MBAM registrovao 28 inficiranih objekata v2

1

MBAM registrovao 28 inficiranih objekata v2

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

Napisano: 26 Sep 2013 18:03

da ne otvaram novu temu... opet mamb i virusi..,

sad cu da postavim logove...

Dopuna: 26 Sep 2013 18:08

Malwarebytes Anti-Malware 1.75.0.1300
malwarebytes.org

Database version: v2013.09.26.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
mir :: MIKI [administrator]

26.09.2013 5:57:01 PM
MBAM-log-2013-09-26 (18-07-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213293
Time elapsed: 9 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 9
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.Babylon.A) -> No action taken.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> No action taken.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> No action taken.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> No action taken.
HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> No action taken.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Documents and Settings\mir\Application Data\Babylon (PUP.Optional.Babylon.A) -> No action taken.

Files Detected: 26
C:\Documents and Settings\mir\Local Settings\Temp\uninstall99761046.exe (PUP.Optional.YourfileDownloader) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\DeltaTB.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\BC9A30EC-BAB0-7891-829C-B12D6FE97009\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\BC9A30EC-BAB0-7891-829C-B12D6FE97009\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\BC9A30EC-BAB0-7891-829C-B12D6FE97009\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\BC9A30EC-BAB0-7891-829C-B12D6FE97009\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\BC9A30EC-BAB0-7891-829C-B12D6FE97009\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\BC9A30EC-BAB0-7891-829C-B12D6FE97009\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\BC9A30EC-BAB0-7891-829C-B12D6FE97009\Latest\Setup.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\0DD10829-BAB0-7891-9BC3-906072D7361F\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\0DD10829-BAB0-7891-9BC3-906072D7361F\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\0DD10829-BAB0-7891-9BC3-906072D7361F\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\0DD10829-BAB0-7891-9BC3-906072D7361F\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\0DD10829-BAB0-7891-9BC3-906072D7361F\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\0DD10829-BAB0-7891-9BC3-906072D7361F\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\0DD10829-BAB0-7891-9BC3-906072D7361F\Latest\Setup.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\5FB7B810-BAB0-7891-8D1C-778AB39289F3\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\5FB7B810-BAB0-7891-8D1C-778AB39289F3\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\5FB7B810-BAB0-7891-8D1C-778AB39289F3\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\5FB7B810-BAB0-7891-8D1C-778AB39289F3\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\5FB7B810-BAB0-7891-8D1C-778AB39289F3\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\5FB7B810-BAB0-7891-8D1C-778AB39289F3\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> No action taken.
C:\Documents and Settings\mir\Local Settings\Temp\5FB7B810-BAB0-7891-8D1C-778AB39289F3\Latest\Setup.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\mir\Application Data\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> No action taken.
C:\WINDOWS\Tasks\YourFile DownloaderUpdate.job (PUP.Optional.YourfileDownloader.A) -> No action taken.
C:\WINDOWS\Tasks\EPUpdater.job (PUP.Optional.Babylon.A) -> No action taken.

(end)

Dopuna: 26 Sep 2013 18:11

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 10.40.2
Run by mir at 18:09:05 on 2013-09-26
.
============== Running Processes ================
.
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\windows\System32\alg.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\windows\system32\wscntfy.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k rpcss
C:\windows\System32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k WudfServiceGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = google.com
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
EB: &Recherchieren: {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program files\microsoft office\office12\REFIEBAR.DLL
mRun: [LaunchAp] c:\program files\launch manager\LaunchAp.exe
mRun: [HotkeyApp] c:\program files\launch manager\HotkeyApp.exe
mRun: [LMgrVolOSD] c:\program files\launch manager\OSD.exe
mRun: [LMgrOSD] c:\program files\launch manager\OSDCtrl.exe
mRun: [Wbutton] "c:\program files\launch manager\Wbutton.exe"
mRun: [CtrlVol] c:\program files\launch manager\CtrlVol.exe
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\instal~1.lnk - c:\program files\common files\lpuninstall.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1349007435250
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
TCP: NameServer = 212.186.211.21 195.34.133.21
TCP: Interfaces\{2B11AB81-E419-4483-8E03-F5E6B1104DB0} : DHCPNameServer = 212.186.211.21 195.34.133.21
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\mir\application data\mozilla\firefox\profiles\jf4din5a.default-1380037964218\
FF - prefs.js: browser.startup.homepage - about:newtab
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\lastpass\nplastpass.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_168.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-09-24 18:17; support@lastpass.com; c:\documents and settings\mir\application data\mozilla\firefox\profiles\jf4din5a.default-1380037964218\extensions\support@lastpass.com
.
============= SERVICES / DRIVERS ===============
.
.
=============== File Associations ===============
.
ShellExec: Foxit Phantom.exe: print="c:\program files\foxit software\foxit phantom\Foxit Phantom.exe"/p "%1"
ShellExec: Foxit Phantom.exe: printto="c:\program files\foxit software\foxit phantom\Foxit Phantom.exe"/t "%1" "%2" "%3" "%4"
.
=============== Created Last 30 ================
.
2013-09-25 16:30:22 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-09-24 16:20:15 11668480 ----a-w- c:\program files\common files\lpuninstall.exe
2013-09-24 16:20:00 -------- d-----w- c:\program files\LastPass
2013-09-24 16:15:18 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-09-24 16:15:05 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-09-22 14:16:11 -------- d-----w- c:\documents and settings\mir\application data\YourFileDownloader
2013-09-21 18:34:29 -------- d-----w- c:\documents and settings\mir\local settings\application data\DiskAnalyzer
2013-09-21 18:33:42 -------- d-----w- c:\program files\Free Disk Analyzer
2013-09-21 18:33:22 -------- d-----w- c:\documents and settings\all users\application data\DiskAnalyzer
2013-09-20 16:26:54 -------- d-----w- c:\program files\iTunes
2013-09-20 16:26:54 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-09-20 16:25:50 6112864 ----a-w- c:\windows\system32\usbaaplrc.dll
2013-09-20 16:25:50 45056 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2013-09-20 16:25:18 -------- d-----w- c:\program files\Bonjour
2013-09-19 19:06:44 -------- d-----w- c:\documents and settings\mir\local settings\application data\Deployment
2013-09-19 18:26:42 -------- d-----w- c:\windows\system32\searchplugins
2013-09-19 18:26:42 -------- d-----w- c:\windows\system32\Extensions
2013-09-19 18:26:12 -------- d-----w- c:\program files\Unlocker
2013-09-19 17:21:52 -------- d-----w- c:\documents and settings\all users\application data\Babylon
2013-09-19 17:21:51 -------- d-----w- c:\documents and settings\mir\application data\Babylon
2013-09-19 16:44:36 -------- d-----w- c:\documents and settings\mir\application data\IObit
.
==================== Find3M ====================
.
2013-09-24 16:14:41 868264 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-09-24 16:14:41 790440 ----a-w- c:\windows\system32\deployJava1.dll
2013-09-19 16:41:24 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-19 16:41:24 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-18 08:42:02 24064 ----a-w- c:\windows\zoek-delete.exe
.
============= FINISH: 18:09:50.78 ===============

Dopuna: 26 Sep 2013 18:12

mycity.rs/must-login.png

Dopuna: 26 Sep 2013 18:19

- na koji način se ispoljava problem oko koga tražite pomoć;

skoro svaki program a pogotovo mozilla prijavi neku gresku zbog koje se program zatvorio automatski.

- kada se taj problem počeo ispoljavati;

pre par dana

- ukoliko zaštitni softver koji koristite nešto detektuje, a ne može da ukloni, napišite/iskopirajte nazive detektovanih datoteka u poruku;


u prilogu Log MBAM

- na koji način ste pokušali rešiti problem;

MBAM detektovao inficirane objekte, medjutim nista jos nije uradjeno. DDS fajlovi sleduju.

- kakvom internet konekcijom raspolažete (tip i brzina konekcije);

Wirelles Speed: 54 Mbps (75

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Zašto nemaš instaliran antivirusni program?


Arrow Korak 1

Ponovo pokreni skeniranje sa MBAM-om i ukloni pronađene objekte.



Arrow Korak 2

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S1].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[0].txt



Arrow Korak 3

Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.



Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);


Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

Napisano: 26 Sep 2013 18:45

mycity.rs/must-login.png

Dopuna: 26 Sep 2013 20:01

gmer mi stalno blokira na:
Software\Microsoft\Windows\CurrentVersion\Explorer\ComDig32\OpenSaveMRU\*

i nece vise da radi.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi FRST - (Farbar Recovery Scan Tool) i sačuvaj ga na Desktop

Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom.


Dvoklikom pokreni FRST;
Kada se alat startuje, klikni Yes na disclaimer.
Klikni na dugme Scan;
Alat ce kreirati izvještaj (FRST.txt) u isti direktorijum gde je i FRST.exe sačuvan.
Iskopiraj sadržaj tog izvještaja u poruku.
Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvještaj (Addition.txt). Taj izvještaj okači u poruku koristeći opciju "Prikači file".

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

Napisano: 26 Sep 2013 20:15

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-09-2013
Ran by mir (administrator) on MIKI on 26-09-2013 20:11:06
Running from C:\Documents and Settings\mir\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 6
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\windows\system32\Ati2evxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(ATI Technologies Inc.) C:\windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\windows\system32\wscntfy.exe
() C:\Program Files\Launch Manager\LaunchAp.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron) C:\Program Files\Launch Manager\OSD.exe
() C:\Program Files\Launch Manager\OSDCtrl.exe
() C:\Program Files\Launch Manager\Wbutton.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [LaunchAp] - C:\Program Files\Launch Manager\LaunchAp.exe [32768 2005-07-25] ()
HKLM\...\Run: [HotkeyApp] - C:\Program Files\Launch Manager\HotkeyApp.exe [57344 2005-07-28] (Wistron)
HKLM\...\Run: [LMgrVolOSD] - C:\Program Files\Launch Manager\OSD.exe [204800 2005-03-16] (Wistron)
HKLM\...\Run: [LMgrOSD] - C:\Program Files\Launch Manager\OSDCtrl.exe [241664 2005-07-25] ()
HKLM\...\Run: [Wbutton] - C:\Program Files\Launch Manager\Wbutton.exe [81920 2005-07-25] ()
HKLM\...\Run: [CtrlVol] - C:\Program Files\Launch Manager\CtrlVol.exe [20480 2003-09-16] (Wistron)
HKLM\...\Run: [ATICCC] - C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [45056 2006-01-02] (ATI Technologies Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 212.186.211.21 195.34.133.21

FireFox:
========
FF ProfilePath: C:\Documents and Settings\mir\Application Data\Mozilla\Firefox\Profiles\jf4din5a.default-1380037964218
FF Homepage: about:newtab
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass - C:\Program Files\LastPass\nplastpass.dll (LastPass)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: LastPass - C:\Documents and Settings\mir\Application Data\Mozilla\Firefox\Profiles\jf4din5a.default-1380037964218\Extensions\support@lastpass.com
FF Extension: No Name - C:\Documents and Settings\mir\Application Data\Mozilla\Firefox\Profiles\jf4din5a.default-1380037964218\Extensions\df54aad7e21988e380509509eff5747b954a0a85d1097afe7b4a4b3232e04776_lp.key

========================== Services (Whitelisted) =================

R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

R3 AR5211; C:\Windows\System32\DRIVERS\ar5211.sys [468768 2005-09-15] (Atheros Communications, Inc.)
R1 Hotkey; C:\Windows\System32\Drivers\Hotkey.sys [9867 2003-04-28] ()
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
S3 catchme; \??\C:\DOCUME~1\mir\LOCALS~1\Temp\catchme.sys [x]
S3 cpuz135; \??\C:\DOCUME~1\mir\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys [x]
S4 IntelIde; No ImagePath
S1 mailKmd; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U3 TlntSvr;
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()
S1 Wbutton; \SystemRoot\system32\drivers\Wbutton.sys [x]
U3 pxtdypod; \??\C:\DOCUME~1\mir\LOCALS~1\Temp\pxtdypod.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-26 20:09 - 2013-09-26 20:09 - 00000000 ____D C:\FRST
2013-09-26 20:08 - 2013-09-26 20:08 - 01089329 _____ (Farbar) C:\Documents and Settings\mir\Desktop\FRST.exe
2013-09-26 19:17 - 2013-09-26 19:17 - 00377856 _____ C:\Documents and Settings\mir\Desktop\ru8nm1kg.exe
2013-09-26 18:44 - 2013-09-26 18:44 - 00004964 _____ C:\Documents and Settings\mir\Desktop\AdwCleaner[S0].txt
2013-09-26 18:43 - 2013-09-26 18:43 - 00377856 _____ C:\Documents and Settings\mir\Desktop\jl9l5ivo.exe
2013-09-26 18:40 - 2013-09-26 18:41 - 00000000 ____D C:\AdwCleaner
2013-09-26 18:39 - 2013-09-26 18:39 - 01042066 _____ C:\Documents and Settings\mir\Desktop\AdwCleaner.exe
2013-09-26 18:09 - 2013-09-26 18:09 - 00007690 _____ C:\Documents and Settings\mir\Desktop\dds.txt
2013-09-26 18:09 - 2013-09-26 18:09 - 00004915 _____ C:\Documents and Settings\mir\Desktop\attach.txt
2013-09-26 18:03 - 2013-09-26 18:03 - 00688992 ____R (Swearware) C:\Documents and Settings\mir\Desktop\dds.scr
2013-09-25 17:40 - 2013-09-25 17:40 - 00090112 _____ C:\windows\Minidump\Mini092513-01.dmp
2013-09-24 18:20 - 2013-09-24 18:20 - 11668480 _____ (LastPass) C:\Program Files\Common Files\lpuninstall.exe
2013-09-24 18:20 - 2013-09-24 18:20 - 00001128 _____ C:\Documents and Settings\All Users\Desktop\My LastPass Vault.lnk
2013-09-24 18:20 - 2013-09-24 18:20 - 00000000 ____D C:\Program Files\LastPass
2013-09-24 18:20 - 2013-09-24 18:20 - 00000000 ____D C:\Documents and Settings\mir\Start Menu\Programs\LastPass
2013-09-24 18:20 - 2013-09-24 18:20 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\LastPass
2013-09-24 18:15 - 2013-09-24 18:15 - 00000000 ____D C:\Program Files\Common Files\Java
2013-09-24 18:15 - 2013-09-24 18:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2013-09-24 18:15 - 2013-09-24 18:14 - 00264616 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-09-24 18:15 - 2013-09-24 18:14 - 00175016 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-09-24 18:15 - 2013-09-24 18:14 - 00175016 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-09-24 18:15 - 2013-09-24 18:14 - 00144896 _____ (Oracle Corporation) C:\windows\system32\javacpl.cpl
2013-09-24 18:15 - 2013-09-24 18:14 - 00094632 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2013-09-24 18:14 - 2013-09-24 18:14 - 00000000 ____D C:\Program Files\Java
2013-09-21 20:34 - 2013-09-21 20:34 - 00000000 ____D C:\Documents and Settings\mir\Local Settings\Application Data\DiskAnalyzer
2013-09-21 20:33 - 2013-09-21 20:33 - 00000000 ____D C:\Program Files\Free Disk Analyzer
2013-09-21 20:33 - 2013-09-21 20:33 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Free Disk Analyzer
2013-09-21 20:33 - 2013-09-21 20:33 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DiskAnalyzer
2013-09-21 12:41 - 2013-09-21 12:41 - 00090112 _____ C:\windows\Minidump\Mini092113-01.dmp
2013-09-21 12:37 - 2013-09-21 20:37 - 00000120 _____ C:\windows\setupact.log
2013-09-21 12:37 - 2013-09-21 12:37 - 00000000 _____ C:\windows\setuperr.log
2013-09-20 18:41 - 2013-09-20 18:41 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2013-09-20 18:41 - 2013-09-20 18:41 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2013-09-20 18:41 - 2013-09-20 18:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-20 18:28 - 2013-09-20 18:28 - 00784872 _____ (Google Inc.) C:\Documents and Settings\mir\My Documents\ChromeSetup.exe
2013-09-20 18:28 - 2013-09-20 18:28 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2013-09-20 18:26 - 2013-09-20 18:28 - 00000000 ____D C:\Program Files\iTunes
2013-09-20 18:26 - 2013-09-20 18:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-09-20 18:26 - 2013-09-20 18:26 - 00001830 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
2013-09-20 18:26 - 2013-09-20 18:26 - 00000000 ____D C:\Program Files\Apple Software Update
2013-09-20 18:25 - 2013-09-20 18:25 - 00000000 ____D C:\Program Files\Bonjour
2013-09-20 18:25 - 2012-12-13 14:50 - 06112864 _____ (Apple, Inc.) C:\windows\system32\usbaaplrc.dll
2013-09-20 18:25 - 2012-12-13 14:50 - 00045056 _____ (Apple, Inc.) C:\windows\system32\Drivers\usbaapl.sys
2013-09-19 21:06 - 2013-09-19 21:07 - 00000000 ____D C:\Documents and Settings\mir\Local Settings\Application Data\Deployment
2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\windows\system32\searchplugins
2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\windows\system32\Extensions
2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\Program Files\Unlocker
2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\Documents and Settings\mir\Start Menu\Programs\Unlocker
2013-09-19 18:49 - 2013-09-23 20:50 - 00016645 _____ C:\windows\setupapi.log
2013-09-19 18:48 - 2013-09-19 18:48 - 00004137 _____ C:\windows\wmsetup.log
2013-09-19 18:44 - 2013-09-19 18:44 - 00000000 ____D C:\Documents and Settings\mir\Application Data\IObit

==================== One Month Modified Files and Folders =======

2013-09-26 20:09 - 2013-09-26 20:09 - 00000000 ____D C:\FRST
2013-09-26 20:08 - 2013-09-26 20:08 - 01089329 _____ (Farbar) C:\Documents and Settings\mir\Desktop\FRST.exe
2013-09-26 19:54 - 2012-03-10 19:04 - 00000000 ____D C:\Documents and Settings\mir\Local Settings\Application Data\LastPass
2013-09-26 19:41 - 2012-07-08 20:01 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-09-26 19:35 - 2013-03-20 21:18 - 00000880 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-26 19:17 - 2013-09-26 19:17 - 00377856 _____ C:\Documents and Settings\mir\Desktop\ru8nm1kg.exe
2013-09-26 18:44 - 2013-09-26 18:44 - 00004964 _____ C:\Documents and Settings\mir\Desktop\AdwCleaner[S0].txt
2013-09-26 18:43 - 2013-09-26 18:43 - 00377856 _____ C:\Documents and Settings\mir\Desktop\jl9l5ivo.exe
2013-09-26 18:43 - 2012-03-10 17:34 - 01643775 _____ C:\windows\WindowsUpdate.log
2013-09-26 18:42 - 2013-03-20 21:18 - 00000876 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-26 18:42 - 2012-03-10 18:24 - 00000159 _____ C:\windows\wiadebug.log
2013-09-26 18:42 - 2012-03-10 18:24 - 00000049 _____ C:\windows\wiaservc.log
2013-09-26 18:42 - 2012-03-10 17:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-09-26 18:41 - 2013-09-26 18:40 - 00000000 ____D C:\AdwCleaner
2013-09-26 18:41 - 2012-03-10 17:47 - 00000178 ___SH C:\Documents and Settings\mir\ntuser.ini
2013-09-26 18:41 - 2012-03-10 17:45 - 00032570 _____ C:\windows\SchedLgU.Txt
2013-09-26 18:39 - 2013-09-26 18:39 - 01042066 _____ C:\Documents and Settings\mir\Desktop\AdwCleaner.exe
2013-09-26 18:36 - 2012-03-10 18:11 - 00000000 ____D C:\windows\Media
2013-09-26 18:34 - 2013-08-10 17:52 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2013-09-26 18:09 - 2013-09-26 18:09 - 00007690 _____ C:\Documents and Settings\mir\Desktop\dds.txt
2013-09-26 18:09 - 2013-09-26 18:09 - 00004915 _____ C:\Documents and Settings\mir\Desktop\attach.txt
2013-09-26 18:03 - 2013-09-26 18:03 - 00688992 ____R (Swearware) C:\Documents and Settings\mir\Desktop\dds.scr
2013-09-26 17:53 - 2004-08-04 14:00 - 00002278 _____ C:\windows\system32\wpa.dbl
2013-09-25 17:55 - 2012-03-10 19:42 - 00213504 _____ C:\Documents and Settings\mir\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-25 17:40 - 2013-09-25 17:40 - 00090112 _____ C:\windows\Minidump\Mini092513-01.dmp
2013-09-25 17:40 - 2012-03-21 20:15 - 00000000 ____D C:\windows\Minidump
2013-09-24 22:04 - 2012-03-10 20:09 - 00000000 ____D C:\Documents and Settings\mir\Application Data\uTorrent
2013-09-24 18:20 - 2013-09-24 18:20 - 11668480 _____ (LastPass) C:\Program Files\Common Files\lpuninstall.exe
2013-09-24 18:20 - 2013-09-24 18:20 - 00001128 _____ C:\Documents and Settings\All Users\Desktop\My LastPass Vault.lnk
2013-09-24 18:20 - 2013-09-24 18:20 - 00000000 ____D C:\Program Files\LastPass
2013-09-24 18:20 - 2013-09-24 18:20 - 00000000 ____D C:\Documents and Settings\mir\Start Menu\Programs\LastPass
2013-09-24 18:20 - 2013-09-24 18:20 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\LastPass
2013-09-24 18:19 - 2013-03-20 21:18 - 00000000 ____D C:\Program Files\Google
2013-09-24 18:15 - 2013-09-24 18:15 - 00000000 ____D C:\Program Files\Common Files\Java
2013-09-24 18:15 - 2013-09-24 18:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2013-09-24 18:14 - 2013-09-24 18:15 - 00264616 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-09-24 18:14 - 2013-09-24 18:15 - 00175016 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-09-24 18:14 - 2013-09-24 18:15 - 00175016 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-09-24 18:14 - 2013-09-24 18:15 - 00144896 _____ (Oracle Corporation) C:\windows\system32\javacpl.cpl
2013-09-24 18:14 - 2013-09-24 18:15 - 00094632 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2013-09-24 18:14 - 2013-09-24 18:14 - 00000000 ____D C:\Program Files\Java
2013-09-24 18:14 - 2012-07-08 20:04 - 00868264 _____ (Oracle Corporation) C:\windows\system32\npdeployJava1.dll
2013-09-24 18:14 - 2012-03-10 18:30 - 00790440 _____ (Oracle Corporation) C:\windows\system32\deployJava1.dll
2013-09-24 18:10 - 2012-09-29 12:33 - 00002323 _____ C:\Documents and Settings\mir\Start Menu\Programs\Windows Install Clean Up.lnk
2013-09-23 20:50 - 2013-09-19 18:49 - 00016645 _____ C:\windows\setupapi.log
2013-09-22 16:16 - 2012-03-10 17:45 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-09-21 20:37 - 2013-09-21 12:37 - 00000120 _____ C:\windows\setupact.log
2013-09-21 20:34 - 2013-09-21 20:34 - 00000000 ____D C:\Documents and Settings\mir\Local Settings\Application Data\DiskAnalyzer
2013-09-21 20:33 - 2013-09-21 20:33 - 00000000 ____D C:\Program Files\Free Disk Analyzer
2013-09-21 20:33 - 2013-09-21 20:33 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Free Disk Analyzer
2013-09-21 20:33 - 2013-09-21 20:33 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DiskAnalyzer
2013-09-21 12:41 - 2013-09-21 12:41 - 00090112 _____ C:\windows\Minidump\Mini092113-01.dmp
2013-09-21 12:37 - 2013-09-21 12:37 - 00000000 _____ C:\windows\setuperr.log
2013-09-20 18:41 - 2013-09-20 18:41 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2013-09-20 18:41 - 2013-09-20 18:41 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2013-09-20 18:41 - 2013-09-20 18:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-20 18:28 - 2013-09-20 18:28 - 00784872 _____ (Google Inc.) C:\Documents and Settings\mir\My Documents\ChromeSetup.exe
2013-09-20 18:28 - 2013-09-20 18:28 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2013-09-20 18:28 - 2013-09-20 18:26 - 00000000 ____D C:\Program Files\iTunes
2013-09-20 18:28 - 2013-09-20 18:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-09-20 18:27 - 2013-02-03 14:35 - 00000000 ____D C:\Program Files\iPod
2013-09-20 18:27 - 2012-09-29 12:08 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-20 18:26 - 2013-09-20 18:26 - 00001830 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
2013-09-20 18:26 - 2013-09-20 18:26 - 00000000 ____D C:\Program Files\Apple Software Update
2013-09-20 18:25 - 2013-09-20 18:25 - 00000000 ____D C:\Program Files\Bonjour
2013-09-19 21:20 - 2013-03-20 21:18 - 00000000 ____D C:\Documents and Settings\mir\Local Settings\Application Data\Google
2013-09-19 21:07 - 2013-09-19 21:06 - 00000000 ____D C:\Documents and Settings\mir\Local Settings\Application Data\Deployment
2013-09-19 20:54 - 2004-08-04 14:00 - 00000528 _____ C:\windows\win.ini
2013-09-19 20:54 - 2004-08-04 14:00 - 00000227 _____ C:\windows\system.ini
2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\windows\system32\searchplugins
2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\windows\system32\Extensions
2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\Program Files\Unlocker
2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\Documents and Settings\mir\Start Menu\Programs\Unlocker
2013-09-19 18:55 - 2012-05-13 20:40 - 00000000 ____D C:\windows\SxsCaPendDel
2013-09-19 18:51 - 2013-01-05 17:03 - 00000000 ____D C:\Program Files\maemo
2013-09-19 18:48 - 2013-09-19 18:48 - 00004137 _____ C:\windows\wmsetup.log
2013-09-19 18:48 - 2012-03-10 17:31 - 00000000 ____D C:\Program Files\Messenger
2013-09-19 18:44 - 2013-09-19 18:44 - 00000000 ____D C:\Documents and Settings\mir\Application Data\IObit
2013-09-19 18:41 - 2012-04-01 11:35 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2013-09-19 18:41 - 2012-03-10 19:07 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-19 18:23 - 2012-03-10 17:47 - 00000000 ____D C:\Documents and Settings\mir
2013-09-18 18:10 - 2012-03-10 23:45 - 00154776 _____ C:\Documents and Settings\mir\My Documents\Mappe1.xlsx
2013-09-18 17:51 - 2012-03-10 23:35 - 00065536 _____ C:\windows\system32\config\ODiag.evt
2013-09-16 18:29 - 2012-05-11 20:24 - 00000664 _____ C:\windows\system32\d3d9caps.dat
2013-08-31 20:02 - 2012-03-10 20:12 - 00000856 _____ C:\Documents and Settings\mir\Start Menu\GOM Player.lnk
2013-08-27 20:32 - 2013-05-13 18:51 - 00000000 ____D C:\Documents and Settings\mir\My Documents\My Publications

Some content of TEMP:
====================
C:\Documents and Settings\mir\Local Settings\Temp\htmlayout.dll
C:\Documents and Settings\mir\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\mir\Local Settings\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2012-03-17 14:45] - [2008-04-14 06:42] - 0108544 ____A (Microsoft Corporation) 0e776ed5f7cc9f94299e70461b7b8185

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Dopuna: 26 Sep 2013 20:16

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Napisano: 26 Sep 2013 20:25

Da li si ti instalirao LastPass?

Dopuna: 26 Sep 2013 20:27

Kakvo je stanje ssitema nakon pokretanja AdwCleaner-a?

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

Napisano: 26 Sep 2013 20:31

last pass da.

Dopuna: 26 Sep 2013 20:36

nije mi jos nikako prijavio gresku i zatvorio program.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

S obzirom da u postavljenim izvještajima nisam našao tragove aktivne infekcije, ostaje ti da uradiš sljedeće:


Arrow

Obavezno instaliraj antivirusni program. Ukoliko nemaš novaca ili ne želiš da ga izdvojiš za neki komercijalni AV program, na raspolaganju ti se nalaze kvalitetni besplatni AV programi poput Avast Free, AVG Free, Avira Free, Microsoft Security Essentials, Panda Cloud AV, itd.
Nemoj koristiti piratske verzije AV programa!!!



Arrow

Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings


Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.

Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt




Arrow

Posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

nije mi jasno kako to odjedom... poslednjih 3 godine sve je ok radilo.

nego, jedino sto ne mogu to je chrome da instaliram. otkad mi se prvi put pojavio problem sa mozillom, htedoh da probam google chrome, ali ne moze nikako da se instalira. samo downloaduje, nekoliko puta i to je to. prijavi gresku kao ne moze da se instalira pokusajte kasnije ponovo.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Vjerovatno je problem bio junkware, a što se tiče trenutnih problema otvori temu u Windows forumu i tamo izloži svoj problem.

http://www.mycity.rs/Windows/

Ko je trenutno na forumu
 

Ukupno su 1170 korisnika na forumu :: 35 registrovanih, 6 sakrivenih i 1129 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: airsuba, babaroga, bojank, bokisha253, Boskovic, BraneS, darkangel, Excalibur13, gomago, Goran 0000, goxin, goxsys, ILGromovnik, Još malo pa deda, kikisp, Komentator, Kubovac, M1los, mercedesamg, Metanoja, Mi lao shu, Milija.00, Milos ZA, mkukoleca, mocnijogurt, nenad81, nesa1962, Oscar, robertino, stalja, Udvar, vaso1, vathra, VJ, šumar bk2