MyCity » Ambulanta -> Arhiva Ambulante » Gdcb Ransomware problem

Gdcb Ransomware problem

Napisano na dan: 29.1.2018

Gdcb Ransomware problem

Odgovori

cobry777 Poslao: 29 Jan 2018 09:29 Idi na vrh
offline cobry777 Novi MyCity građanin Pridružio: 28 Jan 2018 Poruke: 2	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Danas kad sam upalio racunar cekala me je poruka u notepadu da su mi svi fajlovi zakljucani i da moram da preko brovsera thor da trazim kljuc da dekodiram svoje fajlove..i da ne pokusavam da ih otkljucavam preko drugih programa jer bih tkao mogao da ih izgubim zauvek.. Pretrazio sam na netu o cemu se radi i saznao da se radi o ucenjivackom virusu ciji vlasnici bukvalno traze otkup tipa 1200 dolara za kljuc,odnosno da se plati u kriptovaluti dash.. googlao sam i video da ima mnogo ljudi koji imaju slican problem..samo im se razlikuje ime virusa ili tip(nisam upucen)Nasao i sajt stop ransom koji ne radi... Preduzeo sam sledece korake.. Isao sam preko safe mod command prompta i pokusao da vratim kompijuter u stanje pre nego sto je doslo do izmene...ali lista je bila prazna...vrv je virus izbrisao restore point-ove...pokusao sam nekoliko puta ali ista se prica ponavljala odnosno nije bilo na sta da uradim restore.. Kad sam odustao od toga skinuo sam malwerbytes i avg antivirus... Sa njima sam skenirao racunari ocistio od virusa i problema koji su mi bili navedeni... Ne znam da li da pokusam da fajlove otkljucam sam sa nekim programima koje sam nasao na netu...ali se plasim da cu napraviti jos veci problem,odnosno da cu ostetiti fajlove.. Ovde trazim misljenje i pomoc ljudi koji su mnogo iskusniji od mene u resavanju ovakvih problema. Svaka pomoc je dobrodosla. Ovo je poruka koja me je sacekala u notepadu ---= GANDCRAB =--- Attention! All your files documents, photos, databases and other important files are encrypted and have the extension: .GDCB The only method of recovering files is to purchase a private key. It is on our server and only we can recover your files. The server with your key is in a closed network TOR. You can get there by the following ways: 1. Download Tor browser - torproject.org/ 2. Install Tor browser 3. Open Tor Browser 4. Open link in tor browser: gdcbghvjyqy7jclk.onion/bf61011c6ade2474 5. Follow the instructions on this page If Tor/Tor browser is locked in your country or you can not install it, open one of the following links in your regular browser: 1. gdcbghvjyqy7jclk.onion.top/bf61011c6ade2474 2. gdcbghvjyqy7jclk.onion.casa/bf61011c6ade2474 3. gdcbghvjyqy7jclk.onion.guide/bf61011c6ade2474 4. gdcbghvjyqy7jclk.onion.rip/bf61011c6ade2474 5. gdcbghvjyqy7jclk.onion.plus/bf61011c6ade2474 On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free. DANGEROUS! Do not try to modify files or use your own private key - this will result in the loss of your data forever! ........................................................................................................................................ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018 Ran by Dell (29-01-2018 09:10:02) Running from C:\Users\Dell\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2015-04-17 12:21:17) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3205120833-2368624280-882043405-500 - Administrator - Disabled) Dell (S-1-5-21-3205120833-2368624280-882043405-1000 - Administrator - Enabled) => C:\Users\Dell Guest (S-1-5-21-3205120833-2368624280-882043405-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3205120833-2368624280-882043405-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} FW: AVG Antivirus (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3205120833-2368624280-882043405-1000\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated) Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated) Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft) Armored Warfare MyCom (HKU\S-1-5-21-3205120833-2368624280-882043405-1000\...\Armored Warfare MyCom) (Version: 1.106 - My.com B.V.) Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team) AutoCAD 2012 - English (HKLM\...\{5783F2D7-A001-0409-0102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden AutoCAD 2012 Language Pack - English (HKLM\...\{5783F2D7-A001-0409-1102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0000-0102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0409-2102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD 2014 Language Pack - English (HKLM\...\{5783F2D7-D001-0409-1102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk) Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk) Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk) Autodesk Content Service (HKLM-x32\...\{62F029AB-85F2-0000-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk) Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk) Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}) (Version: 0.0.1.138 - Autodesk) Hidden Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (HKLM\...\{E552C39C-C70E-464F-9733-8311331BDD90}) (Version: 0.0.1.138 - Autodesk) Hidden Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk) Autodesk ReCap (HKLM\...\{31ABA3F2-0000-1033-0102-111D43815377}) (Version: 1.0.43.13 - Autodesk) Hidden Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk) Autodesk ReCap Language Pack-English (HKLM\...\{31ABA3F2-0010-1033-0102-111D43815377}) (Version: 1.0.43.13 - Autodesk) Hidden AVG (HKLM\...\{136B57DF-DA9E-4361-A165-09AB4422BCD1}) (Version: 1.231.3 - AVG Technologies) Hidden AVG Internet Security (HKLM-x32\...\AVG Antivirus) (Version: 17.9.3040 - AVG Technologies) AVG PC TuneUp (HKLM-x32\...\{82B9AF2D-4254-428A-9D1E-7714BA91A4B0}) (Version: 16.76.2 - AVG Technologies) Hidden AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.76.3.18604 - AVG Technologies) Cypress TrackPad (HKLM\...\{7F2F6CC5-434B-4311-9DE2-60C7CAF50B73}_is1) (Version: 2.5.3.59 - Cypress Semiconductor, Inc.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.112 - ALPS ELECTRIC CO., LTD.) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.13 - Synaptics Incorporated) Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.1.2 - ) FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production) FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production) FMW 1 (HKLM\...\{36133E9F-B129-4206-9FB4-13F707787542}) (Version: 1.226.3 - AVG Technologies) Hidden Free Audio Editor 2016 v9.3.3 (HKLM-x32\...\Free Audio Editor 2016_is1) (Version: - Copyright(C) 2005-2016 FAEMedia, Inc.) GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google) Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.7 - Google Inc.) Hidden Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.4 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation) Iomega Encryption (HKLM\...\{C5855017-5867-4FE3-9BEF-2E5AF57FEBF8}) (Version: 1.00.0003 - Iomega an EMC Company) iSkysoft Video Converter Ultimate(Build 5.5.1.0) (HKLM-x32\...\iSkysoft Video Converter Ultimate_is1) (Version: 5.5.1.0 - iSkysoft Software) KeepVid Pro(Build 7.0.1.3) (HKLM-x32\...\KeepVid Pro_is1) (Version: 7.0.1.3 - KeepVid Studio) LiDAR360 1.0 (HKLM-x32\...\LiDAR360) (Version: 1.0 - Greenvalley International,Ltd.) Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.0.0.0 - EditShare) Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.667.1 - McAfee, Inc.) Melodyne 4 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 4.01.0111 - Celemony Software GmbH) Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 57.0.4 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.4 (x64 en-US)) (Version: 57.0.4 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla) mts mobilni internet (HKLM-x32\...\mts mobilni internet) (Version: 23.015.05.00.532 - Huawei Technologies Co.,Ltd) My.com Game Center (HKU\S-1-5-21-3205120833-2368624280-882043405-1000\...\MyComGames) (Version: 3.172 - My.com B.V.) Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software) RemoteComms External Disk Access (HKLM-x32\...\{04FCD5DE-1662-4F99-BDA9-C57212113EF2}) (Version: 1.25.0003 - PLX Technology) Samsung ML-1640 Series (HKLM-x32\...\Samsung ML-1640 Series) (Version: - Samsung Electronics CO.,LTD) SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk) Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.) Viber (HKU\S-1-5-21-3205120833-2368624280-882043405-1000\...\Viber) (Version: 5.0.1.42 - Viber Media Inc) ViewRight Web PC 3.7.1.0 (HKLM-x32\...\{3151E7AB-5983-4381-A8CB-4FFB00D2C0B5}) (Version: 3.7.1.0 - Verimatrix, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com) Wondershare Filmora(Build 8.3.2) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3205120833-2368624280-882043405-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3205120833-2368624280-882043405-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3205120833-2368624280-882043405-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3205120833-2368624280-882043405-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2013-02-08] (Autodesk) ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-01-28] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-11-15] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [iSkysoftVideoConverterFileOpreation] -> {BB35DE05-89D6-4D8F-95DE-A27DF8156D91} => C:\Windows\SysWOW64\ISCM64.dll [2015-02-27] () ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2017-11-15] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-11-15] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-02-19] (Intel Corporation) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-01-28] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0197C3B8-BD0E-4044-80F2-B871339200C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {1E67194D-BD27-4AD3-9A4C-9A4E1548FDA9} - System32\Tasks\GoogleUpdateTaskMachineUA1d08110fb1ba686 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {24EA1A98-54F5-4264-BF13-57B0111E1AD6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {378A06FE-AFE0-4D5A-9CF8-7DC1C02966AB} - System32\Tasks\GoogleUpdateTaskMachineCore1d0ef7a16272692 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {48D22108-6327-45EA-AC7A-21475B3C131A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {5111225F-4442-4BB6-9074-1A958B756BEF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-10] (Adobe Systems Incorporated) Task: {5D67C74C-193F-48F8-978B-92EAFF4B01E6} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f474df5124e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {7C030FB4-34D4-4272-A3DD-DE0FF0A45D2C} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e91a177c626e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {9D96890C-2D1C-43BF-8A57-B8605D165962} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-01-28] (AVG Technologies CZ, s.r.o.) Task: {9EF34DD7-417C-4B4E-B2CC-938618AFF12D} - System32\Tasks\GoogleUpdateTaskMachineUA1d0ef7a16a1616c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {A5DFBFD3-EDB3-487A-9C40-F61A38A67893} - System32\Tasks\Opera scheduled Autoupdate 1429434351 => C:\Program Files (x86)\Opera\launcher.exe [2018-01-22] (Opera Software) Task: {A79DBB4B-86ED-4735-A12D-26C94414630D} - System32\Tasks\GoogleUpdateTaskMachineUA1d15b5bfd60fa0f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {AA8E8AE9-A54F-4E56-A144-5DFC2697F5B1} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e3222f9ab59b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {B2C5DE7B-6A3B-4907-82E4-68D5CFA428F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10] (Adobe Systems Incorporated) Task: {BA0F3ACF-5E95-4E9B-B7FB-8F8D4DE4305D} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-11-15] (AVG Technologies CZ, s.r.o.) Task: {C122D12E-3037-4139-9CBF-1772942A1D68} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ab854e3f1e23 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {C3E24362-1CAD-4927-BFEC-755EA347CAF6} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {E3EFF76E-87F3-4ECE-BF3D-4711349D307B} - System32\Tasks\GoogleUpdateTaskMachineCore1d08110fa9c3b79 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {ED6C35C5-1360-4269-96D1-DDBF2A5C7D27} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-01-28] (AVG Technologies CZ, s.r.o.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08110fa9c3b79.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e3222f9ab59b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08110fb1ba686.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08f474df5124e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0ef7a16a1616c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15b5bfd60fa0f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1ab854e3f1e23.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Dell\AppData\Roaming\Microsoft\Word\МИРА%20КАЛУЂЕРИЦА%20УГОВОР%20О%20ЗАМЕНИ306433220565846866\МИРА%20КАЛУЂЕРИЦА%20УГОВОР%20О%20ЗАМЕНИ.doc.lnk -> F:\МИРА КАЛУЂЕРИЦА УГОВОР О ЗАМЕНИ.doc (No File) <==== Cyrillic ==================== Loaded Modules (Whitelisted) ============== 2016-08-21 09:29 - 2016-08-21 09:29 - 000594944 _____ () D:\avala zezanje\New folder\EqualizerAPO.dll 2015-11-22 21:05 - 2015-11-22 21:05 - 001530880 _____ () D:\avala zezanje\New folder\libsndfile-1.dll 2014-03-15 22:29 - 2014-03-15 22:29 - 002604934 _____ () D:\avala zezanje\New folder\libfftw3f-3.dll 2010-01-30 01:40 - 2010-01-30 01:40 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-03-24 20:38 - 2010-03-24 20:38 - 008794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2015-08-09 17:10 - 2015-02-27 13:38 - 000721263 _____ () C:\Windows\SysWOW64\ISCM64.dll 2015-04-17 13:33 - 2013-02-19 10:43 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-08-29 18:06 - 2009-08-15 05:38 - 000614400 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe 2015-08-29 18:06 - 2008-01-11 06:39 - 000327168 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe 2015-08-29 18:06 - 2008-01-11 05:19 - 000022016 _____ () C:\Windows\System32\ssp2ml6.dll 2015-06-07 08:44 - 2013-10-26 10:45 - 000651856 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\ouc.exe 2018-01-28 11:33 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-01-28 11:33 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-01-28 06:53 - 2018-01-28 06:53 - 000069040 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\module_lifetime.dll 2018-01-28 06:53 - 2018-01-28 06:53 - 000069104 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\dll_loader.dll 2018-01-28 06:53 - 2018-01-28 06:53 - 000237960 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\vaarclient.dll 2018-01-28 06:53 - 2018-01-28 06:53 - 000903944 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\ffl2.dll 2018-01-28 06:53 - 2018-01-28 06:53 - 000350688 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll 2018-01-04 20:10 - 2018-01-03 10:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll 2018-01-04 20:10 - 2018-01-03 10:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll 2018-01-28 06:53 - 2018-01-28 06:53 - 000059136 _____ () C:\Program Files (x86)\AVG\Antivirus\module_lifetime.dll 2018-01-28 06:53 - 2018-01-28 06:53 - 000058624 _____ () C:\Program Files (x86)\AVG\Antivirus\dll_loader.dll 2018-01-28 06:53 - 2018-01-28 06:53 - 000207272 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll 2018-01-28 06:53 - 2018-01-28 06:53 - 000290392 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll 2018-01-28 06:53 - 2018-01-28 06:53 - 000197368 _____ () C:\Program Files (x86)\AVG\Antivirus\network_notifications.dll 2018-01-28 09:03 - 2018-01-28 09:03 - 005775088 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18012700\algo.dll 2018-01-28 06:53 - 2018-01-28 06:53 - 000746528 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll 2018-01-28 06:53 - 2018-01-28 06:53 - 000295064 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll 2018-01-28 20:50 - 2018-01-28 20:50 - 005775088 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18012800\algo.dll 2018-01-28 06:48 - 2018-01-28 06:48 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll 2010-01-30 01:41 - 2010-01-30 01:41 - 004254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-03-24 20:17 - 2010-03-24 20:17 - 008794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2018-01-28 06:53 - 2018-01-28 06:53 - 067109376 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll 2016-03-11 22:09 - 2017-11-13 16:47 - 000144896 _____ () C:\Users\Dell\AppData\Local\MyComGames\zlib1.dll 2018-01-23 22:38 - 2018-01-23 22:38 - 002170768 _____ () C:\Users\Dell\AppData\Local\MyComGames\SkiAcc.dll 2016-03-11 22:09 - 2017-11-13 16:47 - 000076176 _____ () C:\Users\Dell\AppData\Local\MyComGames\pxd.dll 2016-03-11 22:09 - 2018-01-23 22:38 - 000249232 _____ () C:\Users\Dell\AppData\Local\MyComGames\LightUpdate.dll 2016-03-11 22:09 - 2017-11-14 21:03 - 002495376 _____ () C:\Users\Dell\AppData\Local\MyComGames\BigUp2.dll 2017-12-26 00:29 - 2017-12-26 00:29 - 071645184 _____ () C:\Users\Dell\AppData\Local\MyComGames\Chrome\3.3239.1710\libcef.dll 2015-08-09 17:10 - 2014-10-31 15:40 - 001498112 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll 2015-08-09 17:10 - 2014-05-19 16:19 - 000137728 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll 2016-01-27 00:33 - 2014-09-11 18:09 - 001498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2016-01-27 00:33 - 2014-05-19 17:19 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2018-01-09 23:35 - 2016-10-08 17:03 - 001506304 _____ () C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll 2018-01-09 23:35 - 2016-07-21 10:54 - 000137728 _____ () C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll 2015-06-07 08:44 - 2013-08-31 06:44 - 002417152 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\QtCore4.dll 2015-06-07 08:44 - 2009-01-10 19:32 - 000011362 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\mingwm10.dll 2015-06-07 08:44 - 2009-06-23 03:42 - 000043008 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\libgcc_s_dw2-1.dll 2015-06-07 08:44 - 2013-08-31 06:46 - 001148416 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\QtNetwork4.dll 2017-11-27 22:03 - 2017-11-27 22:03 - 023970800 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll 2016-12-23 19:10 - 2016-12-23 19:10 - 000323152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll 2017-07-31 23:31 - 2017-07-31 23:31 - 072940016 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-3205120833-2368624280-882043405-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2018-01-20 19:31 - 000000895 _____ C:\Windows\system32\Drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3205120833-2368624280-882043405-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{66EF4446-ED79-4BA1-9DAB-E231ED32853D}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{47FA257E-77B8-4494-9244-BF9359CF9CB8}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{882957C9-93D6-4113-9A4D-8F952A6BC805}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{CCBB589D-7B03-4566-BDFF-0F2CB3D0A6C9}] => (Allow) C:\Users\Dell\AppData\Local\MyComGames\MyComGames.exe FirewallRules: [{F8AED9B8-0D94-4CC4-88C4-EF329AE58A7A}] => (Allow) C:\Users\Dell\AppData\Local\MyComGames\MyComGames.exe FirewallRules: [{0763F5BE-E0BE-4081-96B0-1199B995EA42}] => (Allow) LPort=50248 FirewallRules: [{411FB720-37B7-4EBB-B651-CC5BFDC01AA4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{68BB92E8-F86B-4E38-9A9E-A2A02D651F69}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{58218246-A797-4D32-AB77-3A964B104815}] => (Allow) D:\bager\Lightworks\lightworks.exe FirewallRules: [{2ADE95BD-05DB-4EAC-B0AA-B94B354485ED}] => (Allow) D:\bager\Lightworks\lightworks.exe FirewallRules: [{D3D1464D-3583-485E-9646-7719F5AFD3EC}] => (Allow) D:\bager\Lightworks\ntcardvt.exe FirewallRules: [{A403B729-E5DB-4D3D-BDB3-B35A126800D9}] => (Allow) D:\bager\Lightworks\ntcardvt.exe FirewallRules: [TCP Query User{398230F7-288C-457C-B8D4-9BE40D0CF995}C:\users\dell\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\dell\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{0372202B-B39F-4349-858D-C4F888AC7F39}C:\users\dell\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\dell\appdata\local\mycomgames\mycomgames.exe FirewallRules: [{E1BF88FD-16B2-4421-B9C8-A988E51542FC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{F391FD1C-6277-4A1F-8344-6A104D8FD54F}] => (Allow) C:\Program Files (x86)\Opera\50.0.2762.58\opera.exe FirewallRules: [{1579D176-4C3A-4847-81C4-716D3EC3BF62}] => (Allow) D:\Games\Counter-Strike WaRzOnE\hl.exe FirewallRules: [{BEB4B845-F827-4B8A-BC4D-BC9E32E60D48}] => (Allow) D:\Games\Counter-Strike WaRzOnE\hl.exe FirewallRules: [TCP Query User{4B2141E0-89CC-421F-8061-0D13E89F1257}D:\games\counter-strike warzone\hl.exe] => (Allow) D:\games\counter-strike warzone\hl.exe FirewallRules: [UDP Query User{6030BD4F-C616-4459-9C61-B0AE7819B4DA}D:\games\counter-strike warzone\hl.exe] => (Allow) D:\games\counter-strike warzone\hl.exe FirewallRules: [{7C844D59-CD81-4480-8F1B-AD671A894555}] => (Allow) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe ==================== Restore Points ========================= 28-01-2018 06:54:13 Device Driver Package Install: AVG Technologies Network Service 28-01-2018 08:32:10 Device Driver Package Install: AVG Technologies Network Service ==================== Faulty Device Manager Devices ============= Name: Dell Wireless 5540 HSPA Mini-Card Network Adapter Description: Dell Wireless 5540 HSPA Mini-Card Network Adapter Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Dell Wireless 5540 HSPA Mini-Card USIM Port Description: Dell Wireless 5540 HSPA Mini-Card USIM Port Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Dell Wireless 5540 HSPA Mini-Card GPS Port Description: Dell Wireless 5540 HSPA Mini-Card GPS Port Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI Serial Port Description: PCI Serial Port Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Dell Wireless 5540 HSPA Mini-Card Data Modem Description: Dell Wireless 5540 HSPA Mini-Card Data Modem Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Dell Wireless 5540 HSPA Mini-Card Modem Description: Dell Wireless 5540 HSPA Mini-Card Modem Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Dell Wireless 5540 HSPA Mini-Card Device Management Description: Dell Wireless 5540 HSPA Mini-Card Device Management Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/29/2018 09:10:37 AM) (Source: Cypress Trackpad) (EventID: 1) (User: ) Description: Event-ID 1 Error: (01/29/2018 09:10:37 AM) (Source: Cypress Trackpad) (EventID: 0) (User: ) Description: Event-ID 0 Error: (01/29/2018 09:10:32 AM) (Source: Cypress Trackpad) (EventID: 1) (User: ) Description: Event-ID 1 Error: (01/29/2018 09:10:32 AM) (Source: Cypress Trackpad) (EventID: 0) (User: ) Description: Event-ID 0 Error: (01/29/2018 09:10:27 AM) (Source: Cypress Trackpad) (EventID: 1) (User: ) Description: Event-ID 1 Error: (01/29/2018 09:10:27 AM) (Source: Cypress Trackpad) (EventID: 0) (User: ) Description: Event-ID 0 Error: (01/29/2018 09:10:22 AM) (Source: Cypress Trackpad) (EventID: 1) (User: ) Description: Event-ID 1 Error: (01/29/2018 09:10:22 AM) (Source: Cypress Trackpad) (EventID: 0) (User: ) Description: Event-ID 0 Error: (01/29/2018 09:10:17 AM) (Source: Cypress Trackpad) (EventID: 1) (User: ) Description: Event-ID 1 Error: (01/29/2018 09:10:17 AM) (Source: Cypress Trackpad) (EventID: 0) (User: ) Description: Event-ID 0 System errors: ============= Error: (01/28/2018 09:17:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TuneUp.UtilitiesSvc service. Error: (01/28/2018 12:46:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The HWDeviceService64.exe service terminated unexpectedly. It has done this 1 time(s). Error: (01/28/2018 12:45:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The mts mobilni internet. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (01/28/2018 12:45:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the mts mobilni internet. OUC service to connect. Error: (01/28/2018 11:57:22 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The avgbIDSAgent service terminated with service-specific error %%-536753635. Error: (01/28/2018 11:57:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The HWDeviceService64.exe service terminated unexpectedly. It has done this 1 time(s). Error: (01/28/2018 11:57:00 AM) (Source: HTTP) (EventID: 15005) (User: ) Description: Unable to bind to the underlying transport for [::]:50248. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number. Error: (01/28/2018 11:56:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The mts mobilni internet. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (01/28/2018 11:56:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the mts mobilni internet. OUC service to connect. Error: (01/28/2018 11:56:07 AM) (Source: NetBT) (EventID: 4307) (User: ) Description: Initialization failed because the transport refused to open initial addresses. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz Percentage of memory in use: 73% Total physical RAM: 3893.85 MB Available physical RAM: 1049.5 MB Total Virtual: 7785.9 MB Available Virtual: 4070.2 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:100 GB) (Free:46.44 GB) NTFS Drive d: () (Fixed) (Total:197.99 GB) (Free:98.08 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: F35FC8DB) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=198 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================ Unapred hvala na pomoci. Milan mycity.rs/must-login.png

Profil

Sass Drake Poslao: 29 Jan 2018 10:21 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! S obzirom da je svjež ransomware u pitanju, ne postoji još dekritor za fajlove. Možeš s vremena na vrijeme da provjeriš dostupnost alata za dekriptciju na ovim sajtovima: https://id-ransomware.malwarehunterteam.com/ https://www.nomoreransom.org/crypto-sheriff.php?lang=en Nažalost, nema drugog načina da ti pomognemo.

Profil

cobry777 Poslao: 29 Jan 2018 10:39 Idi na vrh
offline cobry777 Novi MyCity građanin Pridružio: 28 Jan 2018 Poruke: 2	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala na ovim sajtovima.. Proveravacu s vremena na vreme

Profil

ocalinko Poslao: 07 Feb 2018 14:44 Idi na vrh
offline ocalinko Novi MyCity građanin Pridružio: 07 Feb 2018 Poruke: 1	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovu stranicu imam nekoliko mjeseci. Ne znam gdje sam je tačno skinuo ali ti evo url pa probaj. Valjda nešto upali od ovoga. nomoreransom.org/en/decryption-tools.html

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Gdcb Ransomware problem

Ko je trenutno na forumu

Ukupno su 1151 korisnika na forumu :: 37 registrovanih, 7 sakrivenih i 1107 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Andrija357, antonije64, bojcistv, Buzdovan, cenejac111, CikaKURE, comi_pfc, d bos, debeli, doom83, galerija, Georgius, krkalon, ladro, ljuba, Lucije Kvint, Luka Blažević, mercedesamg, Mi lao shu, milan.vukovic, milenko crazy north, Milometer, Milos82, opt1, Parker, repac, rodoljub, sasa87, stalja, Stanlio, stegonosa, Trpe Grozni, vladetije, zapclink, |_MeD_|, žeks62

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by