MyCity » Ambulanta -> Arhiva Ambulante » Molim za pomoc...

Molim za pomoc...

Napisano na dan: 6.3.2017

Strana:
1
2

Molim za pomoc...

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Ivaaana Poslao: 06 Mar 2017 11:17 Idi na vrh
offline Ivaaana Novi MyCity građanin Pridružio: 06 Mar 2017 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 06 Mar 2017 11:13 mycity.rs/must-login.png Dobar dan.Imma problem sa lap topom.Naime, pre 10ak dana sam pokusala da skinem prevod za jedan fim, medjutim umesto nega pokupila sam sve i svasta.Nastao je haos koji sam nekako sredila (otvarao je sam ,cak i kada je iskljucen internet, po 50 stranica za 10 minuta, uglavnom neke reklame). Mislim da mi je taj problem pravio kineski pretrazivac UC browser kojeg sam se (izgleda) nekako resila.Sada se desava to da mi non stop otvara dve iste stranice:404 error not found i make a gif. Primecujem i to da mi nazivi stranica trepere...Koristim Chrome, imam Windows 10.Od sajtova posecujem facebook, gmail, thepiratebay, titlovi.com i neki zenski forum... Da li neko ima ideju sta bih mogla da uradim? P.S. mislim da mi fali jedan izvestaj,ali ga nigde ne vidim... Hvala unapred. Dopuna: 06 Mar 2017 11:17 Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017 Ran by Sss (administrator) on DESKTOP-U2VFKGI (06-03-2017 10:58:56) Running from C:\Users\Sss\Downloads Loaded Profiles: Sss (Available Profiles: Sss) Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe () C:\Program Files (x86)\Explorer\iedvutils.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe () C:\ProgramData\DataCardService\HWDeviceService64.exe () C:\Users\Sss\AppData\Roaming\Kyubey\Kyubey.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe () C:\Windows\KMS-R@1n.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe () C:\Program Files (x86)\UCBrowser\Application\UCService.exe () C:\ProgramData\mts mobilni internet\OnlineUpdate\ouc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe () C:\Windows\Temp\g5239.tmp.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (BitTorrent Inc.) C:\Users\Sss\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) C:\Users\Sss\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe (BitTorrent Inc.) C:\Users\Sss\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe () C:\Program Files (x86)\UCBrowser\Application\6.1.2107.202\UCAgent.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe (Google Inc.) C:\Program Files (x86)\Legass\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Legass\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Legass\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Legass\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Legass\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Legass\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Legass\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Legass\Application\chrome.exe (Farbar) C:\Users\Sss\Downloads\FRST64 (1).exe (Google Inc.) C:\Program Files (x86)\Legass\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-03] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-23] (Oracle Corporation) HKLM\...\RunOnce: [wd] => C:\Windows\TEMP\g5239.tmp.exe [187904 2017-03-05] () <===== ATTENTION HKLM\...\RunOnce: [ucdrv_repair] => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe [749456 2017-03-02] (UC Web Inc.) HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.) HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\...\Run: [uTorrent] => C:\Users\Sss\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-03] (BitTorrent Inc.) HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\...\Run: [SHIOXKE#'a.exe] => C:\Users\Sss\AppData\Roaming\{e49-c0-da-5d46d-a3d92-d447-eb3f4}\SHIOXKE#'a.exe [345600 2017-02-26] (Applicaforyou) HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\...\Run: [c#C3t9VeQ6.exe] => C:\Users\Sss\AppData\Roaming\{e49-c0-da-5d46d-a3d92-d447-eb3f4}\c#C3t9VeQ6.exe [183808 2017-02-26] () HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\...\MountPoints2: {568f4319-b61b-11e6-a65d-34de1accfded} - "F:\AutoRun.exe" HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\...\MountPoints2: {ba2a390c-b025-11e6-a65c-34de1accfded} - "F:\AutoRun.exe" HKLM\...\Providers\thvng18e: C:\Program Files (x86)\Ckbpycazery Launcher\local64spl.dll [307200 2017-02-25] () IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe ShellExecuteHooks: No Name - {D0554542-F770-11E6-8077-64006A5CFC23} - C:\Program Files (x86)\Ckosushdekey\Buvution.dll [146944 2017-02-25] () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 212.200.190.166 Tcpip\..\Interfaces\{61f83a21-1ef1-4969-9152-2e67cfa75660}: [DhcpNameServer] 212.200.190.166 Tcpip\..\Interfaces\{779bab78-450b-4637-80f6-30e2308c1153}: [NameServer] 172.21.21.157 172.21.21.158 Tcpip\..\Interfaces\{a087e6dd-3cf9-4432-ad99-3c07897f7d6a}: [NameServer] 172.21.21.157 172.21.21.158 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWucCHW-Qax8yjRKEJHYOl0rljvTVIJE6Nei9tug6pwEre1Yh18_-TYbSZfg_unZLvw_EtncK2VaP6-sYkBKJVEPg698gb5ZG1F_hPbfejY6DzbJcIUI_mVqMHe_4gposaHyJSMrygaRejjEHH96vxHOYDPbK8I2Loh8R7ZR2-&q={searchTerms} HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186 HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186 SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} SearchScopes: HKU\S-1-5-21-2903584577-3267121318-1954550345-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} SearchScopes: HKU\S-1-5-21-2903584577-3267121318-1954550345-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-23] (Eyeo GmbH) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-17] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-17] (Oracle Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-23] (Eyeo GmbH) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-2903584577-3267121318-1954550345-1001 -> hxxp://www.startpageing123.com/?type=hp&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186 FireFox: ======== FF DefaultProfile: x5u0tmdf.default FF DefaultProfile: 941brk24.default FF ProfilePath: C:\Users\Sss\AppData\Roaming\Mozilla\Firefox\Profiles\x5u0tmdf.default [2017-03-05] FF NewTab: Mozilla\Firefox\Profiles\x5u0tmdf.default -> C:\\ProgramData\\Plusdaxs\\ff.NT FF Homepage: Mozilla\Firefox\Profiles\x5u0tmdf.default -> hxxp://www.startpageing123.com/?type=hp&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186 FF Extension: (Adblock Plus) - C:\Users\Sss\AppData\Roaming\Mozilla\Firefox\Profiles\x5u0tmdf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23] FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Sss\AppData\Roaming\Mozilla\Firefox\Profiles\x5u0tmdf.default\features\{c2086db5-4b9d-47e7-b043-9d0365007927}\disableSHA1rollout@mozilla.org.xpi [2017-03-02] FF Extension: (TLS 1.3 Compatibility Testing 3) - C:\Users\Sss\AppData\Roaming\Mozilla\Firefox\Profiles\x5u0tmdf.default\features\{c2086db5-4b9d-47e7-b043-9d0365007927}\tls13-compat-ff51@mozilla.org.xpi [2017-03-02] FF SearchPlugin: C:\Users\Sss\AppData\Roaming\Mozilla\Firefox\Profiles\x5u0tmdf.default\searchplugins\startpageing123.xml [2017-03-03] FF SearchPlugin: C:\Users\Sss\AppData\Roaming\Mozilla\Firefox\Profiles\x5u0tmdf.default\searchplugins\thvng18e.xml [2017-02-25] FF ProfilePath: C:\Users\Sss\AppData\Roaming\Firefox\Firefox\Profiles\941brk24.default [2017-03-05] FF Extension: (SimilarWeb) - C:\Users\Sss\AppData\Roaming\Firefox\Firefox\Profiles\941brk24.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2017-03-02] [not signed] FF Extension: (FF Adr) - C:\Users\Sss\AppData\Roaming\Firefox\Firefox\Profiles\941brk24.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-03-02] [not signed] FF SearchPlugin: C:\Users\Sss\AppData\Roaming\Firefox\Firefox\Profiles\941brk24.default\searchplugins\startsearch.xml [2017-03-02] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-17] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-17] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-22] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apps_Cfg; C:\ProgramData\Apple\Apps\config.dll [115712 2017-03-02] () [File not signed] R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] () R2 iedvutils; C:\Program Files (x86)\Explorer\iedvutils.exe [55992 2017-03-01] () R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373752 2016-07-21] (Intel Corporation) R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-11-17] () [File not signed] R2 Kyubey; C:\Users\Sss\AppData\Roaming\Kyubey\Kyubey.exe [115200 2017-03-03] () [File not signed] S2 mts mobilni internet. RunOuc; C:\Program Files (x86)\mts mobilni internet\UpdateDog\ouc.exe [651856 2013-10-26] () S2 PrefersSecure; C:\ProgramData\PrefersSecure\Nettrans.exe [44544 2017-03-02] () [File not signed] R2 UCBrowserSvc; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [599952 2017-03-02] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] S2 PearhasSU; "C:\Users\Sss\AppData\Local\Temp\1\BaofengUpdate_U.exe" /i [X] <==== ATTENTION ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-25] (REALiX(tm)) S3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [121728 2013-12-10] (Huawei Technologies Co., Ltd.) S3 hwusb_wwanecm; C:\Windows\System32\drivers\ew_wwanecm.sys [376704 2013-12-10] (Huawei Technologies Co., Ltd.) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation) R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [7392256 2016-07-21] (Intel Corporation) R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3127576 2016-07-19] (Realtek Semiconductor Corp.) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146200 2015-10-15] (Intel Corporation) U1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [25444 ] (UC Web Inc.) <==== ATTENTION S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-03-06 10:58 - 2017-03-06 10:59 - 00019415 _____ C:\Users\Sss\Downloads\FRST.txt 2017-03-06 10:56 - 2017-03-06 10:58 - 00000000 ____D C:\FRST 2017-03-06 10:49 - 2017-03-06 10:49 - 00029240 _____ C:\Users\Sss\Downloads\210658-testamentofyouthhrv.zip 2017-03-06 10:40 - 2017-03-06 10:40 - 00000000 ____D C:\Users\Sss\Downloads\Testament of Youth (2014) 2017-03-06 10:40 - 2017-03-06 10:40 - 00000000 ____D C:\Users\Sss\Downloads\Far from the Madding Crowd (2015) 2017-03-06 08:41 - 2017-03-06 10:56 - 02423808 _____ (Farbar) C:\Users\Sss\Downloads\FRST64 (1).exe 2017-03-06 08:40 - 2017-03-06 08:41 - 02423808 _____ (Farbar) C:\Users\Sss\Downloads\FRST64.exe 2017-03-06 08:39 - 2017-03-06 10:56 - 01765888 _____ (Farbar) C:\Users\Sss\Downloads\FRST (1).exe 2017-03-05 17:42 - 2017-03-06 10:42 - 00002648 _____ C:\Windows\System32\Tasks\UCBrowserUpdaterCore 2017-03-05 17:42 - 2017-03-06 10:42 - 00000320 _____ C:\Windows\Tasks\UCBrowserUpdaterCore.job 2017-03-05 17:28 - 2017-03-06 10:26 - 00000084 _____ C:\Users\Public\Documents\temp.dat 2017-03-05 17:26 - 2017-03-05 17:26 - 00003476 _____ C:\Windows\System32\Tasks\UCBrowserSecureUpdater 2017-03-05 17:16 - 2017-03-05 17:25 - 00000000 ____D C:\AdwCleaner 2017-03-05 17:14 - 2017-03-05 17:16 - 04031440 _____ C:\Users\Sss\Downloads\adwcleaner_6.044.exe 2017-03-04 22:01 - 2017-03-04 22:01 - 00000000 ____D C:\Users\Sss\Downloads\10.Cloverfield.Lane.2016.720p.BRRip.x264.AAC-ETRG 2017-03-02 18:40 - 2017-03-02 18:40 - 00003128 _____ C:\Windows\System32\Tasks\hostTask 2017-03-02 18:40 - 2017-03-02 18:40 - 00000000 ____D C:\ProgramData\PrefersSecure 2017-03-02 16:03 - 2017-03-02 16:03 - 00000000 ____D C:\Users\Sss\AppData\Roaming\Firefox 2017-03-02 16:03 - 2017-03-02 16:03 - 00000000 ____D C:\Users\Sss\AppData\Local\Firefox 2017-03-02 15:53 - 2017-03-06 07:29 - 00000000 ____D C:\Users\Sss\AppData\Local\Google 2017-03-02 15:53 - 2017-03-02 15:53 - 00000000 ____D C:\Users\Sss\AppData\Local\Legass 2017-03-02 15:51 - 2017-03-02 15:51 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-03-02 15:51 - 2017-03-02 15:51 - 00000000 ____D C:\ProgramData\Apple 2017-03-02 15:50 - 2017-03-02 15:50 - 00000000 ____D C:\Program Files (x86)\Legass 2017-03-01 23:46 - 2017-03-01 23:46 - 00000000 ____D C:\Windows\System32\Tasks\shared 2017-03-01 15:35 - 2017-03-01 15:36 - 00000000 ____D C:\Windows\system32\appmgmt 2017-03-01 13:47 - 2017-03-05 17:25 - 00000000 ____D C:\Windows\system32\log 2017-03-01 13:47 - 2017-03-02 16:04 - 00000000 _____ C:\Windows\SysWOW64\4 2017-03-01 13:47 - 2017-03-02 16:04 - 00000000 _____ C:\Windows\SysWOW64\3 2017-03-01 13:46 - 2017-03-01 13:47 - 00000000 ____D C:\Program Files (x86)\Pearhas 2017-03-01 13:46 - 2017-03-01 13:46 - 00000000 ____D C:\Program Files (x86)\58B6C2C0_jumpeasy 2017-03-01 13:45 - 2017-03-01 13:47 - 00000000 ____D C:\Program Files (x86)\58B6C254_jumpeasy 2017-03-01 13:45 - 2017-03-01 13:45 - 00002058 _____ C:\Users\Sss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-03-01 13:45 - 2017-03-01 13:45 - 00000000 ____D C:\Program Files (x86)\Explorer 2017-03-01 12:46 - 2017-03-01 21:52 - 00000000 ____D C:\Windows\System32\Tasks\security 2017-03-01 12:29 - 2017-03-01 12:29 - 00000000 ____D C:\Program Files (x86)\thvng18e 2017-03-01 11:53 - 2017-03-01 11:53 - 00016804 _____ C:\Windows\System32\Tasks\ed2k 2017-03-01 11:53 - 2017-03-01 11:53 - 00000000 ____D C:\Users\Sss\AppData\Roaming\Kyubey 2017-02-28 10:09 - 2017-02-28 10:09 - 00016824 _____ C:\Windows\System32\Tasks\systemsettings 2017-02-27 19:32 - 2017-02-27 19:32 - 00000000 ____D C:\Users\Sss\Downloads\In.Your.Eyes.2014.HDRip.XviD.MP3-RARBG 2017-02-27 17:38 - 2017-02-27 17:39 - 00040497 _____ C:\Users\Sss\Downloads\198598-whatif_2013_.zip 2017-02-27 00:25 - 2017-02-27 00:25 - 00000000 ____D C:\Users\Sss\Downloads\What If (2013) 2017-02-26 23:46 - 2017-02-26 23:46 - 01938543 _____ C:\Users\Sss\AppData\Roaming\MedTouch.bin 2017-02-26 23:46 - 2017-02-26 23:46 - 01895574 _____ C:\Users\Sss\AppData\Roaming\Saolax.tst 2017-02-26 23:46 - 2017-02-26 23:46 - 00278521 _____ C:\Users\Sss\AppData\Roaming\Tin-It.bin 2017-02-26 23:46 - 2017-02-26 23:46 - 00136827 _____ () C:\Users\Sss\AppData\Roaming\Duohome.bin 2017-02-26 23:46 - 2017-02-26 23:46 - 00000000 ____D C:\ProgramData\Plusdaxs 2017-02-26 23:46 - 2017-02-26 23:45 - 00981504 _____ C:\Users\Sss\AppData\Roaming\Saolax.exe 2017-02-26 21:11 - 2017-02-27 22:34 - 00000000 ____D C:\Users\Sss\Downloads\Rust.and.Bone.2012.iNTERNAL.BDRip.x264-LiBRARiANS[1337x][SN] 2017-02-26 17:10 - 2017-02-26 17:10 - 00020618 _____ C:\Users\Sss\Downloads\247468-rust.and.bone.2012.internal.bdrip.x264librarians_sr.zip 2017-02-26 17:02 - 2017-02-26 17:22 - 00000000 ____D C:\Users\Sss\Downloads\The.Tiger.And.The.Snow.2005.XviD.AC3-WAF 2017-02-26 14:40 - 2017-02-26 14:40 - 00000000 ____D C:\Users\Sss\AppData\Roaming\Arwiiedusugh 2017-02-26 14:35 - 2017-03-05 17:26 - 00000000 ____D C:\Users\Sss\AppData\LocalLow\uTorrent 2017-02-26 14:31 - 2017-03-06 10:42 - 00000484 _____ C:\Windows\Tasks\UCBrowserUpdater.job 2017-02-26 14:31 - 2017-03-03 21:50 - 00000000 ____D C:\Windows\System32\Tasks\application 2017-02-26 14:31 - 2017-02-26 14:31 - 00003498 _____ C:\Windows\System32\Tasks\UCBrowserUpdater 2017-02-26 14:30 - 2017-02-26 14:30 - 00000000 ____D C:\Users\Sss\AppData\Local\UCBrowser 2017-02-26 14:29 - 2017-03-03 20:45 - 00000000 ____D C:\Program Files (x86)\UCBrowser 2017-02-26 14:06 - 2017-02-26 14:06 - 00000000 ____D C:\Users\Sss\AppData\Roaming\{e49-c0-da-5d46d-a3d92-d447-eb3f4} 2017-02-26 14:06 - 2017-02-26 14:06 - 00000000 ____D C:\Program Files (x86)\fff 2017-02-26 12:12 - 2017-02-26 12:12 - 00016836 _____ C:\Windows\System32\Tasks\96R5758T3234Y732-dll 2017-02-25 22:45 - 2017-02-26 00:05 - 00000000 ____D C:\ProgramData\ProductData 2017-02-25 22:45 - 2017-02-25 22:46 - 00000000 ____D C:\Users\Sss\AppData\LocalLow\IObit 2017-02-25 22:45 - 2017-02-25 22:45 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS 2017-02-25 22:45 - 2017-02-25 22:45 - 00000000 ____D C:\Windows\IObit 2017-02-25 22:45 - 2017-02-25 22:45 - 00000000 ____D C:\ProgramData\IObit 2017-02-25 22:44 - 2017-02-25 22:44 - 00000000 ____D C:\Users\Sss\AppData\Roaming\IObit 2017-02-25 22:43 - 2017-02-25 22:43 - 00016828 _____ C:\Windows\System32\Tasks\96R5758T3234Y732 2017-02-25 22:43 - 2017-02-25 22:43 - 00000000 ___HD C:\ProgramData\96R5758T3234Y732 2017-02-25 22:29 - 2017-03-01 15:31 - 00000000 ____D C:\Program Files (x86)\Ckosushdekey 2017-02-25 22:29 - 2017-02-25 22:29 - 00000000 ____D C:\Users\Sss\AppData\Local\Pmuthercoudole 2017-02-25 22:29 - 2017-02-25 22:29 - 00000000 ____D C:\Program Files (x86)\Ckbpycazery Launcher 2017-02-25 11:38 - 2017-02-25 11:38 - 00152733 _____ C:\Users\Sss\Downloads\IV - Javni poredak - NNP - Fraus Legis(1).pdf 2017-02-24 19:51 - 2017-02-24 19:51 - 00152733 _____ C:\Users\Sss\Downloads\IV - Javni poredak - NNP - Fraus Legis.pdf 2017-02-24 19:50 - 2017-02-24 19:50 - 00124601 _____ C:\Users\Sss\Downloads\III Kvalifikacija - Renvoi - Prethodno pitanje.pdf 2017-02-24 19:49 - 2017-02-24 19:49 - 00126105 _____ C:\Users\Sss\Downloads\II Kolizione norme - Primena stranog prava.pdf 2017-02-24 19:49 - 2017-02-24 19:49 - 00116869 _____ C:\Users\Sss\Downloads\I Element inostranosti-Pojam MPP-Izvori.pdf 2017-02-07 16:39 - 2017-02-07 16:41 - 00000000 ____D C:\Users\Sss\Downloads\[ torrenting.me ] - Hacksaw.Ridge.2016.DVDScr.XVID.AC3.HQ.Hive-CM8 ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-03-06 11:00 - 2016-11-17 08:46 - 00000000 ____D C:\Users\Sss\AppData\Roaming\uTorrent 2017-03-06 10:55 - 2016-11-17 08:27 - 00000000 ____D C:\Users\Sss\AppData\Roaming\Skype 2017-03-06 07:21 - 2016-11-17 08:13 - 00004164 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{AAA271D5-AE32-48AB-9E7C-64AF4DDF14D1} 2017-03-05 22:06 - 2016-11-18 11:18 - 00005240 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-U2VFKGI-Sss DESKTOP-U2VFKGI 2017-03-05 22:01 - 2016-11-17 08:25 - 00000000 ____D C:\Users\Sss\AppData\LocalLow\Mozilla 2017-03-05 22:00 - 2016-11-17 08:29 - 00000000 ____D C:\Users\Sss\AppData\Roaming\vlc 2017-03-05 17:38 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\AppReadiness 2017-03-05 17:29 - 2016-11-17 08:19 - 00879220 _____ C:\Windows\system32\PerfStringBackup.INI 2017-03-05 17:29 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\INF 2017-03-05 17:26 - 2016-11-17 08:18 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-03-05 17:26 - 2016-11-17 08:18 - 00000000 __SHD C:\Users\Sss\IntelGraphicsProfiles 2017-03-05 17:26 - 2016-11-17 08:13 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-05 17:25 - 2016-11-17 07:59 - 00000000 ____D C:\Users\Sss\AppData\Roaming\Adobe 2017-03-05 17:25 - 2016-11-17 07:59 - 00000000 ____D C:\Users\Sss 2017-03-05 17:25 - 2015-10-30 07:28 - 00524288 ___SH C:\Windows\system32\config\BBI 2017-03-05 13:56 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2017-03-04 17:43 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\NDF 2017-03-04 17:39 - 2016-12-21 13:32 - 00000000 ____D C:\Users\Sss\Desktop\potkrovlje 2017-03-02 20:59 - 2016-11-17 08:15 - 00000000 ____D C:\Users\Sss\AppData\Local\Adobe 2017-02-28 14:37 - 2016-12-14 11:02 - 00003286 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-02-28 14:37 - 2016-11-17 08:03 - 00002361 _____ C:\Users\Sss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-02-28 14:37 - 2016-11-17 08:03 - 00000000 ___RD C:\Users\Sss\OneDrive 2017-02-26 14:36 - 2016-11-17 08:27 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-02-26 14:36 - 2016-11-17 08:27 - 00000000 ____D C:\ProgramData\Skype 2017-02-24 15:13 - 2016-11-17 08:17 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-02-14 14:42 - 2016-11-17 07:59 - 00000000 ____D C:\Users\Sss\AppData\Local\Packages 2017-02-06 21:35 - 2016-11-17 08:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-02-06 21:35 - 2016-11-17 08:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Files in the root of some directories ======= 2017-02-26 23:46 - 2017-02-26 23:46 - 0136827 _____ () C:\Users\Sss\AppData\Roaming\Duohome.bin 2017-02-26 23:46 - 2017-02-26 23:46 - 1938543 _____ () C:\Users\Sss\AppData\Roaming\MedTouch.bin 2017-02-26 23:46 - 2017-02-26 23:45 - 0981504 _____ () C:\Users\Sss\AppData\Roaming\Saolax.exe 2017-02-26 23:46 - 2017-02-26 23:46 - 1895574 _____ () C:\Users\Sss\AppData\Roaming\Saolax.tst 2017-02-26 23:46 - 2017-02-26 23:46 - 0278521 _____ () C:\Users\Sss\AppData\Roaming\Tin-It.bin 2016-11-17 08:08 - 2016-11-17 08:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Files to move or delete: ==================== C:\Windows\TEMP\g5239.tmp.exe Some files in TEMP: ==================== 2017-02-26 12:20 - 2017-02-26 12:20 - 1227551 _____ ( ) C:\Users\Sss\AppData\Local\Temp\83e7fc89-fc15-11e6-a662-34de1accfded.exe 2017-02-26 14:32 - 2017-02-26 14:32 - 1185969 _____ (Samoreb ) C:\Users\Sss\AppData\Local\Temp\A4EE.tmp.exe 2017-02-26 14:06 - 2017-02-26 14:06 - 1185969 _____ (Samoreb ) C:\Users\Sss\AppData\Local\Temp\A7A1.tmp.exe 2017-02-25 22:40 - 2017-02-25 22:41 - 0856148 _____ ( ) C:\Users\Sss\AppData\Local\Temp\AutoTime51495.exe 2017-02-26 14:06 - 2017-02-26 14:29 - 51179792 _____ (UCWeb Inc.) C:\Users\Sss\AppData\Local\Temp\Browser_V6.0.1471.913_r_4728_(Build1702151518).exe 2017-02-26 23:47 - 2017-03-01 23:46 - 0225435 _____ () C:\Users\Sss\AppData\Local\Temp\ContentPushSetup.exe 2017-02-26 23:45 - 2017-03-01 23:45 - 0566788 _____ () C:\Users\Sss\AppData\Local\Temp\DBUpdater.exe 2017-02-25 22:40 - 2017-02-25 22:40 - 0075264 _____ () C:\Users\Sss\AppData\Local\Temp\DriverBoosterSetup.exe 2017-02-25 22:40 - 2017-02-25 22:44 - 17628560 _____ (IObit ) C:\Users\Sss\AppData\Local\Temp\EC96.tmp.exe 2017-02-26 14:06 - 2017-02-26 14:06 - 3030016 _____ () C:\Users\Sss\AppData\Local\Temp\fsd4C23.exe 2017-02-26 12:11 - 2017-02-26 12:11 - 0294912 _____ () C:\Users\Sss\AppData\Local\Temp\g2E7.tmp.exe 2017-01-25 22:35 - 2017-01-25 22:37 - 1283800 _____ (Hanatan ) C:\Users\Sss\AppData\Local\Temp\ICReinstall_bsplayer_free.exe 2017-02-26 23:45 - 2017-02-26 23:45 - 0981504 _____ () C:\Users\Sss\AppData\Local\Temp\linker.exe 2016-11-06 09:21 - 2016-11-06 09:21 - 0109568 _____ () C:\Users\Sss\AppData\Local\Temp\nsq306F.exe 2017-02-26 23:45 - 2017-03-01 23:45 - 0266752 _____ () C:\Users\Sss\AppData\Local\Temp\prepreinstaller_win.exe 2017-02-25 22:40 - 2017-02-25 22:40 - 1199825 _____ () C:\Users\Sss\AppData\Local\Temp\unins000.exe 2017-02-25 22:40 - 2017-02-25 22:40 - 1239469 _____ (VideoBox ) C:\Users\Sss\AppData\Local\Temp\videobox.exe 2017-02-26 23:48 - 2017-03-01 23:47 - 0798208 _____ () C:\Users\Sss\AppData\Local\Temp\WindowsUpdateKB12695__7428_il1.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-03-02 20:16 ==================== End of FRST.txt ============================

Profil

TwinHeadedEagle Poslao: 06 Mar 2017 13:29 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Preuzmi Zemana AntiMalware i sacuvaj ga na Deskop. Kada preuzimanje bude zavrseno: Dvoklikom pokreni instalaciju i prati uputstva. Instalacija je standardna bez ikakvih dodatnih opcija. Nakon instalacije, program ce se automatski pokrenuti i sada je potrebno klikniti na Scan. Kada se skeniranje zavrsi, klikni Next kako bi uklonio sve pronadjene stavke. Ako ti zatrazi da restartujes racunar, klikni na Reboot. Ukoliko je racunar ozbiljno inficiran, nakon restarta ce uslediti jos jedno skeniranje. Nakon toga, potrebno je da dostavis izvestaj/e: Na tastaturi pritisni + R u isto vreme. Kopiraj sledecu komandu i potvrdi sa OK: `%USERPROFILE%\AppData\Local\Zemana\Zemana AntiMalware\reports` Najnovji izvestaj/e kopiraj na Deskop, a zatim ga prikaci u sledecoj poruci.

Profil

Ivaaana Poslao: 06 Mar 2017 14:00 Idi na vrh
offline Ivaaana Novi MyCity građanin Pridružio: 06 Mar 2017 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 06 Mar 2017 13:59 Zemana AntiMalware 2.72.2.101 (Installed) ------------------------------------------------------- Scan Result : Completed Scan Date : 2017-3-6 Operating System : Windows 10 64-bit Processor : 4X Intel(R) Pentium(R) CPU N3700 @ 1.60GHz BIOS Mode : UEFI CUID : 127606ED98BBDF6767D75F Scan Type : System Scan Duration : 7m 6s Scanned Objects : 55899 Detected Objects : 47 Excluded Objects : 0 Read Level : SCSI Auto Upload : Enabled Detect All Extensions : Disabled Scan Documents : Disabled Domain Info : WORKGROUP,0,2 Detected Objects ------------------------------------------------------- Edge Homepage Status : Scanned Object : startpageing123.com/?type=hp&ts=1488543.....XXW766M186 MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Edge Homepage Edge Homepage Status : Scanned Object : startpageing123.com/?type=hp&ts=1488543.....XXW766M186 MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Edge Homepage Internet Explorer Shortcut Status : Scanned Object : startpageing123.com/?type=sc&ts=1488543.....XXW766M186 MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Internet Explorer Shortcut Internet Explorer Search Status : Scanned Object : startpageing123 - startpageing123.com MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Internet Explorer Search Internet Explorer Search Status : Scanned Object : startpageing123 - startpageing123.com MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Internet Explorer Search Internet Explorer Homepage Status : Scanned Object : startpageing123.com/?type=hp&ts=1488543.....XXW766M186 MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Internet Explorer Homepage Internet Explorer Homepage Status : Scanned Object : startpageing123.com/?type=hp&ts=1488543.....XXW766M186 MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Internet Explorer Homepage Internet Explorer URL Status : Scanned Object : startpageing123.com/search/?type=ds&ts=.....766M186&q={searchTerms} MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Internet Explorer URL Internet Explorer URL Status : Scanned Object : startpageing123.com/?type=hp&ts=1488543.....XXW766M186 MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Internet Explorer URL Internet Explorer URL Status : Scanned Object : startpageing123.com/search/?type=ds&ts=.....766M186&q={searchTerms} MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Internet Explorer URL Internet Explorer URL Status : Scanned Object : startpageing123.com/?type=hp&ts=1488543.....XXW766M186 MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Internet Explorer URL Internet Explorer URL Status : Scanned Object : %66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%.....8R7ZR2-&q={searchTerms} MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Internet Explorer URL Firefox Search Status : Scanned Object : trotux - trotux.com MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Firefox Search Firefox Search Status : Scanned Object : startpageing123 - startpageing123.com MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Firefox Search Firefox Search Status : Scanned Object : trotux - trotux.com MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Firefox Search Firefox Search Status : Scanned Object : startpageing123 - startpageing123.com MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Firefox Search Firefox Newtab Status : Scanned Object : %homedrive%\\programdata\\plusdaxs\\ff.nt MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Firefox Newtab File - %homedrive%\\programdata\\plusdaxs\\ff.nt Firefox Homepage Status : Scanned Object : startpageing123.com/?type=hp&ts=1488543.....XXW766M186 MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Firefox Homepage Fake Chrome Shortcut Status : Scanned Object : %programdata%\microsoft\windows\start menu\programs\google chrome.lnk MD5 : C6E1B21F1735ACF4752DC5825C8D7565 Publisher : - Size : 2215 Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Fake Chrome Shortcut File - %programdata%\microsoft\windows\start menu\programs\google chrome.lnk TLS 1.3 Compatibility Testing 3 Status : Scanned Object : %appdata%\mozilla\firefox\profiles\x5u0tmdf.default\features\{c2086db5-4b9d-47e7-b043-9d0365007927}\tls13-compat-ff51@mozilla.org.xpi MD5 : A26F34EA894A90563264062B023A41BE Publisher : - Size : 6728 Version : - Detection : PUA.FirefoxExt!Gr Cleaning Action : Repair Related Objects : Browser Extension - TLS 1.3 Compatibility Testing 3 File - %appdata%\mozilla\firefox\profiles\x5u0tmdf.default\features\{c2086db5-4b9d-47e7-b043-9d0365007927}\tls13-compat-ff51@mozilla.org.xpi Hosts File Status : Scanned Object : %systemroot%\system32\drivers\etc\hosts MD5 : 5E420E65E2BD7859FC4637C464E6E068 Publisher : - Size : 8602 Version : - Detection : Hosts Hijack Cleaning Action : Repair Related Objects : Hosts file - 104.131.26.227 - google.com File - %systemroot%\system32\drivers\etc\hosts iedvtoolex.dll Status : Scanned Object : %breakpad_dump_location%\explorer\iedvtoolex.dll MD5 : 66A4E2F6CF5A38F345995E1EECFC3D47 Publisher : Fengxia Cao Size : 1779896 Version : 8.0.7600.16385 Detection : Adware:Win32/BrowserHijack.Gen Cleaning Action : Quarantine Related Objects : File - %breakpad_dump_location%\explorer\iedvtoolex.dll DLL - 1472 - C:\Program Files (x86)\Explorer\iedvutils.exe local64spl.dll Status : Scanned Object : %breakpad_dump_location%\ckbpycazery launcher\local64spl.dll MD5 : B801FFC5A20B320383466E493D173ED0 Publisher : - Size : 307200 Version : - Detection : Adware:Win32/BrowserHijack.Gen Cleaning Action : Quarantine Related Objects : File - %breakpad_dump_location%\ckbpycazery launcher\local64spl.dll DLL - 1928 - C:\Windows\System32\spoolsv.exe 96R5758T3234Y732.dll Status : Scanned Object : %programdata%\96r5758t3234y732\96r5758t3234y732.dll MD5 : 0AC1E2727A0416892A8BA85162785959 Publisher : - Size : 3102720 Version : - Detection : Trojan:Win64/Blackoat.A!Ttak Cleaning Action : Quarantine Related Objects : File - %programdata%\96r5758t3234y732\96r5758t3234y732.dll DLL - 1656 - C:\Windows\System32\rundll32.exe Scheduled Task - C:\Windows\System32\Tasks\systemsettings Scheduled Task - C:\Windows\System32\Tasks\shared\product updater\produpd Scheduled Task - C:\Windows\System32\Tasks\security\uclauncher-x64 Scheduled Task - C:\Windows\System32\Tasks\security\uclauncher Scheduled Task - C:\Windows\System32\Tasks\application\6-1-2107 Scheduled Task - C:\Windows\System32\Tasks\application\6-1 Scheduled Task - C:\Windows\System32\Tasks\application\6-0-1471-913\installer\chrmstp-exe Scheduled Task - C:\Windows\System32\Tasks\application\6-0-1471-913\installer\chrmstp Scheduled Task - C:\Windows\System32\Tasks\application\6 Scheduled Task - C:\Windows\System32\Tasks\96R5758T3234Y732-dll Scheduled Task - C:\Windows\System32\Tasks\96R5758T3234Y732 Scheduled Task - C:\Windows\System32\Tasks\application\6-1-2107-202\stats_uploader Scheduled Task - C:\Windows\System32\Tasks\application\6-1-2107-201\ucagent Scheduled Task - C:\Windows\System32\Tasks\application\6-1-2107-201\stats_uploader Scheduled Task - C:\Windows\System32\Tasks\application\ucbrowser Scheduled Task - C:\Windows\System32\Tasks\application\6-1-2107-202\ucagent Scheduled Task - C:\Windows\System32\Tasks\ed2k KMS-R@1n.exe Status : Scanned Object : %systemroot%\kms-r@1n.exe MD5 : 0F9FD9565E6EB157FA9BE11ED9C1DC9F Publisher : - Size : 26112 Version : - Detection : PUA:Win32/HackTool.Gen Cleaning Action : Quarantine Related Objects : File - %systemroot%\kms-r@1n.exe Process - 2400 - C:\Windows\KMS-R@1n.exe Registry Entry - HKLM\System\CurrentControlSet\Services\KMS-R@1n\ImagePath = C:\Windows\KMS-R@1n.exe UCService.exe Status : Scanned Object : %breakpad_dump_location%\ucbrowser\application\ucservice.exe MD5 : D0BE7F75DEB6819934663F3A5DB04855 Publisher : TAOBAO (CHINA) SOFTWARE CO.,LTD. Size : 599952 Version : 1.0.0.0 Detection : Adware:Win32/UCBrowser-DJ!Ep Cleaning Action : Quarantine Related Objects : File - %breakpad_dump_location%\ucbrowser\application\ucservice.exe Process - 2508 - C:\Program Files (x86)\UCBrowser\Application\UCService.exe Registry Entry - HKLM\System\CurrentControlSet\Services\UCBrowserSvc\ImagePath = "C:\Program Files (x86)\UCBrowser\Application\UCService.exe" g5239.tmp.exe Status : Scanned Object : %systemroot%\temp\g5239.tmp.exe MD5 : 9E821B960C52EF181148864B7D10C5FB Publisher : - Size : 187904 Version : - Detection : Malware:Win64/Bailoat.A!Ekrr Cleaning Action : Quarantine Related Objects : File - %systemroot%\temp\g5239.tmp.exe Process - 5916 - C:\Windows\Temp\g5239.tmp.exe Registry Entry - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\wd = C:\Windows\TEMP\g5239.tmp.exe Buvution.dll Status : Scanned Object : %breakpad_dump_location%\ckosushdekey\buvution.dll MD5 : A964354B276DF410D4C70F9ACC45E655 Publisher : - Size : 146944 Version : - Detection : Adware:Win32/BrowserHijack.Gen Cleaning Action : Delete Related Objects : Registry Entry - HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{D0554542-F770-11E6-8077-64006A5CFC23} = C:\Program Files (x86)\Ckosushdekey\Buvution.dll File - %breakpad_dump_location%\ckosushdekey\buvution.dll Registry Entry - HKLM\SOFTWARE\Classes\CLSID\{D0554542-F770-11E6-8077-64006A5CFC23}\InprocServer32\@ = C:\Program Files (x86)\Ckosushdekey\Buvution.dll UCAgent.exe Status : Scanned Object : %breakpad_dump_location%\ucbrowser\application\6.1.2107.202\ucagent.exe MD5 : 7A44320B699A26EA4A35A1ED16DDC225 Publisher : TAOBAO (CHINA) SOFTWARE CO.,LTD. Size : 2164624 Version : - Detection : Adware:Win32/UCBrowser-DJ!Ep Cleaning Action : Quarantine Related Objects : File - %breakpad_dump_location%\ucbrowser\application\6.1.2107.202\ucagent.exe Process - 6932 - C:\Program Files (x86)\UCBrowser\Application\6.1.2107.202\UCAgent.exe g35F.tmp Status : Scanned Object : %systemroot%\temp\g35f.tmp MD5 : 4921C0254B29E3A03AD98D24EDD20B81 Publisher : - Size : 3759616 Version : - Detection : Trojan:Win32/Fooster.A!Metm Cleaning Action : Quarantine Related Objects : File - %systemroot%\temp\g35f.tmp DLL - 6180 - C:\Program Files (x86)\Legass\Application\chrome.exe ucdrv-x64.sys Status : Scanned Object : %breakpad_dump_location%\ucbrowser\security:ucdrv-x64.sys MD5 : BC380DF77F023D410466676FA5A27E3C Publisher : TAOBAO (CHINA) SOFTWARE CO.,LTD. Size : 50888 Version : 1.0.0.1 Detection : Adware:Win32/UCBrowser-DJ!Ep Cleaning Action : Quarantine Related Objects : File - %breakpad_dump_location%\ucbrowser\security:ucdrv-x64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\ucdrv\ImagePath = \??\C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys Nettrans.exe Status : Scanned Object : %programdata%\preferssecure\nettrans.exe MD5 : 5A4FC1D0CA07395973C5C35D9BFED7D7 Publisher : - Size : 44544 Version : 1.0.0.0 Detection : Adware:Win32/BrowserHijack.Gen Cleaning Action : Quarantine Related Objects : File - %programdata%\preferssecure\nettrans.exe Registry Entry - HKLM\System\CurrentControlSet\Services\PrefersSecure\ImagePath = C:\ProgramData\PrefersSecure\Nettrans.exe KMS-R@1nHook.exe Status : Scanned Object : %systemroot%\kms-r@1nhook.exe MD5 : DC30CFD21BBB742C10E3621D5B506780 Publisher : - Size : 5120 Version : - Detection : PUA:Win32/HackTool.Gen Cleaning Action : Quarantine Related Objects : File - %systemroot%\kms-r@1nhook.exe Registry Entry - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SppExtComObj.exe\Debugger = KMS-R@1nHook.exe Registry Entry - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OSppSvc.exe\Debugger = KMS-R@1nHook.exe uclauncher.exe Status : Scanned Object : %breakpad_dump_location%\ucbrowser\security\uclauncher.exe MD5 : BE86BB62A7195E3E97314A2B6847BEB7 Publisher : TAOBAO (CHINA) SOFTWARE CO.,LTD. Size : 749456 Version : 1.0.0.1 Detection : Adware:Win32/UCBrowser-DJ!Ep Cleaning Action : Quarantine Related Objects : File - %breakpad_dump_location%\ucbrowser\security\uclauncher.exe Scheduled Task - C:\Windows\System32\Tasks\UCBrowserSecureUpdater Registry Entry - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\ucdrv_repair = "C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe" --repair update_task.exe Status : Scanned Object : %breakpad_dump_location%\ucbrowser\application\update_task.exe MD5 : BA1C4D099BD552D991087BD7145CD6E3 Publisher : TAOBAO (CHINA) SOFTWARE CO.,LTD. Size : 498576 Version : 1.0.0.8 Detection : Adware:Win32/UCBrowser-DJ!Ep Cleaning Action : Quarantine Related Objects : File - %breakpad_dump_location%\ucbrowser\application\update_task.exe Scheduled Task - C:\Windows\System32\Tasks\UCBrowserUpdater Scheduled Task - C:\Windows\System32\Tasks\UCBrowserUpdaterCore Scheduled Task - UCBrowserUpdaterCore.job Scheduled Task - UCBrowserUpdater.job SHIOXKE#'a.exe Status : Scanned Object : %appdata%\{e49-c0-da-5d46d-a3d92-d447-eb3f4}\shioxke#'a.exe MD5 : 279ED0299448FE53C9C1321BB36F0015 Publisher : - Size : 345600 Version : 9.6.3.4 Detection : Malware:Win32/Bliss.A!Amke Cleaning Action : Quarantine Related Objects : File - %appdata%\{e49-c0-da-5d46d-a3d92-d447-eb3f4}\shioxke#'a.exe Registry Entry - HKCU\Software\Microsoft\Windows\CurrentVersion\Run\SHIOXKE#'a.exe = C:\Users\Sss\AppData\Roaming\{e49-c0-da-5d46d-a3d92-d447-eb3f4}\SHIOXKE#'a.exe 2 0 local64spl.dll Status : Scanned Object : NE->c:\program files (x86)\ckbpycazery launcher\local64spl.dll MD5 : - Publisher : - Size : - Version : - Detection : Adware:Win32/ELEX.F!Neng Cleaning Action : Quarantine Related Objects : (null) - (null) local64spl.dll.ini Status : Scanned Object : NE->c:\program files (x86)\ckbpycazery launcher\local64spl.dll.ini MD5 : - Publisher : - Size : - Version : - Detection : Adware:Win32/ELEX.G!Neng Cleaning Action : Quarantine Related Objects : (null) - (null) buvution.dll Status : Scanned Object : NE->c:\program files (x86)\ckosushdekey\buvution.dll MD5 : - Publisher : - Size : - Version : - Detection : Adware:Win32/Youndoo.SEH.A!Neng Cleaning Action : Quarantine Related Objects : (null) - (null) ucbrowser Status : Scanned Object : NE->c:\program files (x86)\ucbrowser MD5 : - Publisher : - Size : - Version : - Detection : PUA:Win32/UCBrowser.A!Neng Cleaning Action : Quarantine Related Objects : (null) - (null) firefox Status : Scanned Object : NE->c:\users\sss\appdata\local\firefox MD5 : - Publisher : - Size : - Version : - Detection : Adware:Win32/Ghokswa.FF.B!Neng Cleaning Action : Quarantine Related Objects : (null) - (null) logichandler.exe Status : Scanned Object : NE->c:\users\sss\appdata\local\temp\rarsfx0\logichandler.exe MD5 : - Publisher : - Size : - Version : - Detection : Adware:Win32/Linkury.N!Neng Cleaning Action : Quarantine Related Objects : (null) - (null) ucbrowser Status : Scanned Object : NE->c:\users\sss\appdata\local\ucbrowser MD5 : - Publisher : - Size : - Version : - Detection : PUA:Win32/UCBrowser.C!Neng Cleaning Action : Quarantine Related Objects : (null) - (null) firefox Status : Scanned Object : NE->c:\users\sss\appdata\roaming\firefox MD5 : - Publisher : - Size : - Version : - Detection : Adware:Win32/Ghokswa.FF.A!Neng Cleaning Action : Quarantine Related Objects : (null) - (null) kyubey Status : Scanned Object : NE->c:\users\sss\appdata\roaming\kyubey MD5 : - Publisher : - Size : - Version : - Detection : Adware:Win32/ELEX.R!Neng Cleaning Action : Quarantine Related Objects : (null) - (null) cereledrofuck.default Status : Scanned Object : NE->c:\users\sss\appdata\roaming\profiles\cereledrofuck.default MD5 : - Publisher : - Size : - Version : - Detection : Adware:Win32/Trotux.FakeProfile!Neng Cleaning Action : Quarantine Related Objects : (null) - (null) c#c3t9veq6.exe Status : Scanned Object : NE->c:\users\sss\appdata\roaming\{e49-c0-da-5d46d-a3d92-d447-eb3f4}\c#c3t9veq6.exe MD5 : - Publisher : - Size : - Version : - Detection : Adware:Win32/Publisher.C!Neng Cleaning Action : Quarantine Related Objects : (null) - (null) Cleaning Result ------------------------------------------------------- Cleaned : 47 Reported as safe : 0 Failed : 0 Dopuna: 06 Mar 2017 14:00 Zemana AntiMalware 2.72.2.101 (Installed) ------------------------------------------------------- Scan Result : Completed Scan Date : 2017-3-6 Operating System : Windows 10 64-bit Processor : 4X Intel(R) Pentium(R) CPU N3700 @ 1.60GHz BIOS Mode : UEFI CUID : 127606ED98BBDF6767D75F Scan Type : System Scan Duration : 4m 38s Scanned Objects : 37781 Detected Objects : 0 Excluded Objects : 0 Read Level : SCSI Auto Upload : Enabled Detect All Extensions : Disabled Scan Documents : Disabled Domain Info : WORKGROUP,0,2 Detected Objects ------------------------------------------------------- No threats detected Dopuna: 06 Mar 2017 14:00 Je l` to to?

Profil

TwinHeadedEagle Poslao: 06 Mar 2017 14:57 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odlicno je. Kakvo je stanje sada?

Profil

Ivaaana Poslao: 06 Mar 2017 14:59 Idi na vrh
offline Ivaaana Novi MyCity građanin Pridružio: 06 Mar 2017 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala Vam puuuuno! Sada je sve u redu, samo sto nemam ni Chrome ni Mozilu. Je l` moze neki bezbedan link? Ili da se navikavam na Explorer.

Profil

TwinHeadedEagle Poslao: 06 Mar 2017 15:38 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imas ih i dalje, nego je malver promenio precice do njih koje su morale biti obrisane. Da li su ikonice za Chrome i Firefox bile na radnoj povrsini? Ponovo pokreni FRST, klikni na Scan i prikaci oba nova izvestaja radi dodatne provere.

Profil

Ivaaana Poslao: 06 Mar 2017 15:59 Idi na vrh
offline Ivaaana Novi MyCity građanin Pridružio: 06 Mar 2017 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 06 Mar 2017 15:58 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2017 Ran by Sss (06-03-2017 15:55:40) Running from C:\Users\Sss\Downloads Windows 10 Pro Version 1511 (X64) (2016-11-17 06:58:54) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2903584577-3267121318-1954550345-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2903584577-3267121318-1954550345-503 - Limited - Disabled) Guest (S-1-5-21-2903584577-3267121318-1954550345-501 - Limited - Disabled) Sss (S-1-5-21-2903584577-3267121318-1954550345-1001 - Administrator - Enabled) => C:\Users\Sss ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.) Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{0F347A49-E36C-4639-8D2E-003AD408B8B2}) (Version: 1.5 - Eyeo GmbH) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.29.53 - Conexant) Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4463 - Intel Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 51.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-US)) (Version: 51.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla) mts mobilni internet (HKLM-x32\...\mts mobilni internet) (Version: 23.015.05.00.532 - Huawei Technologies Co.,Ltd) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.) Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft) Update_msi (HKLM-x32\...\{59B5A9CD-253D-4C41-A073-B387D4C9672D}) (Version: 1.0.0 - Default Company Name) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.72.101 - Zemana Ltd.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01BEB244-9B46-429D-AE68-BBF85FBC4881} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {02380E51-E746-4A44-91D6-19126E807F78} - \application\6-1 -> No File <==== ATTENTION Task: {059764B9-3DB3-4D89-BF0C-B356C9D308C7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {0C577FC6-8B85-4AE7-9BD4-13BB909C5B4E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-U2VFKGI-Sss DESKTOP-U2VFKGI => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation) Task: {0F1B0E4F-DBAF-42FF-8E77-1861533EAAF4} - \application\ucbrowser -> No File <==== ATTENTION Task: {10C9BBBE-479E-4A75-A93A-0A05DD9025D9} - \application\6 -> No File <==== ATTENTION Task: {1A87B2D7-CA53-4C95-965C-C1DCC88913E7} - \security\uclauncher-x64 -> No File <==== ATTENTION Task: {20995D9F-9A4D-4610-B278-BA4B6D1DFB93} - \application\6-1-2107-202\ucagent -> No File <==== ATTENTION Task: {2B34138A-8596-4ABC-8F77-43DFB75FAE09} - \application\6-1-2107-202\stats_uploader -> No File <==== ATTENTION Task: {449B08EC-7E05-412B-84F7-2E3EF5657982} - \96R5758T3234Y732 -> No File <==== ATTENTION Task: {4E2C697F-C362-454B-883A-74EDC69FF0A3} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic Task: {56D0FC8A-EA28-485B-87BF-045957FB85D1} - \security\uclauncher -> No File <==== ATTENTION Task: {612CE7BB-85A8-4F20-8F37-50CE1C793AEF} - \application\6-0-1471-913\installer\chrmstp -> No File <==== ATTENTION Task: {684EB2D6-42D3-4A06-8AC8-3065950C744E} - \ed2k -> No File <==== ATTENTION Task: {6D117868-8D9A-4AE0-965A-23C2EDA87ED0} - \application\6-1-2107-201\stats_uploader -> No File <==== ATTENTION Task: {718BC0F8-532D-40A3-86A4-03E85853B53C} - System32\Tasks\hostTask => C:\ProgramData\NetworkPacketManitor\tree.exe Task: {71C2B8CB-F4DF-43FA-B1A9-D5246B771B60} - \application\6-0-1471-913\installer\chrmstp-exe -> No File <==== ATTENTION Task: {8534CDDF-0536-4A0F-950B-44A4EFE00749} - \application\6-1-2107 -> No File <==== ATTENTION Task: {92626B58-0212-4B14-B150-B7ACDD5A3560} - \shared\product updater\produpd -> No File <==== ATTENTION Task: {A570A4DF-29DF-4587-9CBC-40E00457136F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {A654BC3E-F0D8-4F25-B2D4-6962E448B9A0} - \96R5758T3234Y732-dll -> No File <==== ATTENTION Task: {AFEED437-5EA0-4B84-A8AA-FEAFEFD86B71} - \UCBrowserSecureUpdater -> No File <==== ATTENTION Task: {BCDEAA61-FA09-4A8E-9E01-EB8DB349FE29} - \application\6-1-2107-201\ucagent -> No File <==== ATTENTION Task: {ED383662-D813-4C44-AA14-3D9F272758CA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {F0A7550F-A1F3-40AF-AA60-74D6B94AA24F} - \systemsettings -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll 2014-01-15 04:42 - 2014-01-15 04:42 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2016-11-24 10:13 - 2013-10-26 10:45 - 00651856 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\ouc.exe 2016-11-17 13:52 - 2016-10-25 10:42 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-11-17 13:52 - 2016-10-25 10:42 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll 2015-01-21 15:01 - 2015-01-21 15:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2017-03-06 13:39 - 2017-03-06 13:39 - 00154480 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll 2016-11-17 08:48 - 2016-11-17 08:49 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-07-12 23:12 - 2016-07-12 23:12 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-12 23:22 - 2016-07-12 23:22 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-11-17 13:54 - 2016-10-25 08:01 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2016-11-17 13:53 - 2016-10-25 05:49 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-11-17 13:52 - 2016-10-25 05:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-11-17 13:52 - 2016-10-25 05:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-11-17 13:53 - 2016-10-25 05:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-07-21 18:36 - 2016-07-21 18:36 - 00401920 _____ () C:\Windows\system32\igfxTray.exe 2016-11-17 08:09 - 2010-10-26 21:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2016-12-16 12:43 - 2016-12-16 12:43 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe 2016-11-24 10:13 - 2013-08-31 06:44 - 02417152 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\QtCore4.dll 2016-11-24 10:13 - 2013-08-31 06:46 - 01148416 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\QtNetwork4.dll 2016-11-24 10:13 - 2009-01-10 19:32 - 00011362 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\mingwm10.dll 2016-11-24 10:13 - 2009-06-23 03:42 - 00043008 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\libgcc_s_dw2-1.dll 2016-11-17 08:48 - 2016-11-17 08:49 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-11-17 08:48 - 2016-11-17 08:49 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2017-03-02 15:51 - 2017-03-02 10:11 - 00115712 _____ () c:\programdata\apple\apps\config.dll 2017-03-02 15:51 - 2017-03-02 10:11 - 00115712 _____ () C:\ProgramData\Apple\Apps\config.dll 2016-12-16 12:43 - 2016-12-16 12:43 - 12163072 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.dll 2016-12-16 12:40 - 2016-12-16 12:41 - 00958464 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe\SQLite3Wrapper.dll 2015-10-30 10:10 - 2015-10-30 10:10 - 00645120 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll 2016-11-17 08:42 - 2016-11-17 08:42 - 03312024 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x64.sys [25444] AlternateDataStreams: C:\Windows\system32\drivers:x64 [1498914] AlternateDataStreams: C:\Windows\system32\drivers:x86 [1224482] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 08:24 - 2017-03-06 13:48 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sss\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{fdd6e80e-b121-44be-a340-9709ab13b658}.JPG DNS Servers: 212.200.190.166 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{4371D441-E53D-4ABD-98E9-BCC120A55D07}] => (Allow) C:\Windows\KMS-R@1n.exe FirewallRules: [{0CCECE61-C946-4DBA-8539-C5FF850AF55D}] => (Allow) C:\Windows\KMS-R@1n.exe FirewallRules: [{38902E26-9782-4130-BFA3-4D2A0C62ED4F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{95EBCC2A-40B4-422E-A8E7-51CC54CEC7D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7D4E8DCA-BD6B-43FC-931A-877CB1289769}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{38621BF8-8EF0-4264-BA2B-4C4908357B49}] => (Allow) C:\Users\Sss\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{93BE5776-4437-44BD-87A3-11B1C13D8ADC}] => (Allow) C:\Users\Sss\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0614954E-4C2B-4DBA-A189-62095CE35222}] => (Allow) C:\Users\Sss\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{43AE2B0B-8C91-4A9E-B02E-156D6257B9B4}] => (Allow) C:\Users\Sss\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D7E00156-FDC3-4E07-89FF-B413FD54D178}] => (Allow) C:\Users\Sss\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{40167BD1-34D9-421C-8CD9-34D6974CE680}] => (Allow) C:\Users\Sss\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2373382D-7554-443D-A393-FD4DB5D69C22}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{ADC8BB9C-D8FC-471B-9139-F38EC4D1F160}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{A3CCCBBE-2D86-4C2D-9AEE-5ACC162ADB08}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{256D8942-7B10-4A8A-ADE2-272047397593}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{D044011B-6819-4094-9E53-C02FE921DE08}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{8AD32311-25CD-4499-8F26-1DF301211236}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{BDCACB12-098C-430C-89CD-729EBD551617}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{F36E2E85-0118-4F4C-972A-0668EB239E6A}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe FirewallRules: [{79B01615-BB9C-4714-BCA4-D621C7E93091}] => (Allow) C:\Program Files (x86)\Legass\Application\chrome.exe FirewallRules: [{A8A3AC7F-7227-4851-85B4-73DB8CFDBE37}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{EBEB68AB-C2B8-42C8-A879-84EDB0652353}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe FirewallRules: [{6248D14B-33A5-4860-9708-AD147FEBC14B}] => (Allow) C:\Program Files (x86)\MIO\loader\st500lm000-sshd-8gb_w766m186xxxxw766m186.dat FirewallRules: [{93B48A38-6FFE-4570-9D59-121550B3930A}] => (Allow) C:\Program Files (x86)\MIO\loader\st500lm000-sshd-8gb_w766m186xxxxw766m186.dat FirewallRules: [{7F7D16F3-C16A-402E-AE8F-F23A215E4493}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{249EC9D6-FCB6-4D38-BDCB-CEC9B24479C3}] => (Allow) C:\Windows\System32\rundll32.exe ==================== Restore Points ========================= 14-02-2017 19:29:45 Scheduled Checkpoint 24-02-2017 16:05:38 Scheduled Checkpoint 26-02-2017 00:01:25 Driver Booster : ELAN Input Device 01-03-2017 15:35:22 Removed amuleC 02-03-2017 16:04:46 Removed WinSnare 05-03-2017 14:50:21 Removed WinSnare ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/06/2017 02:34:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10586.672, time stamp: 0x580ef184 Faulting module name: MSHTML.dll, version: 11.0.10586.672, time stamp: 0x580ee321 Exception code: 0xc0000005 Fault offset: 0x00ef7dbc Faulting process id: 0x1f2c Faulting application start time: 0x01d2967c0c8aefd7 Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\SYSTEM32\MSHTML.dll Report Id: 8095e8eb-2b72-462a-a53c-dca0e6db3c2d Faulting package full name: Faulting package-relative application ID: Error: (03/06/2017 01:49:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U2VFKGI) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (03/06/2017 01:49:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U2VFKGI) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (03/06/2017 01:49:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U2VFKGI) Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (03/06/2017 01:49:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.10586.494, time stamp: 0x5775e94c Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10586.672, time stamp: 0x580eeb60 Exception code: 0xc000027b Fault offset: 0x00000000006fd1db Faulting process id: 0x1534 Faulting application start time: 0x01d2967808ba1143 Faulting application path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll Report Id: f4199c6d-f567-4c45-8883-d5690bc693d9 Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: App Error: (03/06/2017 01:49:03 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-U2VFKGI) Description: Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy32 Error: (03/06/2017 01:49:03 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-U2VFKGI) Description: Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy32 Error: (03/05/2017 07:46:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe_OneSyncSvc_298a5, version: 10.0.10586.0, time stamp: 0x5632d7ba Faulting module name: ntdll.dll, version: 10.0.10586.672, time stamp: 0x580ee321 Exception code: 0xc0000008 Fault offset: 0x00000000000a8c6a Faulting process id: 0xe28 Faulting application start time: 0x01d295cd342193f8 Faulting application path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 2bee1203-1749-4dbe-963f-b89dd5007b3b Faulting package full name: Faulting package-relative application ID: Error: (03/05/2017 05:26:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Nettrans.exe, version: 1.0.0.0, time stamp: 0x58b841f5 Faulting module name: KERNELBASE.dll, version: 10.0.10586.672, time stamp: 0x580efb0a Exception code: 0xe0434352 Fault offset: 0x000bdb18 Faulting process id: 0xc68 Faulting application start time: 0x01d295cd3236e40c Faulting application path: C:\ProgramData\PrefersSecure\Nettrans.exe Faulting module path: C:\Windows\SYSTEM32\KERNELBASE.dll Report Id: 6115a40e-464a-417c-b983-616da30b340b Faulting package full name: Faulting package-relative application ID: Error: (03/05/2017 05:26:09 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Nettrans.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.ArgumentNullException at System.String.Join(System.String, System.String[]) at Application_Hosting.Service1..ctor(System.String[]) at Application_Hosting.Program.Main(System.String[]) System errors: ============= Error: (03/06/2017 01:54:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The PearhasSU service failed to start due to the following error: The system cannot find the file specified. Error: (03/06/2017 01:49:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The mts mobilni internet. RunOuc service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (03/06/2017 01:49:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the mts mobilni internet. RunOuc service to connect. Error: (03/06/2017 01:49:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The iedvutils service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (03/06/2017 01:49:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the iedvutils service to connect. Error: (03/06/2017 01:49:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The WWAN AutoConfig service terminated with the following error: Overlapped I/O operation is in progress. Error: (03/06/2017 01:49:16 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U2VFKGI) Description: The server {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} did not register with DCOM within the required timeout. Error: (03/06/2017 01:49:15 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-U2VFKGI) Description: Unable to start a DCOM Server: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\Windows\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca Error: (03/06/2017 01:49:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U2VFKGI) Description: The server CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca did not register with DCOM within the required timeout. Error: (03/06/2017 01:49:13 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U2VFKGI) Description: The server App did not register with DCOM within the required timeout. CodeIntegrity: =================================== Date: 2017-03-06 11:56:30.762 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-06 11:56:30.702 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-05 20:19:05.598 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-05 20:19:05.559 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-05 20:16:45.129 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-05 20:16:45.089 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-05 15:26:08.413 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-05 15:26:08.366 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-05 14:25:26.545 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-05 14:25:26.502 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz Percentage of memory in use: 63% Total physical RAM: 4008.3 MB Available physical RAM: 1463.9 MB Total Virtual: 4392.3 MB Available Virtual: 1156.66 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.33 GB) (Free:176.47 GB) NTFS Drive d: (New Volume) (Fixed) (Total:232.88 GB) (Free:231.15 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: D9FA2484) Partition: GPT. ==================== End of Addition.txt ============================ Dopuna: 06 Mar 2017 15:59 mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 06 Mar 2017 16:27 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisi mi odgovorila na pitanje.

Profil

Ivaaana Poslao: 06 Mar 2017 16:50 Idi na vrh
offline Ivaaana Novi MyCity građanin Pridružio: 06 Mar 2017 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! precice? mozila da, za hrom nisam sigurna,ali mislim da ne.jer, njega nisam ni htela da skinem, vec sam ga greskom instalirala.

Profil

TwinHeadedEagle Poslao: 06 Mar 2017 23:30 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu, odradicemo jos jedan fix. Kazi mi da li je ovo vratilo Firefox precicu na radnu povrsinu. 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: createrestorepoint: closeprocesses: emptytemp: cmd: ipconfig /flushdns Task: {02380E51-E746-4A44-91D6-19126E807F78} - \application\6-1 -> No File <==== ATTENTION Task: {0F1B0E4F-DBAF-42FF-8E77-1861533EAAF4} - \application\ucbrowser -> No File <==== ATTENTION Task: {10C9BBBE-479E-4A75-A93A-0A05DD9025D9} - \application\6 -> No File <==== ATTENTION Task: {1A87B2D7-CA53-4C95-965C-C1DCC88913E7} - \security\uclauncher-x64 -> No File <==== ATTENTION Task: {20995D9F-9A4D-4610-B278-BA4B6D1DFB93} - \application\6-1-2107-202\ucagent -> No File <==== ATTENTION Task: {2B34138A-8596-4ABC-8F77-43DFB75FAE09} - \application\6-1-2107-202\stats_uploader -> No File <==== ATTENTION Task: {449B08EC-7E05-412B-84F7-2E3EF5657982} - \96R5758T3234Y732 -> No File <==== ATTENTION Task: {56D0FC8A-EA28-485B-87BF-045957FB85D1} - \security\uclauncher -> No File <==== ATTENTION Task: {612CE7BB-85A8-4F20-8F37-50CE1C793AEF} - \application\6-0-1471-913\installer\chrmstp -> No File <==== ATTENTION Task: {684EB2D6-42D3-4A06-8AC8-3065950C744E} - \ed2k -> No File <==== ATTENTION Task: {6D117868-8D9A-4AE0-965A-23C2EDA87ED0} - \application\6-1-2107-201\stats_uploader -> No File <==== ATTENTION Task: {71C2B8CB-F4DF-43FA-B1A9-D5246B771B60} - \application\6-0-1471-913\installer\chrmstp-exe -> No File <==== ATTENTION Task: {8534CDDF-0536-4A0F-950B-44A4EFE00749} - \application\6-1-2107 -> No File <==== ATTENTION Task: {92626B58-0212-4B14-B150-B7ACDD5A3560} - \shared\product updater\produpd -> No File <==== ATTENTION Task: {A654BC3E-F0D8-4F25-B2D4-6962E448B9A0} - \96R5758T3234Y732-dll -> No File <==== ATTENTION Task: {AFEED437-5EA0-4B84-A8AA-FEAFEFD86B71} - \UCBrowserSecureUpdater -> No File <==== ATTENTION Task: {718BC0F8-532D-40A3-86A4-03E85853B53C} - System32\Tasks\hostTask => C:\ProgramData\NetworkPacketManitor\tree.exe C:\ProgramData\NetworkPacketManitor Task: {BCDEAA61-FA09-4A8E-9E01-EB8DB349FE29} - \application\6-1-2107-201\ucagent -> No File <==== ATTENTION HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\...\Run: [c#C3t9VeQ6.exe] => C:\Users\Sss\AppData\Roaming\{e49-c0-da-5d46d-a3d92-d447-eb3f4}\c#C3t9VeQ6.exe -r1_1 -r2_1 Task: {F0A7550F-A1F3-40AF-AA60-74D6B94AA24F} - \systemsettings -> No File <==== ATTENTION C:\Users\Sss\AppData\Roaming\{e49-c0-da-5d46d-a3d92-d447-eb3f4} AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x64.sys [25444] AlternateDataStreams: C:\Windows\system32\drivers:x64 [1498914] AlternateDataStreams: C:\Windows\system32\drivers:x86 [1224482] FirewallRules: [{8AD32311-25CD-4499-8F26-1DF301211236}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{BDCACB12-098C-430C-89CD-729EBD551617}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{F36E2E85-0118-4F4C-972A-0668EB239E6A}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe C:\Users\Sss\AppData\Roaming\.exe HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\...\MountPoints2: {568f4319-b61b-11e6-a65d-34de1accfded} - "F:\AutoRun.exe" HKU\S-1-5-21-2903584577-3267121318-1954550345-1001\...\MountPoints2: {ba2a390c-b025-11e6-a65c-34de1accfded} - "F:\AutoRun.exe" HKLM\...\Providers\thvng18e: C:\Program Files (x86)\Ckbpycazery Launcher\local64spl.dll HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} SearchScopes: HKLM -> DefaultScope value is missing SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1488543064&z=bf85e26d7eb2ec090a74a0bg0zabcbcw5z3cfefq8b&from=che0812&uid=ST500LM000-SSHD-8GB_W766M186XXXXW766M186&q={searchTerms} SearchScopes: HKU\S-1-5-21-2903584577-3267121318-1954550345-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Edge HomeButtonPage: HKU\S-1-5-21-2903584577-3267121318-1954550345-1001 -> hxxp://www.google.com FF NewTab: Mozilla\Firefox\Profiles\x5u0tmdf.default -> about:newtab FF Homepage: Mozilla\Firefox\Profiles\x5u0tmdf.default -> about:home R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] S2 PearhasSU; "C:\Users\Sss\AppData\Local\Temp\1\BaofengUpdate_U.exe" /i [X] <==== ATTENTION 2017-02-25 22:45 - 2017-02-25 22:46 - 00000000 ____D C:\Users\Sss\AppData\LocalLow\IObit 2017-02-25 22:45 - 2017-02-25 22:45 - 00000000 ____D C:\Windows\IObit 2017-02-25 22:45 - 2017-02-25 22:45 - 00000000 ____D C:\ProgramData\IObit 2017-02-25 22:44 - 2017-02-25 22:44 - 00000000 ____D C:\Users\Sss\AppData\Roaming\IObit Tcpip\Parameters: [DhcpNameServer] 212.200.190.166 Tcpip\..\Interfaces\{61f83a21-1ef1-4969-9152-2e67cfa75660}: [DhcpNameServer] 212.200.190.166 Tcpip\..\Interfaces\{779bab78-450b-4637-80f6-30e2308c1153}: [NameServer] 172.21.21.157 172.21.21.158 Tcpip\..\Interfaces\{a087e6dd-3cf9-4432-ad99-3c07897f7d6a}: [NameServer] 172.21.21.157 172.21.21.158 2017-02-25 22:43 - 2017-03-06 13:48 - 00000000 ___HD C:\ProgramData\96R5758T3234Y732 R2 Apps_Cfg; C:\ProgramData\Apple\Apps\config.dll [115712 2017-03-02] () [File not signed] C:\ProgramData\Apple 2017-03-01 12:29 - 2017-03-01 12:29 - 00000000 ____D C:\Program Files (x86)\thvng18e 2017-03-01 15:35 - 2017-03-01 15:36 - 00000000 ____D C:\Windows\system32\appmgmt 2017-03-01 13:47 - 2017-03-05 17:25 - 00000000 ____D C:\Windows\system32\log 2017-03-01 13:47 - 2017-03-02 16:04 - 00000000 _____ C:\Windows\SysWOW64\4 2017-03-01 13:47 - 2017-03-02 16:04 - 00000000 _____ C:\Windows\SysWOW64\3 2017-03-01 13:46 - 2017-03-01 13:47 - 00000000 ____D C:\Program Files (x86)\Pearhas 2017-03-01 13:46 - 2017-03-01 13:46 - 00000000 ____D C:\Program Files (x86)\58B6C2C0_jumpeasy 2017-03-01 13:45 - 2017-03-06 13:48 - 00000000 ____D C:\Program Files (x86)\Explorer 2017-03-01 13:45 - 2017-03-01 13:47 - 00000000 ____D C:\Program Files (x86)\58B6C254_jumpeasy 2017-03-02 15:50 - 2017-03-02 15:50 - 00000000 ____D C:\Program Files (x86)\Legass cmd: attrib -h %public%\Desktop\.lnk cmd: attrib -h %userprofile%\Desktop\*.lnk 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Molim za pomoc...

Ko je trenutno na forumu

Ukupno su 1159 korisnika na forumu :: 36 registrovanih, 6 sakrivenih i 1117 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Alexandar-1973, Andrija357, antonije64, Belac91, Buzdovan, cenejac111, CikaKURE, comi_pfc, debeli, dejina811, FOX, galerija, Georgius, hologram, krkalon, Kubovac, Litostroton, ljuba, mercedesamg, Mi lao shu, MikeHammer, milan.vukovic, milenko crazy north, Milos82, ObelixSRB, Parker, repac, rodoljub, stalja, Stanlio, stegonosa, Trpe Grozni, vathra, zapclink, |_MeD_|

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by