Nesto mi koci Excel

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Pozdravljam sve na forumu, a posebno spasioce.
U poslednjih 10-ak dana mi se desava da se Excel misteriozno ukoci i u gornjoj liniji pise `not responding`. To traje neko vreme, dok se ne otkoci. Nista drugo nisam primetio kao sumnjivo.
Prilazem fajlove od skeniranja sa FRST-om.
Zahvaljujem sto cete mi pomoci.



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by ZokiVale (administrator) on DESKTOP-HB07RRJ (Dell Inc. Inspiron N5050) (29-01-2021 13:32:27)
Running from C:\Users\ZokiVale\Desktop
Loaded Profiles: ZokiVale
Platform: Windows 10 Enterprise 10240.17443 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe <5>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2>
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\ZokiVale\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\ZokiVale\AppData\Roaming\uTorrent\updates\3.5.5_45852\utorrentie.exe <2>
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\ZokiVale\AppData\Roaming\uTorrent\uTorrent.exe
(CodeLathe, LLC -> CodeLathe LLC) C:\Users\ZokiVale\AppData\Roaming\Tonido\tonido.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Config.Msi\911f170f.rbf
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ZokiVale\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [708952 2018-11-23] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\Run: [Tonido] => C:\Users\ZokiVale\AppData\Roaming\Tonido\launcher.exe [197120 2017-01-12] (CodeLathe LLC) [File not signed]
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8442464 2020-12-11] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\Run: [uTorrent] => C:\Users\ZokiVale\AppData\Roaming\uTorrent\uTorrent.exe [2142936 2020-12-18] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {0750b68d-f196-11e8-9bc5-24b6fd39c918} - "W:\InstallLauncher.bat"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {2386cca1-b94a-11e9-9bea-c01885794988} - "G:\AutoRun.exe"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {6a96525b-ef41-11e8-9bc4-24b6fd39c918} - "V:\SETUP.EXE"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {bedeb1cf-f64e-11e8-9bc6-c01885794988} - "V:\InstallLauncher.bat"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {bedeb333-f64e-11e8-9bc6-c01885794988} - "V:\InstallLauncher.bat"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {bedeb39c-f64e-11e8-9bc6-c01885794988} - "V:\InstallLauncher.bat"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {bedeb43f-f64e-11e8-9bc6-c01885794988} - "V:\InstallLauncher.bat"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {bedeb4a7-f64e-11e8-9bc6-c01885794988} - "V:\InstallLauncher.bat"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {bedeb4f4-f64e-11e8-9bc6-c01885794988} - "V:\InstallLauncher.bat"
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-27] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{8AF662BF-65A0-4D0A-A540-A338A999D36F}] -> C:\Windows\system32\FaceCredentialProvider.dll [2016-10-25] (Microsoft Windows -> )
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> C:\Windows\system32\FaceCredentialProvider.dll [2016-10-25] (Microsoft Windows -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-08-12]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01D92F65-B4C0-47DA-91AD-76A23B289EBB} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.)
Task: {162C855E-5123-41C6-9E4A-E19FEF0EE3DB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {2A611F72-8920-4289-8468-0A52D82D5451} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {2D48A7F8-F80C-4749-8039-CEAED63808DD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {759548A3-3295-4985-B164-1AC2443A92F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-15] (Google Inc -> Google LLC)
Task: {CCF2AD26-F0C1-4A18-9FC8-0078FB819380} - System32\Tasks\R@1n-KMS\Office 16, Office16ProPlusVL_KMS_Client edition => wmic path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate
Task: {E1965707-EA7B-43AA-AB09-F6F3D2F7EECE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3BE30E1-2C2A-4303-8440-15EFBFD4235E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ECC10471-0DB4-4090-BF81-A3C09C065E5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-15] (Google Inc -> Google LLC)
Task: {F0E1F94C-CEDE-46C5-A0A4-7C54569B3854} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_ZokiVale => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5360720 2019-03-19] (Janos Mathe -> H.D.S. Hungary)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 13 C:\Windows\SysWOW64\vsocklib.dll [42376 2018-06-22] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 14 C:\Windows\SysWOW64\vsocklib.dll [42376 2018-06-22] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 13 C:\Windows\system32\vsocklib.dll [46472 2018-06-22] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 14 C:\Windows\system32\vsocklib.dll [46472 2018-06-22] (VMware, Inc. -> VMware, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{4edcae80-1cb4-406e-b0b3-1108b298741d}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{e91a1c3d-8442-4867-8f37-19c3d4383569}: [DhcpNameServer] 89.216.1.30 89.216.1.50

FireFox:
========
FF DefaultProfile: xa1felts.default-1606734565738
FF ProfilePath: C:\Users\ZokiVale\AppData\Roaming\Mozilla\Firefox\Profiles\xa1felts.default-1606734565738 [2021-01-29]
FF Extension: (Facebook Container) - C:\Users\ZokiVale\AppData\Roaming\Mozilla\Firefox\Profiles\xa1felts.default-1606734565738\Extensions\@contain-facebook.xpi [2020-11-30]
FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\ZokiVale\AppData\Roaming\Mozilla\Firefox\Profiles\xa1felts.default-1606734565738\Extensions\@windscribeff.xpi [2020-12-17]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @IPC/npmedia3.0.0.3,version=3.0.0.3 -> C:\Program Files\webrec\Torch\3.0.0.3\npmedia3.0.0.3.dll [2017-09-22] () [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ZokiVale\AppData\Local\Google\Chrome\User Data\Default [2021-01-26]
CHR Extension: (Презентације) - C:\Users\ZokiVale\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-15]
CHR Extension: (Документи) - C:\Users\ZokiVale\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-15]
CHR Extension: (Google ди�к) - C:\Users\ZokiVale\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-17]
CHR Extension: (YouTube) - C:\Users\ZokiVale\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-15]
CHR Extension: (Табеле) - C:\Users\ZokiVale\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-15]
CHR Extension: (Google документи офлајн) - C:\Users\ZokiVale\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-11]
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\ZokiVale\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-15]
CHR Extension: (NACL Web Plug-in) - C:\Users\ZokiVale\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdcmagkbhnjpjlnpibbmggikpedpilc [2019-11-15]
CHR Extension: (Gmail) - C:\Users\ZokiVale\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-17]
CHR Extension: (Chrome Media Router) - C:\Users\ZokiVale\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3668944 2020-08-12] (philandro Software GmbH -> philandro Software GmbH)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-25] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-25] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-25] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-01-15] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2020-10-29] (Dell Inc -> )
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29280 2020-12-11] (LAVASOFT SOFTWARE CANADA INC -> )
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-06-03] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2020-04-21] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] (Microsoft Windows -> )
R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [66600 2019-03-25] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [92040 2018-06-22] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Windows -> Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Windows -> Microsoft Corporation)
U2 OSppSvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-29 13:32 - 2021-01-29 13:35 - 000018017 _____ C:\Users\ZokiVale\Desktop\FRST.txt
2021-01-29 13:30 - 2021-01-29 13:31 - 002297856 _____ (Farbar) C:\Users\ZokiVale\Desktop\FRST64.exe
2021-01-29 13:29 - 2021-01-29 13:29 - 000016148 _____ C:\Windows\system32\DESKTOP-HB07RRJ_ZokiVale_HistoryPrediction.bin
2021-01-15 10:56 - 2021-01-15 10:56 - 000002202 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2021-01-15 10:56 - 2021-01-15 10:56 - 000002202 _____ C:\ProgramData\Desktop\SupportAssist.lnk
2021-01-15 10:55 - 2021-01-15 10:55 - 000003920 _____ C:\Windows\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2021-01-11 20:08 - 2021-01-11 20:08 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-01-08 10:55 - 2021-01-08 10:55 - 000020048 _____ C:\Users\ZokiVale\Downloads\ssiptv_orsay_usb.zip
2021-01-06 19:33 - 2021-01-29 11:32 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-29 13:37 - 2018-11-24 17:53 - 000000000 ____D C:\Users\ZokiVale\AppData\Roaming\uTorrent
2021-01-29 13:34 - 2019-05-19 14:36 - 000000000 ____D C:\FRST
2021-01-29 08:42 - 2018-12-16 23:49 - 000004170 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{781556F2-720F-4AF5-A857-A0596C0A14DB}
2021-01-28 00:03 - 2018-11-23 17:56 - 000000000 ____D C:\Users\ZokiVale\AppData\Local\Packages
2021-01-27 02:23 - 2019-11-15 12:42 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-27 02:23 - 2019-11-15 12:42 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-27 02:23 - 2019-11-15 12:42 - 000002264 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-21 22:37 - 2019-11-12 22:48 - 000799104 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-01-19 19:53 - 2019-03-21 16:56 - 000000000 ____D C:\Users\ZokiVale\AppData\Local\BitTorrentHelper
2021-01-15 10:57 - 2018-12-15 10:43 - 000000000 ____D C:\ProgramData\PCDr
2021-01-15 10:56 - 2020-01-20 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2021-01-15 10:56 - 2015-07-10 12:02 - 000000000 ____D C:\Windows\INF
2021-01-13 00:29 - 2018-11-23 17:52 - 000000000 ____D C:\Windows\system32\MRT
2021-01-13 00:21 - 2018-11-23 17:52 - 135062968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-01-11 20:08 - 2018-11-23 18:25 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-11 20:08 - 2018-11-23 18:25 - 000000000 ____D C:\Users\ZokiVale\AppData\LocalLow\Mozilla
2020-12-31 12:09 - 2019-01-04 19:03 - 000000000 ____D C:\Users\ZokiVale\AppData\Roaming\vlc
2020-12-31 02:31 - 2018-11-23 17:48 - 000915386 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories ========

2019-05-19 10:11 - 2019-05-19 10:13 - 000000004 _____ () C:\ProgramData\lock.dat
2019-05-19 10:11 - 2019-05-19 10:11 - 000000008 _____ () C:\ProgramData\ts.dat
2018-12-14 16:03 - 2018-12-23 16:02 - 000000128 ____H () C:\Users\ZokiVale\microsoft.dat
2018-12-02 17:12 - 2018-12-02 17:12 - 000000069 _____ () C:\Program Files (x86)\dialogysclip.bat
2018-12-02 17:11 - 2018-12-02 17:40 - 000001815 _____ () C:\Program Files (x86)\DialogysUninstWPS.bat
2018-12-02 17:11 - 2018-12-02 17:11 - 000000840 _____ () C:\Program Files (x86)\INSTALL.LOG
2018-12-02 17:11 - 2017-11-08 16:09 - 000176040 _____ () C:\Program Files (x86)\UninstScript.EXE
2019-02-09 18:05 - 2019-12-17 11:11 - 000004408 _____ () C:\Users\ZokiVale\AppData\Roaming\LTspiceXVII.ini
2020-12-11 08:27 - 2020-12-11 08:27 - 000000218 _____ () C:\Users\ZokiVale\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-01-25 15:32
==================== End of FRST.txt ========================





mycity.rs/must-login.png

mycity.rs/must-login.png

• 1Ovo se svidja korisniku: _Sale
  
  Registruj se da bi pohvalio/la poruku!

Zdravo,

Ja cu raditi na tvom slucaju.


Deinstaliraj sledece programe iz Control Panel-a:
Web Companion
YTD Video Downloader 5.9.10
Apowersoft Online Launcher version 1.7.5

Nisam bio siguran zasta ti je ovaj program, pa ako ga ne prepoznajes deinstaliraj i njega:
ConfigTool 4.08.0



Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

SystemRestore: On
CreateRestorePoint:
CloseProcesses:

(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe

HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8442464 2020-12-11] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {0750b68d-f196-11e8-9bc5-24b6fd39c918} - "W:\InstallLauncher.bat"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {2386cca1-b94a-11e9-9bea-c01885794988} - "G:\AutoRun.exe"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {6a96525b-ef41-11e8-9bc4-24b6fd39c918} - "V:\SETUP.EXE"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {bedeb1cf-f64e-11e8-9bc6-c01885794988} - "V:\InstallLauncher.bat"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {bedeb333-f64e-11e8-9bc6-c01885794988} - "V:\InstallLauncher.bat"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {bedeb39c-f64e-11e8-9bc6-c01885794988} - "V:\InstallLauncher.bat"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {bedeb43f-f64e-11e8-9bc6-c01885794988} - "V:\InstallLauncher.bat"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {bedeb4a7-f64e-11e8-9bc6-c01885794988} - "V:\InstallLauncher.bat"
HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\MountPoints2: {bedeb4f4-f64e-11e8-9bc6-c01885794988} - "V:\InstallLauncher.bat"
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29280 2020-12-11] (LAVASOFT SOFTWARE CANADA INC -> )

2021-01-15 10:57 - 2018-12-15 10:43 - 000000000 ____D C:\ProgramData\PCDr
2019-05-19 10:11 - 2019-05-19 10:13 - 000000004 _____ () C:\ProgramData\lock.dat
2019-05-19 10:11 - 2019-05-19 10:11 - 000000008 _____ () C:\ProgramData\ts.dat
2018-12-14 16:03 - 2018-12-23 16:02 - 000000128 ____H () C:\Users\ZokiVale\microsoft.dat

HKU\S-1-5-21-112308427-2752319856-531434809-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2018-11-24 04:44:39&bName=
SearchScopes: HKU\S-1-5-21-112308427-2752319856-531434809-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
SearchScopes: HKU\S-1-5-21-112308427-2752319856-531434809-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10420__181124&q={searchTerms}
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-112308427-2752319856-531434809-1001\...\webcompanion.com -> hxxp://webcompanion.com

EmptyTemp:

Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.

Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Na zalost, nema poboljsanja, Excel ponovo zamrzava (not responding).
Deinstalirao sam one progame, mada njih imam duze vreme (par godina) i do sada nije bilo problema, a ConfigTool je prepoznat kao program za konfiguraciju IP kamere.
Jos nesto, tastatura vec neko otkazuje, neki tasteri slabije se odazivaju, a nekada otkucaju duplo slovo. Nisam do sada obracao paznju na to, mozda ima neke veze.
mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nema traga aktivnog malvera na tvom sistemu, tako da tvoji simptomi nisu uzrokovani malicioznim programima. Probaj da reinstaliras Office, mozda resi problem. Svakako ako problem i dalje postoji, otvori temu u Windows potforumu pa se mozda neko javi sa resenjem.

Na kraju samo preimenuj FRST.exe sa Desktop-a u uninstall.exe i pokreni ga. To ce obrisati FRST i njegove dodatne fajlove.

• 1Ovo se svidja korisniku: L3g1oN
  
  Registruj se da bi pohvalio/la poruku!

Zahvaljujem na pomoci.