Usporen rad racurana.

1

Usporen rad racurana.

offline
  • Zeljana
  • Pridružio: 12 Sep 2011
  • Poruke: 38

Napisano: 16 Sep 2013 19:16

Od juce mi je usporen racunar...i koci mnogo .. Ne mogu ni da ga skeniram jer bi trajalo 5..6 sati.

Dopuna: 16 Sep 2013 19:42

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2
Run by xxx at 19:23:10 on 2013-09-16
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2038.1145 [GMT 2:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
SP: Kaspersky Anti-Virus *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
C:\Windows\system32\BtwRSupportService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Opera\16.0.1196.73\opera.exe
C:\Program Files\Opera\16.0.1196.73\opera_crashreporter.exe
C:\Program Files\Opera\16.0.1196.73\opera.exe
C:\Program Files\Opera\16.0.1196.73\opera.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Opera\16.0.1196.73\opera.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN40128270763314536&UM=2&ctid=CT2998365
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - c:\program files\kaspersky lab\kaspersky anti-virus 14.0.0\ieext\contentblocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - c:\program files\kaspersky lab\kaspersky anti-virus 14.0.0\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - c:\program files\kaspersky lab\kaspersky anti-virus 14.0.0\ieext\urladvisor\klwtbbho.dll
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Facebook Update] "c:\users\xxx\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SearchProtectAll] c:\program files\searchprotect\bin\cltmng.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Search Protection] c:\programdata\search protection\SearchProtection.exe
dRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - c:\program files\kaspersky lab\kaspersky anti-virus 14.0.0\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 14.0.0\ieext\urladvisor\klwtbbho.dll
TCP: NameServer = 188.124.220.7 79.143.160.20
TCP: Interfaces\{319959D5-B0DA-44FE-9F90-841CF5011044} : DHCPNameServer = 188.124.220.7 79.143.160.20
TCP: Interfaces\{319959D5-B0DA-44FE-9F90-841CF5011044}\5525F435 : DHCPNameServer = 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="c:\program files\opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2013-09-16 12:26:40 -------- d-----w- c:\users\xxx\appdata\local\Opera Software
2013-09-16 12:26:38 -------- d-----w- c:\users\xxx\appdata\roaming\Opera Software
2013-09-16 01:22:27 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{999c1b02-5da7-4124-a85b-f78a0064b3e6}\offreg.dll
2013-09-16 00:12:14 -------- d-----w- c:\windows\ELAMBKUP
2013-09-16 00:12:08 -------- d-----w- c:\programdata\Kaspersky Lab
2013-09-16 00:12:08 -------- d-----w- c:\program files\Kaspersky Lab
2013-09-16 00:11:54 94304 ----a-w- c:\windows\system32\drivers\klflt.sys
2013-09-06 20:06:29 -------- d-----w- c:\users\xxx\appdata\local\avgchrome
2013-09-06 20:05:26 -------- d-----w- c:\users\xxx\appdata\roaming\7go
2013-09-06 20:04:38 -------- d-----w- c:\users\xxx\appdata\roaming\SpeedAnalysis3
2013-09-06 20:04:36 -------- d-----w- c:\programdata\IBUpdaterService
2013-09-06 20:04:34 -------- d-----w- c:\users\xxx\appdata\roaming\SeeSimilar02
2013-09-06 20:04:34 -------- d-----w- c:\users\xxx\appdata\roaming\File Scout
2013-08-31 04:46:07 -------- d-----w- c:\users\xxx\appdata\roaming\LavasoftStatistics
2013-08-31 04:30:50 -------- d-----w- c:\programdata\Downloaded Installations
2013-08-31 04:30:23 -------- d-----w- c:\program files\Lavasoft
2013-08-31 04:06:03 44424 ----a-w- c:\windows\system32\sbbd.exe
2013-08-31 04:06:03 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-08-27 21:07:30 70656 ----a-w- c:\windows\system32\fontsub.dll
2013-08-27 21:07:30 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-08-27 21:07:30 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-08-27 20:37:16 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-08-27 20:37:16 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-08-27 20:37:16 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-08-27 20:36:02 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-08-27 20:36:02 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-08-27 20:36:02 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-08-27 20:36:02 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-08-27 20:36:00 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-08-27 20:36:00 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-08-27 20:36:00 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-08-27 20:35:10 5120 ----a-w- c:\windows\system32\wmi.dll
2013-08-27 20:35:10 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-08-27 20:35:10 159232 ----a-w- c:\windows\system32\imagehlp.dll
2013-08-27 20:21:58 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-08-27 20:20:37 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-08-27 17:16:11 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-08-27 17:16:09 1328128 ----a-w- c:\windows\system32\quartz.dll
2013-08-27 17:10:29 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-08-27 12:20:20 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-27 12:20:20 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-27 12:20:19 69632 ----a-w- c:\windows\system32\smss.exe
2013-08-27 12:20:19 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-08-27 12:20:19 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-27 12:20:17 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-08-27 12:20:06 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-08-27 12:20:05 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-08-27 12:20:04 708608 ----a-w- c:\program files\common files\system\wab32.dll
2013-08-27 12:18:50 67072 ----a-w- c:\windows\system32\packager.dll
2013-08-27 12:18:49 805376 ----a-w- c:\windows\system32\cdosys.dll
2013-08-27 12:18:49 57344 ----a-w- c:\program files\common files\system\ado\msador15.dll
2013-08-27 12:18:49 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2013-08-27 12:18:49 1019904 ----a-w- c:\program files\common files\system\ado\msado15.dll
2013-08-27 12:18:48 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll
2013-08-27 12:18:48 212992 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2013-08-27 12:18:48 143360 ----a-w- c:\program files\common files\system\ado\msjro.dll
2013-08-27 12:18:38 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2013-08-27 12:18:37 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-27 12:18:36 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2013-08-27 12:18:36 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-08-27 12:18:35 509440 ----a-w- c:\windows\system32\qedit.dll
2013-08-27 12:17:28 -------- d-----w- c:\program files\CONEXANT
2013-08-27 12:11:42 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2013-08-27 12:10:59 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2013-08-27 12:10:02 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-27 12:07:13 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-08-27 12:07:13 1796096 ----a-w- c:\windows\system32\authui.dll
2013-08-27 12:07:13 101720 ----a-w- c:\windows\system32\consent.exe
2013-08-27 11:51:43 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-08-27 11:50:28 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-08-27 11:50:28 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-08-27 11:50:28 247808 ----a-w- c:\windows\system32\schannel.dll
2013-08-27 11:50:28 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-08-27 11:50:28 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-08-27 11:50:27 22528 ----a-w- c:\windows\system32\lsass.exe
2013-08-27 11:50:27 22016 ----a-w- c:\windows\system32\secur32.dll
2013-08-27 11:50:27 15872 ----a-w- c:\windows\system32\sspisrv.dll
2013-08-27 11:50:27 100352 ----a-w- c:\windows\system32\sspicli.dll
2013-08-27 11:50:19 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-08-27 11:15:40 -------- d-----w- c:\windows\Snapshot
2013-08-27 11:13:41 -------- d-----w- C:\DRIVERS
2013-08-22 08:32:59 -------- d-----w- c:\program files\GreenTree Applications
.
==================== Find3M ====================
.
2013-09-14 10:57:29 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-14 10:57:28 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-09 18:02:12 60120 ----a-w- c:\windows\system32\btwdi.dll
2013-08-09 18:02:12 174936 ----a-w- c:\windows\system32\drivers\bcbtums.sys
2013-08-09 18:02:12 1678040 ----a-w- c:\windows\system32\BtwRSupportService.exe
2013-08-09 18:02:12 1640152 ----a-w- c:\windows\system32\BcmBtRSupport.dll
2013-08-09 18:02:12 144600 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2013-07-30 07:17:20 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-07-25 08:57:27 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-19 01:41:01 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-09 04:52:10 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 04:50:42 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 04:46:31 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-06 19:45:04 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-06 19:45:04 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-06 19:45:04 789416 ----a-w- c:\windows\system32\deployJava1.dll
.
============= FINISH: 19:37:12.13 ===============

Dopuna: 16 Sep 2013 19:43

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt




********************




Preuzmi FRST - (Farbar Recovery Scan Tool) i sacuvaj ga na Desktop

Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom.


Dvoklikom pokreni FRST;
Kada se alat startuje, klikni Yes na disclaimer.
Klikni na dugme Scan;
Alat ce kreirati izvestaj (FRST.txt) u isti direktorijum gde je i FRST.exe sacuvan.
Iskopiraj sadrzaj tog loga u poruku.
Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvestaj (Addition.txt). Taj izvestaj okaci u poruku koristeci opciju "Prikaci file".

offline
  • Zeljana
  • Pridružio: 12 Sep 2011
  • Poruke: 38

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Odradi i FRST scan.

offline
  • Zeljana
  • Pridružio: 12 Sep 2011
  • Poruke: 38

Napisano: 16 Sep 2013 20:28

Pokrenula sam FRST skeniranje i sad je zakocilo...Hocu ponovo ..pokrenuti ?

Dopuna: 16 Sep 2013 20:29

Evo pokrenulo se opet..ok je Very Happy

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Napisano: 16 Sep 2013 20:29

Pokreni ponovo, ako zakoci javi mi.

Dopuna: 16 Sep 2013 20:30

OK, nastavi...

offline
  • Zeljana
  • Pridružio: 12 Sep 2011
  • Poruke: 38

Napisano: 16 Sep 2013 20:59

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-09-2013
Ran by xxx (administrator) on XXX-PC on 16-09-2013 20:22:01
Running from C:\Users\xxx\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Opera Software) C:\Program Files\Opera\16.0.1196.73\opera.exe
() C:\Program Files\Opera\16.0.1196.73\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files\Opera\16.0.1196.73\opera.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Search Protection] - C:\ProgramData\Search Protection\SearchProtection.exe
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19873896 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Facebook Update] - C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-11] (Facebook Inc.)

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {3EDE5794-D27F-4D25-A2EE-59081927B862} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2998365&CUI=UN40128270763314536&UM=2
SearchScopes: HKCU - {C6288B7E-7FEB-4589-8F3B-840E81B98026} URL = search.yahoo.com/search?fr=chr-greentree_ie.....=407453&p={searchTerms}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 188.124.220.7 79.143.160.20

FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\40vgyt8a.default
FF DefaultSearchEngine: SecureSearch
FF SelectedSearchEngine: SecureSearch
FF Homepage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=41D56EFDA63FD0C34368BF52236B7743
FF Keyword.URL: hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=bs&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\xxx\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\adawaretb.xml
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "https://www.google.ba/webhp?source=search_app&gws_rd=cr&ei=GaonUpLvJZHIsgaLg4GwCg#q=Opstruktivna+bolest+pluca+lijecenje+biljem"
CHR DefaultSearchURL: (SecureSearch) - securedsearch2.lavasoft.com/results.php?pr=.....&ent=ch&q={searchTerms}
CHR DefaultSuggestURL: (SecureSearch) - "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\14.0.0.4651_0
CHR Extension: (Dangerous Websites Blocker) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0
CHR Extension: (Virtual Keyboard) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\14.0.0.4651_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx
CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx

========================== Services (Whitelisted) =================

R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-06-17] (Kaspersky Lab ZAO)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [1678040 2013-08-09] (Broadcom Corporation.)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [174936 2013-08-09] (Broadcom Corporation.)
S3 btwampfl; C:\Windows\System32\DRIVERS\btwampfl.sys [144600 2013-08-09] (Broadcom Corporation.)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-08-31] (GFI Software)
R3 HdAudAddService; C:\Windows\System32\drivers\CHDART.sys [160768 2007-05-24] (Conexant Systems Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2013-05-06] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [573536 2013-08-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-06-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-05-05] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-05-05] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145120 2013-06-06] (Kaspersky Lab ZAO)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-07-30] ()
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [94304 2013-06-08] (Kaspersky Lab ZAO)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-16 20:21 - 2013-09-16 20:21 - 00000000 ____D C:\FRST
2013-09-16 20:20 - 2013-09-16 20:20 - 01084083 _____ (Farbar) C:\Users\xxx\Downloads\FRST.exe
2013-09-16 20:17 - 2013-09-16 20:17 - 00009914 _____ C:\Users\xxx\Desktop\AdwCleaner[S0].txt
2013-09-16 20:06 - 2013-09-16 20:15 - 00000000 ____D C:\AdwCleaner
2013-09-16 20:02 - 2013-09-16 20:02 - 01039554 _____ C:\Users\xxx\Downloads\AdwCleaner.exe
2013-09-16 19:47 - 2013-09-16 19:47 - 00001502 _____ C:\Users\xxx\Downloads\258040_868503456_attach.txt
2013-09-16 19:38 - 2013-09-16 19:38 - 00001502 _____ C:\Users\xxx\Desktop\attach.txt
2013-09-16 19:38 - 2013-09-16 19:37 - 00012933 _____ C:\Users\xxx\Desktop\dds.txt
2013-09-16 19:19 - 2013-09-16 19:21 - 00688992 _____ (Swearware) C:\Users\xxx\Downloads\dds (1).scr
2013-09-16 19:16 - 2013-09-16 19:19 - 00688992 ____R (Swearware) C:\Users\xxx\Downloads\dds.scr
2013-09-16 14:26 - 2013-09-16 14:26 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Opera Software
2013-09-16 14:26 - 2013-09-16 14:26 - 00000000 ____D C:\Users\xxx\AppData\Local\Opera Software
2013-09-16 14:25 - 2013-09-16 14:25 - 00001087 _____ C:\Users\Public\Desktop\Opera.lnk
2013-09-16 14:25 - 2013-09-16 14:25 - 00000000 ____D C:\Program Files\Opera
2013-09-16 02:13 - 2013-09-16 02:12 - 00001059 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2013-09-16 02:12 - 2013-09-16 20:38 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-16 02:12 - 2013-09-16 02:12 - 00000000 ____D C:\Windows\ELAMBKUP
2013-09-16 02:12 - 2013-09-16 02:12 - 00000000 ____D C:\Program Files\Kaspersky Lab
2013-09-16 02:11 - 2013-08-23 15:27 - 00573536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-09-16 02:11 - 2013-06-08 20:18 - 00094304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2013-09-16 01:22 - 2013-09-16 01:22 - 00000000 ____D C:\Users\xxx\AppData\Roaming\InstallShield
2013-09-16 00:47 - 2013-09-16 00:47 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-09-15 23:34 - 2013-09-16 14:03 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-15 12:31 - 2013-09-15 12:31 - 00000000 _____ C:\Windows\system32\SBRC.dat
2013-09-06 22:06 - 2013-09-06 22:06 - 00000000 ____D C:\Users\xxx\AppData\Local\avgchrome
2013-09-06 22:04 - 2013-09-06 22:04 - 00001284 _____ C:\Users\xxx\Desktop\SeeSimilar02.lnk
2013-09-06 22:04 - 2013-09-06 22:04 - 00000000 ____D C:\Users\xxx\AppData\Roaming\SpeedAnalysis3
2013-08-31 10:34 - 2013-09-16 20:24 - 00270840 _____ C:\Windows\setupact.log
2013-08-31 10:34 - 2013-08-31 10:34 - 00000000 _____ C:\Windows\setuperr.log
2013-08-31 06:46 - 2013-08-31 06:46 - 00000000 ____D C:\Users\xxx\AppData\Roaming\LavasoftStatistics
2013-08-31 06:30 - 2013-09-15 17:07 - 00000000 ____D C:\Program Files\Lavasoft
2013-08-31 06:30 - 2013-08-31 06:30 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-08-31 06:06 - 2013-08-31 06:06 - 00044424 _____ (GFI Software) C:\Windows\system32\sbbd.exe
2013-08-31 06:06 - 2013-08-31 06:06 - 00013560 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-08-29 10:27 - 2013-08-29 10:27 - 00000000 ____D C:\Windows\Sun
2013-08-27 23:16 - 2013-08-27 23:16 - 00001413 _____ C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-27 23:07 - 2012-12-16 16:13 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-08-27 23:07 - 2012-12-16 16:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-08-27 23:07 - 2010-09-30 08:47 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-08-27 22:37 - 2012-07-26 05:39 - 00526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-08-27 22:37 - 2012-07-26 05:39 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-08-27 22:37 - 2012-07-26 04:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-08-27 22:37 - 2012-06-02 16:34 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-08-27 22:36 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-08-27 22:36 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-08-27 22:36 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-08-27 22:36 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-08-27 22:36 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-08-27 22:36 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-08-27 22:36 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-08-27 22:36 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-08-27 22:35 - 2012-03-01 07:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2013-08-27 22:35 - 2012-03-01 07:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-08-27 22:35 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2013-08-27 22:32 - 2013-08-27 22:34 - 00003559 _____ C:\Windows\IE9_main.log
2013-08-27 22:22 - 2013-08-27 22:22 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-27 22:22 - 2013-08-27 22:22 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-27 22:22 - 2013-08-27 22:22 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-08-27 22:22 - 2013-08-27 22:22 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00745472 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-08-27 22:22 - 2013-08-27 22:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00242200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-08-27 22:22 - 2013-08-27 22:22 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-08-27 22:21 - 2013-08-27 22:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-08-27 22:20 - 2013-08-27 22:20 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-08-27 22:19 - 2013-08-27 22:24 - 00011384 _____ C:\Windows\IE10_main.log
2013-08-27 19:16 - 2013-06-05 05:05 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-08-27 19:16 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2013-08-27 19:10 - 2013-04-17 09:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-08-27 14:21 - 2013-09-16 01:27 - 00000000 ____D C:\Windows\Options
2013-08-27 14:21 - 2013-08-28 14:02 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-27 14:21 - 2013-08-28 14:02 - 00000000 ____D C:\Windows\BisonCam
2013-08-27 14:21 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-27 14:21 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-27 14:21 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-27 14:21 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-27 14:21 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-27 14:21 - 2013-04-12 15:45 - 01211752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-08-27 14:21 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-08-27 14:21 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2013-08-27 14:21 - 2011-04-29 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2013-08-27 14:21 - 2011-04-29 04:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2013-08-27 14:21 - 2011-04-29 04:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2013-08-27 14:20 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-27 14:20 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-27 14:20 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-27 14:20 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-08-27 14:20 - 2013-03-19 06:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-08-27 14:20 - 2013-03-19 04:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-08-27 14:20 - 2013-01-24 06:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-08-27 14:20 - 2012-04-28 05:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-08-27 14:19 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-08-27 14:19 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-08-27 14:19 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-08-27 14:19 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-08-27 14:19 - 2012-10-03 18:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2013-08-27 14:19 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2013-08-27 14:19 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-08-27 14:19 - 2012-10-03 18:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2013-08-27 14:19 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2013-08-27 14:19 - 2012-10-03 18:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-08-27 14:19 - 2012-10-03 17:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-08-27 14:19 - 2012-08-21 22:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2013-08-27 14:19 - 2012-06-06 07:05 - 01236992 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-08-27 14:19 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-08-27 14:19 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2013-08-27 14:19 - 2011-05-24 12:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2013-08-27 14:19 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2013-08-27 14:19 - 2010-06-26 05:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2013-08-27 14:18 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-27 14:18 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-08-27 14:18 - 2013-01-03 07:04 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-08-27 14:18 - 2012-08-22 19:16 - 00240496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-08-27 14:18 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2013-08-27 14:18 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2013-08-27 14:18 - 2011-02-12 07:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2013-08-27 14:17 - 2013-08-27 14:17 - 00000000 ____D C:\Program Files\CONEXANT
2013-08-27 14:12 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-27 14:12 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-08-27 14:12 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-08-27 14:12 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-08-27 14:12 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-08-27 14:12 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-08-27 14:12 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-08-27 14:12 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-08-27 14:12 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-08-27 14:12 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-08-27 14:12 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-08-27 14:12 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-08-27 14:12 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-08-27 14:12 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-08-27 14:12 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-08-27 14:12 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-08-27 14:12 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-08-27 14:12 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2013-08-27 14:11 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-27 14:11 - 2012-05-14 06:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-08-27 14:11 - 2012-05-01 06:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-08-27 14:11 - 2012-04-26 06:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2013-08-27 14:11 - 2012-04-26 06:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2013-08-27 14:11 - 2012-04-26 06:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2013-08-27 14:11 - 2012-03-17 09:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-08-27 14:11 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2013-08-27 14:11 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2013-08-27 14:11 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2013-08-27 14:11 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2013-08-27 14:11 - 2011-02-23 06:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2013-08-27 14:10 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-27 14:10 - 2011-04-22 21:14 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2013-08-27 14:07 - 2013-02-27 07:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-08-27 14:07 - 2013-02-27 06:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-08-27 14:07 - 2013-02-27 06:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-08-27 14:07 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-08-27 14:07 - 2013-02-27 06:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-08-27 13:54 - 2012-08-23 16:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-08-27 13:54 - 2012-08-23 16:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-08-27 13:54 - 2012-08-23 16:41 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-08-27 13:54 - 2012-08-23 16:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-08-27 13:54 - 2012-08-23 16:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-08-27 13:54 - 2012-08-23 16:10 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-08-27 13:54 - 2012-08-23 15:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-08-27 13:54 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-08-27 13:54 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-08-27 13:54 - 2012-08-23 15:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-08-27 13:54 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-08-27 13:54 - 2012-08-23 13:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-08-27 13:54 - 2012-08-23 13:32 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-08-27 13:54 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-08-27 13:54 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-08-27 13:54 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-08-27 13:54 - 2012-08-23 12:08 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-08-27 13:54 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-08-27 13:51 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-27 13:51 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-08-27 13:51 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-08-27 13:51 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-08-27 13:51 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-08-27 13:51 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-08-27 13:51 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-08-27 13:51 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-08-27 13:51 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-08-27 13:51 - 2013-01-13 22:30 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-08-27 13:51 - 2013-01-13 22:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-08-27 13:51 - 2013-01-13 22:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-08-27 13:51 - 2013-01-13 22:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-08-27 13:51 - 2013-01-13 22:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-08-27 13:51 - 2013-01-13 21:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-08-27 13:51 - 2013-01-13 21:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-08-27 13:51 - 2013-01-13 21:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-08-27 13:51 - 2013-01-13 21:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-08-27 13:51 - 2013-01-13 21:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-08-27 13:51 - 2013-01-13 21:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-08-27 13:51 - 2013-01-13 21:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-08-27 13:51 - 2013-01-13 20:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-08-27 13:51 - 2013-01-13 19:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-08-27 13:51 - 2013-01-04 08:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-08-27 13:50 - 2012-08-24 19:05 - 00136560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-08-27 13:50 - 2012-08-24 19:02 - 00369856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-08-27 13:50 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-08-27 13:50 - 2012-08-24 18:56 - 01039360 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-08-27 13:50 - 2012-06-02 06:45 - 00067440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-08-27 13:50 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-08-27 13:50 - 2011-11-17 07:34 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-08-27 13:50 - 2011-11-17 07:34 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-08-27 13:50 - 2011-11-17 07:34 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-08-27 13:50 - 2011-11-17 07:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-08-27 13:15 - 2013-08-27 13:15 - 00000000 ____D C:\Windows\Snapshot
2013-08-22 10:32 - 2013-08-22 10:32 - 00000000 ____D C:\Program Files\GreenTree Applications

==================== One Month Modified Files and Folders =======

2013-09-16 20:38 - 2013-09-16 02:12 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-16 20:30 - 2013-06-28 16:14 - 01835697 _____ C:\Windows\WindowsUpdate.log
2013-09-16 20:24 - 2013-08-31 10:34 - 00270840 _____ C:\Windows\setupact.log
2013-09-16 20:24 - 2009-07-14 06:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-16 20:24 - 2009-07-14 06:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-16 20:21 - 2013-09-16 20:21 - 00000000 ____D C:\FRST
2013-09-16 20:21 - 2010-11-20 23:01 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-16 20:20 - 2013-09-16 20:20 - 01084083 _____ (Farbar) C:\Users\xxx\Downloads\FRST.exe
2013-09-16 20:17 - 2013-09-16 20:17 - 00009914 _____ C:\Users\xxx\Desktop\AdwCleaner[S0].txt
2013-09-16 20:17 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-16 20:15 - 2013-09-16 20:06 - 00000000 ____D C:\AdwCleaner
2013-09-16 20:05 - 2013-07-06 22:46 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2013-09-16 20:02 - 2013-09-16 20:02 - 01039554 _____ C:\Users\xxx\Downloads\AdwCleaner.exe
2013-09-16 19:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-16 19:57 - 2013-07-06 21:57 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-16 19:47 - 2013-09-16 19:47 - 00001502 _____ C:\Users\xxx\Downloads\258040_868503456_attach.txt
2013-09-16 19:38 - 2013-09-16 19:38 - 00001502 _____ C:\Users\xxx\Desktop\attach.txt
2013-09-16 19:37 - 2013-09-16 19:38 - 00012933 _____ C:\Users\xxx\Desktop\dds.txt
2013-09-16 19:21 - 2013-09-16 19:19 - 00688992 _____ (Swearware) C:\Users\xxx\Downloads\dds (1).scr
2013-09-16 19:19 - 2013-09-16 19:16 - 00688992 ____R (Swearware) C:\Users\xxx\Downloads\dds.scr
2013-09-16 18:40 - 2013-07-11 21:35 - 00000920 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2884846304-444100474-2377454140-1000UA.job
2013-09-16 14:30 - 2009-07-14 06:53 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-16 14:26 - 2013-09-16 14:26 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Opera Software
2013-09-16 14:26 - 2013-09-16 14:26 - 00000000 ____D C:\Users\xxx\AppData\Local\Opera Software
2013-09-16 14:25 - 2013-09-16 14:25 - 00001087 _____ C:\Users\Public\Desktop\Opera.lnk
2013-09-16 14:25 - 2013-09-16 14:25 - 00000000 ____D C:\Program Files\Opera
2013-09-16 14:15 - 2013-07-30 10:47 - 00017920 _____ C:\Windows\DPINST.LOG
2013-09-16 14:14 - 2013-07-06 21:43 - 00000000 ____D C:\Program Files\Google
2013-09-16 14:03 - 2013-09-15 23:34 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-16 03:01 - 2013-07-06 21:56 - 00002503 _____ C:\Users\Public\Desktop\Skype.lnk
2013-09-16 03:01 - 2013-07-06 21:56 - 00000000 ____D C:\ProgramData\Skype
2013-09-16 02:27 - 2010-11-20 23:48 - 00113208 _____ C:\Windows\PFRO.log
2013-09-16 02:12 - 2013-09-16 02:13 - 00001059 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2013-09-16 02:12 - 2013-09-16 02:12 - 00000000 ____D C:\Windows\ELAMBKUP
2013-09-16 02:12 - 2013-09-16 02:12 - 00000000 ____D C:\Program Files\Kaspersky Lab
2013-09-16 01:27 - 2013-08-27 14:21 - 00000000 ____D C:\Windows\Options
2013-09-16 01:26 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\twain_32
2013-09-16 01:22 - 2013-09-16 01:22 - 00000000 ____D C:\Users\xxx\AppData\Roaming\InstallShield
2013-09-16 00:47 - 2013-09-16 00:47 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-09-15 21:40 - 2013-07-11 21:35 - 00000898 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2884846304-444100474-2377454140-1000Core.job
2013-09-15 17:07 - 2013-08-31 06:30 - 00000000 ____D C:\Program Files\Lavasoft
2013-09-15 12:31 - 2013-09-15 12:31 - 00000000 _____ C:\Windows\system32\SBRC.dat
2013-09-14 12:57 - 2013-07-06 21:57 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-14 12:57 - 2013-07-06 21:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-06 22:06 - 2013-09-06 22:06 - 00000000 ____D C:\Users\xxx\AppData\Local\avgchrome
2013-09-06 22:04 - 2013-09-06 22:04 - 00001284 _____ C:\Users\xxx\Desktop\SeeSimilar02.lnk
2013-09-06 22:04 - 2013-09-06 22:04 - 00000000 ____D C:\Users\xxx\AppData\Roaming\SpeedAnalysis3
2013-09-04 08:19 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-09-01 08:47 - 2013-07-06 21:59 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-08-31 10:34 - 2013-08-31 10:34 - 00000000 _____ C:\Windows\setuperr.log
2013-08-31 06:46 - 2013-08-31 06:46 - 00000000 ____D C:\Users\xxx\AppData\Roaming\LavasoftStatistics
2013-08-31 06:31 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-08-31 06:30 - 2013-08-31 06:30 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-08-31 06:06 - 2013-08-31 06:06 - 00044424 _____ (GFI Software) C:\Windows\system32\sbbd.exe
2013-08-31 06:06 - 2013-08-31 06:06 - 00013560 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-08-29 10:27 - 2013-08-29 10:27 - 00000000 ____D C:\Windows\Sun
2013-08-29 01:40 - 2013-07-07 22:32 - 00064024 _____ C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-28 22:49 - 2009-07-14 06:33 - 00294440 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-28 14:02 - 2013-08-27 14:21 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-28 14:02 - 2013-08-27 14:21 - 00000000 ____D C:\Windows\BisonCam
2013-08-28 14:02 - 2009-07-14 04:37 - 00000000 __RSD C:\Windows\Media
2013-08-27 23:16 - 2013-08-27 23:16 - 00001413 _____ C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-27 23:12 - 2010-11-21 02:47 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-27 23:12 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System
2013-08-27 23:11 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-27 22:34 - 2013-08-27 22:32 - 00003559 _____ C:\Windows\IE9_main.log
2013-08-27 22:24 - 2013-08-27 22:19 - 00011384 _____ C:\Windows\IE10_main.log
2013-08-27 22:22 - 2013-08-27 22:22 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-27 22:22 - 2013-08-27 22:22 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-27 22:22 - 2013-08-27 22:22 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-08-27 22:22 - 2013-08-27 22:22 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00745472 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-08-27 22:22 - 2013-08-27 22:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00242200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-08-27 22:22 - 2013-08-27 22:22 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-08-27 22:22 - 2013-08-27 22:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-08-27 22:22 - 2013-08-27 22:22 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-08-27 22:21 - 2013-08-27 22:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-08-27 22:20 - 2013-08-27 22:20 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-08-27 19:16 - 2009-07-14 04:04 - 00000646 _____ C:\Windows\win.ini
2013-08-27 14:23 - 2013-07-07 00:59 - 00020990 _____ C:\Windows\KernelMessage
2013-08-27 14:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system
2013-08-27 14:17 - 2013-08-27 14:17 - 00000000 ____D C:\Program Files\CONEXANT
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-TW
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-HK
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-CN
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\tr-TR
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sv-SE
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ru-RU
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-BR
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nl-NL
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nb-NO
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ko-KR
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ja-JP
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hu-HU
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fi-FI
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\el-GR
2013-08-27 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-27 13:15 - 2013-08-27 13:15 - 00000000 ____D C:\Windows\Snapshot
2013-08-27 12:57 - 2013-07-30 11:27 - 00000000 ____D C:\Users\xxx\AppData\Roaming\TeamViewer
2013-08-23 15:27 - 2013-09-16 02:11 - 00573536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-08-22 10:32 - 2013-08-22 10:32 - 00000000 ____D C:\Program Files\GreenTree Applications

Some content of TEMP:
====================
C:\Users\xxx\AppData\Local\Temp\Quarantine.exe
C:\Users\xxx\AppData\Local\Temp\_isA757.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 04:59

==================== End Of Log ============================

Dopuna: 16 Sep 2013 21:00

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Otvori Notepad i iskopiraj sledeći tekst koji se nalazi unutar osenčenog prostora.


Start
HKLM\...\Run: [Search Protection] - C:\ProgramData\Search Protection\SearchProtection.exe
C:\ProgramData\Search Protection\SearchProtection.exe
SearchScopes: HKCU - {3EDE5794-D27F-4D25-A2EE-59081927B862} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2998365&CUI=UN40128270763314536&UM=2
FF Homepage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=41D56EFDA63FD0C34368BF52236B7743
FF Keyword.URL: hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=bs&q=
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\adawaretb.xml
CHR DefaultSearchURL: (SecureSearch) - http://securedsearch2.lavasoft.com/results.php?pr=.....&ent=ch&q={searchTerms}
CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx
End


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Potrebno je da fixlog.txt kopiras na forum

offline
  • Zeljana
  • Pridružio: 12 Sep 2011
  • Poruke: 38

Napisano: 16 Sep 2013 21:36

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 16-09-2013
Ran by xxx at 2013-09-16 21:28:55 Run:1
Running from C:\Users\xxx\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [Search Protection] - C:\ProgramData\Search Protection\SearchProtection.exe
C:\ProgramData\Search Protection\SearchProtection.exe
SearchScopes: HKCU - {3EDE5794-D27F-4D25-A2EE-59081927B862} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2998365&CUI=UN40128270763314536&UM=2
FF Homepage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=41D56EFDA63FD0C34368BF52236B7743
FF Keyword.URL: hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=bs&q=
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\adawaretb.xml
CHR DefaultSearchURL: (SecureSearch) - securedsearch2.lavasoft.com/results.php?pr=.....&ent=ch&q={searchTerms}
CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Search Protection => Value deleted successfully.
"C:\ProgramData\Search Protection\SearchProtection.exe " => File/Directory not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3EDE5794-D27F-4D25-A2EE-59081927B862} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3EDE5794-D27F-4D25-A2EE-59081927B862} => Key not found.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
C:\Program Files\mozilla firefox\browser\searchplugins\adawaretb.xml => Moved successfully.
CHR DefaultSearchURL: (SecureSearch) - securedsearch2.lavasoft.com/results.php?pr=.....&ent=ch&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole => Key deleted successfully.
"C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx " => File/Directory not found.

==== End of Fixlog ====

Dopuna: 16 Sep 2013 21:37

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 16-09-2013
Ran by xxx at 2013-09-16 21:28:55 Run:1
Running from C:\Users\xxx\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [Search Protection] - C:\ProgramData\Search Protection\SearchProtection.exe
C:\ProgramData\Search Protection\SearchProtection.exe
SearchScopes: HKCU - {3EDE5794-D27F-4D25-A2EE-59081927B862} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2998365&CUI=UN40128270763314536&UM=2
FF Homepage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=41D56EFDA63FD0C34368BF52236B7743
FF Keyword.URL: hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=bs&q=
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\adawaretb.xml
CHR DefaultSearchURL: (SecureSearch) - securedsearch2.lavasoft.com/results.php?pr=.....&ent=ch&q={searchTerms}
CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Search Protection => Value deleted successfully.
"C:\ProgramData\Search Protection\SearchProtection.exe " => File/Directory not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3EDE5794-D27F-4D25-A2EE-59081927B862} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3EDE5794-D27F-4D25-A2EE-59081927B862} => Key not found.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
C:\Program Files\mozilla firefox\browser\searchplugins\adawaretb.xml => Moved successfully.
CHR DefaultSearchURL: (SecureSearch) - securedsearch2.lavasoft.com/results.php?pr=.....&ent=ch&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole => Key deleted successfully.
"C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx " => File/Directory not found.

==== End of Fixlog ====

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Kakvo je stanje?

Ko je trenutno na forumu
 

Ukupno su 1401 korisnika na forumu :: 36 registrovanih, 4 sakrivenih i 1361 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Ageofloneliness, Arahne, bladesu, celik, cifra, CikaKURE, d bos, Dannyboy, debeli, Dvojac005, Fabius, GandorCC, Georgius, hatman, ILGromovnik, JOntra, kinez88, loon123, Luka Blažević, Lutvo_Redzepagic, Magistar78, mkukoleca, nenaddz, RiV, royst33, Skywhaler, SlaKoj, StefanopuloZ, stegonosa, Trpe Grozni, vathra, Vlada78, vladulns, zixmix, zziko