Poslao: 17 Sep 2017 20:13
|
offline
- busman1
- Novi MyCity građanin
- Pridružio: 17 Sep 2017
- Poruke: 4
|
Pozdrav!
Imam problem s PC-em. Jako je spor, pokretanje dugo traje, također i otvaranje bilo kojeg programa. Imam Kaspersky antivirus, on mi ništa ne detektuje.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2017
Ran by Ante (administrator) on ANAANTE (17-09-2017 21:05:18)
Running from C:\Users\Ante\Downloads
Loaded Profiles: Ante & Administrator (Available Profiles: Ante & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avp.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Megaify Software Co., Ltd.) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
(Lenovo) C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avpui.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSATray.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-05-22] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [815512 2012-04-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [MagicPlusHelper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499208 2015-08-24] (Lenovo)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe [130808 2017-07-17] (Intel)
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\Run: [GoogleChromeAutoLaunch_F161DEE956D414DF29F9CD612AB272CC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1301848 2017-08-23] (Google Inc.)
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25607952 2017-08-04] (Google)
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\MountPoints2: {1efea529-3414-11e7-bebb-208984b4132a} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\MountPoints2: {619a0876-8112-11e7-bebf-208984b4132a} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\MountPoints2: {7c3f3371-2f48-11e7-bebb-208984b4132a} - "E:\titanic.exe"
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\MountPoints2: {d2a7fbd6-a513-11e3-be84-208984b4132a} - "F:\LGAutoRun.exe"
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-3822460687-1371615998-2300488824-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 77.78.192.20 94.140.66.194
Tcpip\..\Interfaces\{00F27E5E-335B-4ABC-A408-8AFE6E885C3D}: [DhcpNameServer] 77.78.192.20 94.140.66.194
Internet Explorer:
==================
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-3822460687-1371615998-2300488824-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-3822460687-1371615998-2300488824-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {11D2FA4E-3CF7-463D-A418-6EB1E4181AB4} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3822460687-1371615998-2300488824-1001 -> DefaultScope {FEBFCAD9-5723-4946-A71C-2D4E82DDAC22} URL =
SearchScopes: HKU\S-1-5-21-3822460687-1371615998-2300488824-1001 -> {FEBFCAD9-5723-4946-A71C-2D4E82DDAC22} URL =
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\IEExt\ie_plugin.dll [2017-09-08] (AO Kaspersky Lab)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\IEExt\ie_plugin.dll [2017-09-08] (AO Kaspersky Lab)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-01] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-04-04] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-01] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-04-04] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\IEExt\ie_plugin.dll [2017-09-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-04-04] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\IEExt\ie_plugin.dll [2017-09-08] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-3822460687-1371615998-2300488824-1001 -> Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\IEExt\ie_plugin.dll [2017-09-08] (AO Kaspersky Lab)
FireFox:
========
FF ProfilePath: C:\Users\Ante\AppData\Roaming\Mozilla\Firefox\Profiles\7AI1vDW5.default [2016-05-07]
FF Extension: (Avira Browser Safety) - C:\Users\Ante\AppData\Roaming\Mozilla\Firefox\Profiles\7AI1vDW5.default\Extensions\abs@avira.com.xpi [2016-02-15]
FF HKLM\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-09-08]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-03-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2011-05-23] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2015-04-06] (Verimatrix, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3822460687-1371615998-2300488824-1001: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2015-04-06] (Verimatrix, Inc.)
FF Plugin HKU\S-1-5-21-3822460687-1371615998-2300488824-1001: aviion.tv/AviionAuthTokenMaker -> C:\Users\Ante\AppData\Roaming\AVIIONMediadoo\AviionAuthTokenMaker\1.0.0.2\npAviionAuthTokenMaker.dll [2013-11-20] (AVIION Media d.o.o.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.ba/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8"
CHR Profile: C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default [2017-09-17]
CHR Extension: (Google Slides) - C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06]
CHR Extension: (Google Docs) - C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google disk) - C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google pretraživanje) - C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Google Sheets) - C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06]
CHR Extension: (Houzz Bookmarklet) - C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjpekndimioildjhjfglcdgpahjoich [2016-02-20]
CHR Extension: (Avira Browser Safety) - C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-09]
CHR Extension: (Google dokumenti izvanmrežno) - C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-11-05]
CHR Extension: (Plaćanja u web-trgovini Chrome) - C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-11]
CHR Profile: C:\Users\Ante\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-02-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
S3 DeviceFastLaneService; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated)
R2 DSAService; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [21240 2017-07-17] (Intel)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [662088 2013-03-16] (Acer Incorporated)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319096 2017-05-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\vssbridge64.exe [426416 2017-09-08] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-05-22] (Dritek System INC.)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [157456 2017-03-07] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S2 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2016-07-28] (Disc Soft Ltd)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2016-12-22] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86240 2016-12-27] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207584 2017-09-08] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [522736 2017-09-08] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1054432 2017-09-08] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-10-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-06-23] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\system32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93920 2016-12-20] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136176 2017-06-23] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199360 2017-06-23] (AO Kaspersky Lab)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-05-22] (Dritek System Inc.)
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-17 21:05 - 2017-09-17 21:05 - 000024523 _____ C:\Users\Ante\Downloads\FRST.txt
2017-09-17 21:04 - 2017-09-17 21:04 - 002399744 _____ (Farbar) C:\Users\Ante\Downloads\FRST64.exe
2017-09-17 20:47 - 2017-09-17 20:47 - 000002426 _____ C:\WINDOWS\system32\default_error_stack-000001-000000.txt
2017-09-17 20:42 - 2017-09-17 20:42 - 000002426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2017-09-17 20:40 - 2017-09-17 20:41 - 000486896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-09 11:30 - 2017-09-16 10:41 - 000000000 ____D C:\Users\Ante\AppData\LocalLow\uTorrent
2017-09-08 19:53 - 2017-09-08 19:53 - 000003032 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2017-09-08 19:53 - 2017-09-08 19:53 - 000002029 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
2017-09-08 19:53 - 2017-09-08 19:53 - 000001224 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2017-09-08 19:53 - 2017-09-08 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-09-08 19:53 - 2017-09-08 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
2017-09-08 19:53 - 2017-09-08 19:53 - 000000000 ____D C:\Program Files\Common Files\AV
2017-09-08 19:53 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2017-09-08 19:52 - 2017-09-17 20:55 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-08 19:52 - 2017-09-08 20:10 - 001054432 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-09-08 19:52 - 2017-09-08 20:10 - 000207584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-09-08 19:52 - 2017-09-08 19:53 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-09-08 19:52 - 2017-09-08 19:52 - 000522736 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2017-09-08 19:52 - 2017-09-08 19:52 - 000149584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2017-09-08 19:51 - 2017-09-08 19:51 - 002376368 _____ (Kaspersky Lab) C:\Users\Ante\Downloads\kfa18.0.0.405aben_12579.exe
2017-09-08 19:47 - 2017-09-08 19:47 - 000000000 ____D C:\Users\Ante\AppData\Local\Avira_Operations_GmbH_&_C
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-17 21:05 - 2016-02-20 23:47 - 000000000 ____D C:\FRST
2017-09-17 20:57 - 2015-03-03 17:44 - 000003918 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F2B5AAA9-E873-4969-B89C-E3D31C4AA720}
2017-09-17 20:55 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2017-09-17 20:54 - 2016-11-05 13:09 - 000000000 ___RD C:\Users\Ante\Google Drive
2017-09-17 20:52 - 2017-08-02 12:39 - 000000372 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job
2017-09-17 20:52 - 2014-12-15 22:33 - 000000000 __RDO C:\Users\Ante\OneDrive
2017-09-17 20:52 - 2014-08-12 15:15 - 000000000 __SHD C:\Users\Ante\IntelGraphicsProfiles
2017-09-17 20:51 - 2014-12-15 22:02 - 000000000 ____D C:\Users\Ante
2017-09-17 20:46 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-17 20:40 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2017-09-17 20:37 - 2014-12-22 16:37 - 000000000 ____D C:\Users\Ante\AppData\Roaming\uTorrent
2017-09-17 20:37 - 2014-12-02 13:14 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-17 19:14 - 2017-07-01 20:47 - 000000000 ____D C:\Users\Ante\Desktop\Dezure
2017-09-16 15:26 - 2016-02-12 14:42 - 000000000 ____D C:\Users\Ante\Downloads\Avira
2017-09-11 19:04 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-09 12:41 - 2014-12-06 11:36 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822460687-1371615998-2300488824-1001
2017-09-09 12:08 - 2016-12-29 23:31 - 000000709 _____ C:\Users\Public\Desktop\FM Genie Scout 17.lnk
2017-09-09 12:08 - 2016-12-29 23:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FM Genie Scout 17
2017-09-09 12:08 - 2016-12-29 23:31 - 000000000 ____D C:\FM Genie Scout 17
2017-09-08 19:52 - 2012-07-26 10:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-09-08 19:48 - 2016-05-23 23:06 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-08 19:48 - 2014-12-02 23:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-08 19:47 - 2016-02-12 14:47 - 000000000 ____D C:\ProgramData\Avira
2017-09-08 19:47 - 2016-02-12 14:47 - 000000000 ____D C:\Program Files (x86)\Avira
2017-09-08 19:34 - 2016-02-26 01:37 - 000000000 ____D C:\Users\Ante\AppData\Roaming\Avira
2017-09-08 19:31 - 2017-07-27 17:20 - 000003168 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3822460687-1371615998-2300488824-1001
2017-09-08 19:31 - 2016-04-28 16:14 - 000002348 _____ C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-09-08 19:31 - 2016-03-02 00:10 - 000003176 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3822460687-1371615998-2300488824-1001
2017-09-06 19:10 - 2016-12-30 12:14 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-09-03 20:31 - 2014-09-24 09:15 - 000863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-03 20:25 - 2014-08-08 17:58 - 000000000 ____D C:\Users\Ante\Downloads\Filmovi
2017-08-29 21:16 - 2016-12-27 11:31 - 000000000 ____D C:\Users\Ante\Desktop\Financije
2017-08-29 21:00 - 2016-02-16 10:33 - 000002183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-29 21:00 - 2016-02-16 10:33 - 000002171 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-25 19:24 - 2016-11-05 13:07 - 000002030 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-08-25 19:24 - 2016-11-05 13:07 - 000002028 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-08-25 19:24 - 2016-11-05 13:07 - 000002018 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-08-25 19:24 - 2016-11-05 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-08-20 13:20 - 2014-08-08 18:29 - 000000000 ____D C:\Users\Ante\Desktop\Radiologija
==================== Files in the root of some directories =======
2014-12-23 12:27 - 2014-12-23 12:27 - 000000037 ___SH () C:\Users\Ante\AppData\Local\20986331705021ca58edc424.96250074
2015-02-22 01:32 - 2016-10-08 16:04 - 000004608 _____ () C:\Users\Ante\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-09-12 17:09
==================== End of FRST.txt ============================
mycity.rs/must-login.png
|
|
|
|
Poslao: 18 Sep 2017 12:50
|
offline
- softwaremaniac
- AMF pripravnik
- Pridružio: 14 Jun 2016
- Poruke: 535
|
Pozdrav,
molim te da ukloniš DriverToolkit preko Control Panela.
1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:
CreateRestorePoint:
(Megaify Software Co., Ltd.) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\MountPoints2: {1efea529-3414-11e7-bebb-208984b4132a} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\MountPoints2: {619a0876-8112-11e7-bebf-208984b4132a} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\MountPoints2: {7c3f3371-2f48-11e7-bebb-208984b4132a} - "E:\titanic.exe"
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\MountPoints2: {d2a7fbd6-a513-11e3-be84-208984b4132a} - "F:\LGAutoRun.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {11D2FA4E-3CF7-463D-A418-6EB1E4181AB4} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3822460687-1371615998-2300488824-1001 -> DefaultScope {FEBFCAD9-5723-4946-A71C-2D4E82DDAC22} URL =
SearchScopes: HKU\S-1-5-21-3822460687-1371615998-2300488824-1001 -> {FEBFCAD9-5723-4946-A71C-2D4E82DDAC22} URL =
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
2017-09-17 20:52 - 2017-08-02 12:39 - 000000372 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job
FirewallRules: [{A63FD6BC-F9DB-420E-A36B-39DA6DA0C262}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{DF42D6D8-FDE1-48C3-A034-C7BEC9A473F6}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{E564E00E-24DB-4F19-9B1C-845F2299A8FA}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{1942AAEE-D21F-45F6-8BAB-709AA77D55F2}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{E36C2CF3-8F76-448D-A40D-E12841EB5B42}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{A7884543-B014-4C0A-8F9E-15145EF63073}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
F:\Lenovo_Suite.exe
E:\titanic.exe
F:\LGAutoRun.exe
EmptyTemp:
2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.
3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.
Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.
|
|
|
|
Poslao: 18 Sep 2017 15:44
|
offline
- busman1
- Novi MyCity građanin
- Pridružio: 17 Sep 2017
- Poruke: 4
|
Uradio sam kako ste rekli, ali se nije pojavio fixlog.txt na desktopu...
|
|
|
|
|
Poslao: 19 Sep 2017 14:02
|
offline
- busman1
- Novi MyCity građanin
- Pridružio: 17 Sep 2017
- Poruke: 4
|
Fix result of Farbar Recovery Scan Tool (x64) Version: 17-09-2017 01
Ran by Ante (18-09-2017 14:59:06) Run:1
Running from C:\Users\Ante\Downloads
Loaded Profiles: Ante (Available Profiles: Ante & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CreateRestorePoint:
(Megaify Software Co., Ltd.) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\MountPoints2: {1efea529-3414-11e7-bebb-208984b4132a} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\MountPoints2: {619a0876-8112-11e7-bebf-208984b4132a} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\MountPoints2: {7c3f3371-2f48-11e7-bebb-208984b4132a} - "E:\titanic.exe"
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\...\MountPoints2: {d2a7fbd6-a513-11e3-be84-208984b4132a} - "F:\LGAutoRun.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {11D2FA4E-3CF7-463D-A418-6EB1E4181AB4} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3822460687-1371615998-2300488824-1001 -> DefaultScope {FEBFCAD9-5723-4946-A71C-2D4E82DDAC22} URL =
SearchScopes: HKU\S-1-5-21-3822460687-1371615998-2300488824-1001 -> {FEBFCAD9-5723-4946-A71C-2D4E82DDAC22} URL =
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
2017-09-17 20:52 - 2017-08-02 12:39 - 000000372 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job
FirewallRules: [{A63FD6BC-F9DB-420E-A36B-39DA6DA0C262}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{DF42D6D8-FDE1-48C3-A034-C7BEC9A473F6}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{E564E00E-24DB-4F19-9B1C-845F2299A8FA}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{1942AAEE-D21F-45F6-8BAB-709AA77D55F2}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{E36C2CF3-8F76-448D-A40D-E12841EB5B42}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{A7884543-B014-4C0A-8F9E-15145EF63073}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
F:\Lenovo_Suite.exe
E:\titanic.exe
F:\LGAutoRun.exe
EmptyTemp:
*****************
Restore point was successfully created.
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value not found.
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1efea529-3414-11e7-bebb-208984b4132a} => key not found.
HKLM\Software\Classes\CLSID\{1efea529-3414-11e7-bebb-208984b4132a} => key not found.
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{619a0876-8112-11e7-bebf-208984b4132a} => key not found.
HKLM\Software\Classes\CLSID\{619a0876-8112-11e7-bebf-208984b4132a} => key not found.
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c3f3371-2f48-11e7-bebb-208984b4132a} => key not found.
HKLM\Software\Classes\CLSID\{7c3f3371-2f48-11e7-bebb-208984b4132a} => key not found.
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d2a7fbd6-a513-11e3-be84-208984b4132a} => key not found.
HKLM\Software\Classes\CLSID\{d2a7fbd6-a513-11e3-be84-208984b4132a} => key not found.
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3822460687-1371615998-2300488824-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FEBFCAD9-5723-4946-A71C-2D4E82DDAC22} => key not found.
HKLM\Software\Classes\CLSID\{FEBFCAD9-5723-4946-A71C-2D4E82DDAC22} => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 => key removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key removed successfully
"C:\WINDOWS\Tasks\DriverToolkit Autorun.job" => not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A63FD6BC-F9DB-420E-A36B-39DA6DA0C262} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF42D6D8-FDE1-48C3-A034-C7BEC9A473F6} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E564E00E-24DB-4F19-9B1C-845F2299A8FA} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1942AAEE-D21F-45F6-8BAB-709AA77D55F2} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E36C2CF3-8F76-448D-A40D-E12841EB5B42} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7884543-B014-4C0A-8F9E-15145EF63073} => value not found.
"F:\Lenovo_Suite.exe" => not found.
"E:\titanic.exe" => not found.
"F:\LGAutoRun.exe" => not found.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5338910 B
Java, Flash, Steam htmlcache => 18690061 B
Windows/system/drivers => 2376012 B
Edge => 0 B
Chrome => 242224040 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3186 B
NetworkService => 0 B
Ante => 17411519 B
Administrator => 12201 B
RecycleBin => 0 B
EmptyTemp: => 280.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:01:46 ====
|
|
|
|
Poslao: 19 Sep 2017 16:31
|
offline
- softwaremaniac
- AMF pripravnik
- Pridružio: 14 Jun 2016
- Poruke: 535
|
Preuzmi Malwarebytes Anti-Malware sa ovog ili ovog ili ovog linka i instaliraj aplikaciju.
Pokreni mb3-setup-consumer-{verzija}.exe i isprati uputstva za instalaciju programa. Nakon instalacije, klikni na Finish
Prilikom prvog pokretanja, program će prikazati prozor "dobrodošlice". Slobodno zatvori taj prozor.
Napomena: Premium funkcije programa su već aktivirane i važe 13 dana od trenutka instalacije. Premium funkcije možeš isključiti preko Settings > My Account tab podešavanja.
• Podešavanja skenera - u Settings, klikni na Protection tab. Ispod Scan Options sekcije, uključi "Scan for rootkits" opciju.
• Pripremi podešavanja za Threat Scan - u Dashboard , klikni na Scan Now dugme. MBAM će ažurirati bazu i započeti skeniranje.
Kada se skeniranje završi, ako je infekcija detektovana, obrati pažnju da je sve označeno, pa klikni na Remove Selected. Restartuj računar ako program upita za restart.
• Dostavi log: Pod Reports izaberi trenutni datum izveštaja Scan Report i potom klikni na View Report.
Izvezi log na Desktop;
- Klikni na Export dugme na dnu, pa onda izaberi 'Text file (*.txt)'
# U Save File dijalogu koji se pojavi, klikni na Desktop. U File name: polje, upiši "mbam" (bez navodnika) i klikni na Save.
- Pojaviće se poruka "Your file has been successfully exported", klikni Ok i zatvori prozor.
• U odgovoru prikači mbam.txt log koristeći "Prikači fajl" opciju .
Zatim:
Preuzmi AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
U Tools odaberi Options.
U dijaloškom okviru koji se pojavi isključi Reset Winsock settings ako je uključen.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Ako ti javi da postoji novija verzija, postaraj se da je preuzmeš.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Pojavit će se poruka da računar treba restartovati. Klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
|
|
|
|
|
|