MyCity » Ambulanta -> Arhiva Ambulante » otvaranje fileova

otvaranje fileova

Napisano na dan: 24.1.2015

otvaranje fileova

Sledeća strana

Pagination

Odgovori

kitchmaman Poslao: 24 Jan 2015 13:08 Idi na vrh
offline kitchmaman Novi MyCity građanin Pridružio: 02 Okt 2010 Poruke: 10 Gde živiš: banja luka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 24 Jan 2015 12:21 poštovani, ne uspijevam otvoriti fileove MS office paketa, kao ni JPEG formate. Problem se pojavio danas 24.01.2015. Avirom sam detektovao virus BOO/Cidox.B Problem nisam pokušao riješiti..ne znam kako! Koristim internet preko Tlekoma Srpske...(3584/320 kb/s) Primjetio sam da su se u svim folderima, u kojima su dokumenti paketa MS Office, pojavile po 4 ikonice HELP_DECRYPT Hvala vam unaprijed! Mladen mycity.rs/must-login.png mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015 Ran by Korisnik (administrator) on KORISNIK-PC on 24-01-2015 11:57:33 Running from C:\Users\Korisnik\Desktop Loaded Profiles: Korisnik (Available profiles: Korisnik) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe () C:\Windows\SysWOW64\srvany.exe () C:\Windows\KMService.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\uTorrent\uTorrent.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-18] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SearchSettings] => C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1627920 2014-12-10] (Spigot, Inc.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\kwpvjaz-x32: C:\Users\Korisnik\AppData\Local\kwpvjaz.dll () HKU\S-1-5-21-1555590807-2017441488-1068063026-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-1555590807-2017441488-1068063026-1000\...\Run: [uTorrent] => C:\Users\Korisnik\AppData\Roaming\uTorrent\uTorrent.exe [1677904 2015-01-22] (BitTorrent Inc.) HKU\S-1-5-21-1555590807-2017441488-1068063026-1000\...\Run: [kwpvjaz] => rundll32 "C:\Users\Korisnik\AppData\Local\kwpvjaz.dll",kwpvjaz <===== ATTENTION HKU\S-1-5-21-1555590807-2017441488-1068063026-1000\...\Run: [22b7d07] => C:\22b7d07e\22b7d07e.exe [194560 2015-01-24] () HKU\S-1-5-21-1555590807-2017441488-1068063026-1000\...\Run: [22b7d07e] => C:\Users\Korisnik\AppData\Roaming\22b7d07e.exe [194560 2015-01-24] () HKU\S-1-5-21-1555590807-2017441488-1068063026-1000\...\MountPoints2: {e21bee77-3011-11e4-839a-08606ef25669} - F:\LaunchU3.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\22b7d07e.exe () Startup: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Unify3DWebPlayerUpdate.lnk ShortcutTarget: Unify3DWebPlayerUpdate.lnk -> C:\Users\Korisnik\AppData\Local\Unify3D\WebPlayer\Unify3DWebPlayerUpdate.exe (No File) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1555590807-2017441488-1068063026-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp URLSearchHook: HKU\S-1-5-21-1555590807-2017441488-1068063026-1000 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\10.5\pdfforgeToolbarIE64.dll (Spigot, Inc.) URLSearchHook: HKU\S-1-5-21-1555590807-2017441488-1068063026-1000 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\10.5\pdfforgeToolbarIE.dll (Spigot, Inc.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKU\S-1-5-21-1555590807-2017441488-1068063026-1000 -> DefaultScope {17BBE2DB-B518-4432-AB47-A07315C3F4C6} URL = search.yahoo.com/search?fr=chr-greentree_i.....=827316&p={searchTerms} SearchScopes: HKU\S-1-5-21-1555590807-2017441488-1068063026-1000 -> {17BBE2DB-B518-4432-AB47-A07315C3F4C6} URL = search.yahoo.com/search?fr=chr-greentree_i.....=827316&p={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: pdfforge Toolbar -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> C:\Program Files (x86)\pdfforge Toolbar\IE\10.5\pdfforgeToolbarIE.dll (Spigot, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\10.5\pdfforgeToolbarIE64.dll (Spigot, Inc.) Toolbar: HKLM-x32 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\10.5\pdfforgeToolbarIE.dll (Spigot, Inc.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\1y9yp85r.default FF DefaultSearchEngine: Yahoo! FF SelectedSearchEngine: Yahoo! FF Keyword.URL: search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=827316&p= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll () FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\1y9yp85r.default\searchplugins\yahoo_ff.xml FF Extension: Avira Browser Safety - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\1y9yp85r.default\Extensions\abs@avira.com [2014-11-04] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-10-16] FF HKU\S-1-5-21-1555590807-2017441488-1068063026-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= CHR StartupUrls: Default -> "hxxp://google.ba/" CHR DefaultSearchKeyword: Default -> yahoo.com search CHR DefaultSearchURL: Default -> search.yahoo.com/search?ei=utf-8&fr=chr-gr.....&ilc=12&p={searchTerms} CHR DefaultSuggestURL: Default -> ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\pdf.dll () CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java(TM) Platform SE 7 U40) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.400.43) - C:\Windows\SysWOW64\npDeployJava1.dll No File CHR Profile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-27] CHR Extension: (Google Drive) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-27] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26] CHR Extension: (YouTube) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-27] CHR Extension: (Google Search) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-27] CHR Extension: (Avira Browser Safety) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-12] CHR Extension: (Shopping Helper) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof [2014-07-01] CHR Extension: (Google Wallet) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-27] CHR Extension: (Gmail) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-27] CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-18] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-18] (Avira Operations GmbH & Co. KG) S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] () R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG) R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed] R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-10-10] (Macrovision Europe Ltd.) [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-09-17] () [File not signed] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.) R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc) S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG) S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [119680 2009-08-10] (Gemalto) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-15 09:28 - 2015-02-15 09:28 - 00000000 _____ () C:\Windows\setuperr.log 2015-02-15 09:28 - 2015-01-24 10:17 - 00001756 _____ () C:\Windows\setupact.log 2015-01-24 11:57 - 2015-01-24 12:00 - 00023796 _____ () C:\Users\Korisnik\Desktop\FRST.txt 2015-01-24 11:57 - 2015-01-24 11:57 - 00000000 ____D () C:\FRST 2015-01-24 11:44 - 2015-01-24 11:44 - 02126848 _____ (Farbar) C:\Users\Korisnik\Desktop\FRST64.exe 2015-01-24 11:32 - 2015-01-24 11:32 - 00008516 _____ () C:\Users\Public\HELP_DECRYPT.HTML 2015-01-24 11:32 - 2015-01-24 11:32 - 00008516 _____ () C:\Users\Public\Documents\HELP_DECRYPT.HTML 2015-01-24 11:32 - 2015-01-24 11:32 - 00008516 _____ () C:\Users\HELP_DECRYPT.HTML 2015-01-24 11:32 - 2015-01-24 11:32 - 00008516 _____ () C:\HELP_DECRYPT.HTML 2015-01-24 11:32 - 2015-01-24 11:32 - 00004198 _____ () C:\Users\Public\HELP_DECRYPT.TXT 2015-01-24 11:32 - 2015-01-24 11:32 - 00004198 _____ () C:\Users\Public\Documents\HELP_DECRYPT.TXT 2015-01-24 11:32 - 2015-01-24 11:32 - 00004198 _____ () C:\Users\HELP_DECRYPT.TXT 2015-01-24 11:32 - 2015-01-24 11:32 - 00004198 _____ () C:\HELP_DECRYPT.TXT 2015-01-24 11:32 - 2015-01-24 11:32 - 00000268 _____ () C:\Users\Public\HELP_DECRYPT.URL 2015-01-24 11:32 - 2015-01-24 11:32 - 00000268 _____ () C:\Users\Public\Documents\HELP_DECRYPT.URL 2015-01-24 11:32 - 2015-01-24 11:32 - 00000268 _____ () C:\Users\HELP_DECRYPT.URL 2015-01-24 11:32 - 2015-01-24 11:32 - 00000268 _____ () C:\HELP_DECRYPT.URL 2015-01-24 11:31 - 2015-01-24 11:31 - 00008516 _____ () C:\Users\Korisnik\HELP_DECRYPT.HTML 2015-01-24 11:31 - 2015-01-24 11:31 - 00004198 _____ () C:\Users\Korisnik\HELP_DECRYPT.TXT 2015-01-24 11:31 - 2015-01-24 11:31 - 00000268 _____ () C:\Users\Korisnik\HELP_DECRYPT.URL 2015-01-24 11:29 - 2015-01-24 11:29 - 00008516 _____ () C:\Users\Korisnik\Downloads\HELP_DECRYPT.HTML 2015-01-24 11:29 - 2015-01-24 11:29 - 00004198 _____ () C:\Users\Korisnik\Downloads\HELP_DECRYPT.TXT 2015-01-24 11:29 - 2015-01-24 11:29 - 00000268 _____ () C:\Users\Korisnik\Downloads\HELP_DECRYPT.URL 2015-01-24 11:25 - 2015-01-24 11:25 - 00000000 _____ () C:\Users\Korisnik\Desktop\New Text Document.txt 2015-01-24 10:09 - 2015-01-24 10:09 - 00008516 _____ () C:\Users\Korisnik\Documents\HELP_DECRYPT.HTML 2015-01-24 10:09 - 2015-01-24 10:09 - 00004198 _____ () C:\Users\Korisnik\Documents\HELP_DECRYPT.TXT 2015-01-24 10:09 - 2015-01-24 10:09 - 00000268 _____ () C:\Users\Korisnik\Documents\HELP_DECRYPT.URL 2015-01-24 09:28 - 2015-01-24 09:28 - 00008516 _____ () C:\Users\Korisnik\AppData\Roaming\HELP_DECRYPT.HTML 2015-01-24 09:28 - 2015-01-24 09:28 - 00008516 _____ () C:\Users\Korisnik\AppData\HELP_DECRYPT.HTML 2015-01-24 09:28 - 2015-01-24 09:28 - 00004198 _____ () C:\Users\Korisnik\AppData\Roaming\HELP_DECRYPT.TXT 2015-01-24 09:28 - 2015-01-24 09:28 - 00004198 _____ () C:\Users\Korisnik\AppData\HELP_DECRYPT.TXT 2015-01-24 09:28 - 2015-01-24 09:28 - 00000268 _____ () C:\Users\Korisnik\AppData\Roaming\HELP_DECRYPT.URL 2015-01-24 09:28 - 2015-01-24 09:28 - 00000268 _____ () C:\Users\Korisnik\AppData\HELP_DECRYPT.URL 2015-01-24 09:22 - 2015-01-24 09:22 - 00008516 _____ () C:\Users\Korisnik\AppData\Local\HELP_DECRYPT.HTML 2015-01-24 09:22 - 2015-01-24 09:22 - 00004198 _____ () C:\Users\Korisnik\AppData\Local\HELP_DECRYPT.TXT 2015-01-24 09:22 - 2015-01-24 09:22 - 00000268 _____ () C:\Users\Korisnik\AppData\Local\HELP_DECRYPT.URL 2015-01-24 09:21 - 2015-01-24 09:21 - 00008516 _____ () C:\ProgramData\HELP_DECRYPT.HTML 2015-01-24 09:21 - 2015-01-24 09:21 - 00004198 _____ () C:\ProgramData\HELP_DECRYPT.TXT 2015-01-24 09:21 - 2015-01-24 09:21 - 00000268 _____ () C:\ProgramData\HELP_DECRYPT.URL 2015-01-24 09:15 - 2015-01-24 09:15 - 00194560 _____ () C:\Users\Korisnik\AppData\Roaming\22b7d07e.exe 2015-01-24 09:15 - 2015-01-24 09:15 - 00070656 _____ () C:\Users\Korisnik\AppData\Local\kwpvjaz.dll 2015-01-24 09:15 - 2015-01-24 09:15 - 00000000 ___HD () C:\22b7d07e 2015-01-24 08:56 - 2015-01-24 08:56 - 00000624 _____ () C:\Windows\PFRO.log 2015-01-23 13:51 - 2015-01-23 13:52 - 00048992 _____ () C:\Users\Korisnik\Downloads\bluetoothview.zip 2015-01-22 14:27 - 2015-01-22 14:28 - 22115968 _____ () C:\Users\Korisnik\Downloads\KONTAKT.zip 2015-01-22 13:31 - 2015-01-22 13:31 - 00000000 ____D () C:\ProgramData\APN 2015-01-21 14:22 - 2015-01-24 09:29 - 00000000 ____D () C:\Users\Korisnik\Desktop\akcija 2015-01-12 09:53 - 2015-01-24 09:29 - 00000000 ____D () C:\Users\Korisnik\Desktop\ARBURG_PUMPA 2015-01-04 16:25 - 2015-01-19 17:16 - 00001426 _____ () C:\Users\Korisnik\Desktop\BAZA 2015.lnk 2015-01-04 15:59 - 2015-01-24 10:28 - 00001420 _____ () C:\Users\Korisnik\Desktop\Pocetno S 2014.lnk 2014-12-31 11:51 - 2014-12-31 11:51 - 590948352 _____ () C:\Users\Korisnik\Desktop\Lični stav - Zoran Kesić 03.01.2015..mp4 2014-12-31 10:44 - 2014-12-31 10:44 - 292814672 _____ () C:\Users\Korisnik\Desktop\24 minuta sa Zoranom Kesićem - Novogodišnja epizoda (31. decembar 2014.).mp4 2014-12-31 09:02 - 2014-12-31 09:02 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-15 09:28 - 2013-09-11 11:06 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FCBCC57D-69A9-4E05-BD7B-7551E9046234} 2015-01-24 11:59 - 2013-09-11 12:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-24 11:59 - 2013-09-11 11:19 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\uTorrent 2015-01-24 11:43 - 2009-07-14 05:45 - 00016848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-24 11:43 - 2009-07-14 05:45 - 00016848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-24 11:32 - 2014-12-05 13:27 - 00000000 ____D () C:\Users\Public\Documents\stalker-shoc 2015-01-24 11:32 - 2014-05-19 13:31 - 00000000 ____D () C:\Users\Public\Documents\Corel 2015-01-24 11:31 - 2013-09-11 16:43 - 00000000 ____D () C:\Users\Korisnik 2015-01-24 11:31 - 2013-09-11 11:17 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-24 11:29 - 2014-07-17 11:49 - 00000000 ____D () C:\Users\Korisnik\Downloads\vitinka 2015-01-24 11:29 - 2014-04-23 13:31 - 00000000 ____D () C:\Users\Korisnik\Downloads\The Wolf of Wall Street [2013] BRRip XviD AC3-RARBG 2015-01-24 11:19 - 2014-04-24 13:15 - 00000000 ____D () C:\Users\Korisnik\Downloads\The Lives Of Others [Das Leben Der Anderen].2006.BRRip.XviD-VLiS 2015-01-24 11:12 - 2014-07-02 08:46 - 00000000 ____D () C:\Users\Korisnik\Downloads\The Grand Budapest Hotel 2014 2015-01-24 10:56 - 2009-07-14 06:13 - 00782154 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-24 10:55 - 2014-07-03 13:32 - 00000000 ____D () C:\Users\Korisnik\Downloads\sistematizacija 2015-01-24 10:55 - 2014-06-21 12:52 - 00000000 ____D () C:\Users\Korisnik\Downloads\raging bull 2015-01-24 10:55 - 2014-06-21 12:31 - 00000000 ____D () C:\Users\Korisnik\Downloads\Taxi.Driver.1976.BRRip.x264-WiNTeaM 2015-01-24 10:55 - 2014-04-28 13:55 - 00000000 ____D () C:\Users\Korisnik\Downloads\s04e04 2015-01-24 10:51 - 2014-07-18 10:21 - 00000000 ____D () C:\Users\Korisnik\Downloads\MONIKA 2015-01-24 10:51 - 2014-07-09 10:55 - 00000000 ____D () C:\Users\Korisnik\Downloads\nikon 2015-01-24 10:51 - 2014-06-19 13:28 - 00000000 ____D () C:\Users\Korisnik\Downloads\M4r4d0n4 by Ku5tur1c4 [DvdRip - DivX Ac3 Sub ITA] 2015-01-24 10:47 - 2014-02-04 08:37 - 00000000 ____D () C:\Users\Korisnik\Downloads\kuca 2015-01-24 10:39 - 2014-04-16 10:45 - 00000000 ____D () C:\Users\Korisnik\Downloads\GOTS04E02 2015-01-24 10:38 - 2014-06-16 09:10 - 00000000 ____D () C:\Users\Korisnik\Downloads\Game.of.Thrones.S04E10.720p.HDTV.x264-KILLERS[rarbg] 2015-01-24 10:38 - 2014-06-09 08:34 - 00000000 ____D () C:\Users\Korisnik\Downloads\Game.of.Thrones.S04E09.720p.HDTV.x264-KILLERS[rarbg] 2015-01-24 10:38 - 2014-05-13 09:55 - 00000000 ____D () C:\Users\Korisnik\Downloads\Game.of.Thrones.S04E06.720p.HDTV.x264-DIMENSION[rarbg] 2015-01-24 10:38 - 2014-05-05 07:09 - 00000000 ____D () C:\Users\Korisnik\Downloads\Game.of.Thrones.S04E05.720p.HDTV.x264-KILLERS[rarbg] 2015-01-24 10:38 - 2014-04-07 10:22 - 00000000 ____D () C:\Users\Korisnik\Downloads\Game.of.Thrones.S04E01.HDTV.x264-KILLERS[rarbg] 2015-01-24 10:36 - 2014-05-19 09:03 - 00000000 ____D () C:\Users\Korisnik\Downloads\Game of Thrones S04E07 720p HDTV MPEG2-SM10 2015-01-24 10:31 - 2014-08-11 13:24 - 00000000 ____D () C:\Users\Korisnik\Downloads\FOTOAPARAT 2015-01-24 10:28 - 2014-09-27 10:04 - 00001426 _____ () C:\Users\Korisnik\Desktop\BAZA 2014.lnk 2015-01-24 10:17 - 2013-10-22 08:30 - 00000320 _____ () C:\Windows\Tasks\ESKJHF.job 2015-01-24 10:17 - 2013-09-11 11:17 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-24 10:17 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-24 10:12 - 2014-04-25 09:05 - 00000000 ____D () C:\Users\Korisnik\Downloads\A Serbian Film (2010) Uncut BRRip Xvid AC3-Anarchy 2015-01-24 10:09 - 2014-01-27 13:35 - 00000000 ____D () C:\Users\Korisnik\Documents\SVEDSKA 2015-01-24 10:07 - 2014-10-07 08:52 - 00000000 ____D () C:\Users\Korisnik\Desktop\ZELJKA_GRIJANJE 2015-01-24 10:07 - 2014-05-22 08:04 - 00000000 ____D () C:\Users\Korisnik\Desktop\VJESTACI 2015-01-24 10:07 - 2014-04-24 13:10 - 00000000 ____D () C:\Users\Korisnik\Desktop\The.Hunt.[Jagten].2012.DVDRip.XviD.AC3.HORiZON-ArtSubs 2015-01-24 10:07 - 2014-04-17 09:25 - 00000000 ____D () C:\Users\Korisnik\Desktop\uskrs 2015-01-24 10:07 - 2014-04-08 07:56 - 00000000 ____D () C:\Users\Korisnik\Desktop\yoga 2015-01-24 10:07 - 2014-01-28 19:11 - 00000000 ____D () C:\Users\Korisnik\Documents\01_HOR 2015-01-24 10:02 - 2014-05-14 09:45 - 00000000 ____D () C:\Users\Korisnik\Desktop\tea promesa_kartice artikala 2015-01-24 10:02 - 2014-04-29 14:51 - 00000000 ____D () C:\Users\Korisnik\Desktop\Slavisa-drvar 2015-01-24 10:01 - 2014-05-31 14:36 - 00000000 ____D () C:\Users\Korisnik\Desktop\SINA USB 31.05.2014 2015-01-24 09:50 - 2014-04-03 12:46 - 00000000 ____D () C:\Users\Korisnik\Desktop\program za plate 2015-01-24 09:50 - 2014-01-12 16:00 - 00000000 ____D () C:\Users\Korisnik\Desktop\SA 2015-01-24 09:50 - 2013-12-10 11:07 - 00000000 ____D () C:\Users\Korisnik\Desktop\ramovi za tablice 2015-01-24 09:49 - 2014-10-06 15:19 - 00000000 ____D () C:\Users\Korisnik\Desktop\PAG_NOVALJA 2015-01-24 09:48 - 2014-10-01 09:49 - 00000000 ____D () C:\Users\Korisnik\Desktop\New folder (2) 2015-01-24 09:48 - 2014-05-05 13:37 - 00000000 ____D () C:\Users\Korisnik\Desktop\objekat tunjuice 2015-01-24 09:47 - 2014-08-19 12:50 - 00000000 ____D () C:\Users\Korisnik\Desktop\New folder 2015-01-24 09:34 - 2014-06-23 11:54 - 00000000 ____D () C:\Users\Korisnik\Desktop\gavrilo 2015-01-24 09:34 - 2014-04-25 14:47 - 00000000 ____D () C:\Users\Korisnik\Desktop\izvjestaji 2015-01-24 09:33 - 2014-12-24 15:01 - 00000000 ____D () C:\Users\Korisnik\Desktop\fotke uzoraka proizvoda 2015-01-24 09:33 - 2014-11-10 15:01 - 00000000 ____D () C:\Users\Korisnik\Desktop\ford fiesta_tea 2015-01-24 09:30 - 2014-04-25 12:28 - 00000000 ____D () C:\Users\Korisnik\Desktop\DOM ZDRAVLJA DRVAR 2015-01-24 09:30 - 2014-01-21 09:39 - 00000000 ____D () C:\Users\Korisnik\Desktop\DEJAN PROLE 2015-01-24 09:28 - 2014-11-25 09:49 - 00000000 ____D () C:\Users\Korisnik\Desktop\01 2015-01-24 09:28 - 2014-11-15 08:37 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\Pexim Solutions 2015-01-24 09:28 - 2013-09-11 12:29 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\Skype 2015-01-24 09:28 - 2013-09-11 12:08 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\Mozilla 2015-01-24 09:28 - 2013-09-11 11:19 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\Winamp 2015-01-24 09:27 - 2014-02-25 12:17 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\Corel 2015-01-24 09:22 - 2014-07-15 12:11 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\Autodesk 2015-01-24 09:22 - 2014-07-11 06:42 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\Skype 2015-01-24 09:22 - 2013-10-07 14:04 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\BitTorrent 2015-01-24 09:22 - 2013-09-11 12:08 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\Mozilla 2015-01-24 09:22 - 2013-09-11 11:17 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\Adobe 2015-01-24 09:22 - 2013-09-11 11:16 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\Google 2015-01-24 09:21 - 2014-07-15 12:14 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\Autodesk 2015-01-24 09:20 - 2014-02-25 12:13 - 00000000 ____D () C:\ProgramData\Corel 2015-01-24 09:20 - 2013-10-10 15:51 - 00000000 ____D () C:\ProgramData\FLEXnet 2015-01-24 09:19 - 2014-07-15 12:11 - 00000000 ____D () C:\ProgramData\Autodesk 2015-01-24 09:19 - 2014-07-15 12:08 - 00000000 ____D () C:\Autodesk 2015-01-24 09:19 - 2013-09-11 11:26 - 00000000 ____D () C:\ProgramData\Avira 2015-01-24 09:15 - 2013-09-11 16:45 - 01535487 _____ () C:\Windows\WindowsUpdate.log 2015-01-23 18:59 - 2013-09-11 12:09 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-23 18:59 - 2013-09-11 12:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-23 18:59 - 2013-09-11 12:09 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-01-23 13:34 - 2013-09-11 11:27 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\vlc 2015-01-23 10:32 - 2013-09-11 11:17 - 00002222 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-01-22 13:31 - 2013-09-11 11:19 - 00000857 _____ () C:\Users\Korisnik\Desktop\µTorrent.lnk 2015-01-22 13:31 - 2013-09-11 11:19 - 00000837 _____ () C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2015-01-20 09:40 - 2014-03-06 11:04 - 00000792 _____ () C:\Windows\Brpfx04a.ini 2015-01-15 10:02 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp ==================== Files in the root of some directories ======= 2015-01-24 09:15 - 2015-01-24 09:15 - 0194560 _____ () C:\Users\Korisnik\AppData\Roaming\22b7d07e.exe 2015-01-24 09:28 - 2015-01-24 09:28 - 0008516 _____ () C:\Users\Korisnik\AppData\Roaming\HELP_DECRYPT.HTML 2015-01-24 09:28 - 2015-01-24 09:28 - 0045412 _____ () C:\Users\Korisnik\AppData\Roaming\HELP_DECRYPT.PNG 2015-01-24 09:28 - 2015-01-24 09:28 - 0004198 _____ () C:\Users\Korisnik\AppData\Roaming\HELP_DECRYPT.TXT 2015-01-24 09:28 - 2015-01-24 09:28 - 0000268 _____ () C:\Users\Korisnik\AppData\Roaming\HELP_DECRYPT.URL 2014-09-27 09:31 - 2014-09-27 09:37 - 0000000 _____ () C:\Users\Korisnik\AppData\Roaming\Templates 2015-01-24 09:22 - 2015-01-24 09:22 - 0008516 _____ () C:\Users\Korisnik\AppData\Local\HELP_DECRYPT.HTML 2015-01-24 09:22 - 2015-01-24 09:22 - 0045412 _____ () C:\Users\Korisnik\AppData\Local\HELP_DECRYPT.PNG 2015-01-24 09:22 - 2015-01-24 09:22 - 0004198 _____ () C:\Users\Korisnik\AppData\Local\HELP_DECRYPT.TXT 2015-01-24 09:22 - 2015-01-24 09:22 - 0000268 _____ () C:\Users\Korisnik\AppData\Local\HELP_DECRYPT.URL 2015-01-24 09:15 - 2015-01-24 09:15 - 0070656 _____ () C:\Users\Korisnik\AppData\Local\kwpvjaz.dll 2015-01-24 09:21 - 2015-01-24 09:21 - 0008516 _____ () C:\ProgramData\HELP_DECRYPT.HTML 2015-01-24 09:21 - 2015-01-24 09:21 - 0045412 _____ () C:\ProgramData\HELP_DECRYPT.PNG 2015-01-24 09:21 - 2015-01-24 09:21 - 0004198 _____ () C:\ProgramData\HELP_DECRYPT.TXT 2015-01-24 09:21 - 2015-01-24 09:21 - 0000268 _____ () C:\ProgramData\HELP_DECRYPT.URL 2014-09-27 09:37 - 2014-09-27 09:37 - 0000000 _____ () C:\ProgramData\Noise Gate 2014-09-27 09:28 - 2014-09-27 09:37 - 0000000 ____H () C:\ProgramData\PKP_DLbx.DAT 2014-06-06 13:27 - 2014-06-06 13:27 - 0000320 _____ () C:\ProgramData\spds90.txt 2014-09-27 09:37 - 2014-09-27 09:37 - 0000000 _____ () C:\ProgramData\Techno Kit Some content of TEMP: ==================== C:\Users\Korisnik\AppData\Local\Temp\avgnt.exe C:\Users\Korisnik\AppData\Local\Temp\diskchk.exe C:\Users\Korisnik\AppData\Local\Temp\fixutil.exe C:\Users\Korisnik\AppData\Local\Temp\urepair.exe C:\Users\Korisnik\AppData\Local\Temp\utt82D1.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-14 00:55 ==================== End Of Log ============================ Dopuna: 24 Jan 2015 13:08 Detektovano je i ovo: TR/Crypt.EPACK.Gen8

Profil

kitchmaman Poslao: 24 Jan 2015 13:09 Idi na vrh
offline kitchmaman Novi MyCity građanin Pridružio: 02 Okt 2010 Poruke: 10 Gde živiš: banja luka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Detektovano je i ovo: TR/Crypt.EPACK.Gen8

Profil

Sass Drake Poslao: 24 Jan 2015 16:19 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imam loše vijesti za tebe. Pokupio si Cryptowall 3 infekciju. Uklanjanje same infekcije nije problem već je problem ono što infekcija radi, a to je da šifruje sve dokumente, slike i slične fotografije i traži otkup ukoliko ih želiš nazad. Ako želiš možemo ukloniti infekciju, ali tvoje fajlove nećemo moći da vratimo. Nadam se da negdje imaš rezervnu kopiju istih (ako su na USB disku, nemoj ga uključivati u računar dok ne uklonimo infekciju).

Profil

kitchmaman Poslao: 26 Jan 2015 08:53 Idi na vrh
offline kitchmaman Novi MyCity građanin Pridružio: 02 Okt 2010 Poruke: 10 Gde živiš: banja luka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Aaauuuu...vlasnik firme će me udaviti! Hvala vam na odgovoru! Ništa, skinite infekciju i pošaljite mi na koji način mogu otkupiti to što su mi zeznuli. Vama još jednim hvala...divni ste...želim vam sve najbolje. pozzz...

Profil

Sass Drake Poslao: 26 Jan 2015 09:34 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! NAčin na koji to možeš otkupiti nalazi se u ovim fajlovima koje si već spomenuo na početku teme: HELP_DECRYPT.HTML HELP_DECRYPT.TXT I to ćeš moći samo ako rok nije istekao. Ako misliš da plaćaš otkup, moraću sačekati da to završiš prije nego što krenem u čišćenje.

Profil

kitchmaman Poslao: 26 Jan 2015 11:09 Idi na vrh
offline kitchmaman Novi MyCity građanin Pridružio: 02 Okt 2010 Poruke: 10 Gde živiš: banja luka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Traže 1000EUR??? Mogu li ovo riješiti sa ovim: removalvideos.com/need-help-to-remove-c.....oval-tips/ Registracija SpyHuntera je 30$. Ako ne mogu, onda idemo samo na uklanjanje infekcije i to je to!

Profil

magna86 Poslao: 26 Jan 2015 13:56 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvinjavam se sto upadam u temu mog kolege, ali samo da napomenem da se placati ransomu se ne isplati. Cak i da imate tolike pare na bacanje, velike su sance da ce ransom samo da vam iznudi jos vecu sumu. I da bi dekripcija delovala, kod koji dobijate od njih mora da se ubaci u sam ransom, sto ce reci sam malware mora da bude aktivan. Ukloniti infekciju nije veliki problem, problem je sama dekripcija fajlova.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » otvaranje fileova

Ko je trenutno na forumu

Ukupno su 823 korisnika na forumu :: 10 registrovanih, 0 sakrivenih i 813 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: branko7, djordje92sm, Hans Gajger, Kriglord, kybonacci, milenko crazy north, milos.cbr, novator, VJ, Vlad000

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by