVIDIA Corporation) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2013-11-07] (Duplex Secure Ltd.) S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [33728 2014-05-06] (Spotflux, Inc.) R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2013-11-16] (Acronis) S3 TTP7; C:\Windows\system32\drivers\ttp7up.sys [12928 2005-11-09] (TerraTec) [File not signed] S3 uagp35; C:\Windows\system32\drivers\sisagpx.sys [58400 2009-08-01] (Silicon Integrated Systems Corporation) S3 UsbFltr; C:\Windows\system32\drivers\copperhd.sys [11596 2005-11-02] (Razer (Asia-Pacific) Pte Ltd) S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [9600 2008-09-15] (Intel Corp.) R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [34448 2007-03-05] (IVT Corporation.) R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [44304 2007-03-05] (IVT Corporation.) S3 ZD1211U(ZyDAS); C:\Windows\System32\DRIVERS\zd1211u.sys [247296 2004-09-29] (ZyDAS Technology Corporation) S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X] S3 catchme; \??\C:\Users\wolf\AppData\Local\Temp\catchme.sys [X] S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 RTL8192cu; system32\DRIVERS\RTL8192cu.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S1 wStLibGO; system32\drivers\wStLibGO.sys [X] S3 ZDPNDIS4; \??\C:\Windows\system32\ZDPNDIS4.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-09 16:52 - 2014-12-09 16:53 - 00021913 _____ () C:\Users\wolf\Downloads\FRST.txt 2014-12-09 16:52 - 2014-12-09 16:52 - 00000000 ____D () C:\FRST 2014-12-09 16:51 - 2014-12-09 16:51 - 01111040 _____ (Farbar) C:\Users\wolf\Downloads\FRST.exe 2014-12-08 10:33 - 2014-12-09 12:47 - 00000000 ____D () C:\Windows\Minidump 2014-12-07 16:08 - 2014-12-09 14:23 - 00000112 _____ () C:\Windows\setupact.log 2014-12-07 16:08 - 2014-12-07 16:08 - 00000564 _____ () C:\Windows\PFRO.log 2014-12-07 16:08 - 2014-12-07 16:08 - 00000000 _____ () C:\Windows\setuperr.log 2014-12-05 22:21 - 2014-12-05 22:21 - 00149661 _____ () C:\Users\wolf\Downloads\Peticija za razresenje TN, unos.xlsx 2014-12-05 16:38 - 2014-12-05 16:38 - 00412409 _____ () C:\Users\wolf\Downloads\alphabet-and-type-typography-and-graphic_twilight-new-moon.zip 2014-12-05 16:38 - 2014-12-05 16:38 - 00085685 _____ () C:\Users\wolf\Downloads\oliver-conte-design_twylite-zone.zip 2014-12-01 14:14 - 2014-12-01 14:14 - 00000000 ____D () C:\Users\wolf\AppData\Local\SKIDROW 2014-12-01 13:19 - 2014-12-09 15:41 - 00256202 _____ () C:\Windows\WindowsUpdate.log 2014-12-01 13:07 - 2014-12-01 13:16 - 00000000 ____D () C:\Program Files\TotalPlusHD-3.1V01.12 2014-12-01 13:07 - 2014-12-01 13:07 - 01519576 _____ (HDPlus-3.1TotalV01.12) C:\Users\wolf\AppData\Roaming\TTJON.exe 2014-12-01 13:07 - 2014-12-01 13:07 - 00005504 _____ () C:\Windows\Tasks\6e49a4c8-f29a-42c7-9e6a-125f205b6233-7.job 2014-12-01 13:07 - 2014-12-01 13:07 - 00004480 _____ () C:\Windows\Tasks\6e49a4c8-f29a-42c7-9e6a-125f205b6233-4.job 2014-12-01 13:07 - 2014-12-01 13:07 - 00001332 _____ () C:\Windows\Tasks\TTJON.job 2014-11-19 11:00 - 2014-11-11 04:21 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-19 11:00 - 2014-11-11 04:13 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-19 11:00 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2014-11-12 11:59 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-12 11:56 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-12 11:56 - 2014-08-21 07:34 - 01236992 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-12 11:56 - 2014-08-21 07:31 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-12 11:56 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-12 11:52 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-12 11:52 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-12 11:52 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-12 11:52 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-12 11:52 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-12 11:52 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-12 11:51 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-12 11:51 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-12 11:51 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-12 11:48 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-12 11:43 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-12 11:43 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-12 11:43 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-12 11:43 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-12 11:43 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-12 11:43 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-12 11:43 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-12 11:43 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-12 11:43 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-12 11:43 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-12 11:43 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-12 11:43 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-12 11:43 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-12 11:43 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-12 11:43 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-12 11:43 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-12 11:43 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-12 11:43 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-12 11:43 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-12 11:43 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-12 11:43 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-12 11:43 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-12 11:43 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-12 11:43 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-12 11:43 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-12 11:43 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-12 11:43 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-12 11:43 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-12 11:43 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-12 11:43 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-12 11:43 - 2014-10-14 02:53 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-12 11:43 - 2014-10-14 02:50 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-12 11:43 - 2014-10-14 02:50 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-12 11:43 - 2014-10-14 02:49 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-12 11:43 - 2014-10-14 02:49 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-12 11:43 - 2014-10-14 02:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-11 11:08 - 2014-11-11 11:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-11-10 14:44 - 2014-11-10 14:44 - 00001333 _____ () C:\Users\wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProfiPreferans.com.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-09 16:25 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing 2014-12-09 16:02 - 2013-12-02 14:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-12-09 15:05 - 2014-01-01 15:22 - 00000000 ____D () C:\Users\wolf\Documents\EA Games 2014-12-09 14:52 - 2014-10-27 11:07 - 00000000 ____D () C:\Users\wolf\Desktop\Desktop fascikla 2014-12-09 14:31 - 2009-07-14 05:34 - 00029200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-09 14:31 - 2009-07-14 05:34 - 00029200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-09 14:28 - 2014-07-16 11:52 - 00000000 ____D () C:\Qoobox 2014-12-09 14:23 - 2013-11-07 20:28 - 00000000 ____D () C:\Users\wolf 2014-12-09 14:23 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-09 14:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp 2014-12-09 14:22 - 2013-11-12 13:53 - 00000000 ____D () C:\Users\wolf\AppData\Roaming\uTorrent 2014-12-09 14:22 - 2013-11-07 21:02 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-12-09 14:21 - 2013-11-12 14:09 - 00000000 ____D () C:\ProgramData\Real 2014-12-09 14:21 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration 2014-12-09 14:20 - 2013-11-07 21:02 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-12-08 12:30 - 2013-11-07 20:44 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-12-07 19:20 - 2013-11-07 20:56 - 00257144 _____ () C:\Users\wolf\AppData\Local\GDIPFONTCACHEV1.DAT 2014-12-07 16:12 - 2010-11-20 22:01 - 00010814 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-07 15:39 - 2013-11-19 13:21 - 00000000 ____D () C:\OutputFolder 2014-12-07 15:33 - 2013-11-10 14:39 - 00000000 ____D () C:\ProgramData\DatacardService 2014-12-07 12:03 - 2014-10-04 18:17 - 00000000 ____D () C:\Program Files\Wi-Fi Password Key 2014-12-06 09:56 - 2009-07-14 05:33 - 05319552 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-01 15:04 - 2013-12-02 14:30 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-12-01 15:04 - 2013-11-07 20:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-12-01 13:14 - 2014-02-10 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-11-25 16:30 - 2013-11-08 13:12 - 00000000 ____D () C:\temp 2014-11-24 14:16 - 2009-07-14 05:53 - 00032630 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-11-19 20:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-11-19 16:05 - 2014-07-02 18:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-11-13 14:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-11-13 14:33 - 2014-05-05 19:41 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-12 22:30 - 2009-07-14 03:04 - 00000847 _____ () C:\Windows\win.ini 2014-11-12 22:24 - 2013-11-25 12:40 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-12 22:20 - 2013-11-25 12:40 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-12 10:41 - 2013-11-24 20:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-11-10 19:59 - 2013-12-01 11:30 - 00000000 ____D () C:\Users\wolf\AppData\Roaming\SolSuite 2014-11-10 18:41 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-11-09 17:19 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini 2014-11-09 16:11 - 2014-11-08 16:55 - 00000000 ____D () C:\ProgramData\Trusted Publisher 2014-11-09 10:31 - 2013-11-12 14:03 - 00000000 ____D () C:\Program Files\Google ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-05 09:40 ==================== End Of Log ============================ https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 09 Dec 2014 17:20 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe: Assistant SW-Sustainer YTD Video Downloader 3.9.6 Korak 2 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION KLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-3498366340-2121199911-2437005032-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searc-hall.info/?pid=3540&r=2.....p;unqvl=65 SearchScopes: HKLM -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/11/08&hid=16896022155724968862&lg=EN&cc=RS&unqvl=65 SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?sid=503&a.....=ds&p={searchTerms} SearchScopes: HKLM -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/11/08&hid=16896022155724968862&lg=EN&cc=RS&unqvl=65 SearchScopes: HKU\S-1-5-21-3498366340-2121199911-2437005032-1000 -> DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3498366340-2121199911-2437005032-1000 -> {73C38916-ED0D-4522-8600-08C121ED1B43} URL = http://www.only-search.com/?babsrc=SP_kms&tt=1.....307&q={searchTerms}&r=887 SearchScopes: HKU\S-1-5-21-3498366340-2121199911-2437005032-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?sid=503&a.....=ds&p={searchTerms} SearchScopes: HKU\S-1-5-21-3498366340-2121199911-2437005032-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3498366340-2121199911-2437005032-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3540&r=2014/11/08&hid=16896022155724968862&lg=EN&cc=RS&unqvl=65 FF DefaultSearchUrl: hxxp://websearch.searc-hall.info/?pid=3540&r=2014/11/08&hid=16896022155724968862&lg=EN&cc=RS&unqvl=65&l=1&q= FF SearchEngineOrder.1: WebSearch FF SearchEngineOrder.1,S: WebSearch FF SelectedSearchEngine,S: WebSearch FF Keyword.URL: hxxp://websearch.searc-hall.info/?pid=3540&r=2014/11/08&hid=16896022155724968862&lg=EN&cc=RS&unqvl=65&l=1&q= FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml FF Extension: HD-V2.2V25.10 - C:\Users\wolf\AppData\Roaming\Mozilla\Firefox\Profiles\o8oe9mp8.default-1411374315458\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [2014-10-25] FF Extension: TotalPlusHD-3.1V01.12 - C:\Users\wolf\AppData\Roaming\Mozilla\Firefox\Profiles\o8oe9mp8.default-1411374315458\Extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com [2014-12-01] FF Extension: TornPlusTV_version1.11 - C:\Users\wolf\AppData\Roaming\Mozilla\Firefox\Profiles\o8oe9mp8.default-1411374315458\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-12-01] FF Extension: Fast Start - C:\Users\wolf\AppData\Roaming\Mozilla\Firefox\Profiles\o8oe9mp8.default-1411374315458\Extensions\faststartff@gmail.com [2014-09-29] CHR Extension: (No Name) - C:\Users\wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb [2014-12-01] CHR Extension: (HD-V2.2V25.10) - C:\Users\wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa [2014-10-25] S2 24c54e38; c:\Program Files\DeltaFix\DeltaFix.dll [4026880 2014-11-08] () [File not signed] S2 699fd52f; c:\ProgramData\Assistant\AssistantSvc.dll [177488 2014-04-02] () [File not signed] Task: {2593877D-5AF5-4563-BC26-4613C3D3D507} - System32\Tasks\YourFileDownloader Installer Starter => C:\Users\wolf\AppData\Local\Temp\YourFileDownloaderwJV00ZpZ0t.exe <==== ATTENTION Task: {B2A1D4AC-2F75-44AC-8471-C4E86183325E} - \SW-Booster-S-792098896 No Task File <==== ATTENTION Task: C:\Windows\Tasks\6e49a4c8-f29a-42c7-9e6a-125f205b6233-4.job => C:\Program Files\TotalPlusHD-3.1V01.12\6e49a4c8-f29a-42c7-9e6a-125f205b6233-4.exe <==== ATTENTION Task: C:\Windows\Tasks\6e49a4c8-f29a-42c7-9e6a-125f205b6233-7.job => C:\Program Files\TotalPlusHD-3.1V01.12\6e49a4c8-f29a-42c7-9e6a-125f205b6233-7.exe <==== ATTENTION Task: C:\Windows\Tasks\TTJON.job => C:\Users\wolf\AppData\Roaming\TTJON.exe <==== ATTENTION c:\Program Files\DeltaFix c:\ProgramData\Assistant C:\Program Files\TotalPlusHD-3.1V01.12 C:\Users\wolf\AppData\Roaming\TTJON.exe EmptyTemp: U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Korak 3 Da li si ti lično i namjerno instalirao developer verziju Google Chromea? Ako nisi uradi sljedeće: Imaš developer verziju Google Chrome-a. Idi u Control Idi u Start -> Control Panel -> Programs and Features i deinstaliraj Google Chrome. Obavezno označni opciju Also delete your browsing data. Bookmarkse možeš da izvezeš i da ih kasnije opet ubaciš. Kada ga deinstaliraš, skini ga sa Google sajta, https://www.google.com/chrome/browser/ i instaliraj opet. Korak 4 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. u EULA prozoru klikni na I agree. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Clean i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl" Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

Profil

dvojkan Poslao: 09 Dec 2014 18:11 Idi na vrh
offline dvojkan Građanin Pridružio: 01 Mar 2008 Poruke: 245	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 09 Dec 2014 18:07 instalirao sam sve programe koji su navedeni, šaljem izveštaje ali fajl koji mi pravi problem i dalje je tu??? https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png Dopuna: 09 Dec 2014 18:07 greška u kucanju, DEINSTALIRAO sam programe Dopuna: 09 Dec 2014 18:11 zaboravio sam da postavim , ovo mi javi kad pokušam da obrišem fajl :

Profil

Sass Drake Poslao: 09 Dec 2014 19:08 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Idemo dalje: Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: `process; startupall; drivers-services-list; skipfix-iedefaults; firefoxlook; chromelook; filesrcm;` Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku.

Profil

dvojkan Poslao: 09 Dec 2014 20:11 Idi na vrh
offline dvojkan Građanin Pridružio: 01 Mar 2008 Poruke: 245	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: nije restartovao. a evo fajla ... https://www.mycity.rs/must-login.png Zoek.exe v5.0.0.0 Updated 08-December-2014 Tool run by wolf on uto 09.12.2014 at 20:00:19,69. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\wolf\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 9.12.2014 20:01:01 Zoek.exe System Restore Point Created Succesfully. ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\atiesrxx.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\LEXBCES.EXE C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\System32\LEXPPS.EXE C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\lxbkcoms.exe C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9.exe C:\Windows\system32\NLSSRV32.EXE C:\Program Files\Tenda\Common\RaRegistry.exe C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\rundll32.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Tenda\Common\RaUI.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Nero\Update\NASvc.exe C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Users\wolf\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\conhost.exe C:\Windows\system32\vssvc.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\System32\svchost.exe -k swprv ==== Services(whitelist) ====================== Powered by E Dev R2 - [ABBYY.Licensing.FineReader.Professional.11.0] - ABBYY FineReader 11 PE Licensing Service - c:\program files\abbyy finereader 11\networklicenseserver.exe R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files\common files\adobe\arm\1.0\armsvc.exe R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe R2 - [NAUpdate] - Nero Update - c:\program files\nero\update\nasvc.exe R2 - [nlsX86cc] - Nalpeiron Licensing Service - c:\windows\system32\nlssrv32.exe R2 - [RalinkRegistryWriter] - RalinkRegistryWriter - c:\program files\tenda\common\raregistry.exe R2 - [RealNetworks Downloader Resolver Service] - RealNetworks Downloader Resolver Service - c:\program files\realnetworks\realdownloader\rndlresolversvc.exe R2 - [RealPlayer Cloud Service] - RealPlayer Cloud Service - c:\program files\real\realplayer\rpds\bin\rpdsvc.exe R2 - [RealPlayerUpdateSvc] - RealPlayer Update Service - c:\program files\real\updateservice\realplayerupdatesvc.exe R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe R2 - [WMPNetworkSvc] - Usluga deljenja putem mreĹľe za Windows Media Player - c:\program files\windows media player\wmpnetwk.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe S2 - [ADExchange] - ArcSoft Exchange Service - c:\program files\common files\arcsoft\esinter\bin\eservutil.exe [x] S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe S2 - [gupdate] - Google Update Service (gupdate) - c:\program files\google\update\googleupdate.exe [x] S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\system32\macromed\flash\flashplayerupdateservice.exe S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework\v4.0.30319\aspnet_state.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe S3 - [Fax] - Faks - c:\windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files\windows live\family safety\fsssvc.exe S3 - [gupdatem] - Google Update Service (gupdatem) - c:\program files\google\update\googleupdate.exe [x] S3 - [IDriverT] - InstallDriver Table Manager - c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files\microsoft office\office14\groove.exe S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files\mozilla maintenance service\maintenanceservice.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [ose] - Office Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe S3 - [RaMediaServer] - RaMediaServer - c:\program files\tenda\common\ramediaserver.exe S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe S3 - [SwitchBoard] - SwitchBoard - c:\program files\common files\adobe\switchboard\switchboard.exe S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe S3 - [WatAdminSvc] - Usluga tehnologije aktivacije operativnog sistema Windows - c:\windows\system32\wat\watadminsvc.exe S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe ==== Drivers(whitelist) ====================== Powered by E Dev R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys R0 - [Mup] - MUP - C:\Windows\system32\Drivers\Mup.sys R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys R3 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys R0 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys R0 - [BTHidEnum] - Bluetooth HID Enumerator - C:\Windows\system32\Drivers\BTHidEnum.sys [x] R0 - [BTHidMgr] - Bluetooth HID Manager Service - C:\Windows\system32\Drivers\BTHidMgr.sys R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x] R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys R0 - [Disk] - Disk Driver - C:\Windows\system32\Drivers\Disk.sys R0 - [fvevol] - Bitlocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys R0 - [nvstor] - nvstor - C:\Windows\system32\Drivers\nvstor.sys R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys R0 - [storflt] - Disk Virtual Machine Bus Acceleration Filter Driver - C:\Windows\system32\Drivers\storflt.sys [x] R0 - [Tcpip] - UpravljaÄŤki program TCP/IP protokola - C:\Windows\system32\Drivers\Tcpip.sys R0 - [timounter] - Acronis True Image Backup Archive Explorer - C:\Windows\system32\Drivers\timounter.sys [x] R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys R1 - [tdx] - NetIO TDI upravljaÄŤkog programa podrĹˇke koji je zastareo - C:\Windows\system32\Drivers\tdx.sys R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys S0 - [sptd] - sptd - C:\Windows\system32\Drivers\sptd.sys ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\wolf\AppData\Local\Temp ==== 2014-12-09 16:53:43 945D09C0925F771F907DEE3D0452ECF4 40960 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\rtdrvmon.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== 2014-11-12 10:43:35 7B7B6B779F08A2C36A978F409054C1A9 136632 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== 2014-12-01 12:07:38 4B49F902C181415EF3FB0E3E9CC44453 7510 ----a-w- C:\Windows\system32\Tasks\6e49a4c8-f29a-42c7-9e6a-125f205b6233-4 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Users\wolf\AppData\Roaming ====== 2014-12-09 16:44:28 -------- d-sh--w- C:\Users\wolf\AppData\Locallow\EmieBrowserModeList 2014-12-09 16:43:51 -------- d-sh--w- C:\Users\wolf\AppData\Local\EmieBrowserModeList 2014-12-01 13:14:46 -------- d-----w- C:\Users\wolf\AppData\Local\SKIDROW ====== C:\Users\wolf ====== 2014-12-09 16:56:12 7AC98BE8593253FDDF8293E1C60B04BA 2166272 ----a-w- C:\Users\wolf\Desktop\AdwCleaner.exe 2014-12-09 16:40:51 -------- d-----w- C:\ProgramData\23405448 2014-12-09 15:51:35 EA9CBFA15966E46F004F76E7D7B4E2F9 1111040 ----a-w- C:\Users\wolf\Desktop\FRST.exe ====== C: exe-files == 2014-12-09 16:56:12 7AC98BE8593253FDDF8293E1C60B04BA 2166272 ----a-w- C:\Users\wolf\Desktop\AdwCleaner.exe 2014-12-09 16:53:43 945D09C0925F771F907DEE3D0452ECF4 40960 ----a-w- C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\rtdrvmon.exe 2014-12-09 15:51:35 EA9CBFA15966E46F004F76E7D7B4E2F9 1111040 ----a-w- C:\Users\wolf\Desktop\FRST.exe 2014-12-05 14:58:43 C10E5EF1B85DE5B79AC2815C9A677D1F 1385808 ----a-w- C:\Users\wolf\AppData\Roaming\uTorrent\updates\3.4.2_35702.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3498366340-2121199911-2437005032-1000\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NetWorx"="C:\Program Files\NetWorx\networx.exe /auto" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files\\DAEMON Tools Lite\\DTLite.exe\" -autorun" ==== Startup Folders ====================== 2014-02-05 12:05:52 1925 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Tenda Wireless Utility.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [01.12.2014 15:04] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\6e49a4c8-f29a-42c7-9e6a-125f205b6233-4" [C:\Program Files\TotalPlusHD-3.1V01.12\6e49a4c8-f29a-42c7-9e6a-125f205b6233-4.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3498366340-2121199911-2437005032-1000" [C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe] "C:\Windows\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3498366340-2121199911-2437005032-1000" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3498366340-2121199911-2437005032-1000" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3498366340-2121199911-2437005032-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3498366340-2121199911-2437005032-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-3498366340-2121199911-2437005032-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-3498366340-2121199911-2437005032-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{9D2AA73B-6049-4799-B8AC-925723370070}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [25.08.2014 18:18] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\wolf\AppData\Roaming\Mozilla\Firefox\Profiles\o8oe9mp8.default-1411374315458 8303B3CEC05500F763B4FA75210598BB - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash 559E8D42BE485208F1C4BB294D6840A4 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.6 559E8D42BE485208F1C4BB294D6840A4 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.6 5D4279248A0E506CF007BD51EBF74CEA - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.6 5D4279248A0E506CF007BD51EBF74CEA - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.6 F9DE379CE8A782530A4FA0B731F3A49B - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.6 F9DE379CE8A782530A4FA0B731F3A49B - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.6 049BD7AD3B94F24FA274ED1F7FC5871B - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.6 049BD7AD3B94F24FA274ED1F7FC5871B - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.6 D937A4645EFF8CB4F123E3C899C052B2 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.6 D937A4645EFF8CB4F123E3C899C052B2 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.7.6 64C4ADE063A9C93D3BAE09922AD90C27 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 446BCAE59E26321802E000FC3E0C390A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 64C4ADE063A9C93D3BAE09922AD90C27 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat E261ADA8AC724CF5DE414E86A90FA3DC - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) E261ADA8AC724CF5DE414E86A90FA3DC - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) D24676AD13BF1DE2B4E9226A4EBE3256 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin D24676AD13BF1DE2B4E9226A4EBE3256 - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll - RealPlayer Download Plugin 20AF900395CA5AD66A9134CF032B0435 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealPlayer Video Downloader for HTML5 (32-bit) D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013 893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In 44CD19D98995CB3056F406113B175820 - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.230.5 EA8FCF30D2961369435C84CE3B3063F1 - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 6 U23 0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 94A3088646C777CE99C3C1D7809C4BAC - C:\Program Files\Nitro\Pro 9\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome 0D80C49D9A4A3E096296C67BD015F614 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery 8B322B3C8B91BDDEC77C613A8CE22ADB - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 7B31592F0D472146865BF096CCD34798 - C:\Program Files\Nitro\Pro 9\npnitroie.dll - Nitro PDF plugin for Internet Explorer 6900B96FDD37E5C08FE0AEF0C542F103 - C:\Program Files\Nitro\Pro 9\npdf.dll - FileOpen WebPublisher3+ MSO Security exchange 0C21CB9426AD831DB02FB66232B3A42F - C:\Program Files\Nitro\Pro 9\NPShellExtension.dll - Nitro Pro ShellExtension 8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.rs/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on uto 09.12.2014 at 20:05:03,24 ======================

Profil

Sass Drake Poslao: 09 Dec 2014 20:21 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Taj fajl po screenhostu koji si postavio ustvari ne postoji, ali je iz nekog razloga prikazan na Desktopu. Pokušaj da preimenuješ taj fajl u latinično "ab" pa onda ga probaj obrisati. Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. Zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sljedeći tekst: `C:\Windows\system32\tasks\6e49a4c8-f29a-42c7-9e6a-125f205b6233-4;fs C:\Program Files\TotalPlusHD-3.1V01.12;fs emptyclsid; autoclean;` Klikni na dugme i pričekaj da se skeniranje završi. Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju. Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadržaj tog loga u poruku.

Profil

dvojkan Poslao: 09 Dec 2014 20:24 Idi na vrh
offline dvojkan Građanin Pridružio: 01 Mar 2008 Poruke: 245	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! nemoguće ga je preimenovati, uvek pokaže isti izveštaj tj, da ne postoji, a postoji. kada sam skidao sliku bila su dva identična fajla sa istim imenom, ali oba su bila iste extenzije, tj identična a ni jedan nije bio slika koju sam želeo da skinem. kada sam utvrdio da nije slika obrisao sam jedan a drugi nije hteo da se obriše i to je i dalje isto...

Profil

Sass Drake Poslao: 09 Dec 2014 20:25 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 'Ajd odradi ovo što sam ti rekao da očistimo preostale tragove adwarea sa sistema.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Windows Shell Common Dll

Ko je trenutno na forumu

Ukupno su 901 korisnika na forumu :: 11 registrovanih, 0 sakrivenih i 890 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: babaroga, branko7, Hans Gajger, kybonacci, milos.cbr, nemkea71, Neutral-M, pein, Regrut Boskica, VJ, Vlad000

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by