Gdcb Ransomware problem

Gdcb Ransomware problem

offline
  • Pridružio: 28 Jan 2018
  • Poruke: 2

Danas kad sam upalio racunar cekala me je poruka u notepadu da su mi svi fajlovi zakljucani i da moram da preko brovsera thor da trazim kljuc da dekodiram svoje fajlove..i da ne pokusavam da ih otkljucavam preko drugih programa jer bih tkao mogao da ih izgubim zauvek..
Pretrazio sam na netu o cemu se radi i saznao da se radi o ucenjivackom virusu ciji vlasnici bukvalno traze otkup tipa 1200 dolara za kljuc,odnosno da se plati u kriptovaluti dash..
googlao sam i video da ima mnogo ljudi koji imaju slican problem..samo im se razlikuje ime virusa ili tip(nisam upucen)Nasao i sajt stop ransom koji ne radi...
Preduzeo sam sledece korake..
Isao sam preko safe mod command prompta i pokusao da vratim kompijuter u stanje pre nego sto je doslo do izmene...ali lista je bila prazna...vrv je virus izbrisao restore point-ove...pokusao sam nekoliko puta ali ista se prica ponavljala odnosno nije bilo na sta da uradim restore..
Kad sam odustao od toga skinuo sam malwerbytes i avg antivirus...
Sa njima sam skenirao racunari ocistio od virusa i problema koji su mi bili navedeni...
Ne znam da li da pokusam da fajlove otkljucam sam sa nekim programima koje sam nasao na netu...ali se plasim da cu napraviti jos veci problem,odnosno da cu ostetiti fajlove..
Ovde trazim misljenje i pomoc ljudi koji su mnogo iskusniji od mene u resavanju ovakvih problema.
Svaka pomoc je dobrodosla.

Ovo je poruka koja me je sacekala u notepadu

---= GANDCRAB =---

Attention!
All your files documents, photos, databases and other important files are encrypted and have the extension: .GDCB
The only method of recovering files is to purchase a private key. It is on our server and only we can recover your files.
The server with your key is in a closed network TOR. You can get there by the following ways:
1. Download Tor browser - torproject.org/
2. Install Tor browser
3. Open Tor Browser
4. Open link in tor browser: gdcbghvjyqy7jclk.onion/bf61011c6ade2474
5. Follow the instructions on this page


If Tor/Tor browser is locked in your country or you can not install it, open one of the following links in your regular browser:
1. gdcbghvjyqy7jclk.onion.top/bf61011c6ade2474
2. gdcbghvjyqy7jclk.onion.casa/bf61011c6ade2474
3. gdcbghvjyqy7jclk.onion.guide/bf61011c6ade2474
4. gdcbghvjyqy7jclk.onion.rip/bf61011c6ade2474
5. gdcbghvjyqy7jclk.onion.plus/bf61011c6ade2474

On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.

DANGEROUS!
Do not try to modify files or use your own private key - this will result in the loss of your data forever!

........................................................................................................................................

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Dell (29-01-2018 09:10:02)
Running from C:\Users\Dell\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-04-17 12:21:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3205120833-2368624280-882043405-500 - Administrator - Disabled)
Dell (S-1-5-21-3205120833-2368624280-882043405-1000 - Administrator - Enabled) => C:\Users\Dell
Guest (S-1-5-21-3205120833-2368624280-882043405-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3205120833-2368624280-882043405-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Antivirus (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3205120833-2368624280-882043405-1000\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Armored Warfare MyCom (HKU\S-1-5-21-3205120833-2368624280-882043405-1000\...\Armored Warfare MyCom) (Version: 1.106 - My.com B.V.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
AutoCAD 2012 - English (HKLM\...\{5783F2D7-A001-0409-0102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 Language Pack - English (HKLM\...\{5783F2D7-A001-0409-1102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0000-0102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0409-2102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (HKLM\...\{5783F2D7-D001-0409-1102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{62F029AB-85F2-0000-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}) (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (HKLM\...\{E552C39C-C70E-464F-9733-8311331BDD90}) (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\{31ABA3F2-0000-1033-0102-111D43815377}) (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap Language Pack-English (HKLM\...\{31ABA3F2-0010-1033-0102-111D43815377}) (Version: 1.0.43.13 - Autodesk) Hidden
AVG (HKLM\...\{136B57DF-DA9E-4361-A165-09AB4422BCD1}) (Version: 1.231.3 - AVG Technologies) Hidden
AVG Internet Security (HKLM-x32\...\AVG Antivirus) (Version: 17.9.3040 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{82B9AF2D-4254-428A-9D1E-7714BA91A4B0}) (Version: 16.76.2 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.76.3.18604 - AVG Technologies)
Cypress TrackPad (HKLM\...\{7F2F6CC5-434B-4311-9DE2-60C7CAF50B73}_is1) (Version: 2.5.3.59 - Cypress Semiconductor, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.112 - ALPS ELECTRIC CO., LTD.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.13 - Synaptics Incorporated)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.1.2 - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FMW 1 (HKLM\...\{36133E9F-B129-4206-9FB4-13F707787542}) (Version: 1.226.3 - AVG Technologies) Hidden
Free Audio Editor 2016 v9.3.3 (HKLM-x32\...\Free Audio Editor 2016_is1) (Version: - Copyright(C) 2005-2016 FAEMedia, Inc.)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.7 - Google Inc.) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.4 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Iomega Encryption (HKLM\...\{C5855017-5867-4FE3-9BEF-2E5AF57FEBF8}) (Version: 1.00.0003 - Iomega an EMC Company)
iSkysoft Video Converter Ultimate(Build 5.5.1.0) (HKLM-x32\...\iSkysoft Video Converter Ultimate_is1) (Version: 5.5.1.0 - iSkysoft Software)
KeepVid Pro(Build 7.0.1.3) (HKLM-x32\...\KeepVid Pro_is1) (Version: 7.0.1.3 - KeepVid Studio)
LiDAR360 1.0 (HKLM-x32\...\LiDAR360) (Version: 1.0 - Greenvalley International,Ltd.)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.0.0.0 - EditShare)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.667.1 - McAfee, Inc.)
Melodyne 4 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 4.01.0111 - Celemony Software GmbH)
Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0.4 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.4 (x64 en-US)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
mts mobilni internet (HKLM-x32\...\mts mobilni internet) (Version: 23.015.05.00.532 - Huawei Technologies Co.,Ltd)
My.com Game Center (HKU\S-1-5-21-3205120833-2368624280-882043405-1000\...\MyComGames) (Version: 3.172 - My.com B.V.)
Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software)
RemoteComms External Disk Access (HKLM-x32\...\{04FCD5DE-1662-4F99-BDA9-C57212113EF2}) (Version: 1.25.0003 - PLX Technology)
Samsung ML-1640 Series (HKLM-x32\...\Samsung ML-1640 Series) (Version: - Samsung Electronics CO.,LTD)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Viber (HKU\S-1-5-21-3205120833-2368624280-882043405-1000\...\Viber) (Version: 5.0.1.42 - Viber Media Inc)
ViewRight Web PC 3.7.1.0 (HKLM-x32\...\{3151E7AB-5983-4381-A8CB-4FFB00D2C0B5}) (Version: 3.7.1.0 - Verimatrix, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)
Wondershare Filmora(Build 8.3.2) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3205120833-2368624280-882043405-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3205120833-2368624280-882043405-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3205120833-2368624280-882043405-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3205120833-2368624280-882043405-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2013-02-08] (Autodesk)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-01-28] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-11-15] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [iSkysoftVideoConverterFileOpreation] -> {BB35DE05-89D6-4D8F-95DE-A27DF8156D91} => C:\Windows\SysWOW64\ISCM64.dll [2015-02-27] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2017-11-15] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-11-15] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-02-19] (Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-01-28] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0197C3B8-BD0E-4044-80F2-B871339200C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1E67194D-BD27-4AD3-9A4C-9A4E1548FDA9} - System32\Tasks\GoogleUpdateTaskMachineUA1d08110fb1ba686 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {24EA1A98-54F5-4264-BF13-57B0111E1AD6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {378A06FE-AFE0-4D5A-9CF8-7DC1C02966AB} - System32\Tasks\GoogleUpdateTaskMachineCore1d0ef7a16272692 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {48D22108-6327-45EA-AC7A-21475B3C131A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5111225F-4442-4BB6-9074-1A958B756BEF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {5D67C74C-193F-48F8-978B-92EAFF4B01E6} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f474df5124e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7C030FB4-34D4-4272-A3DD-DE0FF0A45D2C} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e91a177c626e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9D96890C-2D1C-43BF-8A57-B8605D165962} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-01-28] (AVG Technologies CZ, s.r.o.)
Task: {9EF34DD7-417C-4B4E-B2CC-938618AFF12D} - System32\Tasks\GoogleUpdateTaskMachineUA1d0ef7a16a1616c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A5DFBFD3-EDB3-487A-9C40-F61A38A67893} - System32\Tasks\Opera scheduled Autoupdate 1429434351 => C:\Program Files (x86)\Opera\launcher.exe [2018-01-22] (Opera Software)
Task: {A79DBB4B-86ED-4735-A12D-26C94414630D} - System32\Tasks\GoogleUpdateTaskMachineUA1d15b5bfd60fa0f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {AA8E8AE9-A54F-4E56-A144-5DFC2697F5B1} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e3222f9ab59b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B2C5DE7B-6A3B-4907-82E4-68D5CFA428F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {BA0F3ACF-5E95-4E9B-B7FB-8F8D4DE4305D} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-11-15] (AVG Technologies CZ, s.r.o.)
Task: {C122D12E-3037-4139-9CBF-1772942A1D68} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ab854e3f1e23 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C3E24362-1CAD-4927-BFEC-755EA347CAF6} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {E3EFF76E-87F3-4ECE-BF3D-4711349D307B} - System32\Tasks\GoogleUpdateTaskMachineCore1d08110fa9c3b79 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {ED6C35C5-1360-4269-96D1-DDBF2A5C7D27} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-01-28] (AVG Technologies CZ, s.r.o.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08110fa9c3b79.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e3222f9ab59b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08110fb1ba686.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08f474df5124e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0ef7a16a1616c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15b5bfd60fa0f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1ab854e3f1e23.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Dell\AppData\Roaming\Microsoft\Word\МИРА%20КАЛУЂЕРИЦА%20УГОВОР%20О%20ЗАМЕНИ306433220565846866\МИРА%20КАЛУЂЕРИЦА%20УГОВОР%20О%20ЗАМЕНИ.doc.lnk -> F:\МИРА КАЛУЂЕРИЦА УГОВОР О ЗАМЕНИ.doc (No File) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2016-08-21 09:29 - 2016-08-21 09:29 - 000594944 _____ () D:\avala zezanje\New folder\EqualizerAPO.dll
2015-11-22 21:05 - 2015-11-22 21:05 - 001530880 _____ () D:\avala zezanje\New folder\libsndfile-1.dll
2014-03-15 22:29 - 2014-03-15 22:29 - 002604934 _____ () D:\avala zezanje\New folder\libfftw3f-3.dll
2010-01-30 01:40 - 2010-01-30 01:40 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 20:38 - 2010-03-24 20:38 - 008794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-08-09 17:10 - 2015-02-27 13:38 - 000721263 _____ () C:\Windows\SysWOW64\ISCM64.dll
2015-04-17 13:33 - 2013-02-19 10:43 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-08-29 18:06 - 2009-08-15 05:38 - 000614400 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2015-08-29 18:06 - 2008-01-11 06:39 - 000327168 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2015-08-29 18:06 - 2008-01-11 05:19 - 000022016 _____ () C:\Windows\System32\ssp2ml6.dll
2015-06-07 08:44 - 2013-10-26 10:45 - 000651856 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\ouc.exe
2018-01-28 11:33 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-28 11:33 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-01-28 06:53 - 2018-01-28 06:53 - 000069040 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\module_lifetime.dll
2018-01-28 06:53 - 2018-01-28 06:53 - 000069104 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\dll_loader.dll
2018-01-28 06:53 - 2018-01-28 06:53 - 000237960 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\vaarclient.dll
2018-01-28 06:53 - 2018-01-28 06:53 - 000903944 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\ffl2.dll
2018-01-28 06:53 - 2018-01-28 06:53 - 000350688 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll
2018-01-04 20:10 - 2018-01-03 10:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-04 20:10 - 2018-01-03 10:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
2018-01-28 06:53 - 2018-01-28 06:53 - 000059136 _____ () C:\Program Files (x86)\AVG\Antivirus\module_lifetime.dll
2018-01-28 06:53 - 2018-01-28 06:53 - 000058624 _____ () C:\Program Files (x86)\AVG\Antivirus\dll_loader.dll
2018-01-28 06:53 - 2018-01-28 06:53 - 000207272 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2018-01-28 06:53 - 2018-01-28 06:53 - 000290392 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2018-01-28 06:53 - 2018-01-28 06:53 - 000197368 _____ () C:\Program Files (x86)\AVG\Antivirus\network_notifications.dll
2018-01-28 09:03 - 2018-01-28 09:03 - 005775088 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18012700\algo.dll
2018-01-28 06:53 - 2018-01-28 06:53 - 000746528 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2018-01-28 06:53 - 2018-01-28 06:53 - 000295064 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2018-01-28 20:50 - 2018-01-28 20:50 - 005775088 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18012800\algo.dll
2018-01-28 06:48 - 2018-01-28 06:48 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2010-01-30 01:41 - 2010-01-30 01:41 - 004254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 20:17 - 2010-03-24 20:17 - 008794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2018-01-28 06:53 - 2018-01-28 06:53 - 067109376 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2016-03-11 22:09 - 2017-11-13 16:47 - 000144896 _____ () C:\Users\Dell\AppData\Local\MyComGames\zlib1.dll
2018-01-23 22:38 - 2018-01-23 22:38 - 002170768 _____ () C:\Users\Dell\AppData\Local\MyComGames\SkiAcc.dll
2016-03-11 22:09 - 2017-11-13 16:47 - 000076176 _____ () C:\Users\Dell\AppData\Local\MyComGames\pxd.dll
2016-03-11 22:09 - 2018-01-23 22:38 - 000249232 _____ () C:\Users\Dell\AppData\Local\MyComGames\LightUpdate.dll
2016-03-11 22:09 - 2017-11-14 21:03 - 002495376 _____ () C:\Users\Dell\AppData\Local\MyComGames\BigUp2.dll
2017-12-26 00:29 - 2017-12-26 00:29 - 071645184 _____ () C:\Users\Dell\AppData\Local\MyComGames\Chrome\3.3239.1710\libcef.dll
2015-08-09 17:10 - 2014-10-31 15:40 - 001498112 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
2015-08-09 17:10 - 2014-05-19 16:19 - 000137728 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
2016-01-27 00:33 - 2014-09-11 18:09 - 001498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-01-27 00:33 - 2014-05-19 17:19 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-01-09 23:35 - 2016-10-08 17:03 - 001506304 _____ () C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2018-01-09 23:35 - 2016-07-21 10:54 - 000137728 _____ () C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2015-06-07 08:44 - 2013-08-31 06:44 - 002417152 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\QtCore4.dll
2015-06-07 08:44 - 2009-01-10 19:32 - 000011362 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\mingwm10.dll
2015-06-07 08:44 - 2009-06-23 03:42 - 000043008 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\libgcc_s_dw2-1.dll
2015-06-07 08:44 - 2013-08-31 06:46 - 001148416 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\QtNetwork4.dll
2017-11-27 22:03 - 2017-11-27 22:03 - 023970800 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2016-12-23 19:10 - 2016-12-23 19:10 - 000323152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2017-07-31 23:31 - 2017-07-31 23:31 - 072940016 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3205120833-2368624280-882043405-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-01-20 19:31 - 000000895 _____ C:\Windows\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3205120833-2368624280-882043405-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{66EF4446-ED79-4BA1-9DAB-E231ED32853D}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{47FA257E-77B8-4494-9244-BF9359CF9CB8}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{882957C9-93D6-4113-9A4D-8F952A6BC805}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CCBB589D-7B03-4566-BDFF-0F2CB3D0A6C9}] => (Allow) C:\Users\Dell\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [{F8AED9B8-0D94-4CC4-88C4-EF329AE58A7A}] => (Allow) C:\Users\Dell\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [{0763F5BE-E0BE-4081-96B0-1199B995EA42}] => (Allow) LPort=50248
FirewallRules: [{411FB720-37B7-4EBB-B651-CC5BFDC01AA4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68BB92E8-F86B-4E38-9A9E-A2A02D651F69}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{58218246-A797-4D32-AB77-3A964B104815}] => (Allow) D:\bager\Lightworks\lightworks.exe
FirewallRules: [{2ADE95BD-05DB-4EAC-B0AA-B94B354485ED}] => (Allow) D:\bager\Lightworks\lightworks.exe
FirewallRules: [{D3D1464D-3583-485E-9646-7719F5AFD3EC}] => (Allow) D:\bager\Lightworks\ntcardvt.exe
FirewallRules: [{A403B729-E5DB-4D3D-BDB3-B35A126800D9}] => (Allow) D:\bager\Lightworks\ntcardvt.exe
FirewallRules: [TCP Query User{398230F7-288C-457C-B8D4-9BE40D0CF995}C:\users\dell\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\dell\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{0372202B-B39F-4349-858D-C4F888AC7F39}C:\users\dell\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\dell\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{E1BF88FD-16B2-4421-B9C8-A988E51542FC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F391FD1C-6277-4A1F-8344-6A104D8FD54F}] => (Allow) C:\Program Files (x86)\Opera\50.0.2762.58\opera.exe
FirewallRules: [{1579D176-4C3A-4847-81C4-716D3EC3BF62}] => (Allow) D:\Games\Counter-Strike WaRzOnE\hl.exe
FirewallRules: [{BEB4B845-F827-4B8A-BC4D-BC9E32E60D48}] => (Allow) D:\Games\Counter-Strike WaRzOnE\hl.exe
FirewallRules: [TCP Query User{4B2141E0-89CC-421F-8061-0D13E89F1257}D:\games\counter-strike warzone\hl.exe] => (Allow) D:\games\counter-strike warzone\hl.exe
FirewallRules: [UDP Query User{6030BD4F-C616-4459-9C61-B0AE7819B4DA}D:\games\counter-strike warzone\hl.exe] => (Allow) D:\games\counter-strike warzone\hl.exe
FirewallRules: [{7C844D59-CD81-4480-8F1B-AD671A894555}] => (Allow) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe

==================== Restore Points =========================

28-01-2018 06:54:13 Device Driver Package Install: AVG Technologies Network Service
28-01-2018 08:32:10 Device Driver Package Install: AVG Technologies Network Service

==================== Faulty Device Manager Devices =============

Name: Dell Wireless 5540 HSPA Mini-Card Network Adapter
Description: Dell Wireless 5540 HSPA Mini-Card Network Adapter
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dell Wireless 5540 HSPA Mini-Card USIM Port
Description: Dell Wireless 5540 HSPA Mini-Card USIM Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dell Wireless 5540 HSPA Mini-Card GPS Port
Description: Dell Wireless 5540 HSPA Mini-Card GPS Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Serial Port
Description: PCI Serial Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dell Wireless 5540 HSPA Mini-Card Data Modem
Description: Dell Wireless 5540 HSPA Mini-Card Data Modem
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dell Wireless 5540 HSPA Mini-Card Modem
Description: Dell Wireless 5540 HSPA Mini-Card Modem
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dell Wireless 5540 HSPA Mini-Card Device Management
Description: Dell Wireless 5540 HSPA Mini-Card Device Management
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/29/2018 09:10:37 AM) (Source: Cypress Trackpad) (EventID: 1) (User: )
Description: Event-ID 1

Error: (01/29/2018 09:10:37 AM) (Source: Cypress Trackpad) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/29/2018 09:10:32 AM) (Source: Cypress Trackpad) (EventID: 1) (User: )
Description: Event-ID 1

Error: (01/29/2018 09:10:32 AM) (Source: Cypress Trackpad) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/29/2018 09:10:27 AM) (Source: Cypress Trackpad) (EventID: 1) (User: )
Description: Event-ID 1

Error: (01/29/2018 09:10:27 AM) (Source: Cypress Trackpad) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/29/2018 09:10:22 AM) (Source: Cypress Trackpad) (EventID: 1) (User: )
Description: Event-ID 1

Error: (01/29/2018 09:10:22 AM) (Source: Cypress Trackpad) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/29/2018 09:10:17 AM) (Source: Cypress Trackpad) (EventID: 1) (User: )
Description: Event-ID 1

Error: (01/29/2018 09:10:17 AM) (Source: Cypress Trackpad) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (01/28/2018 09:17:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TuneUp.UtilitiesSvc service.

Error: (01/28/2018 12:46:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HWDeviceService64.exe service terminated unexpectedly. It has done this 1 time(s).

Error: (01/28/2018 12:45:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mts mobilni internet. OUC service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/28/2018 12:45:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the mts mobilni internet. OUC service to connect.

Error: (01/28/2018 11:57:22 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The avgbIDSAgent service terminated with service-specific error %%-536753635.

Error: (01/28/2018 11:57:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HWDeviceService64.exe service terminated unexpectedly. It has done this 1 time(s).

Error: (01/28/2018 11:57:00 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: Unable to bind to the underlying transport for [::]:50248. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.

Error: (01/28/2018 11:56:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mts mobilni internet. OUC service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/28/2018 11:56:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the mts mobilni internet. OUC service to connect.

Error: (01/28/2018 11:56:07 AM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialization failed because the transport refused to open initial addresses.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 73%
Total physical RAM: 3893.85 MB
Available physical RAM: 1049.5 MB
Total Virtual: 7785.9 MB
Available Virtual: 4070.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:46.44 GB) NTFS
Drive d: () (Fixed) (Total:197.99 GB) (Free:98.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: F35FC8DB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=198 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Unapred hvala na pomoci.

Milan
mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10459
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

S obzirom da je svjež ransomware u pitanju, ne postoji još dekritor za fajlove. Možeš s vremena na vrijeme da provjeriš dostupnost alata za dekriptciju na ovim sajtovima:
https://id-ransomware.malwarehunterteam.com/
https://www.nomoreransom.org/crypto-sheriff.php?lang=en

Nažalost, nema drugog načina da ti pomognemo.

offline
  • Pridružio: 28 Jan 2018
  • Poruke: 2

Hvala na ovim sajtovima..
Proveravacu s vremena na vreme

offline
  • Pridružio: 07 Feb 2018
  • Poruke: 1

Ovu stranicu imam nekoliko mjeseci. Ne znam gdje sam je tačno skinuo ali ti evo url pa probaj. Valjda nešto upali od ovoga.

nomoreransom.org/en/decryption-tools.html

Ko je trenutno na forumu
 

Ukupno su 243 korisnika na forumu :: 10 registrovanih, 1 sakriven i 232 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 2967 - dana 31 Okt 2019 06:37

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _commandos_, amstel2, Bane san, cikadeda, darkstar101, dragoljub11987, Ivan Gajic2, sasa.zoric, sekretar2, SsssssNOVI