Poslao: 10 Apr 2016 14:46
|
offline
- sasa1981
- Novi MyCity građanin
- Pridružio: 10 Apr 2016
- Poruke: 4
|
Zdravo, imam problema sa ispravnim pokazivanjem vremena na windows-u. Jednostavno neznam u cemu je problem,kada namjestim tačno vrjeme sat radi normalno nekih 50-ak minuta , i poslije vraća vrijeme unazad. Sat se tako vrti čas napred, čas unazad, i datum ostaje isti. Problem mi stvara kod ažuriranja windows-a, to jest windows ne radi redovno ažuriranje. Pokušavao sam malwerbytes programom za čišćenje virusa , međutim problem je isti ,pokušavao sam da namjestim vrijeme u samom jezgru racunara, ali ništa. Promijenio sam novu bateriju na matičnoj ploči,i problem je isti.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Cike (administrator) on CIKE-PC (10-04-2016 10:39:55)
Running from C:\Users\Cike\Downloads
Loaded Profiles: Cike (Available Profiles: Cike)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
() C:\Users\Cike\AppData\Roaming\DRPSu\DrvUpdater.exe
(BitTorrent Inc.) C:\Users\Cike\AppData\Roaming\uTorrent\uTorrent.exe
(© 2015 Microsoft Corporation) C:\Users\Cike\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(BitTorrent Inc.) C:\Users\Cike\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(BitTorrent Inc.) C:\Users\Cike\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(Popcorn Time) C:\Program Files\Popcorn Time\Updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [14685936 2015-09-17] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2777392 2015-12-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5089480 2015-07-08] (ESET)
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\Run: [DrvUpdater] => C:\Users\Cike\AppData\Roaming\DRPSu\DrvUpdater.exe [195256 2012-07-07] ()
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6490904 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\Run: [uTorrent] => C:\Users\Cike\AppData\Roaming\uTorrent\uTorrent.exe [1959424 2016-04-05] (BitTorrent Inc.)
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37056 2016-02-01] (Glarysoft Ltd)
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\Run: [BingSvc] => C:\Users\Cike\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\Run: [iCloudPhotos] => C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\MountPoints2: F - F:\INSTALL.EXE
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-11-12] (Microsoft Corporation)
IFEO\icloud.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\iclouddrive.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\icloudweb.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\shellstreamsshortcut.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-01] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-01] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-01] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-01] (Lavasoft Limited)
Winsock: Catalog9 16 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-01] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B1907004-5EBA-48D1-8D22-6B1C68F5A85F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D871A582-25C5-4BE0-864F-6F984EADC0AC}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=en-ww
SearchScopes: HKLM -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKLM -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKU\S-1-5-21-1809856775-3537787909-1327733705-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-10] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-10] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Cike\AppData\Roaming\Mozilla\Firefox\Profiles\vpcxa58i.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-21] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-17] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-17] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-10-09]
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Cike\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Cike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-17]
CHR Extension: (Google Drive) - C:\Users\Cike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-17]
CHR Extension: (YouTube) - C:\Users\Cike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-17]
CHR Extension: (Google Search) - C:\Users\Cike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-17]
CHR Extension: (Bing) - C:\Users\Cike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-02-17]
CHR Extension: (Google Sheets) - C:\Users\Cike\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-17]
CHR Extension: (Google Docs Offline) - C:\Users\Cike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Cike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-17]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [922928 2015-12-08] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-12-08] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [5170992 2015-12-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [3988784 2015-12-08] (NVIDIA Corporation)
S2 PinnacleUpdateSvc; C:\Program Files\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2015-08-06] (PowerUp Software, LLC) [File not signed]
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [266496 2015-09-17] (Realtek Semiconductor)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2449624 2015-08-04] (AVG Technologies)
R2 Update service; C:\Program Files\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-11-20] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202704 2015-07-13] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [144536 2015-07-13] (ESET)
S3 EL90x; C:\Windows\System32\DRIVERS\el90XND5.SYS [156020 2002-09-25] (3Com Corporation) [File not signed]
S3 EL90Xbc; C:\Windows\System32\DRIVERS\el90Xbc5.SYS [77463 2003-06-04] (3Com Corporation)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [132152 2015-07-13] (ESET)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17472 2015-09-27] (Glarysoft Ltd)
R1 HWiNFO32; C:\Program Files\HWiNFO32\HWiNFO32.SYS [21624 2011-09-22] (REALiX(tm))
R2 imbdrv; C:\Windows\System32\drivers\imbdrv.sys [42496 2015-10-28] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-04-10] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18736 2015-12-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [44840 2015-08-11] (NVIDIA Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [30632 2015-06-25] (TuneUp Software)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [98704 2015-10-15] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [119304 2015-10-15] (Oracle Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [13264 2015-09-13] (wisecleaner.com)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-10 10:39 - 2016-04-10 10:40 - 00018282 _____ C:\Users\Cike\Downloads\FRST.txt
2016-04-10 10:38 - 2016-04-10 10:39 - 00000000 ____D C:\FRST
2016-04-10 10:37 - 2016-04-10 10:37 - 01725440 _____ (Farbar) C:\Users\Cike\Downloads\FRST.exe
2016-04-09 15:47 - 2016-04-10 10:16 - 00000000 ____D C:\Users\Cike\AppData\LocalLow\uTorrent
2016-04-05 13:38 - 2016-04-05 12:40 - 00000080 _____ C:\Users\Cike\Desktop\uTorrent.lnk
2016-04-05 13:38 - 2016-04-05 12:40 - 00000080 _____ C:\Users\Cike\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk
2016-03-30 20:00 - 2016-04-05 12:41 - 00000000 ____D C:\Users\Cike\Downloads\PopcornTime
2016-03-30 20:00 - 2016-04-05 12:40 - 00001935 _____ C:\Users\Public\Desktop\Popcorn Time.lnk
2016-03-30 20:00 - 2016-03-30 20:00 - 00000000 ____D C:\Users\Cike\AppData\Local\PopcornTimeDesktop
2016-03-30 19:55 - 2016-03-30 19:58 - 49032804 _____ (Popcorn Time ) C:\Users\Cike\Downloads\PopcornTime-latest.exe
2016-03-30 19:53 - 2016-03-30 19:54 - 01158933 _____ ( ) C:\Users\Cike\Downloads\Unconfirmed 230629.crdownload
2016-03-30 19:51 - 2016-03-30 19:51 - 00114696 _____ C:\Users\Cike\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-30 19:44 - 2016-03-30 19:44 - 00000000 ____D C:\Users\Cike\AppData\Local\ESET
2016-03-30 19:25 - 2016-03-30 19:26 - 03829008 _____ C:\Windows\system32\FNTCACHE.DAT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-02 14:35 - 2014-12-07 18:59 - 00119296 _____ C:\Windows\system32\zlib.dll
2016-04-10 10:37 - 2014-11-09 17:36 - 00000000 ____D C:\Users\Cike\AppData\Roaming\uTorrent
2016-04-10 10:35 - 2014-11-08 18:58 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-10 10:35 - 2009-07-14 06:34 - 00026240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-10 10:35 - 2009-07-14 06:34 - 00026240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-10 10:26 - 2015-06-29 20:11 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-10 10:25 - 2015-09-21 22:08 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-10 10:22 - 2015-12-11 00:51 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-10 10:22 - 2015-09-28 14:32 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-04-10 10:17 - 2015-10-20 11:13 - 00000000 ____D C:\Users\Cike\AppData\Roaming\Skype
2016-04-10 10:17 - 2015-09-27 09:23 - 00000000 ____D C:\Program Files\Glary Utilities 5
2016-04-10 10:16 - 2015-06-29 20:11 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-10 10:16 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-05 12:40 - 2016-02-18 12:18 - 00000635 _____ C:\Users\Public\Desktop\IntelliJ IDEA 13.1.6.lnk
2016-04-05 12:40 - 2016-02-17 20:11 - 00002205 _____ C:\Users\Cike\Desktop\Google Chrome.lnk
2016-04-05 12:40 - 2015-11-30 00:06 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-04-05 12:40 - 2015-11-08 21:35 - 00001103 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-05 12:40 - 2015-10-30 11:14 - 00001878 _____ C:\Users\Cike\Desktop\CorelDRAW.lnk
2016-04-05 12:40 - 2015-10-28 09:41 - 00000935 _____ C:\Users\Public\Desktop\Speccy.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00002252 _____ C:\Users\Cike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00002205 _____ C:\Users\Cike\Desktop\Chrome.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00002049 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00001854 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00001417 _____ C:\Users\Cike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00001212 _____ C:\Users\Cike\Desktop\Calculator.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00001120 _____ C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00001118 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00001099 _____ C:\Users\Public\Desktop\BS.Player PRO.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00001036 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00001027 _____ C:\Users\Public\Desktop\Opera.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00001020 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00000982 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00000942 _____ C:\Users\Public\Desktop\WOW Slider.lnk
2016-04-05 12:40 - 2015-10-20 11:13 - 00000923 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-05 12:39 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\TAPI
2016-03-30 20:00 - 2016-02-18 12:12 - 00000000 ____D C:\Users\Cike\AppData\Local\VirtualStore
2016-03-30 20:00 - 2015-10-23 20:34 - 00000000 ____D C:\Program Files\Popcorn Time
2016-03-30 19:33 - 2014-11-17 11:50 - 00000000 ____D C:\Program Files\Opera
2016-03-22 19:30 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-03-20 18:16 - 2014-11-18 23:17 - 00000000 ____D C:\Users\Cike\AppData\Local\NVIDIA
2016-03-13 21:25 - 2009-07-14 06:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Files in the root of some directories =======
2015-10-20 11:13 - 2015-10-01 17:20 - 0076957 _____ () C:\Users\Cike\AppData\Roaming\userenv.xml
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-10 10:56
==================== End of FRST.txt ============================
mycity.rs/must-login.png
|
|
|
|
Poslao: 11 Apr 2016 10:54
|
offline
- TwinHeadedEagle
- Anti Malware Fighter
Rank 2
- Pridružio: 09 Avg 2011
- Poruke: 15879
- Gde živiš: Beograd
|
Dok kolega ne dodje da ti da instrukcije, pokreni MalwareBytes --> History --> Application Logs, klikni na Scan Log (ili ako ih ima vise jedan po jedan), zatim na Export --> TXT file i sacuvaj ih na desktop. Zatim prikaci ovde sve izvestaje ili vec koliko ih ima od kad si skenirao.
|
|
|
|
Poslao: 11 Apr 2016 15:40
|
offline
- return void
- Anti Malware Fighter
Rank 1
- Pridružio: 02 Jan 2008
- Poruke: 2167
|
Pozdrav!
Isprati uputstvo kolege iznad tj. dostavi logove koje ti trazi, pa onda kreni sa ovim uputstvima ispod
Na pocetku bih ti preporucio da obrises sledece programe:
AVG PC TuneUp
Glary Utilities
Ovi programi nisu maliciozni, ali ne sluze svrsi i obicno uz njih dodje neki program/dodatak koji korisnik, u stvari, ne zeli da dobije. Cilj im je cista promocija i reklama, a ne efikasnost. Na tebi je da odlucis jer, kazem, programi nisu maliciozni, vec jednostavno nisu potrebni.
Da li si ti iskljucio Ethernet ulaz na racunaru, posto iz logova vidim da je "Disabled"?
1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Bing) - C:\Users\Cike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-02-17]
CHR HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
2015-10-20 11:13 - 2015-10-01 17:20 - 0076957 _____ () C:\Users\Cike\AppData\Roaming\userenv.xml
AlternateDataStreams: C:\Windows\system32\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\Windows\system32\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\Windows\system32\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
IE trusted site: HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\webcompanion.com -> hxxp://webcompanion.com
EmptyTemp:
2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.
3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.
Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.
Nakon toga,
Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
U Options isključi Reset Winsock settings ako je uključen.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Cleaning i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C1].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
|
|
|
|
Poslao: 11 Apr 2016 17:42
|
offline
- sasa1981
- Novi MyCity građanin
- Pridružio: 10 Apr 2016
- Poruke: 4
|
Napisano: 11 Apr 2016 17:30
Malwarebytes Anti-Malware
malwarebytes.org
Scan Date: 10/04/2016
Scan Time: 10:39
Logfile: FRST_10-04-2016_10-41-53.txt
Administrator: Yes
Version: 2.2.1.1043
Malware Database: v2016.04.09.05
Rootkit Database: v2016.04.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Cike
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 280307
Time Elapsed: 8 min, 58 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
mycity.rs/must-login.png
Dopuna: 11 Apr 2016 18:42
Evo fix loga
Fix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by Cike (2016-04-10 10:30:23) Run:2
Running from C:\Users\Cike\Desktop
Loaded Profiles: Cike (Available Profiles: Cike)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Bing) - C:\Users\Cike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-02-17]
CHR HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
2015-10-20 11:13 - 2015-10-01 17:20 - 0076957 _____ () C:\Users\Cike\AppData\Roaming\userenv.xml
AlternateDataStreams: C:\Windows\system32\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\Windows\system32\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\Windows\system32\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
IE trusted site: HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\...\webcompanion.com -> hxxp://webcompanion.com
EmptyTemp:
*****************
Restore point was successfully created.
HKLM\SOFTWARE\Policies\Google => key not found.
Chrome HomePage => not found.
Chrome DefaultSearchURL => not found.
Chrome DefaultSearchKeyword => not found.
Chrome DefaultSuggestURL => not found.
C:\Users\Cike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd => not found.
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd => key not found.
"C:\Users\Cike\AppData\Roaming\userenv.xml" => not found.
C:\Windows\system32\zlib.dll => ":DocumentSummaryInformation" ADS removed successfully..
C:\Windows\system32\zlib.dll => ":SummaryInformation" ADS removed successfully..
C:\Windows\system32\zlib.dll => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully..
HKU\S-1-5-21-1809856775-3537787909-1327733705-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => key not found.
EmptyTemp: => 17.5 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 10:31:53 ====
|
|
|
|
Poslao: 11 Apr 2016 18:35
|
offline
- return void
- Anti Malware Fighter
Rank 1
- Pridružio: 02 Jan 2008
- Poruke: 2167
|
U redu, isprati i uputstvo za AdwCleaner koje sam ti dao u prethodnom postu.
|
|
|
|
Poslao: 13 Apr 2016 10:50
|
offline
- sasa1981
- Novi MyCity građanin
- Pridružio: 10 Apr 2016
- Poruke: 4
|
Napisano: 13 Apr 2016 10:23
Ej ljudi evo mene sa zakasnjenjem.Prekjucer kada sam izvrsio skeniranje sa Adw cleaner racunar je odradio restart ,ponovo se upalio , i ja nemogu se vise konektovati na internet , izbrisan mi je sav Windows Update.Da napomenem , da problem sa satom nije rjesio. Evo vama fix log od awd cleaner.
mycity.rs/must-login.png
Dopuna: 13 Apr 2016 11:50
Ej ljudi evo mene sa zakasnjenjem.Prekjucer kada sam izvrsio skeniranje sa Adw cleaner racunar je odradio restart ,ponovo se upalio , i ja nemogu se vise konektovati na internet , izbrisan mi je sav Windows Update.Da napomenem , da problem sa satom nije rjesio. Evo vama fix log od awd cleaner.
mycity.rs/must-login.png
|
|
|
|
Poslao: 13 Apr 2016 16:52
|
offline
- return void
- Anti Malware Fighter
Rank 1
- Pridružio: 02 Jan 2008
- Poruke: 2167
|
U mojoj prvoj poruci sam te pitao da li si ti prebacio ethernet drajver na "Disabled", ali mi nisi odgovorio. Imas li instaliran drajver za ethernet port?
Sto se tice adwcleaner-a i FRST-a, oni nisu uzrokovali problem sa nestankom interneta.
Odradi i ovu proveru:
Preuzmi TDSSKiller, sacuvaj alat na Desktop i dvoklikom pokreni TDSSKiller.exe
U "End user Licence Agreement" dijalogu klikni na Accept.
Takođe, u "KSN Statement" dijalogu klikni na Accept.
klikni na dugme Start Scan
Ukoliko sumnjive stavke Suspicious object budu detektovani, podrazumevana opcija (default action) jeste Skip, klikni na Continue.
Ukoliko maliciozni objekti Malicious objects budu detektovani, izaberi opciju Cure.
Okaci mi sadrzaj log-a sa sledece lokacije:
C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt
(DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vreme kada je log napravljen)
|
|
|
|