Poslao: 30 Dec 2014 22:34
|
offline
- Brksi
- Ex KGB officer
- Pridružio: 18 Jul 2003
- Poruke: 4204
- Gde živiš: U zlatnom kavezu
|
Komp prikacen na mooj ruter, brzina 10/1mb/s ne razvija brzinu vecu od 25 kb/s..... dok moj komp radi u full speedu....... komp je inace kanta... 1 gb RAM-a sa win 7 i integrisanom grafikom i na sve to celeron procesorom...
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-12-2014
Ran by Stankov (administrator) on STANKOV-PC on 30-12-2014 22:28:26
Running from C:\Users\Stankov\Desktop
Loaded Profile: Stankov (Available profiles: Stankov)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Google Inc.) C:\Users\Stankov\AppData\Local\Google\Update\GoogleUpdate.exe
(BitTorrent Inc.) C:\Users\Stankov\AppData\Roaming\uTorrent\uTorrent.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TeamViewer GmbH) C:\Users\Stankov\AppData\Local\Temp\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Users\Stankov\AppData\Local\Temp\TeamViewer\tv_w32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RemoteControl8] => C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [83240 2008-03-20] (Cyberlink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2007-12-14] ()
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [91432 2008-08-08] (cyberlink)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-01-20] (Realtek Semiconductor)
HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [614400 2009-08-15] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-1484728200-697245223-202128682-1000\...\Run: [Google Update] => C:\Users\Stankov\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-11] (Google Inc.)
HKU\S-1-5-21-1484728200-697245223-202128682-1000\...\Run: [uTorrent] => C:\Users\Stankov\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-21] (BitTorrent Inc.)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1484728200-697245223-202128682-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Stankov\AppData\Roaming\Mozilla\Firefox\Profiles\iks8lu13.default
FF Homepage: https://www.google.rs/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-1484728200-697245223-202128682-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Stankov\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1484728200-697245223-202128682-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Stankov\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Stankov\AppData\Roaming\Mozilla\Firefox\Profiles\iks8lu13.default\Extensions\abs@avira.com [2014-12-11]
FF Extension: Adblock Plus - C:\Users\Stankov\AppData\Roaming\Mozilla\Firefox\Profiles\iks8lu13.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-12]
Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.rs/"
CHR Profile: C:\Users\Stankov\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Stankov\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-11]
CHR Extension: (Google Drive) - C:\Users\Stankov\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Stankov\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-12]
CHR Extension: (YouTube) - C:\Users\Stankov\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-11]
CHR Extension: (Adblock Plus) - C:\Users\Stankov\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-12]
CHR Extension: (Google Search) - C:\Users\Stankov\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-11]
CHR Extension: (Avira Browser Safety) - C:\Users\Stankov\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-26]
CHR Extension: (Google Wallet) - C:\Users\Stankov\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-12]
CHR Extension: (Gmail) - C:\Users\Stankov\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 bdselfpr; C:\Users\Stankov\AppData\Local\Temp\RarSFX0\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-06-09] (Samsung Electronics Co., Ltd.) [File not signed]
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2008-01-10] (Samsung Electronics) [File not signed]
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files\CyberLink\PowerDVD8\000.fcl [41456 2008-08-08] (Cyberlink Corp.)
S4 avgntflt; system32\DRIVERS\avgntflt.sys [X]
R4 avkmgr; system32\DRIVERS\avkmgr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-30 22:28 - 2014-12-30 22:29 - 00010846 _____ () C:\Users\Stankov\Desktop\FRST.txt
2014-12-30 22:28 - 2014-12-30 22:28 - 00000000 ____D () C:\FRST
2014-12-30 22:18 - 2014-12-30 22:19 - 01114624 _____ (Farbar) C:\Users\Stankov\Desktop\FRST.exe
2014-12-30 22:08 - 2014-12-30 22:08 - 00009131 _____ () C:\ProgramData\1419973660.2144.bin
2014-12-30 22:08 - 2014-12-30 22:08 - 00002261 _____ () C:\ProgramData\1419973660.2100.bin
2014-12-30 22:08 - 2014-12-30 22:08 - 00000507 _____ () C:\ProgramData\1419973660.1672.bin
2014-12-30 22:08 - 2014-12-30 22:08 - 00000000 ____D () C:\Program Files\Bitdefender
2014-12-30 22:07 - 2014-12-30 22:27 - 38801392 _____ (COMODO) C:\Users\Stankov\Downloads\icedragonsetup.exe
2014-12-30 22:07 - 2014-12-30 22:09 - 00035041 _____ () C:\ProgramData\1419973660.3728.bin
2014-12-30 22:07 - 2014-12-30 22:08 - 00048562 _____ () C:\ProgramData\1419973660.2076.bin
2014-12-30 22:07 - 2014-12-30 22:08 - 00014304 _____ () C:\ProgramData\1419973660.1260.bin
2014-12-30 22:07 - 2014-12-30 22:08 - 00003296 _____ () C:\ProgramData\1419973660.1848.bin
2014-12-30 22:07 - 2014-12-30 22:08 - 00000000 ____D () C:\Users\Stankov\AppData\Roaming\QuickScan
2014-12-30 22:07 - 2013-05-28 12:11 - 00355744 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-12-30 22:07 - 2013-04-22 13:20 - 00164952 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-12-30 22:05 - 2014-12-30 22:07 - 09927424 _____ () C:\Users\Stankov\Downloads\Antivirus_Free_Edition_x86.exe
2014-12-30 22:05 - 2014-12-30 22:05 - 00162208 _____ () C:\Users\Stankov\Downloads\Antivirus_Free_Edition.exe
2014-12-30 21:59 - 2014-12-30 21:59 - 00000000 ____D () C:\OETemp
2014-12-30 21:57 - 2014-12-30 21:57 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2014-12-30 21:52 - 2014-12-30 21:52 - 00001030 _____ () C:\Users\Stankov\Desktop\Your Unin-staller!.lnk
2014-12-30 21:52 - 2014-12-30 21:52 - 00000000 ____D () C:\Users\Stankov\AppData\Roaming\URSoft
2014-12-30 21:52 - 2014-12-30 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7
2014-12-30 21:52 - 2014-12-30 21:52 - 00000000 ____D () C:\Program Files\Your Uninstaller! 7
2014-12-30 21:51 - 2014-12-30 21:51 - 00000000 ____D () C:\Users\Stankov\Desktop\Your.Uninstaller.Pro.7.5.2013.02.DC.18.03.2013
2014-12-30 21:47 - 2014-12-30 21:51 - 00000000 ____D () C:\Users\Stankov\AppData\Roaming\TeamViewer
2014-12-30 21:40 - 2014-12-30 21:42 - 07720120 _____ (TeamViewer GmbH) C:\Users\Stankov\Downloads\TeamViewer_Setup_sr-ckq.exe
2014-12-30 21:20 - 2014-12-30 21:20 - 00004286 _____ () C:\Windows\system32\jupdate-1.7.0_71-b14.log
2014-12-30 21:20 - 2014-12-30 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-30 21:20 - 2014-12-30 21:20 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-12-30 21:20 - 2014-09-26 18:42 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-12-30 21:20 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-12-30 21:20 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-12-30 21:20 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-12-30 21:03 - 2014-12-30 21:03 - 00000000 ___RD () C:\Users\Stankov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
2014-12-09 10:51 - 2014-12-09 10:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-30 22:29 - 2014-06-13 10:40 - 00000000 ____D () C:\Users\Stankov\AppData\Roaming\uTorrent
2014-12-30 22:23 - 2009-07-14 05:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-30 22:23 - 2009-07-14 05:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-30 22:06 - 2014-06-12 07:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-30 21:59 - 2014-08-12 09:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-30 21:59 - 2014-06-11 14:30 - 00000000 ____D () C:\ProgramData\Avira
2014-12-30 21:59 - 2014-06-11 14:30 - 00000000 ____D () C:\Program Files\Avira
2014-12-30 21:59 - 2014-06-10 21:44 - 00046082 _____ () C:\Windows\WindowsUpdate.log
2014-12-30 21:55 - 2014-06-11 10:48 - 00000000 ____D () C:\ProgramData\Temp
2014-12-30 21:21 - 2014-06-12 07:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-30 21:20 - 2014-06-12 07:45 - 00000000 ____D () C:\Program Files\Java
2014-12-30 21:10 - 2009-07-14 05:39 - 00047155 _____ () C:\Windows\setupact.log
2014-12-30 21:03 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-26 23:33 - 2014-06-10 12:49 - 00000000 ____D () C:\Users\Stankov
2014-12-26 23:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-12-26 23:32 - 2014-06-11 10:51 - 00000000 ____D () C:\Users\Stankov\AppData\Roaming\Winamp
2014-12-26 23:32 - 2010-11-21 01:46 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-26 23:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-12-24 18:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-12-19 11:29 - 2014-06-11 12:42 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1484728200-697245223-202128682-1000Core.job
2014-12-19 10:22 - 2014-06-11 14:31 - 00000000 ____D () C:\The KMPlayer
2014-12-12 23:13 - 2010-11-20 22:01 - 00717892 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-12 09:20 - 2014-06-11 12:43 - 00002336 _____ () C:\Users\Stankov\Desktop\Google Chrome.lnk
2014-12-10 15:06 - 2014-06-12 07:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-10 15:06 - 2014-06-12 07:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-10 09:36 - 2014-06-11 12:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-04 11:47 - 2014-09-07 12:53 - 00000000 ____D () C:\Users\Stankov\AppData\Roaming\.minecraft
Some content of TEMP:
====================
C:\Users\Stankov\AppData\Local\Temp\7-zip.dll
C:\Users\Stankov\AppData\Local\Temp\7z.dll
C:\Users\Stankov\AppData\Local\Temp\7z.exe
C:\Users\Stankov\AppData\Local\Temp\avgnt.exe
C:\Users\Stankov\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-25 12:38
==================== End Of Log ============================
https://www.mycity.rs/must-login.png
|
|
|
|
|
Poslao: 31 Dec 2014 11:36
|
offline
- Brksi
- Ex KGB officer
- Pridružio: 18 Jul 2003
- Poruke: 4204
- Gde živiš: U zlatnom kavezu
|
Napisano: 31 Dec 2014 11:33
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-12-2014
Ran by Stankov at 2014-12-31 11:26:42 Run:1
Running from C:\Users\Stankov\Desktop
Loaded Profile: Stankov (Available profiles: Stankov)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51
FF Extension: Avira Browser Safety - C:\Users\Stankov\AppData\Roaming\Mozilla\Firefox\Profiles\iks8lu13.default\Extensions\abs@avira.com [2014-12-11]
CHR Extension: (Avira Browser Safety) - C:\Users\Stankov\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
R1 bdselfpr; C:\Users\Stankov\AppData\Local\Temp\RarSFX0\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
C:\Windows\System32\DRIVERS\gzflt.sys
C:\Windows\System32\DRIVERS\trufos.sys
S4 avgntflt; system32\DRIVERS\avgntflt.sys [X]
R4 avkmgr; system32\DRIVERS\avkmgr.sys [X]
C:\Windows\System32\DRIVERS\avgntflt.sys
C:\Windows\System32\DRIVERS\avkmgr.sys
*****************
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe" => Key deleted successfully.
C:\ProgramData\Temp => ":1CE11B51" ADS removed successfully.
C:\Users\Stankov\AppData\Roaming\Mozilla\Firefox\Profiles\iks8lu13.default\Extensions\abs@avira.com => Moved successfully.
C:\Users\Stankov\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => Key deleted successfully.
bdselfpr => Unable to stop service
bdselfpr => Service deleted successfully.
gzflt => Unable to stop service
gzflt => Service deleted successfully.
trufos => Service stopped successfully.
trufos => Service deleted successfully.
C:\Windows\System32\DRIVERS\gzflt.sys => Moved successfully.
C:\Windows\System32\DRIVERS\trufos.sys => Moved successfully.
avgntflt => Service not found.
avkmgr => Service not found.
"C:\Windows\System32\DRIVERS\avgntflt.sys" => File/Directory not found.
"C:\Windows\System32\DRIVERS\avkmgr.sys" => File/Directory not found.
The system needed a reboot.
==== End of Fixlog 11:26:54 ====
Dopuna: 31 Dec 2014 11:36
Osim toga komp je cist?
Inace ostaci avire i defendera su posledica mog brisanja asvire i pokusaja da ubacim defender, ne bi li koliko toliko omogucio nesrecnoj masini da dise. No ubacivanje je poslo naopako, jer je instaler prijavi gresku, ali to je vec tema za Windows forum.
|
|
|
|
Poslao: 31 Dec 2014 11:39
|
offline
- Sass Drake
- Anti Malware Fighter
Rank 2
- Pridružio: 26 Avg 2010
- Poruke: 10622
- Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building
|
Pokrenut je i BitTorrent klijent. Ugasi ga i reci mi kakvo je sad stanje sa brzinom konekcije.
|
|
|
|
|
|
Poslao: 31 Dec 2014 14:56
|
offline
- Brksi
- Ex KGB officer
- Pridružio: 18 Jul 2003
- Poruke: 4204
- Gde živiš: U zlatnom kavezu
|
Napisano: 31 Dec 2014 14:55
Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org
Database version: v2014.12.31.03
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Stankov :: STANKOV-PC [administrator]
31-Dec-14 14:26:05
mbar-log-2014-12-31 (14-26-05).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 291982
Time elapsed: 21 minute(s), 19 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Dopuna: 31 Dec 2014 14:56
https://www.mycity.rs/must-login.png
|
|
|
|
|
Poslao: 31 Dec 2014 15:07
|
offline
- Brksi
- Ex KGB officer
- Pridružio: 18 Jul 2003
- Poruke: 4204
- Gde živiš: U zlatnom kavezu
|
i njega sam azurirao - jeste bio star, icini se da sad radi bolje...... al mbar mi je dugo skidao
|
|
|
|