Poslao: 10 Sep 2017 22:05
|
offline
- Pridružio: 14 Okt 2012
- Poruke: 129
|
Napisano: 10 Sep 2017 23:03
Postovanje dobri ljudi,imam problem sa Mozila Firefox a po malo imam I sa kompjuterom,sada neznam sta je vec u pitanju dali moze neko da mi pomogne,na Mozila Fire Fox kada pokrenem uvek mi skacu neke reklame i neki sajtovi,a na kom cesto bar svaki drugi dan mi se samo zamrzne slika,sta je u pitanju neznam.
mycity.rs/must-login.png
mycity.rs/must-login.png
Dopuna: 10 Sep 2017 23:05
Additional izveštaj od Farbar Recovery Scan Tool (x64) Verzija: 10-09-2017
Pokrenuo SkInS (10-09-2017 23:00:52)
Pokrenuto sa C:\Users\SkInS\Downloads
Windows 10 Enterprise Verzija 1703 (X64) (2017-09-03 00:19:08)
Režim pokretanja sistema: Normal
==========================================================
==================== Nalozi: =============================
Administrator (S-1-5-21-91446987-3066142892-86393475-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-91446987-3066142892-86393475-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-91446987-3066142892-86393475-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-91446987-3066142892-86393475-501 - Limited - Disabled)
SkInS (S-1-5-21-91446987-3066142892-86393475-1001 - Administrator - Enabled) => C:\Users\SkInS
==================== Bezbednosni Centar ========================
(Ukoliko je stavka unešena u fixlist, ona će biti uklonjena.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Instalirani Programi ======================
(Samo adware programi sa "hidden" simbolom mogu biti dodati u fixlist da bi bili prikazani. Adware programi bi trebali biti ručno deinstalirani.)
µTorrent (HKU\S-1-5-21-91446987-3066142892-86393475-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Activision(R) (HKLM-x32\...\{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision) Hidden
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc)
AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1897, 26.06.2017 - AIMP DevTeam)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Blur(TM) (HKLM-x32\...\InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kodi (HKU\S-1-5-21-91446987-3066142892-86393475-1001\...\Kodi) (Version: - XBMC-Foundation)
LEGO MARVEL's Avengers (HKLM\...\bGVnb21hcnZlbHNhdmVuZ2Vycw_is1) (Version: 1 - )
Malwarebytes verzija 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft OneDrive (HKU\S-1-5-21-91446987-3066142892-86393475-1001\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60830 (HKLM-x32\...\{c7ed0d4c-89c5-47fc-9e89-1088affe63f3}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60830 (HKLM-x32\...\{9dba0447-b749-41ea-90bc-2aa19a9eb580}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.9 - Power Software Ltd)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.6.0 - Unified Intents AB)
ViewRight Web PC 3.7.1.0 (HKLM-x32\...\{3151E7AB-5983-4381-A8CB-4FFB00D2C0B5}) (Version: 3.7.1.0 - Verimatrix, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.50 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.6 - win.rar GmbH)
WPS Office (10.2.0.5845) (HKU\S-1-5-21-91446987-3066142892-86393475-1001\...\Kingsoft Office) (Version: 10.2.0.5845 - Kingsoft Corp.)
==================== Prilagođen CLSID (Na Beloj Listi): ==========================
(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)
CustomCLSID: HKU\S-1-5-21-91446987-3066142892-86393475-1001_Classes\CLSID\{70239788-4DAE-49B8-9270-5D8614384B49}\InprocServer32 -> C:\Users\SkInS\AppData\Local\Kingsoft\WPS Office\10.2.0.5845\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll (Zhuhai Kingsoft Office Software Co.,Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nema Datoteke
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-08-20] (AIMP DevTeam)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-07-25] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-07-25] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-08-20] (AIMP DevTeam)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-07-25] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-07-25] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-91446987-3066142892-86393475-1001: [kpdf2wordshellext] -> {70239788-4DAE-49B8-9270-5D8614384B49} => C:\Users\SkInS\AppData\Local\Kingsoft\WPS Office\10.2.0.5845\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll [2017-05-23] (Zhuhai Kingsoft Office Software Co.,Ltd)
==================== Planirani Zadaci (Na Beloj Listi) =============
(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)
Task: {37A7210D-D7EF-4E61-9924-2BED323F902D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {5114C472-31F9-4CE6-AF60-F78846462C5A} - System32\Tasks\WpsExternal_SkInS_20170523152933 => C:\Users\SkInS\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe [2017-05-23] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {77DC586C-61A3-4477-9741-62AC1FBE2D54} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {786597F3-2F9C-4D81-B8F5-B9D483C76F12} - System32\Tasks\WpsUpdateTask_SkInS => C:\Users\SkInS\AppData\Local\Kingsoft\WPS Office\10.2.0.5845\wtoolex\wpsupdate.exe [2017-08-30] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {78ECDEB5-EEC8-472F-B63E-5C6C7808B114} - System32\Tasks\8f990d920a967a7ace7985113077f5f5 => sc start 8f990d920a967a7ace7985113077f5f5 <==== Pažnja!
Task: {85BAA27B-89FA-4964-8439-743609A0B725} - System32\Tasks\WpsKtpcntrQingTask_SkInS => C:\Users\SkInS\AppData\Local\Kingsoft\WPS Office\10.2.0.5845\office6\ktpcntr.exe [2017-05-23] (Zhuhai Kingsoft Office Software Co.,Ltd)
(Ukoliko je stavka unešena u fixlist, planirani zadaci (.job) datoteke će biti premeštene. Datoteka koju zadatak izvršava neće biti uklonjena.)
==================== Prečice & WMI ========================
(Stavka može biti navedena da bi bila vraćena ili uklonjena.)
==================== Učitani Moduli (Na Beloj Listi) ==============
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:08 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-08-23 12:01 - 2017-08-23 12:02 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-23 12:01 - 2017-08-23 12:02 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-23 12:01 - 2017-08-23 12:02 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-23 12:01 - 2017-08-23 12:02 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
==================== Alternate Data Streams (Na Beloj Listi) =========
(Ukoliko je stavka unešena u fixlist, samo ce ADS biti uklonjen.)
==================== Bezbedni Režim (Na Beloj Listi) ===================
(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. "AlternateShell" će biti vraćen na podrazumevanu vrednost..)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asocijacije (Na Beloj Listi) ===============
(Ukoliko je stavka unešena u fixlist, registru stavka ce biti vraćena na podrazumevanu vrednost ili uklonjena.)
==================== Internet Explorer pouzdano/ograničeno ===============
(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra.)
==================== Hosts sadržaj: ===============================
(Ukoliko je potrebno, Hosts: direktiva može biti uključena u fixlist da postavi početnu Hosts vrednost.)
2016-07-16 13:47 - 2017-05-11 17:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Ostale Oblasti ============================
(Trenutno ne postoji automatizovana popravka za ovu sekciju.)
HKU\S-1-5-21-91446987-3066142892-86393475-1001\Control Panel\Desktop\\Wallpaper -> c:\users\skins\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{1f36a385-7cf9-489b-97b4-86a4cd44efcb}.png
DNS Servers: 89.216.1.40 - 89.216.1.50
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall je omogućen
==================== MSCONFIG/TASK MANAGER isključeni unosi ==
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKU\S-1-5-21-91446987-3066142892-86393475-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-91446987-3066142892-86393475-1001\...\StartupApproved\Run: => "uTorrent"
==================== FirewallRules (Na Beloj Listi) ===============
(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)
FirewallRules: [{6521C172-1BC4-4729-B2B1-8486D62D96E6}] => (Allow) E:\IGRICE\Blur.exe
FirewallRules: [{B9C1BA45-DB58-4907-8A8F-B754C75D5F8B}] => (Allow) E:\IGRICE\Blur.exe
FirewallRules: [{5D8380C2-FACE-4459-996D-8FA0A49543F4}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{7B273F89-61E1-46BD-8FBC-4AFD810DB04D}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [UDP Query User{8AB9926E-E697-43B4-AE6F-9EA3D50F5513}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{93251E98-8B5F-4801-A300-6F8A4BFC7788}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{1ABF9FB1-408F-4B5C-A86E-061527CA061B}] => (Allow) C:\Users\SkInS\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2359EFFA-DB61-4E1D-B8AE-D0AFB503E539}] => (Allow) C:\Users\SkInS\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C8B394CD-8769-48FF-83D3-79C5758EDB13}] => (Allow) C:\Users\SkInS\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9D0871A1-52B9-49F8-B427-18BD9CF1A5C1}] => (Allow) C:\Users\SkInS\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A480A994-4CEF-40EE-8CFA-6BB43C2E8C20}] => (Allow) C:\Users\SkInS\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0515873C-47A1-47AA-9061-06957CD1FCAA}] => (Allow) C:\Users\SkInS\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{B20E3DDF-00C5-4ECE-99A7-DD847C71B451}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{FC8DEFC1-64C2-4EB2-AA7B-8058670CB8D2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{2B94DD45-662E-443D-A912-2DB2B0D579B4}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{84B3CA8E-1C85-402C-97EA-354746664E98}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{0FDF442C-1F9E-4F89-A9F9-1FFCBEA42778}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Tačke Vraćanja =========================
==================== Neispravni Uređaji Upravljač Uređajima =============
==================== Event log greške: =========================
Aplikacione greške:
==================
Error: (09/10/2017 09:47:12 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (09/10/2017 09:46:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
Error: (09/10/2017 08:10:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (09/10/2017 08:07:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (09/10/2017 08:07:17 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (09/10/2017 05:47:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Ime aplikacije koja je dovela do greške: MicrosoftEdgeCP.exe, verzija: 11.0.15063.483, vremenska oznaka: 0x595f2577
ime modula koji je doveo do greške: unknown, verzija: 0.0.0.0, vremenska oznaka: 0x00000000
kôd izuzetka: 0xc0000604
pomak greške: 0x0000000000000000
ID procesa koji je doveo do greške: 0x194c
vreme početka aplikacije koja je dovela do greške: 0x01d32a4c1352ca39
putanja aplikacije koja je dovela do greške: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
putanja modula koji je doveo do greške: unknown
ID izveštaja: 4acf1300-6b7a-42ee-bdfb-747475d1978d
puno ime paketa koji je doveo do greške: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
ID aplikacije povezane sa paketom koji je doveo do greške: ContentProcess
Error: (09/10/2017 05:47:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (09/10/2017 05:47:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Ime aplikacije koja je dovela do greške: MicrosoftEdgeCP.exe, verzija: 11.0.15063.483, vremenska oznaka: 0x595f2577
ime modula koji je doveo do greške: unknown, verzija: 0.0.0.0, vremenska oznaka: 0x00000000
kôd izuzetka: 0xc0000604
pomak greške: 0x0000000000000000
ID procesa koji je doveo do greške: 0x194c
vreme početka aplikacije koja je dovela do greške: 0x01d32a4c1352ca39
putanja aplikacije koja je dovela do greške: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
putanja modula koji je doveo do greške: unknown
ID izveštaja: 075a3de5-d14d-45e6-b1f0-5fbafb91ed31
puno ime paketa koji je doveo do greške: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
ID aplikacije povezane sa paketom koji je doveo do greške: ContentProcess
Error: (09/10/2017 05:47:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (09/10/2017 05:40:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable
Systemske greške:
=============
Error: (09/10/2017 08:04:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Pokretanje usluge „CldFlt“ nije uspelo zbog sledeće greške:
The request is not supported.
Error: (09/10/2017 08:04:07 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:43:56 on 10.9.2017. was unexpected.
Error: (09/10/2017 05:43:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Pokretanje usluge „CldFlt“ nije uspelo zbog sledeće greške:
The request is not supported.
Error: (09/10/2017 05:43:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 14:12:19 on 10.9.2017. was unexpected.
Error: (09/09/2017 09:37:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Pokretanje usluge „CldFlt“ nije uspelo zbog sledeće greške:
The request is not supported.
Error: (09/09/2017 09:37:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 21:28:36 on 9.9.2017. was unexpected.
Error: (09/05/2017 12:58:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Pokretanje usluge „CldFlt“ nije uspelo zbog sledeće greške:
The request is not supported.
Error: (09/05/2017 12:57:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalacija nije uspela: Windows nije uspeo da instalira sledeću ispravku uz grešku 0x8024001e: Ažuriranje definicije za Windows Defender - KB2267602 (definicija 1.251.471.0).
Error: (09/05/2017 12:54:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usluga „Preuzeti upravljač mapama“ se neočekivano prekinula. To se dogodilo 1 put(a).
Error: (09/04/2017 09:11:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usluga „App Readiness“ se neočekivano prekinula. To se dogodilo 1 put(a).
==================== Informacije o Memoriji ===========================
Procesor: AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
Postotak memorije u upotrebi: 48%
Ukupno fizičkog RAM-a: 4095.36 MB
Dostupno fizičkog RAM-a: 2116.94 MB
Ukupno Virtualnog: 4351.36 MB
Dostupno Virtualnog: 2317.96 MB
==================== Drajveri ================================
Drive c: () (Fixed) (Total:47.31 GB) (Free:12.17 GB) NTFS
Drive e: () (Fixed) (Total:101.2 GB) (Free:43.59 GB) NTFS
==================== MBR & Particiona Tabela ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 04580458)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=47.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=101.2 GB) - (Type=07 NTFS)
==================== Kraj od Addition.txt ============================
|
|
|
|
Poslao: 11 Sep 2017 00:53
|
offline
- softwaremaniac
- AMF pripravnik
- Pridružio: 14 Jun 2016
- Poruke: 535
|
Pozdrav,
zamolio bih te da ukloniš Popcorn Time.
1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:
CreateRestorePoint:
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
C:\Program Files (x86)\Popcorn Time
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== Pažnja!
GroupPolicy: Restrikcije <==== Pažnja!
StartMenuInternet: FIREFOX.EXE - E:\DOWNLOAD\firefox.exe
FF Plugin HKU\S-1-5-21-91446987-3066142892-86393475-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Nema Datoteke]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nema Datoteke
Task: {78ECDEB5-EEC8-472F-B63E-5C6C7808B114} - System32\Tasks\8f990d920a967a7ace7985113077f5f5 => sc start 8f990d920a967a7ace7985113077f5f5 <==== Pažnja!
FirewallRules: [{2B94DD45-662E-443D-A912-2DB2B0D579B4}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{84B3CA8E-1C85-402C-97EA-354746664E98}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
EmptyTemp:
2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.
3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.
Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.
|
|
|
|
|
|
Poslao: 11 Sep 2017 22:10
|
offline
- Pridružio: 14 Okt 2012
- Poruke: 129
|
Izveštaj ispravaka od Farbar Recovery Scan Tool (x64) Verzija: 11-09-2017
Pokrenuo SkInS (11-09-2017 20:43:03) Run:1
Pokrenuto sa C:\Users\SkInS\Downloads
Učitani Profili: SkInS (Dostupani Profili: defaultuser0 & SkInS & Administrator)
Režim pokretanja sistema: Normal
==============================================
fixlist sadržaj:
*****************
CreateRestorePoint:
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
C:\Program Files (x86)\Popcorn Time
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== Pa�nja!
GroupPolicy: Restrikcije <==== Pa�nja!
StartMenuInternet: FIREFOX.EXE - E:\DOWNLOAD\firefox.exe
FF Plugin HKU\S-1-5-21-91446987-3066142892-86393475-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Nema Datoteke]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>� -> Nema Datoteke
Task: {78ECDEB5-EEC8-472F-B63E-5C6C7808B114} - System32\Tasks\8f990d920a967a7ace7985113077f5f5 => sc start 8f990d920a967a7ace7985113077f5f5 <==== Pa�nja!
FirewallRules: [{2B94DD45-662E-443D-A912-2DB2B0D579B4}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{84B3CA8E-1C85-402C-97EA-354746664E98}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
EmptyTemp:
*****************
Tačka vraćanja je uspešno kreirana.
[2924] C:\Program Files (x86)\Popcorn Time\Updater.exe => proces je uspešno zatvoren.
C:\Program Files (x86)\Popcorn Time => uspešno premešteno
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== Pažnja! => uspešno vraćeno u predhodno stanje
C:\WINDOWS\system32\GroupPolicy\Machine => uspešno premešteno
C:\WINDOWS\system32\GroupPolicy\GPT.ini => uspešno premešteno
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => vrednost uspešno vraćeno u predhodno stanje
HKU\S-1-5-21-91446987-3066142892-86393475-1001\Software\MozillaPlugins\ubisoft.com/uplaypc => ključ uspešno uklonjeno
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll => nije pronađena.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => ključ uspešno uklonjeno
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => ključ nije pronađena.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{78ECDEB5-EEC8-472F-B63E-5C6C7808B114} => ključ uspešno uklonjeno
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78ECDEB5-EEC8-472F-B63E-5C6C7808B114} => ključ uspešno uklonjeno
C:\WINDOWS\System32\Tasks\8f990d920a967a7ace7985113077f5f5 => uspešno premešteno
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8f990d920a967a7ace7985113077f5f5 => ključ uspešno uklonjeno
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B94DD45-662E-443D-A912-2DB2B0D579B4} => vrednost uspešno uklonjeno
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{84B3CA8E-1C85-402C-97EA-354746664E98} => vrednost uspešno uklonjeno
=========== EmptyTemp: ==========
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11716854 B
Java, Flash, Steam htmlcache => 17137 B
Windows/system/drivers => 234651162 B
Edge => 280571881 B
Chrome => 0 B
Firefox => 388777281 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 2542 B
NetworkService => 17660 B
defaultuser0 => 0 B
SkInS => 105568410 B
Administrator => 14446 B
RecycleBin => 0 B
EmptyTemp: => 979.8 MB privremeni podaci Uklonjeni.
================================
Sistemu je potreban ponovno pokretanje.
==== Kraj od Fixlog 20:44:05 ====
|
|
|
|
Poslao: 11 Sep 2017 22:28
|
offline
- softwaremaniac
- AMF pripravnik
- Pridružio: 14 Jun 2016
- Poruke: 535
|
Preuzmi AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
U Tools odaberi Options.
U dijaloškom okviru koji se pojavi isključi Reset Winsock settings ako je uključen.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Ako ti javi da postoji novija verzija, postaraj se da je preuzmeš.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Pojavit će se poruka da računar treba restartovati. Klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Zatim:
Preuzmi Malwarebytes Anti-Malware sa ovog ili ovog ili ovog linka i instaliraj aplikaciju.
Pokreni mb3-setup-consumer-{verzija}.exe i isprati uputstva za instalaciju programa. Nakon instalacije, klikni na Finish
Prilikom prvog pokretanja, program će prikazati prozor "dobrodošlice". Slobodno zatvori taj prozor.
Napomena: Premium funkcije programa su već aktivirane i važe 13 dana od trenutka instalacije. Premium funkcije možeš isključiti preko Settings > My Account tab podešavanja.
• Podešavanja skenera - u Settings, klikni na Protection tab. Ispod Scan Options sekcije, uključi "Scan for rootkits" opciju.
• Pripremi podešavanja za Threat Scan - u Dashboard , klikni na Scan Now dugme. MBAM će ažurirati bazu i započeti skeniranje.
Kada se skeniranje završi, ako je infekcija detektovana, obrati pažnju da je sve označeno, pa klikni na Remove Selected. Restartuj računar ako program upita za restart.
• Dostavi log: Pod Reports izaberi trenutni datum izveštaja Scan Report i potom klikni na View Report.
Izvezi log na Desktop;
- Klikni na Export dugme na dnu, pa onda izaberi 'Text file (*.txt)'
# U Save File dijalogu koji se pojavi, klikni na Desktop. U File name: polje, upiši "mbam" (bez navodnika) i klikni na Save.
- Pojaviće se poruka "Your file has been successfully exported", klikni Ok i zatvori prozor.
• U odgovoru prikači mbam.txt log koristeći "Prikači fajl" opciju .
Javi kakvo je stanje nakon toga.
|
|
|
|
|
|
Poslao: 12 Sep 2017 17:00
|
offline
- Pridružio: 14 Okt 2012
- Poruke: 129
|
I ovo sam odradio samo da znas ali ti nisi napisao da stavljam na zid i ja nisam
|
|
|
|