Facebook i poruka u Inbox-u

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Pozdrav!

Dobila sam poruku na Facebook-u, koju nisam mogla da otvorim... Nisam primijetila probleme u radu laptopa.
Možda nema veze sa porukom, ali Malwarebytes' Anti-Malware je otkrio ove dvije živuljke.



Koristim MCShield, Aviru i povremeno Malwarebytes' Anti-Malware.

Laptop je TOSHIBA Satellite C660-11V, Windows 7 Professional 64-bit. ADSL FL@T 2 - do 2 Mbps/256 kbps. Konektujem se preko Wireless-a, a ruter je ovaj:





Izvještaj FRST.txt ako sam uradila kako treba


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Ljilja (administrator) on LJILJA-PC on 29-05-2014 13:43:01
Running from C:\Users\Ljilja\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Photodex\ProShowGold\scsiaccess.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
HKLM\...\Run: [svchost] => regsvr32 /s "C:\Temp:01EB68DA.dat"
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-13] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\MCShieldRTM.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
AppInit_DLLs: c:\progra~2\settin~1\systemk\x64\syskldr.dll => c:\progra~2\settin~1\systemk\x64\syskldr.dll File Not Found
AppInit_DLLs: c:\progra~2\linkey\ieexte~1\iedll64.dll => c:\progra~2\linkey\ieexte~1\iedll64.dll File Not Found
AppInit_DLLs-x32: c:\progra~2\settin~1\systemk\syskldr.dll => "c:\progra~2\settin~1\systemk\syskldr.dll" File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFC0482445BE7CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.me/
SearchScopes: HKLM - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL =
SearchScopes: HKLM-x32 - {19C1EAB2-CCCF-453C-84BB-2A33BAA36DDF} URL = http://www.globasearch.com/?serie=25&q={searchTerms}
SearchScopes: HKCU - DefaultScope {35D572E1-74D8-4E8C-9B9C-9DBE726E62CC} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=308988252C465FD5&affID=128235&tt=240414_41&tsp=5237
SearchScopes: HKCU - {35D572E1-74D8-4E8C-9B9C-9DBE726E62CC} URL = https://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Ljilja\AppData\Roaming\Mozilla\Firefox\Profiles\rkxgpdqk.default
FF Homepage: https://www.google.me/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.0.0 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.0.0 - C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Ljilja\AppData\Roaming\Mozilla\Firefox\Profiles\rkxgpdqk.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Ljilja\AppData\Roaming\mozilla\plugins\npPxPlay.dll ( )
FF SearchPlugin: C:\Users\Ljilja\AppData\Roaming\Mozilla\Firefox\Profiles\rkxgpdqk.default\searchplugins\buenosearch.xml
FF Extension: EHTip - C:\Users\Ljilja\AppData\Roaming\Mozilla\Firefox\Profiles\rkxgpdqk.default\Extensions\ehtip@robertkatic [2014-05-02]
FF Extension: DownloadHelper - C:\Users\Ljilja\AppData\Roaming\Mozilla\Firefox\Profiles\rkxgpdqk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-29]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Ljilja\AppData\Roaming\Mozilla\Firefox\Profiles\rkxgpdqk.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-02-23]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon

Chrome:
=======
CHR HomePage: hxxp://google.me/
CHR StartupUrls: "hxxp://google.me/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Ljilja\AppData\Roaming\Mozilla\plugins\npoctoshape.dll No File
CHR Plugin: (Photodex Presenter Plugin) - C:\Users\Ljilja\AppData\Roaming\Mozilla\plugins\npPxPlay.dll ( )
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 8) - C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Ace Stream P2P Multimedia Plug-in) - C:\Users\Ljilja\AppData\Roaming\ACEStream\player\npace_plugin.dll No File
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Ljilja\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 8.0.0.33) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (Adblock for Youtube™) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2013-08-27]
CHR Extension: (Google+) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2014-02-21]
CHR Extension: (AdBlock) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-27]
CHR Extension: (EHTip) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbkkdecpgcebkfblliledlcinoeeing [2014-01-22]
CHR Extension: (Google Wallet) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKCU\...\Chrome\Extension: [edflbdjfhpiboilnedfoiepbmcllkedb] - C:\Users\Ljilja\AppData\Local\CRE\edflbdjfhpiboilnedfoiepbmcllkedb.crx [2013-06-25]
CHR HKLM-x32\...\Chrome\Extension: [edflbdjfhpiboilnedfoiepbmcllkedb] - C:\Users\Ljilja\AppData\Local\CRE\edflbdjfhpiboilnedfoiepbmcllkedb.crx [2013-06-25]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-11] (Adobe Systems)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-03-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-13] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-03-13] (Avira Operations GmbH & Co. KG)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2013-12-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe [181312 2013-04-24] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2013-12-18] (Bytemobile, Inc.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-02] (GFI Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [31136 2013-07-14] (REALiX(tm))
R1 QbikHkVista; C:\Windows\System32\DRIVERS\QbikHkVistaamd64.sys [243904 2013-03-07] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2013-12-18] (Bytemobile, Inc.)
U4 vsserv;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-29 13:43 - 2014-05-29 13:43 - 00017194 _____ () C:\Users\Ljilja\Desktop\FRST.txt
2014-05-29 12:26 - 2014-05-29 12:26 - 00000056 _____ () C:\Windows\setupact.log
2014-05-29 12:26 - 2014-05-29 12:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-29 11:15 - 2014-05-29 13:43 - 00000000 ____D () C:\FRST
2014-05-29 11:15 - 2014-05-29 11:15 - 02066944 _____ (Farbar) C:\Users\Ljilja\Desktop\FRST64.exe
2014-05-25 19:57 - 2014-05-25 20:02 - 61199540 _____ () C:\Users\Ljilja\Desktop\Cats and dogs meeting babies for the first time - Cute anima.mp4
2014-05-21 16:09 - 2014-05-29 12:30 - 00068435 _____ () C:\Windows\WindowsUpdate.log
2014-05-19 17:23 - 2014-05-19 17:24 - 10863056 _____ () C:\Users\Ljilja\Desktop\PhotoShop CS5 - tutorijal.mp4
2014-05-16 18:28 - 2014-05-16 18:28 - 14909372 _____ () C:\Users\Ljilja\Desktop\izdvojen cvrkut.wav
2014-05-16 16:52 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 16:52 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 16:52 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 16:52 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 16:52 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 16:52 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 16:51 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-16 15:30 - 2014-05-16 15:31 - 398530480 ____N () C:\Users\Ljilja\Desktop\MVI_2229.MOV
2014-05-16 14:13 - 2014-05-16 14:14 - 00000000 ____D () C:\Users\Ljilja\Downloads\New folder
2014-05-15 13:52 - 2014-05-15 13:52 - 00000000 __SHD () C:\Users\Ljilja\AppData\Local\EmieUserList
2014-05-15 13:52 - 2014-05-15 13:52 - 00000000 __SHD () C:\Users\Ljilja\AppData\Local\EmieSiteList
2014-05-15 13:20 - 2014-05-15 13:20 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-15 13:20 - 2014-05-15 13:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-15 13:20 - 2014-05-15 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-15 13:16 - 2014-05-15 13:16 - 01677440 _____ (Skype Technologies S.A.) C:\Users\Ljilja\Downloads\SkypeSetup.exe
2014-05-15 13:06 - 2014-05-15 13:06 - 00386912 _____ (Softonic ) C:\Users\Ljilja\Downloads\SoftonicDownloader_for_windows-7-service-pack-1.exe
2014-05-15 12:35 - 2014-05-15 12:35 - 00001384 _____ () C:\Users\Ljilja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-15 12:28 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-05-15 12:25 - 2014-05-15 12:25 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-15 12:25 - 2014-05-15 12:25 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-15 12:25 - 2014-05-15 12:25 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-05-15 12:25 - 2014-05-15 12:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-05-15 12:25 - 2014-05-15 12:25 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-05-15 12:25 - 2014-05-15 12:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-05-15 12:25 - 2014-05-15 12:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-05-15 12:25 - 2014-05-15 12:25 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-05-15 12:25 - 2014-05-15 12:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-15 12:22 - 2014-05-15 12:22 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-05-15 12:22 - 2014-05-15 12:22 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-05-15 12:22 - 2014-05-15 12:22 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-05-15 12:22 - 2014-05-15 12:22 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-05-15 12:22 - 2014-05-15 12:22 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-05-15 12:22 - 2014-05-15 12:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-05-15 12:21 - 2014-05-15 12:21 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-15 12:21 - 2014-05-15 12:21 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-05-15 12:21 - 2014-05-15 12:21 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-05-15 11:58 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 11:58 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 11:58 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 11:58 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 11:58 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 11:58 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 11:58 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 11:58 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 11:58 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 11:58 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 11:58 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 11:58 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 11:58 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 11:58 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 11:58 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 11:58 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 11:58 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 11:58 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 11:58 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 11:58 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 11:58 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 11:58 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 11:58 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 11:58 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 11:58 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 11:58 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 11:58 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 11:58 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 11:58 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 11:58 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 11:58 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 11:58 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 11:58 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 11:58 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 11:58 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 11:58 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 11:58 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 11:58 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 11:58 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 11:58 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 11:58 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-15 11:53 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 11:53 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 11:53 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-15 11:53 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-15 11:53 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-15 11:53 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-15 11:52 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-15 11:52 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-15 11:52 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-05-15 11:52 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-15 11:52 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-15 11:52 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-05-15 11:52 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-05-15 11:52 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-05-15 11:52 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-05-15 11:52 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-05-15 11:52 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-05-15 11:52 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-05-15 11:51 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-15 11:51 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-15 11:51 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-15 11:51 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-15 11:51 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-15 11:51 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-15 11:51 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-15 11:51 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-15 11:51 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-15 11:51 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-15 11:51 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-15 11:51 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-05-15 11:51 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-05-15 11:50 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-05-15 11:50 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-13 11:12 - 2014-05-13 11:12 - 00000000 ____D () C:\Users\Ljilja\Documents\Adobe
2014-05-13 02:00 - 2014-05-29 11:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-13 00:24 - 2014-05-13 00:24 - 00000000 ____D () C:\Users\Ljilja\Documents\Updater
2014-05-12 13:44 - 2014-05-12 13:44 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\CANON POWERSHOT SX 230 HS user guide
2014-05-04 15:48 - 2014-05-04 15:48 - 00003136 _____ () C:\Windows\System32\Tasks\YourFile DownloaderUpdate
2014-05-04 15:48 - 2014-05-04 15:48 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\YourFileDownloader
2014-05-04 15:30 - 2014-05-04 15:31 - 05170171 _____ () C:\Users\Ljilja\Desktop\glass_transparent_layer_styles_by_giallo86-d32xc9s.zip
2014-05-04 13:27 - 2014-05-04 14:41 - 00000000 ____D () C:\Users\Ljilja\Downloads\Styles Ps CS2
2014-05-03 11:31 - 2014-05-03 11:31 - 00001002 _____ () C:\Users\Ljilja\Desktop\PhotoScape.lnk
2014-05-03 11:31 - 2014-05-03 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape

==================== One Month Modified Files and Folders =======

2014-05-29 13:43 - 2014-05-29 13:43 - 00017194 _____ () C:\Users\Ljilja\Desktop\FRST.txt
2014-05-29 13:43 - 2014-05-29 11:15 - 00000000 ____D () C:\FRST
2014-05-29 12:58 - 2012-12-23 23:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-29 12:55 - 2012-12-22 21:03 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-29 12:55 - 2012-12-22 21:03 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-29 12:34 - 2009-07-14 06:45 - 00023824 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-29 12:34 - 2009-07-14 06:45 - 00023824 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-29 12:31 - 2009-07-14 07:13 - 00782922 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-29 12:30 - 2014-05-21 16:09 - 00068435 _____ () C:\Windows\WindowsUpdate.log
2014-05-29 12:27 - 2013-08-19 19:16 - 00000000 ____D () C:\ProgramData\MCShield
2014-05-29 12:26 - 2014-05-29 12:26 - 00000056 _____ () C:\Windows\setupact.log
2014-05-29 12:26 - 2014-05-29 12:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-29 12:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-29 11:35 - 2014-05-13 02:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-29 11:15 - 2014-05-29 11:15 - 02066944 _____ (Farbar) C:\Users\Ljilja\Desktop\FRST64.exe
2014-05-29 11:04 - 2013-01-09 23:06 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-05-29 09:07 - 2013-01-06 19:13 - 00067584 ____H () C:\Users\Ljilja\Desktop\photothumb.db
2014-05-28 22:52 - 2012-12-24 00:02 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\Macromedia
2014-05-27 00:24 - 2012-12-22 21:11 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\Skype
2014-05-25 20:02 - 2014-05-25 19:57 - 61199540 _____ () C:\Users\Ljilja\Desktop\Cats and dogs meeting babies for the first time - Cute anima.mp4
2014-05-19 17:24 - 2014-05-19 17:23 - 10863056 _____ () C:\Users\Ljilja\Desktop\PhotoShop CS5 - tutorijal.mp4
2014-05-19 16:39 - 2012-12-27 18:15 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\gtk-2.0
2014-05-19 12:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-17 19:21 - 2014-04-24 20:07 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\Audacity
2014-05-17 13:48 - 2013-01-06 19:55 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\vlc
2014-05-16 18:28 - 2014-05-16 18:28 - 14909372 _____ () C:\Users\Ljilja\Desktop\izdvojen cvrkut.wav
2014-05-16 15:31 - 2014-05-16 15:30 - 398530480 ____N () C:\Users\Ljilja\Desktop\MVI_2229.MOV
2014-05-16 14:14 - 2014-05-16 14:13 - 00000000 ____D () C:\Users\Ljilja\Downloads\New folder
2014-05-16 07:59 - 2012-12-23 23:09 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-16 07:59 - 2012-12-23 23:09 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-16 07:59 - 2012-12-23 23:09 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-15 15:02 - 2014-02-05 20:00 - 00000000 ___RD () C:\Users\Ljilja\Desktop\Svaštara i vicevi
2014-05-15 13:52 - 2014-05-15 13:52 - 00000000 __SHD () C:\Users\Ljilja\AppData\Local\EmieUserList
2014-05-15 13:52 - 2014-05-15 13:52 - 00000000 __SHD () C:\Users\Ljilja\AppData\Local\EmieSiteList
2014-05-15 13:20 - 2014-05-15 13:20 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-15 13:20 - 2014-05-15 13:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-15 13:20 - 2014-05-15 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-15 13:20 - 2012-12-22 21:08 - 00000000 ____D () C:\ProgramData\Skype
2014-05-15 13:16 - 2014-05-15 13:16 - 01677440 _____ (Skype Technologies S.A.) C:\Users\Ljilja\Downloads\SkypeSetup.exe
2014-05-15 13:06 - 2014-05-15 13:06 - 00386912 _____ (Softonic ) C:\Users\Ljilja\Downloads\SoftonicDownloader_for_windows-7-service-pack-1.exe
2014-05-15 12:41 - 2012-12-23 03:58 - 00000000 ____D () C:\Windows\Panther
2014-05-15 12:36 - 2012-12-22 19:05 - 00000000 ___RD () C:\Users\Ljilja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 12:36 - 2012-12-22 19:05 - 00000000 ___RD () C:\Users\Ljilja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 12:35 - 2014-05-15 12:35 - 00001384 _____ () C:\Users\Ljilja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-15 12:35 - 2013-06-04 20:07 - 00000884 __RSH () C:\Users\Ljilja\ntuser.pol
2014-05-15 12:35 - 2012-12-22 19:05 - 00000000 ____D () C:\Users\Ljilja
2014-05-15 12:33 - 2009-07-14 06:45 - 00553624 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-15 12:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-15 12:25 - 2014-05-15 12:25 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-15 12:25 - 2014-05-15 12:25 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-15 12:25 - 2014-05-15 12:25 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-05-15 12:25 - 2014-05-15 12:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-05-15 12:25 - 2014-05-15 12:25 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-05-15 12:25 - 2014-05-15 12:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-05-15 12:25 - 2014-05-15 12:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-05-15 12:25 - 2014-05-15 12:25 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-05-15 12:25 - 2014-05-15 12:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-05-15 12:25 - 2014-05-15 12:25 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-15 12:25 - 2014-05-15 12:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-15 12:22 - 2014-05-15 12:22 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-05-15 12:22 - 2014-05-15 12:22 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-05-15 12:22 - 2014-05-15 12:22 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-05-15 12:22 - 2014-05-15 12:22 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-05-15 12:22 - 2014-05-15 12:22 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-05-15 12:22 - 2014-05-15 12:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-05-15 12:21 - 2014-05-15 12:21 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-15 12:21 - 2014-05-15 12:21 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-05-15 12:21 - 2014-05-15 12:21 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-05-15 12:14 - 2012-12-22 21:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 12:11 - 2013-09-11 23:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-13 11:12 - 2014-05-13 11:12 - 00000000 ____D () C:\Users\Ljilja\Documents\Adobe
2014-05-13 00:24 - 2014-05-13 00:24 - 00000000 ____D () C:\Users\Ljilja\Documents\Updater
2014-05-12 13:46 - 2013-07-20 17:37 - 00000000 ____D () C:\Users\Ljilja\AppData\Local\CrashRpt
2014-05-12 13:44 - 2014-05-12 13:44 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\CANON POWERSHOT SX 230 HS user guide
2014-05-08 12:50 - 2012-12-22 21:03 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 12:50 - 2012-12-22 21:03 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 06:40 - 2014-05-16 16:52 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-16 16:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-16 16:52 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-16 16:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-16 16:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-16 16:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 17:12 - 2013-08-10 23:47 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-04 16:37 - 2014-02-23 21:19 - 00000000 ____D () C:\Users\Ljilja\AppData\Local\CrashDumps
2014-05-04 15:48 - 2014-05-04 15:48 - 00003136 _____ () C:\Windows\System32\Tasks\YourFile DownloaderUpdate
2014-05-04 15:48 - 2014-05-04 15:48 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\YourFileDownloader
2014-05-04 15:31 - 2014-05-04 15:30 - 05170171 _____ () C:\Users\Ljilja\Desktop\glass_transparent_layer_styles_by_giallo86-d32xc9s.zip
2014-05-04 14:41 - 2014-05-04 13:27 - 00000000 ____D () C:\Users\Ljilja\Downloads\Styles Ps CS2
2014-05-03 11:38 - 2012-12-22 21:03 - 00000000 ____D () C:\Users\Ljilja\AppData\Local\Google
2014-05-03 11:38 - 2012-12-22 21:03 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-03 11:31 - 2014-05-03 11:31 - 00001002 _____ () C:\Users\Ljilja\Desktop\PhotoScape.lnk
2014-05-03 11:31 - 2014-05-03 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape

Some content of TEMP:
====================
C:\Users\Ljilja\AppData\Local\Temp\avgnt.exe
C:\Users\Ljilja\AppData\Local\Temp\i4j7061051295411467777.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-19 12:14

==================== End Of Log ============================




Addition.txt izveštaj

https://www.mycity.rs/must-login.png

• 1Ovo se svidja korisniku: Ljilja Hnovi
  
  Registruj se da bi pohvalio/la poruku!

Pozdrav,

Savet: primetih da si koristila msconfig te iskljucila i MCShield RTM (real time modul). Moja je preporuka da drzis MCS aktivan, jer on ne trosi racunarske resurse osim kada detektuje nov USB uredjaj...

Reci mi kako ti se racunar (i fb) ponasa po izvrsenja ove scripte.


1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
File: C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
C:\Temp:01EB68DA.dat
HKLM\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
HKLM\...\Run: [svchost] => regsvr32 /s "C:\Temp:01EB68DA.dat"
HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
AppInit_DLLs: c:\progra~2\settin~1\systemk\x64\syskldr.dll => c:\progra~2\settin~1\systemk\x64\syskldr.dll File Not Found
AppInit_DLLs: c:\progra~2\linkey\ieexte~1\iedll64.dll => c:\progra~2\linkey\ieexte~1\iedll64.dll File Not Found
AppInit_DLLs-x32: c:\progra~2\settin~1\systemk\syskldr.dll => "c:\progra~2\settin~1\systemk\syskldr.dll" File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
SearchScopes: HKLM-x32 - {19C1EAB2-CCCF-453C-84BB-2A33BAA36DDF} URL = http://www.globasearch.com/?serie=25&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=308988252C465FD5&affID=128235&tt=240414_41&tsp=5237
FF SearchPlugin: C:\Users\Ljilja\AppData\Roaming\Mozilla\Firefox\Profiles\rkxgpdqk.default\searchplugins\buenosearch.xml
CHR HKCU\...\Chrome\Extension: [edflbdjfhpiboilnedfoiepbmcllkedb] - C:\Users\Ljilja\AppData\Local\CRE\edflbdjfhpiboilnedfoiepbmcllkedb.crx [2013-06-25]
CHR HKLM-x32\...\Chrome\Extension: [edflbdjfhpiboilnedfoiepbmcllkedb] - C:\Users\Ljilja\AppData\Local\CRE\edflbdjfhpiboilnedfoiepbmcllkedb.crx [2013-06-25]
Hosts:
Task: {1C6A011F-5629-4E72-9C9F-1F15344873AB} - \Funmoods No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:A8ADE5D8
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
Reboot:
End

2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 29 Maj 2014 16:43

Nisam isključila MCShield, znam, mora da bude uključen. Kad god uključim komp, dobijam obaveštenja u desnom donjem dijelu ekrana... Je l' ovako OK?




Evo izvještaj, ako nisam pogriješila. ako jesam, ubiću se



Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by Ljilja at 2014-05-29 16:06:33 Run:2
Running from C:\Users\Ljilja\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
File: C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
C:\Temp:01EB68DA.dat
HKLM\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
HKLM\...\Run: [svchost] => regsvr32 /s "C:\Temp:01EB68DA.dat"
HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
AppInit_DLLs: c:\progra~2\settin~1\systemk\x64\syskldr.dll => c:\progra~2\settin~1\systemk\x64\syskldr.dll File Not Found
AppInit_DLLs: c:\progra~2\linkey\ieexte~1\iedll64.dll => c:\progra~2\linkey\ieexte~1\iedll64.dll File Not Found
AppInit_DLLs-x32: c:\progra~2\settin~1\systemk\syskldr.dll => "c:\progra~2\settin~1\systemk\syskldr.dll" File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
SearchScopes: HKLM-x32 - {19C1EAB2-CCCF-453C-84BB-2A33BAA36DDF} URL = http://www.globasearch.com/?serie=25&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=308988252C465FD5&affID=128235&tt=240414_41&tsp=5237
FF SearchPlugin: C:\Users\Ljilja\AppData\Roaming\Mozilla\Firefox\Profiles\rkxgpdqk.default\searchplugins\buenosearch.xml
CHR HKCU\...\Chrome\Extension: [edflbdjfhpiboilnedfoiepbmcllkedb] - C:\Users\Ljilja\AppData\Local\CRE\edflbdjfhpiboilnedfoiepbmcllkedb.crx [2013-06-25]
CHR HKLM-x32\...\Chrome\Extension: [edflbdjfhpiboilnedfoiepbmcllkedb] - C:\Users\Ljilja\AppData\Local\CRE\edflbdjfhpiboilnedfoiepbmcllkedb.crx [2013-06-25]
Hosts:
Task: {1C6A011F-5629-4E72-9C9F-1F15344873AB} - \Funmoods No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:A8ADE5D8
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
Reboot:
End

*****************


========================= File: C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe ========================

MD5: 837B6D439C16DB39C30FB8EEBC806A57
Creation and modification date: 2013-12-18 16:11 - 2013-12-18 16:10
Size: 0224096
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:

====== End Of File: ======

"C:\Temp:01EB68DA.dat" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\svchost => Value not found.
HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA => Value not found.
"c:\progra~2\settin~1\systemk\x64\syskldr.dll" => Value Data not found.
"c:\progra~2\linkey\ieexte~1\iedll64.dll" => Value Data not found.
"c:\progra~2\settin~1\systemk\syskldr.dll" => Value Data not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{19C1EAB2-CCCF-453C-84BB-2A33BAA36DDF} => Key not found.
HKCR\Wow6432Node\CLSID\{19C1EAB2-CCCF-453C-84BB-2A33BAA36DDF} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
"C:\Users\Ljilja\AppData\Roaming\Mozilla\Firefox\Profiles\rkxgpdqk.default\searchplugins\buenosearch.xml" => not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\edflbdjfhpiboilnedfoiepbmcllkedb => Key not found.
"C:\Users\Ljilja\AppData\Local\CRE\edflbdjfhpiboilnedfoiepbmcllkedb.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\edflbdjfhpiboilnedfoiepbmcllkedb => Key not found.
"C:\Users\Ljilja\AppData\Local\CRE\edflbdjfhpiboilnedfoiepbmcllkedb.crx" => File/Directory not found.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C6A011F-5629-4E72-9C9F-1F15344873AB} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods => Key not found.
"C:\ProgramData\Temp" => ":373E1720" ADS not found.
"C:\ProgramData\Temp" => ":430C6D84" ADS not found.
"C:\ProgramData\Temp" => ":A8ADE5D8" ADS not found.
"C:\ProgramData\Temp" => ":DFC5A2B2" ADS not found.

========= DEL %TEMP%\*.* /F /S /Q =========

C:\Users\Ljilja\AppData\Local\Temp\FXSAPIDebugLogFile.txt
The process cannot access the file because it is being used by another process.

========= End of CMD: =========


========= RD /S /Q %TEMP% =========

C:\Users\Ljilja\AppData\Local\Temp\etilqs_kfrYa4j4q2c3gqR - The process cannot access the file because it is being used by another process.
C:\Users\Ljilja\AppData\Local\Temp\FXSAPIDebugLogFile.txt - The process cannot access the file because it is being used by another process.

========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog ====

Dopuna: 29 Maj 2014 16:51

Čini mi se da je računar bio OK, a f.b brže otvara.

• 1Ovo se svidja korisniku: Ljilja Hnovi
  
  Registruj se da bi pohvalio/la poruku!

Pozz,

Da tako treba. I nisi bas pogresila osim sto si fix (FixList) pokrenula dva puta ali nema veze ... Idemo sad na sledeci korak, da ubijemo dve muve jednim udarcem. Moramo da ti azuriramo taj MBAM na v2 a i usput da obavimo dodatnu proveru.








Preuzmi instalaciju za Malwarebytes Anti-Malware (MBAM) ver.2.0 i instaliraj aplikaciju.
Dvoklik na mbam-setup.exe i prati uputstva za instalaciju. Instalacija je klasicna, "Next > I Agree . . > Next > Install" princip. Po zavrsenoj instalaciji, klikni Finish.
Napomena: 14 dana besplatna trail verzija je pre-selektovana. Mozes decekirati ovu opciju ako zelis.

- Po prvom pokretanju, MBAM ce zapoceti "Update" u nameri da preuzme najsvezije definicije.
Ili ... klik na 'Update Now >>' link ili dugme radi preuzimanja svezih definicija.

• Konfigurisati skener; Na 'Settings' tabu, Detection and Protection podesiti sledece opcije:
1. pod-tab Detection Options, cekirati kucicu za 'Scan for rootkits';
2. pod-tab Non-Malware Protection, za 'PUP detections', prostarati se da je selektovana 'Threat detections as malware' opcija.



• Izvrsiti 'Threat Scan';
Klik na Scan tab, zatim na 'Scan Now >>' da bi izvrsio skeniranje.
Ukoliko MBAM prijavi da je 'update' dostupan, klik na 'Update Now' a potom nastaviti do skeniranja.
Obavestenje: kod nekih teskih infekcija, moguce je dobiti sledecu poruku "Could not load DDA driver". U tom slucaju, klik Yes na tu poruku, dopustiti ucitavanje drajvera po restartu racunara, dozvoliti restart.
Potom, nastaviti sa ostatkom instrukcija.

• Po zavrsenom skeniranju, klik na Apply Action dugme ukoliko je pretnja detektovana. Sacekati da program zatrazi restart!
- Klik na Yes na poruku koja govori da ce se sistem restartovati.



• Postaviti izvestaj (export-ovati logfile) na uvid;
Ponovo pokrenuti MBAM, klik na History tab > Application Logs. Dvoklik na 'Scan Log' koji pokazuje vreme i datum upravo izvrsenog skeniranja.
1. U novom prozoru klik na 'Export' dugme, pa izabrati 'Text file (*.txt)';
2. Kada se pojavi Save File dialog, izabrati da se log sacuva na Desktop.
U tom istom prozoru, dole pod File name: upisi 'mbam' kao naziv izvestaja i klikni dugme Save.

- Po dobijenoj poruci ("Your file has been successfully exported") izvestaj koji si nazvao kao 'mbam' bice sacuvan na Desktop.



Okaci mbam.txt uz poruku koristeci opciju Prikači fajl.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Uf, evo, mislim da sam ispratila sve korake kako si rekao. Nisu bile dvije živuljke, bio čitavi roj.


https://www.mycity.rs/must-login.png

• 1Ovo se svidja korisniku: Ljilja Hnovi
  
  Registruj se da bi pohvalio/la poruku!

Ma nije ovo nista, MBAM je samo lovio zaostale registry PUP unose. Sve je to Ok, sve je to planirano i sve si dobro uradila. Bitno je da se FRST nije salio i uklonio je primarni malware. Ovo je sad cist PC.


Ukoliko nemas vise problema, ja bih ti sad' uklonio alate.


• Sledeća procedura će implementirati završno čišćenje.

Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop.
Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje.
Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Ako se to ne desi, restartuj ga rucno.
Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu.


.



Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

• 1Ovo se svidja korisniku: magna86
  
  Registruj se da bi pohvalio/la poruku!

Napisano: 29 Maj 2014 23:14

Preuzela sam TFC, odradio je skeniranje i sam je restartovao komp.
Isto tako i DelFix, štiklira sam kućice koje si rekao. Je l' mogu izbrisati sa desktopa FRST, kao i sve izvještaje?

Komp radi super, a i pretraživač brzo otvara stranice. Puno ti hvala!

Dopuna: 29 Maj 2014 23:58

Ja sam izbrisala FRST, TFC i sve izvještaje.

Još jednom, puno hvala, mnogo si mi pomogao!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

DelFix je alat koji je trebao ukloniti sve koriscene alate u ovoj temi. Jesi li sigurna da si stiklirala 'Remove disinfection tools' opciju pre klika na dugme Run?
Nema veze, mozes ih obrisati i rucno, kao i sve njihove izvestaje / logove. Isto tako rucno obrisi FRST-ov folder koji se nalazi na sistemskoj particiji (C:\FRST).

Nema na cemu.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

magna86 :: Jesi li sigurna da si stiklirala 'Remove disinfection tools' opciju pre klika na dugme Run?

Mislim da jesam, jer mi se čini da sam od pet stavki štiklirala drugu, treću i četvrtu, a ovo disinfection mi je još pred očima. Možda mi je problem bio zbog stare verzije MBAM, pokušavala sam i ništa nisam mogla izbrisati ni ručno. Kao što nađe ćorava koka zrno, tako sam i ja riješila problem. Kad sam deinstalirala MBAM pored nove verzije, ostala je i stara, onda se sve izbrisalo, FRST, izvještaji...

Pozdrav i svako dobro!