MyCity » Ambulanta -> Arhiva Ambulante » Virus

Virus

Napisano na dan: 10.11.2017

Virus

Odgovori

Snorks Poslao: 10 Nov 2017 16:37 Idi na vrh
offline Snorks Zaslužni građanin Pridružio: 09 Apr 2014 Poruke: 634	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Скоро сваки дан ми налази три иста вируса , и стално иста.Шта да радим?

Profil

Sass Drake Poslao: 10 Nov 2017 17:26 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Isprati uputstvo za otvaranje teme i psotavi tražene izvještaje. [Link mogu videti samo ulogovani korisnici]

Profil

Snorks Poslao: 13 Nov 2017 17:21 Idi na vrh
offline Snorks Zaslužni građanin Pridružio: 09 Apr 2014 Poruke: 634	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Кад имам вирусе успори ми интернет. [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017 Ran by Filip (administrator) on ASPIREF5 (10-11-2017 17:10:41) Running from C:\Users\Filip\AppData\Local\Temp\scoped_dir3968_9670 Loaded Profiles: Filip (Available Profiles: Filip) Platform: Windows 10 Pro Version 1703 15063.674 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe (Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe (Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe (Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (HP) C:\Windows\System32\HPSIsvc.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Opera Software) C:\Program Files\Opera\48.0.2685.52\opera_autoupdate.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40485.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40485.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (BitTorrent Inc.) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) C:\Users\Filip\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe (BitTorrent Inc.) C:\Users\Filip\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe (Microsoft Corporation) C:\Windows\HelpPane.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe (Opera Software) C:\Program Files\Opera\48.0.2685.52\opera_crashreporter.exe (Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe (Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe (Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe (Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe (Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe (Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe (Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe (Opera Software) C:\Program Files\Opera\48.0.2685.52\opera.exe () C:\Windows\KMS-R@1nHook.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-10] (ELAN Microelectronics Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [339464 2016-02-10] (Autodesk, Inc.) HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.) HKU\S-1-5-21-105028642-2888408535-3226716027-1001\...\Policies\Explorer: [] HKU\S-1-5-21-105028642-2888408535-3226716027-1001\...\MountPoints2: {23098bbb-ac05-11e7-950f-94e979c6309c} - "G:\setup.exe" HKU\S-1-5-21-105028642-2888408535-3226716027-1001\...\MountPoints2: {870e78d5-5d0c-11e7-949d-54ab3af46ea8} - "F:\HiSuiteDownLoader.exe" IFEO\OSppSvc.exe: [Debugger] [Link mogu videti samo ulogovani korisnici] IFEO\SppExtComObj.exe: [Debugger] [Link mogu videti samo ulogovani korisnici] GroupPolicy: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{80ff5ece-0ceb-4f55-be1b-54db5330eafb}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{becbc9a0-c279-4148-b22e-c69a62874383}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-06] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-11-06] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-10-19] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-11-06] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-06] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-06] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-06] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-06] (Microsoft Corporation) FireFox: ======== FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-10-19] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-19] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> [Link mogu videti samo ulogovani korisnici] CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default [2017-11-10] CHR Extension: (Docs) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14] CHR Extension: (Google Drive) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-24] CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-24] CHR Extension: (Google Docs Offline) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-24] CHR Extension: (AdBlock) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-08] CHR Extension: (Google Mail Checker) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-03-07] CHR Extension: (Chrome Web Store Payments) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-27] CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-24] CHR Extension: (Chrome Media Router) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-08] CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-03-23] CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-23] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - [Link mogu videti samo ulogovani korisnici] Opera: ======= OPR Extension: (Search in YouTube) - C:\Users\Filip\AppData\Roaming\Opera Software\Opera Stable\Extensions\gclmonidkokknfccffpefiplnbepbgfm [2017-05-24] OPR Extension: (Popup Blocker (strict)) - C:\Users\Filip\AppData\Roaming\Opera Software\Opera Stable\Extensions\jabcemjkhjfpkhakphioakkhcnbgeomm [2017-09-28] OPR Extension: (Gismeteo weather forecast in speed-dial) - C:\Users\Filip\AppData\Roaming\Opera Software\Opera Stable\Extensions\kibhjejfdbbjhlhmhdcjcnjpiobjgkak [2017-05-22] OPR Extension: (Adblock Plus) - C:\Users\Filip\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-09-28] StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.) S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063656 2017-10-31] (Microsoft Corporation) R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [11776 2012-05-19] () [File not signed] R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-10] (ELAN Microelectronics Corp.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-06-01] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed] R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26592 2016-03-04] (Intel Corporation) S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [215328 2016-05-17] (Intel Corporation) S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-02-25] () [File not signed] R2 mitsijm2016; C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe [968480 2014-09-30] (Autodesk, Inc.) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-19] (Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Dokan; C:\WINDOWS\system32\drivers\dokan.sys [106888 2012-05-19] (Windows (R) Win 7 DDK provider) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-10-05] (Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-10-05] (Disc Soft Ltd) R1 MpKsl03a89cd7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C16DCEB6-A32B-437F-B999-A973CF649320}\MpKsl03a89cd7.sys [58120 2017-11-08] (Microsoft Corporation) R1 MpKsl095970b3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CD048646-4426-40A1-A16C-8555013CEF9C}\MpKsl095970b3.sys [49392 2017-11-01] (Microsoft Corporation) R1 MpKsl437739d2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{37382A09-791E-47E9-B53E-04C5AA51DBBE}\MpKsl437739d2.sys [49392 2017-10-23] (Microsoft Corporation) R1 MpKsl5355e7a7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F5CA348A-A2B8-4054-AA0A-09614331A24D}\MpKsl5355e7a7.sys [58120 2017-11-08] (Microsoft Corporation) R1 MpKsl62917d35; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C6B204EF-7489-481D-9E28-184D1265BE10}\MpKsl62917d35.sys [58120 2017-11-10] (Microsoft Corporation) R1 MpKsl63c90bdd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E44089E3-A488-46E7-B34D-3FC093FD60DA}\MpKsl63c90bdd.sys [58120 2017-11-07] (Microsoft Corporation) R1 MpKsl81ec70ab; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{18E667BF-DD79-42A4-BC57-7A583D355EBC}\MpKsl81ec70ab.sys [58120 2017-11-03] (Microsoft Corporation) R1 MpKsl83b3be5f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F4FE4AC5-9C6C-4E72-9E5C-9A027DB3BA43}\MpKsl83b3be5f.sys [49392 2017-10-24] (Microsoft Corporation) R1 MpKsl97948f77; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B4375FC9-CA59-40A4-A615-C62BEDFBF172}\MpKsl97948f77.sys [49392 2017-10-29] (Microsoft Corporation) R1 MpKsla25b8e48; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A0BFD43F-1FD6-42D6-A630-0DF639F4417C}\MpKsla25b8e48.sys [49392 2017-10-23] (Microsoft Corporation) R1 MpKslb873f4b7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F322274A-62F2-4B03-8DA2-E1F9384F3460}\MpKslb873f4b7.sys [49392 2017-10-27] (Microsoft Corporation) R1 MpKslc01ff1c5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{28B3D271-2162-4BE7-9E50-8007C58235EF}\MpKslc01ff1c5.sys [58120 2017-11-05] (Microsoft Corporation) R1 MpKslc154ac25; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{12AD305D-E6EF-47F3-A94A-793C259FC9CF}\MpKslc154ac25.sys [49392 2017-10-29] (Microsoft Corporation) R1 MpKsldc916a43; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C062AA99-1306-4674-897F-DC423BB87EA2}\MpKsldc916a43.sys [58120 2017-11-09] (Microsoft Corporation) R1 MpKslfa60f888; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{237C1FD9-1083-482A-A6CF-5AF148AC1BFC}\MpKslfa60f888.sys [49392 2017-10-24] (Microsoft Corporation) R1 MpKslfce234a2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{077796FC-F029-435B-89A0-51899330DC19}\MpKslfce234a2.sys [49392 2017-10-29] (Microsoft Corporation) S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek ) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-11-10 17:10 - 2017-11-10 17:10 - 002403328 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe 2017-11-10 17:10 - 2017-11-10 17:10 - 000000000 ____D C:\FRST 2017-11-10 15:31 - 2017-11-10 15:31 - 000000000 ____D C:\Users\Filip\AppData\LocalLow\uTorrent 2017-11-09 23:55 - 2017-11-09 23:55 - 000026453 _____ C:\Users\Filip\Downloads\262268-doc_martin_-_08x02_-_sons_and_lovers.mtb.eng.zip 2017-11-06 16:38 - 2017-11-06 16:40 - 001848964 _____ C:\WINDOWS\Minidump\110617-55734-01.dmp 2017-11-06 16:38 - 2017-11-06 16:38 - 000000000 ____D C:\WINDOWS\Minidump 2017-11-05 19:40 - 2017-11-05 19:40 - 000001078 _____ C:\Users\Filip\Desktop\Opera.lnk 2017-10-25 10:21 - 2017-10-25 10:21 - 004233728 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2017-10-19 21:06 - 2017-10-22 11:26 - 000000000 ____D C:\Users\Filip\AppData\Roaming\Solveig Multimedia 2017-10-19 21:04 - 2017-10-19 21:13 - 000000000 ____D C:\Users\Filip\Documents\HyperCam4 2017-10-13 21:01 - 2017-10-21 20:45 - 000000000 ____D C:\Users\Filip\Documents\Sound recordings ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-11-10 17:12 - 2017-02-24 11:00 - 000000000 ____D C:\Users\Filip\AppData\Roaming\uTorrent 2017-11-10 16:43 - 2017-08-19 16:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-11-10 16:34 - 2017-08-19 16:58 - 000000000 ____D C:\Users\Filip 2017-11-10 15:21 - 2017-02-25 01:10 - 000000000 __SHD C:\Users\Filip\IntelGraphicsProfiles 2017-11-10 13:42 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-11-10 13:42 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-11-10 13:04 - 2017-08-19 17:22 - 001768136 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-11-10 12:59 - 2017-08-19 16:50 - 000540584 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-11-10 12:58 - 2017-08-19 17:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-11-10 12:58 - 2017-02-25 01:15 - 000000000 ____D C:\ProgramData\NVIDIA 2017-11-07 23:04 - 2017-02-25 01:32 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-11-07 23:04 - 2017-02-25 01:32 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-11-07 18:48 - 2017-02-27 21:55 - 000000000 ____D C:\Users\Filip\AppData\Roaming\BSplayer 2017-11-07 12:45 - 2017-08-19 17:25 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-105028642-2888408535-3226716027-1001 2017-11-07 12:45 - 2017-02-25 00:42 - 000002401 _____ C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-11-07 12:45 - 2017-02-25 00:42 - 000000000 ___RD C:\Users\Filip\OneDrive 2017-11-06 22:51 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-11-06 16:42 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF 2017-11-06 16:38 - 2017-04-23 17:23 - 615101310 _____ C:\WINDOWS\MEMORY.DMP 2017-11-06 12:57 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-11-06 12:55 - 2017-02-24 13:02 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2017-11-05 19:40 - 2017-05-11 22:43 - 000000000 ____D C:\Users\Filip\Desktop\Срђан 2017-11-02 13:15 - 2017-02-25 00:39 - 000000000 ____D C:\Users\Filip\AppData\Local\Packages 2017-11-01 17:48 - 2017-05-09 20:09 - 000000000 ____D C:\Program Files\Opera 2017-10-27 11:30 - 2017-08-19 17:25 - 000003938 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1494357056 2017-10-27 11:30 - 2017-06-29 13:09 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk 2017-10-25 10:22 - 2017-08-19 17:25 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-10-25 10:21 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-10-25 10:21 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-10-23 23:58 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2017-10-15 16:59 - 2017-09-29 13:00 - 000000000 ____D C:\Users\Filip\Desktop\BZR 2017-10-13 01:21 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-10-13 01:21 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-10-11 23:28 - 2017-03-27 10:24 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2017-10-11 20:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache 2017-10-11 10:09 - 2016-11-20 19:54 - 000000000 __RHD C:\Users\Public\AccountPictures ==================== Files in the root of some directories ======= 2017-07-04 21:15 - 2017-08-02 15:58 - 000005120 _____ () C:\Users\Filip\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-08-19 16:55 - 2017-08-19 16:55 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2017-02-25 21:07 - 2017-02-25 21:07 - 000000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-11-08 17:32 ==================== End of FRST.txt ============================

Profil

softwaremaniac Poslao: 13 Nov 2017 18:28 Idi na vrh
offline softwaremaniac AMF pripravnik Pridružio: 14 Jun 2016 Poruke: 535	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: CreateRestorePoint: HKU\S-1-5-21-105028642-2888408535-3226716027-1001\...\MountPoints2: {23098bbb-ac05-11e7-950f-94e979c6309c} - "G:\setup.exe" HKU\S-1-5-21-105028642-2888408535-3226716027-1001\...\MountPoints2: {870e78d5-5d0c-11e7-949d-54ab3af46ea8} - "F:\HiSuiteDownLoader.exe" IFEO\OSppSvc.exe: [Debugger] [Link mogu videti samo ulogovani korisnici] IFEO\SppExtComObj.exe: [Debugger] [Link mogu videti samo ulogovani korisnici] GroupPolicy: Restriction <==== ATTENTION CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD Mechanical 2012\acad.exe => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-105028642-2888408535-3226716027-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File 2017-02-25 00:37 - 2017-02-25 00:37 - 000005120 _____ () C:\WINDOWS\KMS-R@1nHook.exe FirewallRules: [{700D854C-2B26-48D7-8FC7-F3CE76E5FD38}] => (Allow) C:\Windows\KMS-R@1n.exe FirewallRules: [{26A75603-2589-4DD3-97F2-69FAFE0E336B}] => (Allow) C:\Windows\KMS-R@1n.exe EmptyTemp: 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

Snorks Poslao: 13 Nov 2017 19:01 Idi na vrh
offline Snorks Zaslužni građanin Pridružio: 09 Apr 2014 Poruke: 634	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 13 Nov 2017 19:00 [Link mogu videti samo ulogovani korisnici] Dopuna: 13 Nov 2017 19:01 У коју поруку да ископрам FRST?

Profil

softwaremaniac Poslao: 13 Nov 2017 19:08 Idi na vrh
offline softwaremaniac AMF pripravnik Pridružio: 14 Jun 2016 Poruke: 535	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pažljivo pročitaj moja uputstva. Treba da u Notepad iskopiraš ovo u sivome kod polju. Zatim treba to da spremiš na Desktop pod nazivom fixlist.txt (odnosno na lokaciju gde se nalazi FRST, preporučljivo je na Desktopu). Onda pokreni FRST i klikni na dugme Fix. Kad odradi svoje, na Desktopu će se pojaviti Fixlog.txt. E, ti treba to da iskopiraš u poruku.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Virus

Ko je trenutno na forumu

Ukupno su 1166 korisnika na forumu :: 60 registrovanih, 6 sakrivenih i 1100 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, 9k38, AleksandarV, aleksmajstor, alternator, Belac91, Bojan198527, Bojan5150, Bojke549, Bombarder, Boris.A, Caspershop, Chainsaw, CikaKURE, CraniumWhite, Czrweni, doloress, Dovla 1980, draganl, dule10savic, dushan, FOX, Frunze, gacesam, goxin, grunff2, Haris, howyesno, iceburn, icemilos, Iii, Kajzer Soze, Kalem, kihot, laurusri, ljuba, LostInSpaceandTime, marko308, mat, mikrimaus, Milos ZA, Mitraljeta, Nmr, paja69, Povratak1912, prle122, Radio operater, radoznao, repac, tamno.nebo, tuja, vathra, virked, Vlad000, W123, Zec, Zorge, ZZZ, Žoržo, 79693

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by