Virus

Virus

offline
  • Snorks  Male
  • Zaslužni građanin
  • Pridružio: 09 Apr 2014
  • Poruke: 634

Скоро сваки дан ми налази три иста вируса , и стално иста.Шта да радим?

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Isprati uputstvo za otvaranje teme i psotavi tražene izvještaje.

https://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

offline
  • Snorks  Male
  • Zaslužni građanin
  • Pridružio: 09 Apr 2014
  • Poruke: 634

Кад имам вирусе успори ми интернет.
https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by Filip (administrator) on ASPIREF5 (10-11-2017 17:10:41)
Running from C:\Users\Filip\AppData\Local\Temp\scoped_dir3968_9670
Loaded Profiles: Filip (Available Profiles: Filip)
Platform: Windows 10 Pro Version 1703 15063.674 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Opera Software) C:\Program Files\Opera\48.0.2685.52\opera_autoupdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40485.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40485.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(BitTorrent Inc.) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Filip\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
(BitTorrent Inc.) C:\Users\Filip\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Program Files\Opera\48.0.2685.52\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe
() C:\Windows\KMS-R@1nHook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [339464 2016-02-10] (Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKU\S-1-5-21-105028642-2888408535-3226716027-1001\...\Policies\Explorer: []
HKU\S-1-5-21-105028642-2888408535-3226716027-1001\...\MountPoints2: {23098bbb-ac05-11e7-950f-94e979c6309c} - "G:\setup.exe"
HKU\S-1-5-21-105028642-2888408535-3226716027-1001\...\MountPoints2: {870e78d5-5d0c-11e7-949d-54ab3af46ea8} - "F:\HiSuiteDownLoader.exe"
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{80ff5ece-0ceb-4f55-be1b-54db5330eafb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{becbc9a0-c279-4148-b22e-c69a62874383}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-11-06] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-10-19] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-11-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-06] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-10-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default [2017-11-10]
CHR Extension: (Docs) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-24]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-24]
CHR Extension: (Google Docs Offline) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-24]
CHR Extension: (AdBlock) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-08]
CHR Extension: (Google Mail Checker) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-03-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-27]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-24]
CHR Extension: (Chrome Media Router) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-08]
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-03-23]
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-23]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Search in YouTube) - C:\Users\Filip\AppData\Roaming\Opera Software\Opera Stable\Extensions\gclmonidkokknfccffpefiplnbepbgfm [2017-05-24]
OPR Extension: (Popup Blocker (strict)) - C:\Users\Filip\AppData\Roaming\Opera Software\Opera Stable\Extensions\jabcemjkhjfpkhakphioakkhcnbgeomm [2017-09-28]
OPR Extension: (Gismeteo weather forecast in speed-dial) - C:\Users\Filip\AppData\Roaming\Opera Software\Opera Stable\Extensions\kibhjejfdbbjhlhmhdcjcnjpiobjgkak [2017-05-22]
OPR Extension: (Adblock Plus) - C:\Users\Filip\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-09-28]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063656 2017-10-31] (Microsoft Corporation)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [11776 2012-05-19] () [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-10] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-06-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26592 2016-03-04] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [215328 2016-05-17] (Intel Corporation)
S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-02-25] () [File not signed]
R2 mitsijm2016; C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe [968480 2014-09-30] (Autodesk, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-19] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Dokan; C:\WINDOWS\system32\drivers\dokan.sys [106888 2012-05-19] (Windows (R) Win 7 DDK provider)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-10-05] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-10-05] (Disc Soft Ltd)
R1 MpKsl03a89cd7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C16DCEB6-A32B-437F-B999-A973CF649320}\MpKsl03a89cd7.sys [58120 2017-11-08] (Microsoft Corporation)
R1 MpKsl095970b3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CD048646-4426-40A1-A16C-8555013CEF9C}\MpKsl095970b3.sys [49392 2017-11-01] (Microsoft Corporation)
R1 MpKsl437739d2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{37382A09-791E-47E9-B53E-04C5AA51DBBE}\MpKsl437739d2.sys [49392 2017-10-23] (Microsoft Corporation)
R1 MpKsl5355e7a7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F5CA348A-A2B8-4054-AA0A-09614331A24D}\MpKsl5355e7a7.sys [58120 2017-11-08] (Microsoft Corporation)
R1 MpKsl62917d35; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C6B204EF-7489-481D-9E28-184D1265BE10}\MpKsl62917d35.sys [58120 2017-11-10] (Microsoft Corporation)
R1 MpKsl63c90bdd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E44089E3-A488-46E7-B34D-3FC093FD60DA}\MpKsl63c90bdd.sys [58120 2017-11-07] (Microsoft Corporation)
R1 MpKsl81ec70ab; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{18E667BF-DD79-42A4-BC57-7A583D355EBC}\MpKsl81ec70ab.sys [58120 2017-11-03] (Microsoft Corporation)
R1 MpKsl83b3be5f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F4FE4AC5-9C6C-4E72-9E5C-9A027DB3BA43}\MpKsl83b3be5f.sys [49392 2017-10-24] (Microsoft Corporation)
R1 MpKsl97948f77; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B4375FC9-CA59-40A4-A615-C62BEDFBF172}\MpKsl97948f77.sys [49392 2017-10-29] (Microsoft Corporation)
R1 MpKsla25b8e48; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A0BFD43F-1FD6-42D6-A630-0DF639F4417C}\MpKsla25b8e48.sys [49392 2017-10-23] (Microsoft Corporation)
R1 MpKslb873f4b7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F322274A-62F2-4B03-8DA2-E1F9384F3460}\MpKslb873f4b7.sys [49392 2017-10-27] (Microsoft Corporation)
R1 MpKslc01ff1c5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{28B3D271-2162-4BE7-9E50-8007C58235EF}\MpKslc01ff1c5.sys [58120 2017-11-05] (Microsoft Corporation)
R1 MpKslc154ac25; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{12AD305D-E6EF-47F3-A94A-793C259FC9CF}\MpKslc154ac25.sys [49392 2017-10-29] (Microsoft Corporation)
R1 MpKsldc916a43; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C062AA99-1306-4674-897F-DC423BB87EA2}\MpKsldc916a43.sys [58120 2017-11-09] (Microsoft Corporation)
R1 MpKslfa60f888; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{237C1FD9-1083-482A-A6CF-5AF148AC1BFC}\MpKslfa60f888.sys [49392 2017-10-24] (Microsoft Corporation)
R1 MpKslfce234a2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{077796FC-F029-435B-89A0-51899330DC19}\MpKslfce234a2.sys [49392 2017-10-29] (Microsoft Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-10 17:10 - 2017-11-10 17:10 - 002403328 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2017-11-10 17:10 - 2017-11-10 17:10 - 000000000 ____D C:\FRST
2017-11-10 15:31 - 2017-11-10 15:31 - 000000000 ____D C:\Users\Filip\AppData\LocalLow\uTorrent
2017-11-09 23:55 - 2017-11-09 23:55 - 000026453 _____ C:\Users\Filip\Downloads\262268-doc_martin_-_08x02_-_sons_and_lovers.mtb.eng.zip
2017-11-06 16:38 - 2017-11-06 16:40 - 001848964 _____ C:\WINDOWS\Minidump\110617-55734-01.dmp
2017-11-06 16:38 - 2017-11-06 16:38 - 000000000 ____D C:\WINDOWS\Minidump
2017-11-05 19:40 - 2017-11-05 19:40 - 000001078 _____ C:\Users\Filip\Desktop\Opera.lnk
2017-10-25 10:21 - 2017-10-25 10:21 - 004233728 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-10-19 21:06 - 2017-10-22 11:26 - 000000000 ____D C:\Users\Filip\AppData\Roaming\Solveig Multimedia
2017-10-19 21:04 - 2017-10-19 21:13 - 000000000 ____D C:\Users\Filip\Documents\HyperCam4
2017-10-13 21:01 - 2017-10-21 20:45 - 000000000 ____D C:\Users\Filip\Documents\Sound recordings

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-10 17:12 - 2017-02-24 11:00 - 000000000 ____D C:\Users\Filip\AppData\Roaming\uTorrent
2017-11-10 16:43 - 2017-08-19 16:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-10 16:34 - 2017-08-19 16:58 - 000000000 ____D C:\Users\Filip
2017-11-10 15:21 - 2017-02-25 01:10 - 000000000 __SHD C:\Users\Filip\IntelGraphicsProfiles
2017-11-10 13:42 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-10 13:42 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-10 13:04 - 2017-08-19 17:22 - 001768136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-10 12:59 - 2017-08-19 16:50 - 000540584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-10 12:58 - 2017-08-19 17:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-10 12:58 - 2017-02-25 01:15 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-07 23:04 - 2017-02-25 01:32 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-07 23:04 - 2017-02-25 01:32 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-07 18:48 - 2017-02-27 21:55 - 000000000 ____D C:\Users\Filip\AppData\Roaming\BSplayer
2017-11-07 12:45 - 2017-08-19 17:25 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-105028642-2888408535-3226716027-1001
2017-11-07 12:45 - 2017-02-25 00:42 - 000002401 _____ C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-07 12:45 - 2017-02-25 00:42 - 000000000 ___RD C:\Users\Filip\OneDrive
2017-11-06 22:51 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-06 16:42 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-06 16:38 - 2017-04-23 17:23 - 615101310 _____ C:\WINDOWS\MEMORY.DMP
2017-11-06 12:57 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-06 12:55 - 2017-02-24 13:02 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-11-05 19:40 - 2017-05-11 22:43 - 000000000 ____D C:\Users\Filip\Desktop\Срђан
2017-11-02 13:15 - 2017-02-25 00:39 - 000000000 ____D C:\Users\Filip\AppData\Local\Packages
2017-11-01 17:48 - 2017-05-09 20:09 - 000000000 ____D C:\Program Files\Opera
2017-10-27 11:30 - 2017-08-19 17:25 - 000003938 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1494357056
2017-10-27 11:30 - 2017-06-29 13:09 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2017-10-25 10:22 - 2017-08-19 17:25 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-25 10:21 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-25 10:21 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-23 23:58 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-10-15 16:59 - 2017-09-29 13:00 - 000000000 ____D C:\Users\Filip\Desktop\BZR
2017-10-13 01:21 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 01:21 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-11 23:28 - 2017-03-27 10:24 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-10-11 20:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-11 10:09 - 2016-11-20 19:54 - 000000000 __RHD C:\Users\Public\AccountPictures

==================== Files in the root of some directories =======

2017-07-04 21:15 - 2017-08-02 15:58 - 000005120 _____ () C:\Users\Filip\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-19 16:55 - 2017-08-19 16:55 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-02-25 21:07 - 2017-02-25 21:07 - 000000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-08 17:32

==================== End of FRST.txt ============================

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKU\S-1-5-21-105028642-2888408535-3226716027-1001\...\MountPoints2: {23098bbb-ac05-11e7-950f-94e979c6309c} - "G:\setup.exe"
HKU\S-1-5-21-105028642-2888408535-3226716027-1001\...\MountPoints2: {870e78d5-5d0c-11e7-949d-54ab3af46ea8} - "F:\HiSuiteDownLoader.exe"
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe
GroupPolicy: Restriction <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD Mechanical 2012\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
2017-02-25 00:37 - 2017-02-25 00:37 - 000005120 _____ () C:\WINDOWS\KMS-R@1nHook.exe
FirewallRules: [{700D854C-2B26-48D7-8FC7-F3CE76E5FD38}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{26A75603-2589-4DD3-97F2-69FAFE0E336B}] => (Allow) C:\Windows\KMS-R@1n.exe
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Snorks  Male
  • Zaslužni građanin
  • Pridružio: 09 Apr 2014
  • Poruke: 634

Napisano: 13 Nov 2017 19:00

https://www.mycity.rs/must-login.png

Dopuna: 13 Nov 2017 19:01

У коју поруку да ископрам FRST?

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Pažljivo pročitaj moja uputstva. Treba da u Notepad iskopiraš ovo u sivome kod polju. Zatim treba to da spremiš na Desktop pod nazivom fixlist.txt (odnosno na lokaciju gde se nalazi FRST, preporučljivo je na Desktopu). Onda pokreni FRST i klikni na dugme Fix. Kad odradi svoje, na Desktopu će se pojaviti Fixlog.txt. E, ti treba to da iskopiraš u poruku.

Ko je trenutno na forumu
 

Ukupno su 525 korisnika na forumu :: 7 registrovanih, 4 sakrivenih i 514 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Dorcolac, krkalon, milenko crazy north, minmatar34957, voja64, zlaya011, zziko