google,gmail problem

1

google,gmail problem

offline
  • Pridružio: 22 Feb 2011
  • Poruke: 33

Naime od sinoc ne mogu da pristupim gmail nalogu.Svako pretrazivac mi izbacuje sledeci problem Your connection is not private

This server could not prove that it is google.rs; its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.

You cannot proceed because the website operator has requested heightened security for this domain.

Skenirao sa sa mbm nikakv problem nije naisao.Od veceras ne mogu ni na google da pristupim.
Zahvalan bih bio ako bi mi neko rekao o cemu se radi.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-10-2017 01
Ran by kuureee (administrator) on KUUREEE-PC (19-10-2017 23:02:14)
Running from G:\Users\kuureee\Desktop
Loaded Profiles: kuureee (Available Profiles: kuureee)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) G:\Windows\System32\atiesrxx.exe
(AMD) G:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) G:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Advanced Micro Devices, Inc.) G:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) G:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) G:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) G:\Windows\System32\alg.exe
(Microsoft Corporation) G:\Program Files\Windows Sidebar\sidebar.exe
(Viber Media S.à r.l.) G:\Users\kuureee\AppData\Local\Viber\Viber.exe
(TeamSpeak Systems GmbH) G:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Opera Software) G:\Program Files (x86)\Opera\48.0.2685.39\opera.exe
(Opera Software) G:\Program Files (x86)\Opera\48.0.2685.39\opera_crashreporter.exe
(Opera Software) G:\Program Files (x86)\Opera\48.0.2685.39\opera.exe
(Opera Software) G:\Program Files (x86)\Opera\48.0.2685.39\opera.exe
(Opera Software) G:\Program Files (x86)\Opera\48.0.2685.39\opera.exe
(Opera Software) G:\Program Files (x86)\Opera\48.0.2685.39\opera.exe
(Opera Software) G:\Program Files (x86)\Opera\48.0.2685.39\opera.exe
(Opera Software) G:\Program Files (x86)\Opera\48.0.2685.39\opera.exe
(Opera Software) G:\Program Files (x86)\Opera\48.0.2685.39\opera.exe
(Gretech Corp.) G:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
(Opera Software) G:\Program Files (x86)\Opera\48.0.2685.39\opera.exe
(Opera Software) G:\Program Files (x86)\Opera\48.0.2685.39\opera.exe
(Opera Software) G:\Program Files (x86)\Opera\48.0.2685.39\opera.exe
(Opera Software) G:\Program Files (x86)\Opera\48.0.2685.39\opera.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-4139358893-2112486851-1280740277-1000\...\Run: [Viber] => G:\Users\kuureee\AppData\Local\Viber\Viber.exe [30800464 2017-09-26] (Viber Media S.à r.l.)
HKU\S-1-5-18\...\Run: [] => [X]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{01A0C17A-2E49-4034-B5A0-A408A5FAEDE4}: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{80B82E65-B0D1-4E76-A07F-6259AD41CD27}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4139358893-2112486851-1280740277-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4139358893-2112486851-1280740277-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-4139358893-2112486851-1280740277-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> G:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-01-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> G:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-05] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> G:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> G:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> G:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-05] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> G:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> G:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-07] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> G:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> G:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> G:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-07] (Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - G:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-01-13] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - G:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-01-13] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - G:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-01-13] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - G:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-01-13] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: t0pwulg6.default
FF ProfilePath: G:\Users\kuureee\AppData\Roaming\Mozilla\Firefox\Profiles\t0pwulg6.default [2017-10-19]
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> G:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> G:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-05] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> G:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> G:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> G:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> G:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> G:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> G:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> G:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> G:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: G:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-01-12] (Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-10-19] <==== ATTENTION
CHR Extension: (Slides) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-14]
CHR Extension: (YouTube) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-14]
CHR Extension: (O-Machine) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fckifcbljakamahbeabldmbmngndajff [2017-03-07]
CHR Extension: (Sheets) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-15]
CHR Extension: (Chrome Web Store Payments) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-14]
CHR Extension: (Chrome Media Router) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-26]
CHR Profile: G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\Default [2017-10-14]
CHR Extension: (Google Docs) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-14]
CHR Extension: (Google Drive) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-14]
CHR Extension: (YouTube) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-14]
CHR Extension: (Google Search) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14]
CHR Extension: (Google Sheets) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-14]
CHR Extension: (Google Docs Offline) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Chrome Web Store Payments) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-14]

Opera:
=======
OPR Session Restore: -> is enabled.
OPR Extension: (Popup Blocker (strict)) - G:\Users\kuureee\AppData\Roaming\Opera Software\Opera Stable\Extensions\jabcemjkhjfpkhakphioakkhcnbgeomm [2017-10-19]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; G:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-03-08] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; G:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 MBAMService; G:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 WinDefend; G:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 GmSvc; G:\Program Files (x86)\LDSGameCenter\GmSvc.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; G:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 dtsoftbus01; G:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-11-26] (Disc Soft Ltd)
R3 MBAMSwissArmy; G:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-10-19] (Malwarebytes)
R1 SASDIFSV; G:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; G:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SmartDefragDriver; G:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S3 catchme; \??\G:\ComboFix\catchme.sys [X]
S3 NSNDIS5; \??\G:\Windows\system32\NSNDIS5.SYS [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-19 23:02 - 2017-10-19 23:02 - 000014275 _____ G:\Users\kuureee\Desktop\FRST.txt
2017-10-19 23:02 - 2017-10-19 23:02 - 000000000 ____D G:\FRST
2017-10-19 23:01 - 2017-10-19 23:01 - 002402816 _____ (Farbar) G:\Users\kuureee\Desktop\FRST64.exe
2017-10-17 21:30 - 2017-10-17 21:30 - 000000807 _____ G:\Users\kuureee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-10-17 06:45 - 2017-10-19 15:28 - 000252232 _____ (Malwarebytes) G:\Windows\system32\Drivers\mbamswissarmy.sys
2017-10-15 21:02 - 2017-10-15 21:02 - 001229643 _____ G:\Users\kuureee\Desktop\G.G Markes-Sto godina samoce UPL.pdf
2017-10-15 21:01 - 2017-10-15 21:01 - 000096836 _____ G:\Users\kuureee\Desktop\Sto godina samoce.pdf
2017-10-14 01:27 - 2017-10-14 01:27 - 000000000 ____D G:\Users\kuureee\Desktop\New folder (3)
2017-10-14 01:24 - 2017-03-09 13:53 - 000030744 _____ (IObit) G:\Windows\system32\Drivers\SmartDefragDriver.sys
2017-10-14 00:33 - 2017-10-14 15:22 - 000001921 _____ G:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-14 00:33 - 2017-10-14 00:33 - 000000000 ____D G:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-14 00:33 - 2017-10-14 00:33 - 000000000 ____D G:\Program Files\Malwarebytes
2017-10-14 00:33 - 2017-10-04 13:15 - 000077440 _____ G:\Windows\system32\Drivers\mbae64.sys
2017-10-14 00:32 - 2017-10-14 00:32 - 000000000 ____D G:\ProgramData\MB2Migration
2017-10-13 21:07 - 2017-10-13 21:07 - 019690168 _____ (Expansive Worlds ) G:\Users\kuureee\Desktop\theHunterLauncherSetup.exe
2017-10-13 21:07 - 2017-10-13 21:07 - 000001387 _____ G:\Users\Public\Desktop\theHunter.lnk
2017-10-13 21:07 - 2017-10-13 21:07 - 000000000 ____D G:\ProgramData\Microsoft\Windows\Start Menu\Programs\theHunter
2017-10-11 22:55 - 2017-10-11 22:55 - 000000000 ____D G:\Users\kuureee\Desktop\262644-the.deuce.s01e05.xvid-afg
2017-10-01 18:23 - 2017-10-01 18:23 - 000000000 ____D G:\Users\kuureee\AppData\Local\Viber

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-19 22:49 - 2015-11-05 00:58 - 000000000 ____D G:\Users\kuureee\AppData\Roaming\TS3Client
2017-10-19 21:48 - 2015-11-05 00:37 - 000000000 ____D G:\Users\kuureee\AppData\Roaming\uTorrent
2017-10-19 21:26 - 2015-11-05 00:14 - 000003850 _____ G:\Windows\System32\Tasks\Opera scheduled Autoupdate 1446675288
2017-10-19 21:26 - 2015-11-05 00:13 - 000000000 ____D G:\Program Files (x86)\Opera
2017-10-19 18:58 - 2016-12-01 12:49 - 000000000 ____D G:\Users\kuureee\Doctor Web
2017-10-19 18:58 - 2015-11-04 23:36 - 000000000 ____D G:\Users\kuureee
2017-10-19 17:14 - 2015-11-07 17:53 - 000000000 ____D G:\Users\kuureee\Documents\ViberDownloads
2017-10-19 16:27 - 2016-06-06 16:49 - 000000035 _____ G:\Users\kuureee\Desktop\id.txt
2017-10-19 16:19 - 2009-07-14 05:20 - 000000000 ____D G:\Windows\system32\NDF
2017-10-19 15:52 - 2015-11-05 01:00 - 000803328 _____ (Adobe Systems Incorporated) G:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-19 15:52 - 2015-11-05 01:00 - 000144896 _____ (Adobe Systems Incorporated) G:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-19 15:52 - 2015-11-05 01:00 - 000000000 ____D G:\Windows\SysWOW64\Macromed
2017-10-19 15:52 - 2015-11-05 01:00 - 000000000 ____D G:\Windows\system32\Macromed
2017-10-19 15:52 - 2015-11-05 00:59 - 000000000 ____D G:\Users\kuureee\AppData\Local\Adobe
2017-10-19 15:43 - 2009-07-14 06:45 - 000021072 ____H G:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-19 15:43 - 2009-07-14 06:45 - 000021072 ____H G:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-19 15:36 - 2015-11-05 00:02 - 000000000 ____D G:\Users\kuureee\AppData\Roaming\ViberPC
2017-10-19 15:27 - 2017-01-10 17:42 - 000000000 _____ G:\Windows\system32\Drivers\lvuvc.hs
2017-10-19 15:27 - 2009-07-14 07:08 - 000000006 ____H G:\Windows\Tasks\SA.DAT
2017-10-18 15:27 - 2016-12-08 00:30 - 000000000 ____D G:\ProgramData\ProductData
2017-10-15 18:20 - 2015-11-29 18:46 - 000000000 ____D G:\Users\kuureee\AppData\Roaming\foobar2000
2017-10-14 15:22 - 2015-11-05 00:38 - 000000876 _____ G:\Users\Public\Desktop\CCleaner.lnk
2017-10-14 10:07 - 2009-07-14 05:20 - 000000000 ____D G:\Windows\inf
2017-10-14 01:29 - 2017-02-24 13:33 - 000000000 ____D G:\Users\kuureee\Desktop\New folder
2017-10-14 01:24 - 2016-09-18 01:17 - 000001170 _____ G:\Users\Public\Desktop\Smart Defrag 5.lnk
2017-10-14 01:24 - 2016-09-18 01:17 - 000000000 ____D G:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-10-14 01:24 - 2015-11-13 21:30 - 000000000 ____D G:\ProgramData\IObit
2017-10-14 01:14 - 2017-01-12 00:05 - 000000000 ____D G:\Windows\Minidump
2017-10-14 01:14 - 2015-11-26 19:41 - 000000000 ____D G:\Users\kuureee\AppData\Roaming\DAEMON Tools Lite
2017-10-14 01:11 - 2017-03-20 13:37 - 000000000 ____D G:\Program Files (x86)\Football Manager 2016
2017-10-14 01:09 - 2015-11-05 01:43 - 000000000 ____D G:\MyGames
2017-10-14 01:08 - 2017-07-30 00:30 - 000000000 ____D G:\Users\kuureee\AppData\Local\Survarium
2017-10-14 01:08 - 2017-02-03 14:12 - 000000000 ____D G:\Users\kuureee\AppData\Local\Vivaldi
2017-10-14 01:08 - 2016-08-14 22:39 - 000000000 ____D G:\ProgramData\Microsoft\Windows\Start Menu\Programs\Survarium
2017-10-14 01:08 - 2016-08-14 22:29 - 000000000 ____D G:\Program Files (x86)\Survarium
2017-10-14 01:08 - 2016-06-25 15:50 - 000000000 ____D G:\Program Files (x86)\Southpark Stick of Truth
2017-10-14 01:05 - 2016-02-01 17:41 - 000000000 ____D G:\Program Files (x86)\American Truck Simulator
2017-10-14 01:03 - 2015-11-05 00:03 - 000000000 ____D G:\Users\kuureee\AppData\Roaming\Raptr
2017-10-14 00:33 - 2015-11-05 00:47 - 000000000 ____D G:\ProgramData\Malwarebytes
2017-10-13 21:37 - 2017-02-24 10:09 - 000000097 _____ G:\Users\kuureee\AppData\Roaming\LauncherSettings_live.cfg
2017-10-13 21:08 - 2017-02-24 10:01 - 000000000 ____D G:\Program Files (x86)\theHunter
2017-10-13 21:08 - 2017-01-06 12:48 - 000000000 ___HD G:\Windows\msdownld.tmp
2017-10-13 21:08 - 2015-11-05 11:37 - 000000000 ____D G:\Windows\SysWOW64\directx
2017-09-22 20:59 - 2015-11-04 23:54 - 000000000 ____D G:\Users\kuureee\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories =======

2016-08-20 09:16 - 2016-08-25 17:18 - 000001708 _____ () G:\Users\kuureee\AppData\Roaming\hidewin.cfg
2017-02-24 10:09 - 2017-10-13 21:37 - 000000097 _____ () G:\Users\kuureee\AppData\Roaming\LauncherSettings_live.cfg
2017-02-24 10:17 - 2017-02-24 16:44 - 000000042 _____ () G:\Users\kuureee\AppData\Roaming\TheHunterSettings_live.cfg
2017-02-20 21:03 - 2017-02-20 21:03 - 000000600 _____ () G:\Users\kuureee\AppData\Roaming\winscp.rnd
2016-07-21 20:50 - 2016-07-21 20:50 - 000007635 _____ () G:\Users\kuureee\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2017-10-14 01:10 - 2017-10-19 18:59 - 011584088 _____ (SurfRight B.V.) G:\Users\kuureee\AppData\Local\Temp\HitmanPro.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

G:\Windows\system32\winlogon.exe => File is digitally signed
G:\Windows\system32\wininit.exe => File is digitally signed
G:\Windows\SysWOW64\wininit.exe => File is digitally signed
G:\Windows\explorer.exe => File is digitally signed
G:\Windows\SysWOW64\explorer.exe => File is digitally signed
G:\Windows\system32\svchost.exe => File is digitally signed
G:\Windows\SysWOW64\svchost.exe => File is digitally signed
G:\Windows\system32\services.exe => File is digitally signed
G:\Windows\system32\User32.dll => File is digitally signed
G:\Windows\SysWOW64\User32.dll => File is digitally signed
G:\Windows\system32\userinit.exe => File is digitally signed
G:\Windows\SysWOW64\userinit.exe => File is digitally signed
G:\Windows\system32\rpcss.dll => File is digitally signed
G:\Windows\system32\dnsapi.dll => File is digitally signed
G:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
G:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-17 23:02

==================== End of FRST.txt ============================


mycity.rs/must-login.png

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Pozdrav,

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
CreateRestorePoint:
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
SearchScopes: HKLM -> DefaultScope value is missing
CHR Profile: G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-10-19] <==== ATTENTION
S2 GmSvc; G:\Program Files (x86)\LDSGameCenter\GmSvc.dll [X]
S3 catchme; \??\G:\ComboFix\catchme.sys [X]
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} =>  -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => G:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => G:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
2017-10-14 01:24 - 2015-11-13 21:30 - 000000000 ____D G:\ProgramData\IObit
Task: G:\Windows\Tasks\33900_84540-76079.job => rundll32.exe IG:\ProgramData\33900_84540-76079\33900_84540-76079.dll <==== ATTENTION
G:\ProgramData\33900_84540-76079


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 22 Feb 2011
  • Poruke: 33

Evo ga:
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-10-2017 01
Ran by kuureee (20-10-2017 19:43:30) Run:1
Running from G:\Users\kuureee\Desktop
Loaded Profiles: kuureee (Available Profiles: kuureee)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
SearchScopes: HKLM -> DefaultScope value is missing
CHR Profile: G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-10-19] <==== ATTENTION
S2 GmSvc; G:\Program Files (x86)\LDSGameCenter\GmSvc.dll [X]
S3 catchme; \??\G:\ComboFix\catchme.sys [X]
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => G:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => G:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
2017-10-14 01:24 - 2015-11-13 21:30 - 000000000 ____D G:\ProgramData\IObit
Task: G:\Windows\Tasks\33900_84540-76079.job => rundll32.exe IG:\ProgramData\33900_84540-76079\33900_84540-76079.dll <==== ATTENTION
G:\ProgramData\33900_84540-76079
*****************

Error: (0) Failed to create a restore point.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ => value not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
G:\Users\kuureee\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
HKLM\System\CurrentControlSet\Services\GmSvc => key removed successfully
GmSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\catchme => key removed successfully
catchme => service removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ContextMenuExt => key removed successfully
HKLM\Software\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => key removed successfully
HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => key removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => key removed successfully
HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => key not found.
G:\ProgramData\IObit => moved successfully
G:\Windows\Tasks\33900_84540-76079.job => moved successfully
G:\ProgramData\33900_84540-76079 => moved successfully

==== End of Fixlog 19:43:38 ====

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Potrebno je da spakuješ folder C:\FRST\Quarantine u arhivu i pošalješ nam ga.

Uđi u folder C:\FRST
Desnim tasterom miša klini na folder Quarantine i izaberi opciju Add to archive... kao na slici



Kao Archive format izaberi RAR5 ili RAR
Za Compression method odaberi Best
U polje Split to volumes, bytes unesi 5000000 (slovima: pet miliona)
Na desnoj strani označi opciju Create Solid Archive (pogledaj sliku dole)



Klikni na OK
Kada WinRAR završi sa kompresovanjem, dobijene fajlove uploaduj (jedan po jedan) na:
https://www.mycity.rs/ambulanta-upload.php

offline
  • Pridružio: 22 Feb 2011
  • Poruke: 33

Napisano: 20 Okt 2017 21:36

wtf 80 fajlova.Pocinjem polako.

Hvala !

Dopuna: 20 Okt 2017 22:53

Zavrsen upload

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Preuzmi Malwarebytes Anti-Malware sa ovog ili ovog ili ovog linka i instaliraj aplikaciju.
Pokreni mb3-setup-consumer-{verzija}.exe i isprati uputstva za instalaciju programa. Nakon instalacije, klikni na Finish

Prilikom prvog pokretanja, program će prikazati prozor "dobrodošlice". Slobodno zatvori taj prozor.
Napomena: Premium funkcije programa su već aktivirane i važe 13 dana od trenutka instalacije. Premium funkcije možeš isključiti preko Settings > My Account tab podešavanja.

• Podešavanja skenera - u Settings, klikni na Protection tab. Ispod Scan Options sekcije, uključi "Scan for rootkits" opciju.
• Pripremi podešavanja za Threat Scan - u Dashboard , klikni na Scan Now dugme. MBAM će ažurirati bazu i započeti skeniranje.

Kada se skeniranje završi, ako je infekcija detektovana, obrati pažnju da je sve označeno, pa klikni na Remove Selected. Restartuj računar ako program upita za restart.
• Dostavi log: Pod Reports izaberi trenutni datum izveštaja Scan Report i potom klikni na View Report.

Izvezi log na Desktop;
- Klikni na Export dugme na dnu, pa onda izaberi 'Text file (*.txt)'
# U Save File dijalogu koji se pojavi, klikni na Desktop. U File name: polje, upiši "mbam" (bez navodnika) i klikni na Save.
- Pojaviće se poruka "Your file has been successfully exported", klikni Ok i zatvori prozor.



• U odgovoru prikači mbam.txt log koristeći "Prikači fajl" opciju.


Zatim:

Preuzmi AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
U Tools odaberi Options.
U dijaloškom okviru koji se pojavi isključi Reset Winsock settings ako je uključen.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Ako ti javi da postoji novija verzija, postaraj se da je preuzmeš.

Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Pojavit će se poruka da računar treba restartovati. Klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

offline
  • Pridružio: 22 Feb 2011
  • Poruke: 33

Uradjeno......predpostavljam da nema moj problem nema veze sa tim sto nisam dugo radio uprade WIn.?

Hvala na trudu.....

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Tvoj problem nema veze s Updateima, ali preporučam da ih svakako pustiš da odrade. Obavezno nadogradi definicije Windows Defendera. Kakvo je sada stanje PC-a?

offline
  • Pridružio: 22 Feb 2011
  • Poruke: 33

Pa sinoc je u jednom trenutku proradilo sve normalno.Zatim je opet pocelo da zeza.Evo sada imam pristup gmail ,a google ne moze.

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Da li se ista stvar dešava u svim browserima (IE, Chrome)? Ako možeš, vidi da li se ista stvar dešava u Firefoxu.

Ko je trenutno na forumu
 

Ukupno su 822 korisnika na forumu :: 28 registrovanih, 5 sakrivenih i 789 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, Bane san, Boris BM, doktor1964, Dorcolac, DPera, HrcAk47, Ivan001, Kubovac, Leonov, Marko Marković, Mcdado, mercedesamg, milenko crazy north, milos.cbr, Misirac, Nemanja.M, Panter, pera bager, Rakenica, Srki94, stegonosa, tubular, Tvrtko I, vathra, vladaa012, Zoca, zxstole