Usporio racunar! Pomoc!

Usporio racunar! Pomoc!

offline
  • Pridružio: 10 Jan 2012
  • Poruke: 27

Napisano: 21 Mar 2018 21:18

Racunar (laptop) osetno usporio!
Problemi prilikom otvaranja Chrom-a!
Dostavljamo trazene logove:

Dopuna: 21 Mar 2018 21:20

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14.03.2018
Ran by Korisnik (administrator) on KORISNIK-PC (21-03-2018 21:11:19)
Running from C:\Users\Korisnik\Desktop
Loaded Profiles: Korisnik (Available Profiles: Korisnik)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\stacsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\AEstSrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
() C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(HP) C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-01-28] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-01-28] (Hewlett-Packard Company)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-10] (AVAST Software)
HKLM\...\Run: [HP CP1020 System Tray] => C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE [2621952 2012-12-24] (HP)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM\...\RunOnce: [SBrowserCheck] => C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [2482128 2018-03-21] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1146453529-3827096963-1341687669-1000\ DisallowedCertificates: FDF01DD3F37C66AC4C779D92623C77814A07FE4C (U)
HKU\S-1-5-21-1146453529-3827096963-1341687669-1000\...\Run: [Facebook Update] => C:\Users\Korisnik\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-07] (Facebook Inc.)
HKU\S-1-5-21-1146453529-3827096963-1341687669-1000\...\Run: [AdobeBridge] => [X]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{B06E39AF-A92C-4219-B2F8-0C38389DC1C8}: [NameServer] 192.168.8.1
Tcpip\..\Interfaces\{D34264B1-7575-41CC-BD8D-7C6EBF5BF6ED}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1146453529-3827096963-1341687669-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-1146453529-3827096963-1341687669-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1146453529-3827096963-1341687669-1000 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ie_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_0_1201_1403_20160227_RS_ie_ds_&tag=bds-p17-serp-us-ie-20&query={searchTerms}
BHO: No Name -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> No File
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-27] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-10] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-27] (Oracle Corporation)
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

FireFox:
========
FF DefaultProfile: 76mi78ms.default-1435490759137
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\76mi78ms.default-1435490759137 [2016-09-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-14] ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-05-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.732 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-06-02] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.732 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-06-02] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
FF Plugin HKU\S-1-5-21-1146453529-3827096963-1341687669-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Korisnik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR HomePage: Default -> amazon.com
CHR DefaultSearchURL: Default -> hxxps://www.amazon.com/websearch/?ie=UTF8__PARAM__&query={searchTerms}
CHR DefaultSearchKeyword: Default -> amazon
CHR Profile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default [2018-03-21]
CHR Extension: (Slides) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-04]
CHR Extension: (YouTube) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-04]
CHR Extension: (Sheets) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Avira Browser Safety) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-09]
CHR Extension: (Google Docs Offline) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-04]
CHR Extension: (Skype) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-04]
CHR Extension: (Merry Christmas) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnmjckfjclclmjiekoibnmoglogldeh [2015-12-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-04]
CHR Extension: (Chrome Media Router) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-17]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1146453529-3827096963-1341687669-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ooebgdicanjhnamfmdlmlbcnkgehkkmf] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1146453529-3827096963-1341687669-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5906816 2018-01-10] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-10] (AVAST Software)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [265272 2010-01-28] (Hewlett-Packard Company)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.0\my.ini [9250 2017-09-26] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45056 2013-11-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2013-11-14] (Hewlett-Packard) [File not signed]
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [229458 2010-01-28] (IDT, Inc.)
S2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [158224 2018-01-10] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [255584 2018-01-10] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157376 2018-01-10] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276696 2018-01-10] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50344 2018-01-10] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [118144 2018-01-10] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42824 2018-01-10] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39752 2017-08-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [123880 2018-01-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [99528 2018-01-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70832 2018-01-10] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783104 2018-01-10] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [390256 2018-01-11] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [151328 2018-01-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [294680 2018-01-10] (AVAST Software)
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV32.sys [105984 2009-10-27] (QUALCOMM Incorporated)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2011-02-21] (Padus, Inc.) [File not signed]
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [83336 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [15112 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [108680 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [98696 2007-04-24] (MCCI Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-01-18] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-09-13] ()
U3 ar4qicwv; C:\Windows\system32\Drivers\ar4qicwv.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-21 21:11 - 2018-03-21 21:12 - 000018749 _____ C:\Users\Korisnik\Desktop\FRST.txt
2018-03-21 21:09 - 2018-03-21 21:08 - 001764352 _____ (Farbar) C:\Users\Korisnik\Desktop\FRST.exe
2018-03-21 21:08 - 2018-03-21 21:08 - 001764352 _____ (Farbar) C:\Users\Korisnik\Downloads\FRST (1).exe
2018-03-21 20:50 - 2018-03-21 20:50 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-03-01 20:23 - 2018-03-01 20:23 - 001129816 _____ (Google Inc.) C:\Users\Korisnik\Downloads\ChromeSetup (12).exe
2018-02-21 21:52 - 2018-02-21 21:52 - 000892129 _____ C:\Users\Korisnik\Desktop\danijela.studio3
2018-02-21 21:52 - 2018-02-21 21:52 - 000273103 _____ C:\Users\Korisnik\Desktop\danijela.studio
2018-02-21 21:00 - 2018-02-21 21:00 - 002564168 _____ C:\Users\Korisnik\Downloads\overspray.zip
2018-02-21 20:52 - 2018-02-21 20:52 - 000641461 _____ C:\Users\Korisnik\Downloads\vacations-in-phuket.zip
2018-02-21 20:47 - 2018-02-21 20:47 - 000119867 _____ C:\Users\Korisnik\Downloads\miraculous-christmas.zip
2018-02-21 20:46 - 2018-02-21 20:46 - 000039524 _____ C:\Users\Korisnik\Downloads\gorgeous-jhen.zip
2018-02-21 20:45 - 2018-02-21 20:45 - 000017653 _____ C:\Users\Korisnik\Downloads\axettac.zip
2018-02-21 20:43 - 2018-02-21 20:43 - 000753316 _____ C:\Users\Korisnik\Downloads\the-west-gate.zip
2018-02-21 20:37 - 2018-02-21 20:37 - 001129816 _____ (Google Inc.) C:\Users\Korisnik\Downloads\ChromeSetup (11).exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-21 21:12 - 2009-07-14 05:34 - 000016880 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-21 21:12 - 2009-07-14 05:34 - 000016880 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-21 21:11 - 2017-08-23 12:49 - 000000000 ____D C:\FRST
2018-03-21 21:06 - 2017-12-26 12:08 - 000000332 _____ C:\Windows\Tasks\HPCeeScheduleForKorisnik.job
2018-03-21 21:00 - 2015-06-28 11:04 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-21 21:00 - 2015-06-28 11:04 - 000002089 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-21 20:58 - 2015-02-10 16:15 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\TeamViewer
2018-03-21 20:50 - 2015-06-27 18:15 - 000000188 _____ C:\ProgramData\HPWALog.txt
2018-03-21 20:49 - 2010-09-13 14:14 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Adobe
2018-03-21 20:48 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-18 20:58 - 2011-01-07 01:01 - 000000000 ____D C:\Windows\system32\Macromed
2018-03-16 21:39 - 2013-05-07 08:34 - 000000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1146453529-3827096963-1341687669-1000UA.job
2018-03-14 21:10 - 2013-06-10 22:16 - 000000000 ____D C:\Program Files\Opera
2018-03-14 21:04 - 2013-01-14 02:28 - 000804352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-03-14 21:04 - 2012-01-12 08:20 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-03-02 21:18 - 2015-02-06 22:03 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-03-01 21:39 - 2011-01-07 00:28 - 000000000 ____D C:\Users\Korisnik\AppData\Local\ElevatedDiagnostics
2018-02-23 20:56 - 2009-07-14 05:33 - 003900752 _____ C:\Windows\system32\FNTCACHE.DAT
2018-02-21 22:48 - 2015-02-06 22:03 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\com.aspexsoftware.Silhouette_Studio
2018-02-21 21:06 - 2010-09-13 13:17 - 000139104 _____ C:\Users\Korisnik\AppData\Local\GDIPFONTCACHEV1.DAT

==================== Files in the root of some directories =======

2011-01-22 11:37 - 2011-07-29 14:54 - 000013312 _____ () C:\Users\Korisnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2015-06-27 21:18 - 2015-06-27 21:18 - 000000000 ____D () C:\Users\Korisnik\AppData\Local\Temp\avgnt.exe
2017-05-17 07:43 - 2017-05-17 07:43 - 000000000 _____ () C:\Users\Korisnik\AppData\Local\Temp\c9aordq2.dll
2016-01-30 09:10 - 2016-01-30 09:10 - 000736352 _____ (Oracle Corporation) C:\Users\Korisnik\AppData\Local\Temp\jre-8u73-windows-au.exe
2017-03-16 08:31 - 2017-03-16 08:31 - 014456872 _____ (Microsoft Corporation) C:\Users\Korisnik\AppData\Local\Temp\vc_redist.x86.exe
2017-06-28 07:34 - 2017-06-28 07:54 - 000000000 _____ () C:\Users\Korisnik\AppData\Local\Temp\{52AE1CA9-4BF5-4FE7-8B5F-377815BB0D52}-59.0.3071.115_58.0.3029.110_chrome_updater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-18 23:14

==================== End of FRST.txt ============================
mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10445
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Deinstaliraj ako ne koristiš EasyBits GO.


Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

CHR HomePage: Default -> amazon.com
CHR DefaultSearchURL: Default -> hxxps://www.amazon.com/websearch/?ie=UTF8__PARAM__&query={searchTerms}
CHR DefaultSearchKeyword: Default -> amazon


U okviru Notepad-a klikni na File --> Save As
Pod Encoding izaberi UTF-8.
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

offline
  • Pridružio: 10 Jan 2012
  • Poruke: 27

Odradjeno!

Fix result of Farbar Recovery Scan Tool (x86) Version: 14.03.2018
Ran by Korisnik (22-03-2018 20:33:49) Run:1
Running from C:\Users\Korisnik\Desktop
Loaded Profiles: Korisnik (Available Profiles: Korisnik)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CHR HomePage: Default -> amazon.com
CHR DefaultSearchURL: Default -> hxxps://www.amazon.com/websearch/?ie=UTF8__PARAM__&query={searchTerms}
CHR DefaultSearchKeyword: Default -> amazon
*****************

"Chrome HomePage" => removed successfully.
"Chrome DefaultSearchURL" => removed successfully.
"Chrome DefaultSearchKeyword" => removed successfully.

==== End of Fixlog 20:33:50 ====

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10445
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi Malwarebytes Anti-Malware sa ovog ili ovog ili ovog linka i instaliraj aplikaciju.
Pokreni mb3-setup-consumer-{verzija}.exe i isprati uputstva za instalaciju programa. Nakon instalacije, klikni na Finish

Prilikom prvog pokretanja, program će prikazati prozor "dobrodošlice". Slobodno zatvori taj prozor.
Napomena: Premium funkcije programa su već aktivirane i važe 13 dana od trenutka instalacije. Premium funkcije možeš isključiti preko Settings > My Account tab podešavanja.

• Podešavanja skenera - u Settings, klikni na Protection tab. Ispod Scan Options sekcije, uključi "Scan for rootkits" opciju.
• Pripremi podešavanja za Threat Scan - u Dashboard , klikni na Scan Now dugme. MBAM će ažurirati bazu i započeti skeniranje.

Kada se skeniranje završi, ako je infekcija detektovana, obrati pažnju da je sve označeno, pa klikni na Remove Selected. Restartuj računar ako program upita za restart.
• Dostavi log: Pod Reports izaberi trenutni datum izveštaja Scan Report i potom klikni na View Report.

Izvezi log na Desktop;
- Klikni na Export dugme na dnu, pa onda izaberi 'Text file (*.txt)'
# U Save File dijalogu koji se pojavi, klikni na Desktop. U File name: polje, upiši "mbam" (bez navodnika) i klikni na Save.
- Pojaviće se poruka "Your file has been successfully exported", klikni Ok i zatvori prozor.



• U odgovoru prikači mbam.txt log koristeći "Prikači fajl" opciju.

offline
  • Pridružio: 10 Jan 2012
  • Poruke: 27

Napisano: 23 Mar 2018 23:02

Uradjeno!
Izvestaj u prilogu!

Dopuna: 23 Mar 2018 23:02

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10445
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sad stanje u Hromu?

offline
  • Pridružio: 10 Jan 2012
  • Poruke: 27

Reko bih da je Hrom sada OK i brzi!

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10445
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Pridružio: 10 Jan 2012
  • Poruke: 27

OK.
Hvala!

Ko je trenutno na forumu
 

Ukupno su 697 korisnika na forumu :: 9 registrovanih, 0 sakrivenih i 688 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 1798 - dana 19 Sep 2019 18:42

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: drasko003, havoc995, MarKhan, nenad812, Outis, repac2, S-lash, ShurikSST, stug