Provera?Jako spor laptop

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Pozdrav!
Imam Asus X553 M(Celeron N2840, 2,16 GHz, 2 Gb RAM)
Windows 7 Home premium 64bit

Znam da ne mogu puno da očekujem od njega,ali u zadnjih par meseci je užasno spor.Stalno se 'zakoči',sporo radi...Žena ga uglavnom koristi,isključivo za internet.
Evo izveštaja:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Biljana (administrator) on BILJANA-PC (27-01-2018 22:29:12)
Running from C:\Users\Biljana\Desktop
Loaded Profiles: Biljana (Available Profiles: Biljana)
Platform: Windows 7 Home Premium (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-2734093630-2476346512-2507785125-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2734093630-2476346512-2507785125-1000\...\MountPoints2: {9de4034f-9233-11e6-975f-e2facf833b35} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-2734093630-2476346512-2507785125-1000\...\MountPoints2: {9de40365-9233-11e6-975f-e2facf833b35} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-2734093630-2476346512-2507785125-1000\...\MountPoints2: {e607c575-4791-11e7-91ce-db367ecd0028} - F:\.\Autorun.exe AUTORUN=1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{77882C32-BF16-4991-85A4-07B27786A537}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKU\S-1-5-21-2734093630-2476346512-2507785125-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKLM -> DefaultScope value is missing
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-06] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-06] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: z9dio91k.default
FF ProfilePath: C:\Users\Biljana\AppData\Roaming\Mozilla\Firefox\Profiles\z9dio91k.default [2018-01-27]
FF user.js: detected! => C:\Users\Biljana\AppData\Roaming\Mozilla\Firefox\Profiles\z9dio91k.default\user.js [2017-06-23]
FF Homepage: Mozilla\Firefox\Profiles\z9dio91k.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\z9dio91k.default -> about:newtab
FF Extension: (Grammarly for Firefox) - C:\Users\Biljana\AppData\Roaming\Mozilla\Firefox\Profiles\z9dio91k.default\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2017-12-07]
FF Extension: (Pinterest Save Button) - C:\Users\Biljana\AppData\Roaming\Mozilla\Firefox\Profiles\z9dio91k.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2018-01-25]
FF Extension: (S3.Translator) - C:\Users\Biljana\AppData\Roaming\Mozilla\Firefox\Profiles\z9dio91k.default\Extensions\s3google@translator.xpi [2017-12-22]
FF Extension: (Adblock Plus) - C:\Users\Biljana\AppData\Roaming\Mozilla\Firefox\Profiles\z9dio91k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-13]
FF HKU\S-1-5-21-2734093630-2476346512-2507785125-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-25] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-25] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-06] (Oracle Corporation)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\enpsysau.js [2017-07-16]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> [Link mogu videti samo ulogovani korisnici]
CHR StartupUrls: Default -> "hxxp://websearch.searchmania.info/?pid=21236&r=2014/12/08&hid=16405736114968320125&lg=EN&cc=RS&unqvl=70","hxxp://www.sweet-page.com/?type=hp&ts=1418911010&from=cor&uid=WDCXWD1600BB-00RDA0_WD-WCANME42290022900"
CHR Profile: C:\Users\Biljana\AppData\Local\Google\Chrome\User Data\Default [2018-01-27]
CHR Extension: (Slagalica fer igra - Ludara.com) - C:\Users\Biljana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpifakoabdhigpeebhalfkjkoidenba [2017-08-05]
CHR Extension: (Google Sheets) - C:\Users\Biljana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-19]
CHR Extension: (Google dokumenti izvanmrežno) - C:\Users\Biljana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-05]
CHR Extension: (Speed Test) - C:\Users\Biljana\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlhbmnfdcklajeaeikfinieljfegamko [2017-08-05]
CHR Extension: (Norton Identity Safe) - C:\Users\Biljana\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-08-08]
CHR Extension: (Grammarly for Chrome) - C:\Users\Biljana\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-09-08]
CHR Extension: (Plaćanja u web-trgovini Chrome) - C:\Users\Biljana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Biljana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-19]
CHR Extension: (Chrome Media Router) - C:\Users\Biljana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-05]
CHR Profile: C:\Users\Biljana\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-11-08]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - <no Path/update_url>
CHR HKU\S-1-5-21-2734093630-2476346512-2507785125-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - [Link mogu videti samo ulogovani korisnici]
CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - [Link mogu videti samo ulogovani korisnici]

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\TC UP\PLUGINS\Media\Opera\launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2017-08-06] (Intel Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2017-07-10] (Broadcom Corporation.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-07-10] (REALiX(tm))
R1 LanmaMaster; C:\Windows\system32\drivers\lanmamaster.sys [1468520 2010-12-24] () [File not signed] <==== ATTENTION
R2 UefGdstor; C:\Windows\system32\drivers\UefGdstor.sys [181608 2010-12-24] () [File not signed] <==== ATTENTION
S1 ZAM; no ImagePath
S1 ZAM_Guard; no ImagePath
S1 ESProtectionDriver; \??\C:\Windows\system32\drivers\mbae64.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwusb_cdcacm; system32\DRIVERS\ew_cdcacm.sys [X]
S3 hwusb_wwanecm; system32\DRIVERS\ew_wwanecm.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170805.001\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170805.001\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-27 22:29 - 2018-01-27 22:30 - 000009976 _____ C:\Users\Biljana\Desktop\FRST.txt
2018-01-27 22:29 - 2018-01-27 22:29 - 000000000 ____D C:\FRST
2018-01-27 22:27 - 2018-01-27 22:27 - 002393088 _____ (Farbar) C:\Users\Biljana\Desktop\FRST64.exe
2018-01-27 22:15 - 2018-01-27 22:15 - 000057560 _____ C:\Users\Biljana\AppData\Local\GDIPFONTCACHEV1.DAT
2018-01-27 22:10 - 2018-01-27 22:10 - 000265552 _____ C:\Windows\system32\FNTCACHE.DAT
2018-01-19 19:51 - 2018-01-19 19:51 - 000000000 ___HD C:\$Windows.~WS

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-27 22:22 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-27 22:22 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-27 22:18 - 2016-11-20 00:20 - 000000000 ____D C:\Users\Biljana\AppData\LocalLow\Mozilla
2018-01-27 22:18 - 2009-07-14 06:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-27 22:18 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-01-27 22:14 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-27 22:13 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-01-27 22:11 - 2017-08-06 17:10 - 000000000 ____D C:\ProgramData\Norton
2018-01-27 22:11 - 2017-08-05 23:08 - 000000000 ____D C:\Users\Biljana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly
2018-01-27 22:11 - 2017-08-05 23:08 - 000000000 ____D C:\Users\Biljana\AppData\Local\GrammarlyForWindows
2018-01-27 20:38 - 2017-08-25 23:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-25 22:54 - 2016-10-14 14:34 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-01-25 22:54 - 2016-10-14 14:34 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-25 22:54 - 2016-10-14 14:34 - 000004314 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-01-25 22:54 - 2016-10-14 14:34 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-01-25 22:54 - 2016-10-14 14:34 - 000000000 ____D C:\Windows\system32\Macromed
2018-01-25 22:54 - 2016-10-14 14:32 - 000000000 ____D C:\Users\Biljana\AppData\Local\Adobe
2018-01-24 23:35 - 2016-10-14 20:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-24 03:53 - 2017-10-02 21:14 - 000000000 ____D C:\Program Files (x86)\FreeCommander XE
2018-01-20 04:58 - 2017-01-26 20:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-19 19:52 - 2016-10-14 20:26 - 000000000 ____D C:\Windows\Panther
2018-01-19 19:04 - 2016-10-19 17:27 - 000000000 ____D C:\Users\Biljana\AppData\Local\ElevatedDiagnostics
2018-01-15 13:54 - 2017-08-06 17:10 - 000000000 ____D C:\ProgramData\NortonInstaller
2018-01-12 19:34 - 2016-10-14 11:24 - 000000000 ____D C:\Windows\system32\MRT
2018-01-12 19:29 - 2017-10-12 05:55 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-01-12 19:29 - 2016-10-14 11:24 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2017-06-23 08:39 - 2017-06-23 08:39 - 007307264 _____ () C:\Users\Biljana\AppData\Local\agent.dat
2017-06-23 08:39 - 2017-06-23 08:39 - 000136824 _____ () C:\Users\Biljana\AppData\Local\Apfix.bin
2017-06-23 08:39 - 2017-06-23 08:39 - 000070800 _____ () C:\Users\Biljana\AppData\Local\Config.xml
2017-06-23 08:39 - 2017-06-23 08:39 - 001896509 _____ () C:\Users\Biljana\AppData\Local\Damzoolab.tst
2017-06-23 08:39 - 2017-06-23 08:39 - 000018432 _____ () C:\Users\Biljana\AppData\Local\Main.dat
2017-06-23 08:39 - 2017-06-23 08:39 - 000005568 _____ () C:\Users\Biljana\AppData\Local\md.xml
2017-06-23 08:39 - 2017-06-23 08:39 - 000126464 _____ () C:\Users\Biljana\AppData\Local\noah.dat
2017-06-23 08:37 - 2017-06-23 08:39 - 000930816 _____ () C:\Users\Biljana\AppData\Local\test_db_cara.db
2017-06-23 08:40 - 2017-06-23 08:40 - 000001150 _____ () C:\Users\Biljana\AppData\Local\uninstall_temp.ico

Some files in TEMP:
====================
2018-01-27 22:11 - 2017-04-21 04:01 - 011413512 _____ (SurfRight B.V.) C:\Users\Biljana\AppData\Local\Temp\HitmanPro.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-26 06:29

==================== End of FRST.txt ============================
[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

CHR HomePage: Default -> hxxp://websearch.searchmania.info/?pid=21236&r=2014/12/08&hid=16405736114968320125&lg=EN&cc=RS&unqvl=70
CHR StartupUrls: Default -> "hxxp://websearch.searchmania.info/?pid=21236&r=2014/12/08&hid=16405736114968320125&lg=EN&cc=RS&unqvl=70","hxxp://www.sweet-page.com/?type=hp&ts=1418911010&from=cor&uid=WDCXWD1600BB-00RDA0_WD-WCANME42290022900"
Task: {98989D46-7067-4594-B0FC-A8DC1D6E7880} - \{09090C47-0978-7E0B-7A11-0879087E117D} -> No File <==== ATTENTION
Task: {EE596898-2266-411A-BB91-8D9D019007B0} - \SDL Keyboard Screensaver -> No File <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
C:\Program Files (x86)\Microleaves


U okviru Notepad-a klikni na File --> Save As
Pod Encoding izaberi UTF-8.
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Biljana (28-01-2018 14:05:26) Run:1
Running from C:\Users\Biljana\Desktop
Loaded Profiles: Biljana (Available Profiles: Biljana)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CHR HomePage: Default -> [Link mogu videti samo ulogovani korisnici]
CHR StartupUrls: Default -> "hxxp://websearch.searchmania.info/?pid=21236&r=2014/12/08&hid=16405736114968320125&lg=EN&cc=RS&unqvl=70","hxxp://www.sweet-page.com/?type=hp&ts=1418911010&from=cor&uid=WDCXWD1600BB-00RDA0_WD-WCANME42290022900"
Task: {98989D46-7067-4594-B0FC-A8DC1D6E7880} - \{09090C47-0978-7E0B-7A11-0879087E117D} -> No File <==== ATTENTION
Task: {EE596898-2266-411A-BB91-8D9D019007B0} - \SDL Keyboard Screensaver -> No File <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
C:\Program Files (x86)\Microleaves
*****************

"Chrome HomePage" => not found
"Chrome StartupUrls" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98989D46-7067-4594-B0FC-A8DC1D6E7880} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98989D46-7067-4594-B0FC-A8DC1D6E7880} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{09090C47-0978-7E0B-7A11-0879087E117D} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EE596898-2266-411A-BB91-8D9D019007B0} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE596898-2266-411A-BB91-8D9D019007B0} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SDL Keyboard Screensaver => key not found
"C:\Windows\Tasks\Online Application V2G1.job" => not found
"C:\Windows\Tasks\Online Application V2G2.job" => not found
"C:\Windows\Tasks\Online Application V2G3.job" => not found
"C:\Program Files (x86)\Microleaves" => not found

==== End of Fixlog 14:05:26 ====

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi Malwarebytes Anti-Malware sa ovog ili ovog ili ovog linka i instaliraj aplikaciju.
Pokreni mb3-setup-consumer-{verzija}.exe i isprati uputstva za instalaciju programa. Nakon instalacije, klikni na Finish

Prilikom prvog pokretanja, program će prikazati prozor "dobrodošlice". Slobodno zatvori taj prozor.
Napomena: Premium funkcije programa su već aktivirane i važe 13 dana od trenutka instalacije. Premium funkcije možeš isključiti preko Settings > My Account tab podešavanja.

• Podešavanja skenera - u Settings, klikni na Protection tab. Ispod Scan Options sekcije, uključi "Scan for rootkits" opciju.
• Pripremi podešavanja za Threat Scan - u Dashboard , klikni na Scan Now dugme. MBAM će ažurirati bazu i započeti skeniranje.

Kada se skeniranje završi, ako je infekcija detektovana, obrati pažnju da je sve označeno, pa klikni na Remove Selected. Restartuj računar ako program upita za restart.
• Dostavi log: Pod Reports izaberi trenutni datum izveštaja Scan Report i potom klikni na View Report.

Izvezi log na Desktop;
- Klikni na Export dugme na dnu, pa onda izaberi 'Text file (*.txt)'
# U Save File dijalogu koji se pojavi, klikni na Desktop. U File name: polje, upiši "mbam" (bez navodnika) i klikni na Save.
- Pojaviće se poruka "Your file has been successfully exported", klikni Ok i zatvori prozor.


• U odgovoru prikači mbam.txt log koristeći "Prikači fajl" opciju.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 28 Jan 2018 14:31

This publisher has bee blocked from running on your machine!
To mi izbaci kada hoću da instaliram Malwarebytes Anti-Malware

Dopuna: 28 Jan 2018 14:33

Pardon-evo uspeo sam da ga instaliram.

Dopuna: 28 Jan 2018 14:39

Instalirao-ali neće da ga pokrene ni posle restarta računara ni 'run as administator'.U task manageru se vidi da ide 'Malwarebytes service' al ne radi!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uslikaj mi to upozorenje.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Evo

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Vjerovatno zbog neažuriranog Windowsa dobijaš to upozorenje, ali nemoj me držati za riječ.


• Sledeća procedura će implementirati završno čišćenje.

Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ok.Verovatno je zbog toga.Već odavno neće da mi instalira 'Service pack 1' za windows.I danas sam probao sve i svašta,ali neće.Svejedno hvala na vremenu i trudu!
Pozdrav