Odjednom mi usporio kompjuter

Odjednom mi usporio kompjuter

offline
  • u administraciji
  • Pridružio: 16 Okt 2010
  • Poruke: 3468
  • Gde živiš: KRAGUJEVAC

Odjednom mi usporio kompjuter.Imam Windows 7 Ultimate.
Matična je Gigabyte G31M-S2C.
2GB RAM-a imam
Procesor Intel Pentium D 805

Učitava mi stranice duže nego obično i otvara program duže nego obično. Usporio je baš, čistim ga od prašine redovno, imam ADSL 10mb/s download i 1024kb/s upload.

Molim proveru .



Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
Ran by dejan (administrator) on DEJAN-PC (11-02-2016 18:19:10)
Running from C:\Users\dejan\Desktop
Loaded Profiles: dejan (Available Profiles: dejan)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(REALiX) C:\Users\dejan\Downloads\Compressed\hw32_520\HWiNFO32.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1839528 2016-02-01] (Bitdefender)
HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3907152 2015-09-23] (Tonec Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\dejan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2016-01-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\dejan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2016-01-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\dejan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2016-01-20] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2965C6DE-563C-4504-945D-221BB2EAC7BE}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=U301
SearchScopes: HKU\S-1-5-21-1668144661-2884591123-2203260530-1001 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKU\S-1-5-21-1668144661-2884591123-2203260530-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-08-28] (Internet Download Manager, Tonec Inc.)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-01-21] (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-26] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-26] (Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-01-21] (Bitdefender)

FireFox:
========
FF ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1mq1do1l.default-1451739043875
FF NewTab: hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ff_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_0_1201_1403_20160126_RS_ff_nt_
FF DefaultSearchEngine: Example Engine
FF SearchEngineOrder.1: Amazon
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-26] (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Extension: DownThemAll! - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1mq1do1l.default-1451739043875\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-02-02]
FF Extension: DownThemAll! v3.0b6 Windows 10 FIX - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1mq1do1l.default-1451739043875\Extensions\dta3noaero@vano.xpi [2016-02-02]
FF Extension: Notifier for Twitter™ - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1mq1do1l.default-1451739043875\Extensions\jid1-qabDKwVsr2BZyp@jetpack.xpi [2016-02-01]
FF Extension: Adblock Plus - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1mq1do1l.default-1451739043875\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff [2016-02-02]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-02-02] [not signed]
FF HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015-09-23]
FF HKU\S-1-5-21-1668144661-2884591123-2203260530-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\dejan\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\dejan\AppData\Roaming\IDM\idmmzcc5 [2016-02-11] [not signed]

Chrome:
=======
CHR Profile: C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (IDM Integration Module) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-02-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-19]
CHR HKLM\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-07-10]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [383640 2015-11-25] ()
R2 FileZilla Server; C:\Program Files\FileZilla Server\FileZilla Server.exe [794584 2015-06-12] (FileZilla Project)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [857288 2015-11-09] (Bitdefender)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [112792 2015-11-25] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [106536 2016-01-21] (Bitdefender)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [383640 2015-11-25] ()
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1411640 2016-02-01] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1274432 2016-01-22] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [666512 2016-01-22] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [93648 2012-10-29] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [83824 2015-12-04] (BitDefender)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [15968 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2014-11-18] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [173832 2015-04-29] (BitDefender LLC)
R0 ignis; C:\Windows\System32\DRIVERS\ignis.sys [219248 2015-10-22] (Bitdefender)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [422664 2015-06-02] (BitDefender S.R.L.)
R3 HWiNFO32; \??\C:\Users\dejan\AppData\Local\Temp\HWiNFO32.SYS [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 TEAM; system32\DRIVERS\RtTeam60.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-09 01:19 - 2016-02-09 19:04 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-07 18:57 - 2016-02-10 13:12 - 00003943 _____ C:\bdlog.txt
2016-02-07 14:03 - 2016-02-07 14:03 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2016-02-07 14:00 - 2016-02-07 14:00 - 00000308 ____H C:\bdr-cf01
2016-02-07 13:59 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2016-02-07 13:58 - 2016-01-22 08:12 - 00666512 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2016-02-07 13:58 - 2016-01-22 08:11 - 01274432 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2016-02-07 13:58 - 2015-12-04 19:27 - 00083824 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2016-02-07 13:58 - 2015-10-22 14:02 - 00219248 _____ (Bitdefender) C:\Windows\system32\Drivers\ignis.sys
2016-02-07 13:57 - 2016-02-07 14:00 - 00253404 ____H C:\bdr-ld01
2016-02-07 13:57 - 2016-02-07 14:00 - 00009216 ____H C:\bdr-ld01.mbr
2016-02-07 13:57 - 2015-12-15 21:35 - 39692613 ____H C:\bdr-im01.gz
2016-02-07 13:57 - 2012-08-15 14:28 - 02294848 ____H C:\bdr-bz01
2016-02-07 13:47 - 2016-02-07 13:47 - 00000000 ____D C:\Program Files\Bitdefender
2016-02-07 13:47 - 2015-06-02 14:21 - 00422664 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2016-02-07 13:47 - 2015-04-29 13:31 - 00173832 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2016-02-07 13:39 - 2016-02-07 13:47 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-02-07 13:32 - 2016-02-11 18:17 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-02-06 14:27 - 2016-02-06 14:27 - 00000000 ____D C:\_067617_
2016-02-01 22:50 - 2016-02-01 22:50 - 00000000 ____D C:\MSIebbfd.tmp
2016-01-26 02:17 - 2016-02-07 13:25 - 00000000 ____D C:\Program Files\Amazon Browser Settings
2016-01-26 02:15 - 2016-01-26 02:15 - 00000000 ____D C:\Program Files\Common Files\Java
2016-01-26 02:15 - 2016-01-26 02:15 - 00000000 ____D C:\MSI4e19e.tmp
2016-01-26 02:15 - 2016-01-26 02:15 - 00000000 ____D C:\MSI4e199.tmp
2016-01-26 02:15 - 2016-01-26 02:15 - 00000000 ____D C:\MSI4e191.tmp
2016-01-26 02:14 - 2016-01-26 02:14 - 00000000 ____D C:\MSI4e18c.tmp
2016-01-16 14:11 - 2016-01-16 17:20 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-16 14:09 - 2016-01-16 17:19 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-14 20:24 - 2016-01-16 17:21 - 00000000 ____D C:\Program Files\VS Revo Group
2016-01-13 13:33 - 2016-01-13 13:33 - 00000000 ____D C:\MSI2f1ec.tmp
2016-01-12 23:51 - 2016-01-12 23:54 - 00000000 ____D C:\AdwCleaner
2016-01-12 19:27 - 2016-01-29 01:36 - 00000000 ____D C:\Program Files\Messenger for Desktop

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-11 17:50 - 2015-10-22 13:34 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-11 17:22 - 2015-10-14 18:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-11 11:56 - 2009-07-14 05:34 - 00020192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-11 11:56 - 2009-07-14 05:34 - 00020192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-11 11:41 - 2015-10-22 13:34 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-11 11:41 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-11 01:33 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-09 21:16 - 2015-10-14 18:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-09 20:24 - 2015-10-14 18:29 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-09 20:24 - 2015-10-14 18:29 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-08 12:07 - 2009-07-14 05:33 - 00269880 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-07 19:08 - 2015-11-24 13:33 - 00000000 ____D C:\Program Files\TeamViewer
2016-02-07 13:28 - 2015-12-17 15:56 - 00000000 ____D C:\Program Files\NortonInstaller
2016-02-06 23:04 - 2009-07-14 05:53 - 00032644 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-05 15:28 - 2015-10-31 17:12 - 00000000 ____D C:\Program Files\Internet Download Manager
2016-01-26 20:06 - 2015-10-20 14:51 - 00000000 ____D C:\Program Files\CCleaner
2016-01-26 02:14 - 2015-10-15 15:41 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-01-26 02:14 - 2015-10-15 15:41 - 00000000 ____D C:\Program Files\Java
2016-01-17 12:48 - 2016-01-04 21:54 - 00000892 _____ C:\DelFix.txt
2016-01-16 17:26 - 2015-12-20 19:12 - 00000000 ____D C:\Program Files\Realtek
2016-01-16 17:25 - 2015-10-24 17:55 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-01-13 18:50 - 2015-10-22 13:34 - 00000000 ____D C:\Program Files\Google

==================== Files in the root of some directories =======

2016-02-07 14:24 - 2016-02-07 14:24 - 0514587 _____ () C:\ProgramData\1454848780.bdinstall.bin

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-08 01:59

==================== End of FRST.txt ============================


https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

CreateRestorePoint:

FF ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1mq1do1l.default-1451739043875
FF NewTab: hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ff_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_0_1201_1403_20160126_RS_ff_nt_
FF DefaultSearchEngine: Example Engine
FF SearchEngineOrder.1: Amazon
C:\Program Files\Amazon Browser Settings

Task: {76127055-0B99-4761-A4C8-B4D1BFE5E2E3} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {8482D38D-B469-405E-8FCB-FE7CCCF54EBF} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe

EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

offline
  • u administraciji
  • Pridružio: 16 Okt 2010
  • Poruke: 3468
  • Gde živiš: KRAGUJEVAC

Fix result of Farbar Recovery Scan Tool (x86) Version:07-02-2016
Ran by dejan (2016-02-12 13:04:30) Run:1
Running from C:\Users\dejan\Desktop
Loaded Profiles: dejan (Available Profiles: dejan)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CreateRestorePoint:

FF ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1mq1do1l.default-1451739043875
FF NewTab: hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ff_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_0_1201_1403_20160126_RS_ff_nt_
FF DefaultSearchEngine: Example Engine
FF SearchEngineOrder.1: Amazon
C:\Program Files\Amazon Browser Settings

Task: {76127055-0B99-4761-A4C8-B4D1BFE5E2E3} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {8482D38D-B469-405E-8FCB-FE7CCCF54EBF} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe

EmptyTemp:
*****************

Restore point was successfully created.
FF ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\1mq1do1l.default-1451739043875 => FRST is scripted not to move this directory.
Firefox "newtab" removed successfully.
Firefox DefaultSearchEngine removed successfully.
Firefox SearchEngineOrder.1 removed successfully.

"C:\Program Files\Amazon Browser Settings" folder move:

Could not move "C:\Program Files\Amazon Browser Settings" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76127055-0B99-4761-A4C8-B4D1BFE5E2E3}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76127055-0B99-4761-A4C8-B4D1BFE5E2E3}" => key removed successfully.
C:\Windows\System32\Tasks\Norton Identity Safe\Norton Error Analyzer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Identity Safe\Norton Error Analyzer" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8482D38D-B469-405E-8FCB-FE7CCCF54EBF}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8482D38D-B469-405E-8FCB-FE7CCCF54EBF}" => key removed successfully.
Could not move "C:\Windows\System32\Tasks\Norton Identity Safe\Norton Error Processor" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Identity Safe\Norton Error Processor" => key removed successfully.
EmptyTemp: => 1.8 GB temporary data Removed.

==== End of Fixlog 13:07:37 ====

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sada stanje?

offline
  • u administraciji
  • Pridružio: 16 Okt 2010
  • Poruke: 3468
  • Gde živiš: KRAGUJEVAC

Nije nešto bolje Sass , ne znam da li ima veze sa brzinom interneta, imam 10mb/s download, u podešavanjima rutera piše 8129-bandwith download? , speed test ne prelazi 7 mb/s .

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Imaš poprilično mator procesor, a što se neta tiče biće da je problem u Telekomu. ama ostaje da još obavimo jednu provjeru za svaki slučaj:

Arrow

Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;



• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.





>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.





Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Ko je trenutno na forumu
 

Ukupno su 519 korisnika na forumu :: 10 registrovanih, 1 sakriven i 508 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Ageofloneliness, babaroga, bigfoot, Kichma, laurusri, Milometer, Nobunaga, samsung, SlaKoj, voja64