mislim da je komp pri kraju

mislim da je komp pri kraju

offline
  • Istoričar
  • Pridružio: 02 Sep 2012
  • Poruke: 84
  • Gde živiš: Moskva, Rusija

Zadnjih par nedelja imam osecaj kao da ce komp da mi crkne ili bar sistem da padne. Od pocetka rada treba mu 15 minuta da se upali, tj da podigne sistem, potom nakon sto se upali radi usporeno dosta, dok se malo ,,ne zagreje'' onda radi nekako, ali kad ima nekoliko kartica onda pocne da koci. ajd preko toga bi i presao nekako al kad hocu da kopiram nesto ili da prevucem sa desktopa komp zakuca i krene da zuji (mislim na zvuk, ne nesto fizicki iz kucista), onda nakon nekog vremena radi i samo se odjednom pojavi ovo
i tek nakon restarta kompa ponovo radi ,,normalno''. Inace ovaj sistem koji imam je neka verzija izmedju Windows 7 i 10, naime, originalno je bio Windows 7 ali je stalno nudio update i jednom prilikom dok sam bio u Beogradu moja sestra je pustila update i sad je tako neka bezveze verzija. Molim vas za pomoc, jer mi treba za diplomski a nemam laptop, pa ako bi mogao da funkcionise koliko toliko normalno dok ne zavrsim faks, pa cu posle nesto novo uzimati.
Brzina interneta mi je 5bs/s bezicni Astra telekom Beograd.
Hvala unapred!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2017
Ran by Marko (administrator) on MARKO-PC (28-07-2017 19:07:22)
Running from C:\Users\Marko\Desktop
Loaded Profiles: Marko (Available Profiles: Marko & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
("My Web Shield") C:\Program Files\My Web Shield\mweshieldup.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
("My Web Shield") C:\Program Files\My Web Shield\mweshield.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
() C:\Programi\RocketDock 1.3.5\RocketDock.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\ClipUp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Users\Marko\AppData\Roaming\ssn\ssn.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
HKU\S-1-5-21-825732486-3746734302-1360109509-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-825732486-3746734302-1360109509-1000\...\Run: [BingSvc] => C:\Users\Marko\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-19] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-825732486-3746734302-1360109509-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-825732486-3746734302-1360109509-1000\...\Run: [RocketDock] => C:\Programi\RocketDock 1.3.5\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-825732486-3746734302-1360109509-1000\...\Run: [uTorrent] => C:\Users\Marko\AppData\Roaming\uTorrent\uTorrent.exe [1977536 2016-10-12] (BitTorrent Inc.)
HKU\S-1-5-21-825732486-3746734302-1360109509-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1790616 2016-10-06] (Lavasoft)
HKU\S-1-5-21-825732486-3746734302-1360109509-1000\...\Run: [World of Tanks] => D:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-825732486-3746734302-1360109509-1000\...\Run: [ssn] => C:\Users\Marko\AppData\Roaming\ssn\saveup.exe [164352 2016-12-05] ()
HKU\S-1-5-21-825732486-3746734302-1360109509-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1beabf04-4a48-495b-a619-c953abf97104}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8773a98c-376e-4c2a-a8ad-0a4966440b8f}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-02-04] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-02-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-05] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-05] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-825732486-3746734302-1360109509-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)

FireFox:
========
FF DefaultProfile: p410xe3x.default-1416857949139
FF ProfilePath: C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\p410xe3x.default-1416857949139 [2017-05-22]
FF NewTab: Mozilla\Firefox\Profiles\p410xe3x.default-1416857949139 -> hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10270__160718__yaff
FF Homepage: Mozilla\Firefox\Profiles\p410xe3x.default-1416857949139 -> hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10270__160718__yaff
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\p410xe3x.default-1416857949139 -> Yahoo®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\p410xe3x.default-1416857949139 -> Yahoo®
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-02-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-02-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Programi\Picasa 3.9 Build 137.81\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-11-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-11-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-825732486-3746734302-1360109509-1000: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Marko\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll [2010-03-06] ( )
FF Plugin HKU\S-1-5-21-825732486-3746734302-1360109509-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Marko\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR Profile: C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default [2017-07-28]
CHR Extension: (Google презентације) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-14]
CHR Extension: (Google документи) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-14]
CHR Extension: (Google диск) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-14]
CHR Extension: (YouTube) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-14]
CHR Extension: (Minimal White) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\clcbojcafbggjenbeflknhfimpcikmlc [2017-05-23]
CHR Extension: (Google Search) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (Google табеле) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-14]
CHR Extension: (Google документи офлајн) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-20]
CHR Extension: (Skype) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-27]
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-14]
CHR Extension: (Chrome Media Router) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR StartupUrls: "hxxp://www.google.rs/"

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2016-04-12] ()
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2016-07-19] (Lavasoft Limited) [File not signed]
R2 mweshield; C:\Program Files\My Web Shield\mweshield.exe [931640 2016-08-31] ("My Web Shield") <==== ATTENTION
R2 mweshieldup; C:\Program Files\My Web Shield\mweshieldup.exe [348472 2016-08-31] ("My Web Shield") <==== ATTENTION
S2 SkypeUpdate; C:\Programi\Skype 6.13.0.104\Updater\Updater.exe [324224 2016-09-20] (Skype Technologies)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-07] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-02-04] (Disc Soft Ltd)
R3 ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [14032 2006-12-14] (Elaborate Bytes AG)
R3 ElbyDelay; C:\Windows\SysWOW64\Drivers\ElbyDelay.sys [14032 2006-12-14] (Elaborate Bytes AG)
R0 ESLWireAC; C:\WINDOWS\System32\drivers\ESLWireACD.sys [113800 2016-03-20] (<Turtle Entertainment>)
R1 MpKsl1c8a469d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B6576225-15C5-4326-9C57-DD41F82FCD1F}\MpKsl1c8a469d.sys [44928 2017-07-28] (Microsoft Corporation)
R1 mwescontroller; C:\WINDOWS\system32\drivers\mwescontroller.sys [57680 2016-08-31] () <==== ATTENTION
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 tsusbhub; C:\WINDOWS\System32\drivers\tsusbhub.sys [117248 2010-11-21] (Microsoft Corporation) [File not signed]
R0 TWZDISK; C:\WINDOWS\System32\Drivers\TWZDISK.sys [73360 2015-12-04] (Toolwiz.com)
R1 TWZFILE; C:\Windows\System32\Drivers\TWZFILE.sys [43152 2015-12-04] (Toolwiz.com)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2016-10-10] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-10-10] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-28 19:07 - 2017-07-28 19:09 - 00016160 _____ C:\Users\Marko\Desktop\FRST.txt
2017-07-28 19:03 - 2017-07-28 19:04 - 02381824 _____ (Farbar) C:\Users\Marko\Desktop\FRST64.exe
2017-07-28 19:02 - 2017-07-28 19:02 - 02381824 _____ (Farbar) C:\Users\Marko\Downloads\FRST64.exe
2017-07-20 09:59 - 2017-07-20 09:59 - 00003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-825732486-3746734302-1360109509-1000
2017-07-11 23:25 - 2017-07-11 23:25 - 05824512 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-07-11 23:15 - 2017-07-15 16:05 - 00000000 ____D C:\WINDOWS\Minidump
2017-07-11 10:29 - 2017-07-11 10:30 - 00000000 ____D C:\Users\Marko\AppData\Roaming\ssn
2017-07-11 10:29 - 2017-07-11 10:30 - 00000000 ____D C:\Program Files\My Web Shield
2017-07-11 10:29 - 2016-08-31 16:00 - 00057680 _____ C:\WINDOWS\system32\Drivers\mwescontroller.sys
2017-06-29 15:05 - 2017-07-21 12:40 - 00001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-28 19:09 - 2016-10-10 19:07 - 00073206 _____ C:\WINDOWS\ZAM.krnl.trace
2017-07-28 19:09 - 2016-10-10 19:07 - 00047803 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-07-28 19:07 - 2016-10-03 20:49 - 00000000 ____D C:\FRST
2017-07-28 18:48 - 2014-02-04 13:43 - 00000928 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-825732486-3746734302-1360109509-1000UA.job
2017-07-28 18:43 - 2016-05-17 10:29 - 00007120 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-28 18:39 - 2016-03-26 18:14 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-07-28 18:39 - 2016-02-13 15:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-28 18:25 - 2016-11-22 19:09 - 00000000 ____D C:\Users\Marko\Desktop\Izvori za Diplomski - Arhiv Jugoslavije
2017-07-28 12:48 - 2014-02-04 13:43 - 00000906 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-825732486-3746734302-1360109509-1000Core.job
2017-07-27 23:24 - 2015-10-30 08:28 - 00016384 ___SH C:\WINDOWS\system32\config\BBI
2017-07-26 18:15 - 2016-09-30 22:16 - 00000000 ____D C:\Program Files (x86)\Smart Application Controller
2017-07-25 16:47 - 2017-04-15 13:56 - 00000000 ____D C:\Users\Marko\Desktop\muzika
2017-07-25 16:47 - 2017-01-04 21:36 - 00000000 ____D C:\Users\Marko\Desktop\New folder
2017-07-24 19:06 - 2016-05-17 10:30 - 00000000 ____D C:\Users\Marko
2017-07-22 18:14 - 2014-02-16 18:40 - 00000000 ____D C:\Users\Marko\Desktop\Ikonice sa desktopa
2017-07-21 12:40 - 2015-10-24 14:29 - 00003956 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1445689785
2017-07-21 12:40 - 2015-10-24 14:28 - 00000000 ____D C:\Program Files (x86)\Opera
2017-07-20 09:59 - 2016-05-19 17:28 - 00002390 _____ C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-20 09:59 - 2016-05-19 17:28 - 00000000 ___RD C:\Users\Marko\OneDrive
2017-07-19 19:18 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-07-15 16:05 - 2016-11-12 19:12 - 00157702 ____N C:\WINDOWS\Minidump\071517-13125-01.dmp
2017-07-14 09:37 - 2016-01-31 11:00 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-12 16:37 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2017-07-11 23:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-11 23:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-07-11 23:15 - 2016-11-12 19:12 - 00161158 ____N C:\WINDOWS\Minidump\071117-13203-01.dmp
2017-06-29 15:09 - 2015-10-20 12:54 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories =======

2016-10-10 19:27 - 2016-10-10 19:27 - 0000000 ___RH () C:\Users\Marko\AppData\Roaming\Mozila
2014-03-28 19:42 - 2014-03-28 19:42 - 0034816 _____ () C:\Users\Marko\AppData\Roaming\RZR_0020b48743059baa4dde9bf7d3ad.db
2014-07-15 23:29 - 2014-07-15 23:30 - 174596376 _____ () C:\Users\Marko\AppData\Local\ACCCx2_7_0_413.zip.aamdownload
2014-07-15 23:29 - 2014-07-15 23:30 - 0002111 _____ () C:\Users\Marko\AppData\Local\ACCCx2_7_0_413.zip.aamdownload.aamd
2014-07-15 15:01 - 2014-07-15 15:01 - 0005309 _____ () C:\Users\Marko\AppData\Local\recently-used.xbel
2016-05-17 10:26 - 2016-05-17 10:26 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-22 09:45

==================== End of FRST.txt ============================


mycity.rs/must-login.png

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 525

Pozdrav,
zamolio bih te da ukloniš ova tri programa preko Control Panela:

My Web Shield
NotepadPlusPlusApp
save serp now
Web Companion

Jesi li ti isključio System Restore?

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
CreateRestorePoint:
("My Web Shield") C:\Program Files\My Web Shield\mweshieldup.exe
("My Web Shield") C:\Program Files\My Web Shield\mweshield.exe
C:\Program Files\My Web Shield
C:\Users\Marko\AppData\Roaming\ssn
HKU\S-1-5-21-825732486-3746734302-1360109509-1000\...\Run: [ssn] => C:\Users\Marko\AppData\Roaming\ssn\saveup.exe [164352 2016-12-05] ()
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Google документи офлајн) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
R2 mweshield; C:\Program Files\My Web Shield\mweshield.exe [931640 2016-08-31] ("My Web Shield") <==== ATTENTION
R2 mweshieldup; C:\Program Files\My Web Shield\mweshieldup.exe [348472 2016-08-31] ("My Web Shield") <==== ATTENTION
R1 mwescontroller; C:\WINDOWS\system32\drivers\mwescontroller.sys [57680 2016-08-31] () <==== ATTENTION
C:\WINDOWS\system32\drivers\mwescontroller.sys
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
FirewallRules: [{031810D8-85CC-47CE-BC33-0FE11411BB96}] => (Allow) 㩃啜敳獲䵜牡潫䅜灰慄慴剜慯業杮獜湳獜湳攮數
FirewallRules: [{82EFD690-6B48-4836-8078-A1830A0AFF8E}] => (Allow) 㩃啜敳獲䵜牡潫䅜灰慄慴剜慯業杮獜湳獜癡略⹰硥e
FirewallRules: [{C539119A-38B9-473C-9D99-D97A706F22F3}] => (Allow) 㩃啜敳獲䵜牡潫䅜灰慄慴剜慯業杮獜湳獜湳攮數
FirewallRules: [{041D24AB-B93A-45D0-B625-37E8564EE98C}] => (Allow) 㩃啜敳獲䵜牡潫䅜灰慄慴剜慯業杮獜湳獜癡略⹰硥e


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Javi kakvo je stanje.

offline
  • Istoričar
  • Pridružio: 02 Sep 2012
  • Poruke: 84
  • Gde živiš: Moskva, Rusija

Napisano: 28 Jul 2017 22:23

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-07-2017
Ran by Marko (28-07-2017 22:03:22) Run:2
Running from C:\Users\Marko\Desktop
Loaded Profiles: Marko (Available Profiles: Marko & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
("My Web Shield") C:\Program Files\My Web Shield\mweshieldup.exe
("My Web Shield") C:\Program Files\My Web Shield\mweshield.exe
C:\Program Files\My Web Shield
C:\Users\Marko\AppData\Roaming\ssn
HKU\S-1-5-21-825732486-3746734302-1360109509-1000\...\Run: [ssn] => C:\Users\Marko\AppData\Roaming\ssn\saveup.exe [164352 2016-12-05] ()
CHR Extension: (??????? ? Chrome ???-??????????) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Google ????????? ??????) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
R2 mweshield; C:\Program Files\My Web Shield\mweshield.exe [931640 2016-08-31] ("My Web Shield") <==== ATTENTION
R2 mweshieldup; C:\Program Files\My Web Shield\mweshieldup.exe [348472 2016-08-31] ("My Web Shield") <==== ATTENTION
R1 mwescontroller; C:\WINDOWS\system32\drivers\mwescontroller.sys [57680 2016-08-31] () <==== ATTENTION
C:\WINDOWS\system32\drivers\mwescontroller.sys
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
FirewallRules: [{031810D8-85CC-47CE-BC33-0FE11411BB96}] => (Allow) ?????????????????????
FirewallRules: [{82EFD690-6B48-4836-8078-A1830A0AFF8E}] => (Allow) ??????????????????????e
FirewallRules: [{C539119A-38B9-473C-9D99-D97A706F22F3}] => (Allow) ?????????????????????
FirewallRules: [{041D24AB-B93A-45D0-B625-37E8564EE98C}] => (Allow) ??????????????????????e
*****************

Error: (0) Failed to create a restore point.
C:\Program Files\My Web Shield\mweshieldup.exe => No running process found
C:\Program Files\My Web Shield\mweshield.exe => No running process found
C:\Program Files\My Web Shield => moved successfully
C:\Users\Marko\AppData\Roaming\ssn => moved successfully
HKU\S-1-5-21-825732486-3746734302-1360109509-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ssn => value not found.
CHR Extension: (??????? ? Chrome ???-??????????) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] => Error: No automatic fix found for this entry.
CHR Extension: (Google ????????? ??????) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] => Error: No automatic fix found for this entry.
mweshield => service not found.
mweshieldup => service not found.
mwescontroller => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mwescontroller => key removed successfully
mwescontroller => service removed successfully
C:\WINDOWS\system32\drivers\mwescontroller.sys => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => key removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => key not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{031810D8-85CC-47CE-BC33-0FE11411BB96} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{82EFD690-6B48-4836-8078-A1830A0AFF8E} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C539119A-38B9-473C-9D99-D97A706F22F3} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{041D24AB-B93A-45D0-B625-37E8564EE98C} => value removed successfully


The system needed a reboot.

==== End of Fixlog 22:05:53 ====

i dalje se pali sporo, i kad premestam ili kopiram nesto i dalje secka i baguje.
Kako mislis jesam iskljucio system restore? Bebee Dol

Dopuna: 28 Jul 2017 22:24

zaboravio sam da napisem da je Chrome bolje radi nakon ovog

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 525

Pozdrav,
System Restore ti je isključen. Zato sam pitao jesi li ga ti isključio.

Uradi sledeće:

Preuzmi Malwarebytes Anti-Malware sa ovog ili ovog ili ovog linka i instaliraj aplikaciju.
Pokreni mb3-setup-consumer-{verzija}.exe i isprati uputstva za instalaciju programa. Nakon instalacije, klikni na Finish

Prilikom prvog pokretanja, program će prikazati prozor "dobrodošlice". Slobodno zatvori taj prozor.
Napomena: Premium funkcije programa su već aktivirane i važe 13 dana od trenutka instalacije. Premium funkcije možeš isključiti preko Settings > My Account tab podešavanja.

• Podešavanja skenera - u Settings, klikni na Protection tab. Ispod Scan Options sekcije, uključi "Scan for rootkits" opciju.
• Pripremi podešavanja za Threat Scan - u Dashboard , klikni na Scan Now dugme. MBAM će ažurirati bazu i započeti skeniranje.

Kada se skeniranje završi, ako je infekcija detektovana, obrati pažnju da je sve označeno, pa klikni na Remove Selected. Restartuj računar ako program upita za restart.
• Dostavi log: Pod Reports izaberi trenutni datum izveštaja Scan Report i potom klikni na View Report.

Izvezi log na Desktop;
- Klikni na Export dugme na dnu, pa onda izaberi 'Text file (*.txt)'
# U Save File dijalogu koji se pojavi, klikni na Desktop. U File name: polje, upiši "mbam" (bez navodnika) i klikni na Save.
- Pojaviće se poruka "Your file has been successfully exported", klikni Ok i zatvori prozor.



• U odgovoru prikači mbam.txt log koristeći "Prikači fajl" opciju.


Zatim:


Preuzmi AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
U Tools odaberi Options.
U dijaloškom okviru koji se pojavi isključi Reset Winsock settings ako je uključen.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Ako ti javi da postoji novija verzija, postaraj se da je preuzmeš.

Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Pojavit će se poruka da računar treba restartovati. Klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

offline
  • Istoričar
  • Pridružio: 02 Sep 2012
  • Poruke: 84
  • Gde živiš: Moskva, Rusija

Veoma je moguce da je iskljuceno, nisam imao pojma o tome Bebee Dol


mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 525

Sledeća procedura će implementirati završno čišćenje.



Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.

Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;
Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.

Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno.


Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
- Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
- DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Istoričar
  • Pridružio: 02 Sep 2012
  • Poruke: 84
  • Gde živiš: Moskva, Rusija

Odradio sam sve sto si rekao. Chrome radi perfektno ali ovo oko kopiranja/pomeranja ga razbija. kad nesto kopiram ili pomerim pojavi se ovako
, znam da je normalno tako ali kad dodje do 99% zakoci i kompjuter zakoci najstrasnije i treba mu par minuta da dodje sebi Bebee Dol

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 525

Tvoj sistem je čist što se malvera tiče. Što se tiče kočenja, otvori temu u potforumu Windows. Tamo navedi komponente računara i testiraj HDD na bad sektore.

offline
  • Istoričar
  • Pridružio: 02 Sep 2012
  • Poruke: 84
  • Gde živiš: Moskva, Rusija

Hocu, zahvaljujem jos jednom!

Ko je trenutno na forumu
 

Ukupno su 458 korisnika na forumu :: 5 registrovanih, 0 sakrivenih i 453 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 2413 - dana 03 Okt 2019 05:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: ALBION101, Koca Popovic, raykan, repac, yrraf