API tools faq
paste
Advertisement
adnandjecevic

Untitled

adnandjecevic
Oct 31st, 2014
183
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.26 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2014 01
  2. Ran by Hamid Sabovic (administrator) on HAMIDSABOVIC on 31-10-2014 14:05:19
  3. Running from C:\Users\Hamid Sabovic\Downloads
  4. Loaded Profile: Hamid Sabovic (Available profiles: Hamid Sabovic)
  5. Platform: Microsoft Windows 7 Professional (X86) OS Language: English (United States)
  6. Internet Explorer Version 8
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
  15. (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
  16. (Intel Corporation) C:\Windows\System32\igfxtray.exe
  17. (Intel Corporation) C:\Windows\System32\hkcmd.exe
  18. (Intel Corporation) C:\Windows\System32\igfxpers.exe
  19. (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
  20. (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
  21. (Microsoft Corporation) C:\Windows\System32\wscript.exe
  22. (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
  23. (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
  24. (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
  25. (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
  26. (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
  27. (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
  28. (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
  29. (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
  30. (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
  31.  
  32.  
  33. ==================== Registry (Whitelisted) ==================
  34.  
  35. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  36.  
  37. HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
  38. HKU\S-1-5-21-3468699941-1697581286-2913422694-1000\...\Run: [prncnfg] => wscript.exe //B "C:\Users\Hamid Sabovic\AppData\Roaming\prncnfg.vbs"
  39. HKU\S-1-5-21-3468699941-1697581286-2913422694-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
  40. Startup: C:\Users\Hamid Sabovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\prncnfg.vbs ()
  41.  
  42. ==================== Internet (Whitelisted) ====================
  43.  
  44. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  45.  
  46. ProxyEnable: Internet Explorer proxy is enabled.
  47. ProxyServer: array01.isu.gov.me:8080
  48. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
  49. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
  50. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xADADE66D5AE9CB01
  51. BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
  52. BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
  53. BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
  54. BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
  55. DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
  56. DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
  57. DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
  58. DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
  59. DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
  60. DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
  61. Tcpip\Parameters: [DhcpNameServer] 10.3.2.11 10.3.2.12
  62.  
  63. FireFox:
  64. ========
  65. FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
  66. FF Plugin: @microsoft.com/GENUINE -> disabled No File
  67. FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  68. FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  69. FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
  70. FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
  71. FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  72.  
  73. Chrome:
  74. =======
  75. CHR HomePage: Default -> hxxp://www.google.com/
  76. CHR StartupUrls: Default -> "hxxp://www.google.com/"
  77. CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\gcswf32.dll No File
  78. CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
  79. CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  80. CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  81. CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
  82. CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
  83. CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll ()
  84. CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
  85. CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
  86. CHR Plugin: (Default Plug-in) - default_plugin No File
  87. CHR Profile: C:\Users\Hamid Sabovic\AppData\Local\Google\Chrome\User Data\Default
  88. CHR Extension: (Entanglement Web App) - C:\Users\Hamid Sabovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-05-04]
  89. CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hamid Sabovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
  90. CHR Extension: (Avira Browser Safety) - C:\Users\Hamid Sabovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-31]
  91. CHR Extension: (Poppit!) - C:\Users\Hamid Sabovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-05-04]
  92. CHR Extension: (Google Wallet) - C:\Users\Hamid Sabovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-12]
  93.  
  94. ========================== Services (Whitelisted) =================
  95.  
  96. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  97.  
  98. R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
  99. S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [142336 2010-04-12] (HP) [File not signed]
  100. S3 IDriverT; C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
  101. R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-01-24] (Hewlett-Packard Company) [File not signed]
  102. R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2012-02-08] (Hewlett-Packard) [File not signed]
  103. R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2012-02-08] (Hewlett-Packard) [File not signed]
  104. S3 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-11-01] (MicroVision Development, Inc.) [File not signed]
  105.  
  106. ==================== Drivers (Whitelisted) ====================
  107.  
  108. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  109.  
  110. S3 HPFXBULKLEDM; C:\Windows\System32\drivers\hppcbulkio.sys [20504 2010-04-22] (Hewlett Packard)
  111. S3 HPFXFAX; C:\Windows\System32\drivers\hppcfaxio.sys [21528 2010-04-22] (Hewlett Packard)
  112. R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
  113. R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36528 2006-07-24] (Sonic Solutions) [File not signed]
  114.  
  115. ==================== NetSvcs (Whitelisted) ===================
  116.  
  117.  
  118. (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
  119.  
  120.  
  121. ==================== One Month Created Files and Folders ========
  122.  
  123. (If an entry is included in the fixlist, the file\folder will be moved.)
  124.  
  125. 2014-10-31 13:59 - 2014-10-31 13:59 - 00019320 _____ () C:\Users\Hamid Sabovic\Desktop\Addition.txt
  126. 2014-10-31 13:59 - 2014-10-31 13:59 - 00014354 _____ () C:\Users\Hamid Sabovic\Desktop\FRST.txt
  127. 2014-10-31 13:55 - 2014-10-31 13:57 - 00019320 _____ () C:\Users\Hamid Sabovic\Downloads\Addition.txt
  128. 2014-10-31 13:53 - 2014-10-31 14:06 - 00009263 _____ () C:\Users\Hamid Sabovic\Downloads\FRST.txt
  129. 2014-10-31 13:53 - 2014-10-31 14:05 - 00000000 ____D () C:\FRST
  130. 2014-10-31 13:52 - 2014-10-31 13:52 - 01105408 _____ (Farbar) C:\Users\Hamid Sabovic\Downloads\FRST.exe
  131. 2014-10-31 13:48 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
  132. 2014-10-31 13:46 - 2014-10-31 13:46 - 00000380 _____ () C:\DelFix.txt
  133. 2014-10-31 13:43 - 2014-10-31 13:43 - 01375089 ____N () C:\Users\Hamid Sabovic\Downloads\AdwCleaner.exe
  134. 2014-10-31 13:22 - 2014-10-31 13:22 - 00001091 _____ () C:\Users\Public\Desktop\Avira.lnk
  135. 2014-10-31 13:22 - 2014-10-31 13:22 - 00000000 ____D () C:\ProgramData\Package Cache
  136. 2014-10-31 13:22 - 2014-10-31 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
  137. 2014-10-31 13:22 - 2014-10-31 13:22 - 00000000 ____D () C:\ProgramData\Avira
  138. 2014-10-31 13:22 - 2014-10-31 13:22 - 00000000 ____D () C:\Program Files\Avira
  139. 2014-10-31 11:34 - 2014-10-31 14:03 - 00000000 ____D () C:\ProgramData\MCShield
  140. 2014-10-31 11:34 - 2014-10-31 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
  141. 2014-10-31 11:34 - 2014-10-31 11:34 - 00000000 ____D () C:\Program Files\MCShield
  142. 2014-10-30 14:45 - 2014-10-31 11:08 - 00000000 ____D () C:\Users\Hamid Sabovic\Desktop\MB LEASING TRANS 2014 dopuna
  143. 2014-10-30 09:42 - 2014-07-11 19:22 - 04350035 ___SH () C:\Users\Hamid Sabovic\AppData\Roaming\prncnfg.vbs
  144. 2014-10-29 10:33 - 2014-10-30 15:17 - 00000000 ____D () C:\Users\Hamid Sabovic\Desktop\za snimanje brisano sa računara Agencije X 2014
  145. 2014-10-28 08:16 - 2014-10-28 08:16 - 00000516 _____ () C:\Users\Hamid Sabovic\Downloads\statistika cijena.htm
  146. 2014-10-27 08:16 - 2014-10-28 13:17 - 00000000 ____D () C:\Users\Hamid Sabovic\Documents\NALAZ LUKA BAR FAB LIVE 2014
  147. 2014-10-22 06:55 - 2014-10-29 10:56 - 00000000 ____D () C:\Users\Hamid Sabovic\Documents\VDT
  148.  
  149. ==================== One Month Modified Files and Folders =======
  150.  
  151. (If an entry is included in the fixlist, the file\folder will be moved.)
  152.  
  153. 2014-10-31 13:39 - 2009-07-14 05:34 - 00014976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  154. 2014-10-31 13:39 - 2009-07-14 05:34 - 00014976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  155. 2014-10-31 13:38 - 2011-03-23 14:06 - 00726316 _____ () C:\Windows\system32\PerfStringBackup.INI
  156. 2014-10-31 13:34 - 2011-03-23 21:53 - 01190611 _____ () C:\Windows\WindowsUpdate.log
  157. 2014-10-31 13:31 - 2011-04-07 13:40 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  158. 2014-10-31 13:31 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
  159. 2014-10-31 13:31 - 2009-07-14 05:39 - 00111316 _____ () C:\Windows\setupact.log
  160. 2014-10-31 13:07 - 2011-04-07 13:40 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  161. 2014-10-30 15:13 - 2011-10-11 08:17 - 00000000 ____D () C:\ProgramData\Roxio
  162. 2014-10-29 10:51 - 2014-01-13 09:34 - 00000000 ____D () C:\Users\Hamid Sabovic\Documents\2014
  163. 2014-10-29 10:46 - 2013-01-17 14:40 - 00000000 ____D () C:\Users\Hamid Sabovic\Documents\2013
  164. 2014-10-29 10:41 - 2012-01-09 07:33 - 00000000 ____D () C:\Users\Hamid Sabovic\Documents\2012
  165. 2014-10-29 10:34 - 2011-03-23 15:59 - 00000000 ____D () C:\Users\Hamid Sabovic\Documents\2011
  166. 2014-10-29 10:33 - 2013-09-27 08:18 - 00000000 ____D () C:\Users\Hamid Sabovic\Documents\Outlook Files
  167. 2014-10-15 13:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
  168. 2014-10-14 09:21 - 2014-06-16 11:08 - 00000000 ____D () C:\Users\Hamid Sabovic\Documents\BUDZET 2015
  169.  
  170. Some content of TEMP:
  171. ====================
  172. C:\Users\Hamid Sabovic\AppData\Local\Temp\AskSLib.dll
  173. C:\Users\Hamid Sabovic\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
  174. C:\Users\Hamid Sabovic\AppData\Local\Temp\jre-6u38-windows-i586-iftw.exe
  175. C:\Users\Hamid Sabovic\AppData\Local\Temp\ose00000.exe
  176. C:\Users\Hamid Sabovic\AppData\Local\Temp\Quarantine.exe
  177.  
  178.  
  179. ==================== Bamital & volsnap Check =================
  180.  
  181. (There is no automatic fix for files that do not pass verification.)
  182.  
  183. C:\Windows\explorer.exe => File is digitally signed
  184. C:\Windows\system32\winlogon.exe => File is digitally signed
  185. C:\Windows\system32\wininit.exe => File is digitally signed
  186. C:\Windows\system32\svchost.exe => File is digitally signed
  187. C:\Windows\system32\services.exe => File is digitally signed
  188. C:\Windows\system32\User32.dll => File is digitally signed
  189. C:\Windows\system32\userinit.exe => File is digitally signed
  190. C:\Windows\system32\rpcss.dll => File is digitally signed
  191. C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
  192.  
  193.  
  194. LastRegBack: 2014-10-27 11:13
  195.  
  196. ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!