MyCity » Ambulanta -> Arhiva Ambulante » aal.coumpatch.com popup problem

aal.coumpatch.com popup problem

Napisano na dan: 7.11.2014

aal.coumpatch.com popup problem

Sledeća strana

Pagination

Odgovori

goust Poslao: 07 Nov 2014 11:30 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Nikako ne mogu da se resim ovog odvratnog popupa koji se vrlo cesto pojavljuje. Preskenirao sam sa KIS 2015 i isti nije registrovao nikakav maliciozni program. Zatim sam preskenirao sa Spybot S&D, on je nasao svasta nesto i uspesno ocistio, tako da se u ponovljenom skeniranju nije pojavilo nista. Instalirao sam ADGUARD ali on nije nista otklonio. Pregledao sam sve add-onse u FF i tamo nema niceg sumnjivog. Evo kako izgleda popup: Internet konekcija mi je wireless adsl Telekom. https://www.mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014 Ran by Sale (administrator) on SALE-PC on 07-11-2014 11:25:02 Running from C:\Users\Sale\Desktop Loaded Profile: Sale (Available profiles: Sale) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Insoft LLC) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Auslogics) C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Insoft LLC) C:\Program Files (x86)\Adguard\Adguard.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE (Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe (QUALCOMM, Inc.) C:\QUALCOMM\QDLService\QDLService.exe () C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2012-09-06] (Lenovo (Beijing) Limited) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2469946165-4281633537-2586476627-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.) HKU\S-1-5-21-2469946165-4281633537-2586476627-1000\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [1985256 2014-10-07] (Insoft LLC) HKU\S-1-5-18\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [1985256 2014-10-07] (Insoft LLC) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x81C2C499688CCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-rs HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searc-hall.info/?pid=3521&r=2.....p;unqvl=65 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=14105264.....J3CKG0J3CX HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1410.....3CX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=14105264.....J3CKG0J3CX HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=14105264.....J3CKG0J3CX HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1410.....3CX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1410.....3CX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=14105264.....J3CKG0J3CX HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searc-hall.info/?pid=3521&r=2.....p;unqvl=65 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1410.....3CX&q={searchTerms} URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-2469946165-4281633537-2586476627-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1410.....3CX&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1410.....3CX&q={searchTerms} SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&a.....=ds&p={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3521&r=2014/11/05&hid=10735638589503141386&lg=EN&cc=RS&unqvl=65 SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1410.....3CX&q={searchTerms} SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&a.....=ds&p={searchTerms} SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3521&r=2014/11/05&hid=10735638589503141386&lg=EN&cc=RS&unqvl=65 SearchScopes: HKCU - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = SearchScopes: HKCU - {2A18FF81-FB2D-4754-8BFE-40F724398B53} URL = http://asksearch.ask.com/redirect?client=ie&sr.....apn_ptnrs=^AM3&apn_dtid=^YYYYYY^XJ^RS&apn_dbr=ff_20.0&doi=2013-04-27&q={searchTerms}& SearchScopes: HKCU - {4E51ECF5-A621-45FF-912D-14D3AFA65FD2} URL = https://search.yahoo.com/search?fr=chr-greentree_i.....453&p={searchTerms} SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&a.....=ds&p={searchTerms} SearchScopes: HKCU - {D09596AC-F059-4700-9EF2-F541928BAC65} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468 SearchScopes: HKCU - {E3EA5796-17E9-4CBC-AA79-9B9E67D3D765} URL = http://www.mysearchresults.com/search?c=3523&t=01&q={searchTerms} SearchScopes: HKCU - {e78375f4-11f2-49bc-a345-15019f00b591} URL = http://www.findamo.com/search.html?&q={searchTerms}&cid=4151ch=2 SearchScopes: HKCU - {F4528B3A-4ADF-4241-96F0-8B8BFEDA144F} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091 BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO: GoSave -> {2c3bf76a-6b87-4438-99ac-b18a15cc9069} -> C:\Program Files (x86)\GoSave\8aVejH4ew79Czm.x64.dll () BHO: YoutubeAdBlocke -> {47a5ad0c-d509-45b5-9920-a2dcc56aebcb} -> C:\Program Files (x86)\YoutubeAdBlocke\nBiyYxJ8t6dnjs.x64.dll () BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO-x32: No Name -> {2c3bf76a-6b87-4438-99ac-b18a15cc9069} -> No File BHO-x32: No Name -> {47a5ad0c-d509-45b5-9920-a2dcc56aebcb} -> No File BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: DefaultTab Browser Helper -> {7F6AFBF1-E065-4627-A2FD-810366367D01} -> C:\Windows\SysWow64\config\systemprofile\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 FireFox: ======== FF ProfilePath: C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692 FF DefaultSearchEngine,S: WebSearch FF DefaultSearchUrl: hxxp://websearch.searc-hall.info/?pid=3521&r=2014/11/05&hid=10735638589503141386&lg=EN&cc=RS&unqvl=65&l=1&q= FF SearchEngineOrder.1: WebSearch FF SearchEngineOrder.1,S: WebSearch FF SelectedSearchEngine,S: WebSearch FF Homepage: https://www.google.rs/ FF Keyword.URL: hxxp://websearch.searc-hall.info/?pid=3521&r=2014/11/05&hid=10735638589503141386&lg=EN&cc=RS&unqvl=65&l=1&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com () FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com () FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com () FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF user.js: detected! => C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\user.js FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\searchplugins\buenosearch.xml FF SearchPlugin: C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\searchplugins\default-search.xml FF SearchPlugin: C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\searchplugins\Search The Web.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\istartsurf.xml FF Extension: GoSave - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\Extensions\Hobtd8@H.com [2014-11-05] FF Extension: YoutubeAdBlocke - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\Extensions\NcUVXitTT@n.net [2014-11-05] FF Extension: Facebook Ads Block - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\Extensions\jid1-CGxMej0nDJTjwQ@jetpack.xpi [2014-06-15] FF Extension: Lost Friends Notifier - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\Extensions\jid1-s0hS918atYzRdw@jetpack.xpi [2014-10-30] FF Extension: AniWeather - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2014-05-30] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-30] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-30] FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\extensions\faststartff@gmail.com FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-10-17] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-10-17] FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-10-17] FF Extension: No Name - content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com [Not Found] FF Extension: No Name - virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com [Not Found] FF Extension: No Name - online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com [Not Found] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR DefaultSearchKeyword: Default -> 1293CFC8D7878E2CBD95C2D9C72083DC57271F308E85A916E8ABEC74F1837448 CHR DefaultSearchURL: Default -> 4A6753BE5369F964C2490838FA89D1F83C626A405D7E6585105051C5621E8F3F CHR Profile: C:\Users\Sale\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Kaspersky Protection) - C:\Users\Sale\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-10-22] CHR Extension: (Google новчаник) - C:\Users\Sale\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-15] CHR HKCU\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Sale\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-08-26] CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2012-08-26] CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Sale\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-08-26] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [120040 2014-10-07] (Insoft LLC) R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO) R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [956192 2011-02-15] (Broadcom Corporation.) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2013-12-04] (Realsil Microelectronics Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed] R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV) R2 QDLService; C:\QUALCOMM\QDLService\QDLService.exe [345336 2009-10-14] (QUALCOMM, Inc.) R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2012-12-31] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 adgnetworktdi; C:\Windows\System32\drivers\adgnetworktdi.sys [60408 2014-07-28] () R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-08-18] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [820232 2014-08-20] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [74424 2014-08-13] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO) S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed] R0 rtcrfilt64; C:\Windows\System32\DRIVERS\rtcrfilt64.sys [19600 2013-12-04] (Realtek Semiconductor Corp.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-23] (Duplex Secure Ltd.) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.) S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2012-03-02] (LG Electronics Inc.) S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2012-03-02] (LG Electronics Inc.) S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2012-03-02] (LG Electronics Inc.) S3 VGPU; No ImagePath R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation) R3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation) S3 catchme; \??\C:\Users\Sale\AppData\Local\Temp\catchme.sys [X] U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-07 00:45 - 2014-11-07 00:45 - 00001030 _____ () C:\Users\Sale\Documents\adguard_user_filter.txt 2014-11-07 00:33 - 2014-11-07 00:33 - 00052213 _____ () C:\Users\Sale\Desktop\Shortcut.txt 2014-11-07 00:29 - 2014-11-07 00:33 - 00045365 _____ () C:\Users\Sale\Desktop\Addition.txt 2014-11-07 00:28 - 2014-11-07 11:25 - 00024934 _____ () C:\Users\Sale\Desktop\FRST.txt 2014-11-07 00:28 - 2014-11-07 11:25 - 00000000 ____D () C:\FRST 2014-11-07 00:27 - 2014-11-07 00:27 - 02114560 _____ (Farbar) C:\Users\Sale\Desktop\FRST64.exe 2014-11-06 23:58 - 2014-11-06 23:58 - 00001847 _____ () C:\Users\Public\Desktop\Adguard.lnk 2014-11-06 23:58 - 2014-11-06 23:58 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-06 23:38 - 2014-11-07 00:01 - 00000306 _____ () C:\Windows\Tasks\FreeFixer background scan.job 2014-11-06 23:38 - 2014-11-06 23:38 - 00002968 _____ () C:\Windows\System32\Tasks\FreeFixer background scan 2014-11-06 23:37 - 2014-11-06 23:38 - 02666167 _____ (Kephyr) C:\Users\Sale\Desktop\freefixersetup(1).exe 2014-11-06 23:19 - 2014-11-07 00:00 - 00004144 _____ () C:\Windows\PFRO.log 2014-11-06 21:25 - 2014-05-09 00:21 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts.20141106-212501.backup 2014-11-06 21:24 - 2014-11-06 21:24 - 02482840 _____ () C:\immudebug.log 2014-11-06 20:54 - 2014-11-06 21:19 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2014-11-06 20:54 - 2014-11-06 20:54 - 00001262 _____ () C:\Users\Sale\Desktop\Spybot - Search & Destroy.lnk 2014-11-06 20:54 - 2014-11-06 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2014-11-06 20:53 - 2014-11-06 20:53 - 16409960 _____ (Safer Networking Limited ) C:\Users\Sale\Desktop\spybotsd162.exe 2014-11-06 20:37 - 2014-11-06 20:47 - 00000000 ____D () C:\Users\Sale\AppData\Local\FreeFixer 2014-11-06 20:37 - 2014-11-06 20:43 - 00000000 ____D () C:\Users\Sale\AppData\Roaming\FreeFixer 2014-11-06 20:37 - 2014-11-06 20:37 - 00000000 ____D () C:\Users\Sale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeFixer 2014-11-06 20:37 - 2014-11-06 20:37 - 00000000 ____D () C:\Program Files\FreeFixer 2014-11-06 20:36 - 2014-11-06 20:36 - 02666167 _____ (Kephyr) C:\Users\Sale\Desktop\freefixersetup.exe 2014-11-06 20:24 - 2014-11-06 20:25 - 00000000 ____D () C:\ProgramData\3872871776 2014-11-06 20:16 - 2014-11-06 20:31 - 257907397 _____ () C:\Users\Sale\Desktop\~PI1A38.tmp 2014-11-06 18:08 - 2014-11-06 18:08 - 00003124 _____ () C:\Windows\System32\Tasks\{706BDD56-90DA-45D6-9FEB-082394105553} 2014-11-06 18:07 - 2014-11-06 18:33 - 239889986 _____ () C:\Users\Sale\Desktop\P. I. Cajkovski - Liturgija Svetog Jovana Zlatoustog (kompletno delo).avi 2014-11-06 17:41 - 2014-11-06 18:07 - 408701950 _____ () C:\Users\Sale\Desktop\My Movie.avi 2014-11-06 16:19 - 2014-11-06 16:20 - 00000000 ____D () C:\Users\Sale\Documents\Freemake 2014-11-06 13:23 - 2014-11-06 15:31 - 1075112913 _____ () C:\Users\Sale\Desktop\My Movie2.mp4 2014-11-06 08:53 - 2014-11-06 10:54 - 3153277424 _____ () C:\Users\Sale\Desktop\My Movie.mp4 2014-11-06 00:39 - 2014-11-06 01:34 - 1065748134 _____ () C:\Users\Sale\Desktop\Video #1.avi 2014-11-05 18:21 - 2014-11-05 18:21 - 00000000 ____D () C:\Users\Sale\AppData\Roaming\HandBrake 2014-11-05 15:34 - 2014-11-05 15:34 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Insoft LLC 2014-11-05 15:34 - 2014-11-05 15:34 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Insoft LLC 2014-11-05 15:30 - 2014-11-07 00:01 - 00000336 _____ () C:\Windows\setupact.log 2014-11-05 15:30 - 2014-11-05 15:30 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-05 12:51 - 2014-11-05 12:57 - 05328144 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-05 11:48 - 2014-11-05 11:48 - 00198712 ____N () C:\Users\Sale\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-05 11:25 - 2014-11-07 00:01 - 00000474 ____H () C:\Windows\Tasks\SW-Booster-S-792098896.job 2014-11-05 11:25 - 2014-11-05 11:36 - 00000000 ____D () C:\Users\Sale\AppData\Roaming\SkypEmoticons 2014-11-05 11:25 - 2014-11-05 11:25 - 00000000 ____D () C:\ProgramData\Trusted Publisher 2014-11-05 11:24 - 2014-11-05 12:50 - 00000000 ____D () C:\Program Files (x86)\YoutubeAdBlocke 2014-11-05 11:24 - 2014-11-05 12:50 - 00000000 ____D () C:\Program Files (x86)\GoSave 2014-11-05 11:24 - 2014-11-05 12:47 - 00000000 ____D () C:\ProgramData\YoutubeAdBlocke 2014-11-05 11:24 - 2014-11-05 12:47 - 00000000 ____D () C:\ProgramData\GoSave 2014-11-05 11:24 - 2014-11-05 11:24 - 00000394 __RSH () C:\ProgramData\ntuser.pol 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\Sale\AppData\Local\Torch 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\Sale\AppData\Local\Comodo 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\Sale\AppData\Local\Chromatic Browser 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\Guest 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\Users\Administrator 2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\ProgramData\e9e40ed0b9313810 2014-11-05 11:23 - 2014-11-05 11:36 - 00000000 ____D () C:\Program Files (x86)\EZDownloader 2014-11-02 20:01 - 2014-11-02 20:11 - 120119918 _____ () C:\Users\Sale\Desktop\VID_20141031_094715(1).mp4 2014-11-02 20:00 - 2014-11-02 20:00 - 00000000 ____D () C:\Users\Sale\Documents\DVDVideoSoft 2014-11-02 18:48 - 2014-11-02 18:53 - 00000000 ____D () C:\Users\Sale\Desktop\New folder (2) 2014-11-01 21:28 - 2014-11-01 21:28 - 00004022 _____ () C:\Windows\System32\Tasks\LaunchSignup 2014-11-01 21:28 - 2014-11-01 21:28 - 00003436 _____ () C:\Windows\System32\Tasks\PC Performer Scheduled Scan 2014-11-01 21:27 - 2014-11-01 21:28 - 00003248 _____ () C:\Windows\System32\Tasks\PC Performer Logon Scan 2014-11-01 21:26 - 2014-11-01 21:27 - 00000000 ____D () C:\Users\Sale\AppData\Local\speedtest211 2014-11-01 21:26 - 2014-11-01 21:26 - 00000000 ____D () C:\Users\Sale\AppData\Roaming\Performersoft 2014-11-01 21:25 - 2014-09-12 09:23 - 03421696 _____ (Performersoft, LLC.) C:\Windows\performersoftsetup.dll 2014-11-01 13:14 - 2014-11-01 13:14 - 00000112 _____ () C:\Users\Sale\Desktop\60.000.txt 2014-10-31 09:51 - 2014-10-31 09:51 - 120446514 _____ () C:\Users\Sale\Desktop\VID_20141031_094715.mp4 2014-10-31 09:51 - 2014-10-31 09:51 - 01506339 _____ () C:\Users\Sale\Desktop\VID_20141031_095122.mp4 2014-10-30 09:49 - 2014-10-30 09:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-29 23:22 - 2014-10-30 19:58 - 00000000 ____D () C:\Users\Sale\Desktop\New folder 2014-10-29 18:03 - 2014-10-29 18:03 - 00000000 ____D () C:\Users\Sale\AppData\Roaming\Insoft LLC 2014-10-27 20:21 - 2014-10-27 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-10-23 15:22 - 2014-10-29 17:33 - 00000000 ____D () C:\Users\Sale\Desktop\пројекат захвалнице 2014-10-23 15:05 - 2014-10-23 15:05 - 00000000 ____D () C:\Users\Sale\Documents\paint.net User Files 2014-10-23 14:55 - 2014-10-23 14:55 - 00022632 _____ () C:\Users\Sale\Desktop\hex-fabric2.svg 2014-10-23 12:15 - 2014-10-23 12:15 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-10-23 12:13 - 2014-10-29 17:42 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2014-10-20 17:54 - 2014-10-20 22:14 - 00000000 ____D () C:\Windows\Minidump 2014-10-20 17:18 - 2014-10-20 17:18 - 00000000 ____D () C:\Program Files (x86)\GreenTree Applications 2014-10-17 12:37 - 2014-10-17 12:37 - 00002334 _____ () C:\Users\Sale\Desktop\Safe Money.lnk 2014-10-17 12:36 - 2014-10-17 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2014-10-17 12:35 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2014-10-17 12:34 - 2014-11-07 09:51 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-10-17 12:34 - 2014-10-17 12:34 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2014-10-17 12:33 - 2014-08-20 17:04 - 00820232 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2014-10-17 12:33 - 2014-08-18 13:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2014-10-17 12:33 - 2014-08-12 17:33 - 00246456 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys 2014-10-17 12:30 - 2014-07-28 15:47 - 00060408 _____ () C:\Windows\system32\Drivers\adgnetworktdi.sys 2014-10-15 06:34 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-15 06:34 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-10-15 06:34 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2014-10-15 06:34 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2014-10-15 06:34 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2014-10-15 06:34 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2014-10-15 06:34 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-15 06:34 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-15 06:34 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-15 06:34 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-15 06:34 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-15 06:34 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-15 06:33 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-10-15 06:33 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-10-15 06:33 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-10-15 06:33 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2014-10-15 06:33 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2014-10-15 06:33 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-10-15 06:33 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2014-10-15 06:33 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2014-10-15 06:33 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2014-10-15 06:33 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2014-10-15 06:33 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2014-10-15 06:33 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2014-10-15 06:33 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2014-10-15 06:33 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2014-10-15 06:33 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2014-10-15 06:33 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2014-10-15 06:33 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2014-10-15 06:33 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-10-15 06:33 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-10-15 06:33 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-10-15 06:33 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2014-10-15 06:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2014-10-15 06:33 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-10-15 06:33 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2014-10-15 06:33 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-10-15 06:33 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2014-10-15 06:33 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2014-10-15 06:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2014-10-15 06:33 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2014-10-15 06:33 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-10-15 06:33 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-10-15 06:33 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2014-10-15 06:33 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2014-10-15 06:33 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2014-10-15 06:33 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2014-10-15 06:33 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2014-10-15 06:33 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2014-10-15 06:32 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-15 06:32 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-15 06:32 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-15 06:32 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-15 06:32 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-15 06:32 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-15 06:32 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-15 06:32 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-15 06:32 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-15 06:32 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-15 06:32 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-15 06:32 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-15 06:32 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-15 06:32 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-15 06:32 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-15 06:32 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-15 06:32 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-15 06:32 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-15 06:32 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-15 06:32 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-15 06:32 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-15 06:32 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-15 06:32 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-15 06:32 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-15 06:32 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-15 06:32 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-15 06:32 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-15 06:32 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-15 06:32 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-15 06:32 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-15 06:32 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-15 06:32 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-15 06:32 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-15 06:32 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-15 06:32 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-15 06:32 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-15 06:32 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-15 06:32 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-15 06:32 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-15 06:32 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-15 06:32 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-15 06:32 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-15 06:32 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-15 06:32 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-15 06:32 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-15 06:32 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-15 06:32 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-15 06:32 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-15 06:32 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-15 06:32 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-15 06:32 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-15 06:32 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-15 06:32 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-15 06:32 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-15 06:32 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-15 06:32 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-15 06:32 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-15 06:32 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-15 06:31 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-15 06:31 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-15 06:31 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-15 06:31 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-10-15 06:31 - 2014-07-17 03:07 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-15 06:31 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-15 06:31 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-15 06:31 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-15 06:31 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-15 06:31 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-15 06:31 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-15 06:31 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-15 06:31 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-15 06:31 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-10-15 06:31 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-10-15 06:31 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-15 06:31 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-15 06:31 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-15 06:31 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-15 06:30 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-15 06:30 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-11 23:40 - 2014-10-11 23:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-07 11:25 - 2014-09-17 07:57 - 00000000 ____D () C:\ProgramData\Adguard 2014-11-07 10:58 - 2012-10-16 22:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-07 10:37 - 2013-12-23 17:39 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-07 08:37 - 2013-12-23 17:39 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-07 03:00 - 2012-09-07 05:20 - 01707660 _____ () C:\Windows\WindowsUpdate.log 2014-11-07 00:11 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-07 00:11 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-07 00:05 - 2014-09-17 07:57 - 00000000 ____D () C:\Program Files (x86)\Adguard 2014-11-07 00:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-06 23:58 - 2014-09-17 07:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adguard 2014-11-06 23:45 - 2012-09-07 12:14 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-11-06 23:43 - 2014-04-13 19:30 - 00000000 ____D () C:\Users\Sale\AppData\Roaming\DVDVideoSoft 2014-11-06 23:42 - 2014-09-29 21:26 - 00000000 ____D () C:\ProgramData\Freemake 2014-11-06 23:42 - 2014-09-29 21:25 - 00000000 ____D () C:\Program Files (x86)\Freemake 2014-11-06 23:39 - 2012-09-07 10:15 - 00000000 ____D () C:\Users\Sale\Documents\Outlook Files 2014-11-06 21:26 - 2013-01-25 18:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-11-06 21:17 - 2014-03-05 14:13 - 00000000 ____D () C:\Program Files (x86)\SearchProtect 2014-11-06 19:09 - 2013-04-18 20:28 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer 2014-11-06 16:20 - 2014-09-29 21:26 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-11-06 16:19 - 2014-09-29 21:25 - 00000000 ____D () C:\Users\Sale\AppData\Roaming\RHEng 2014-11-05 15:33 - 2014-03-05 09:06 - 00000000 ___RD () C:\Users\Sale\Desktop\Čistači i bezbednost 2014-11-05 15:19 - 2014-09-12 13:43 - 00000000 ____D () C:\Windows\System32\Tasks\Auslogics 2014-11-05 15:18 - 2012-09-07 07:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics 2014-11-05 15:18 - 2012-09-07 07:17 - 00000000 ____D () C:\Program Files (x86)\Auslogics 2014-11-05 15:00 - 2012-11-04 12:26 - 00000000 ___RD () C:\Users\Sale\Desktop\Operativni programi 2014-11-05 11:25 - 2012-09-06 20:23 - 00000000 ____D () C:\Users\Sale 2014-11-05 11:24 - 2012-09-21 15:46 - 00000000 ____D () C:\Users\Sale\AppData\Local\Google 2014-11-05 11:24 - 2012-09-21 15:46 - 00000000 ____D () C:\Program Files (x86)\Google 2014-11-03 19:58 - 2012-09-27 23:36 - 00000000 ____D () C:\Users\Sale\Documents\LogoDesignStudio Pro 2014-11-03 19:02 - 2014-04-08 08:24 - 00000000 ____D () C:\Users\Sale\Desktop\Udruzenje pčelara Kikinda 2014-11-03 09:50 - 2013-03-13 20:54 - 00000000 ____D () C:\Users\Sale\Desktop\SP Zrenjanin, razna dokumenta 2014-11-01 22:46 - 2012-09-06 21:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-01 21:28 - 2009-07-14 03:34 - 00000590 _____ () C:\Windows\win.ini 2014-10-31 19:38 - 2009-07-14 06:13 - 00786622 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-30 21:00 - 2012-09-07 12:14 - 00000000 ____D () C:\Users\Sale\AppData\Roaming\Skype 2014-10-30 11:36 - 2014-09-18 23:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak 2014-10-29 18:04 - 2014-03-05 09:06 - 00000000 ___RD () C:\Users\Sale\Desktop\Playeri 2014-10-29 18:04 - 2012-11-04 12:29 - 00000000 ___RD () C:\Users\Sale\Desktop\Internet programi 2014-10-29 18:04 - 2012-11-04 12:28 - 00000000 ___RD () C:\Users\Sale\Desktop\Graficki programi 2014-10-29 18:00 - 2013-05-29 10:03 - 00000000 ____D () C:\Users\Sale\Documents\Fax 2014-10-29 17:44 - 2013-12-02 20:24 - 00000000 ____D () C:\ProgramData\WinZip 2014-10-29 17:41 - 2013-11-07 12:47 - 00000000 ____D () C:\Program Files\iTunes 2014-10-29 17:41 - 2013-11-07 12:47 - 00000000 ____D () C:\Program Files\iPod 2014-10-29 17:41 - 2013-11-07 12:47 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-10-29 17:41 - 2013-09-19 11:56 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-10-29 17:39 - 2012-09-06 21:55 - 00000000 ____D () C:\Users\Sale\AppData\Roaming\Mozilla 2014-10-28 06:34 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-27 20:21 - 2012-09-07 12:14 - 00000000 ____D () C:\ProgramData\Skype 2014-10-23 12:16 - 2013-05-23 12:23 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-10-23 12:15 - 2013-05-23 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-10-23 12:13 - 2013-11-07 12:47 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-10-23 01:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-10-20 22:17 - 2013-09-23 21:14 - 00000000 ____D () C:\Users\Sale\Documents\BitLord 2014-10-20 18:27 - 2013-09-23 21:17 - 00000000 ____D () C:\Users\Sale\AppData\Roaming\BitLord 2014-10-19 18:31 - 2013-06-29 18:25 - 00003480 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2469946165-4281633537-2586476627-1000Core 2014-10-18 22:31 - 2012-09-27 23:36 - 00000000 ____D () C:\Users\Sale\Documents\My LogoDesignStudio Pro 2014-10-17 12:34 - 2012-09-06 22:23 - 00000000 ____D () C:\Windows\ELAMBKUP 2014-10-15 18:42 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-10-15 18:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS 2014-10-15 18:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-10-15 18:31 - 2014-05-07 08:53 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-10-15 18:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS 2014-10-15 18:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-10-15 10:04 - 2012-09-07 00:02 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-10-15 09:23 - 2013-07-13 03:32 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-15 09:11 - 2012-09-07 00:05 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-14 07:32 - 2013-12-23 17:40 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-10-14 07:32 - 2013-12-23 17:39 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-10-08 10:32 - 2014-04-20 07:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-08 10:32 - 2012-12-31 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProShow Producer Files to move or delete: ==================== C:\ProgramData\fontcacheev1.dat Some content of TEMP: ==================== C:\Users\Sale\AppData\Local\Temp\setup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-06 11:36 ==================== End Of Log ============================ https://www.mycity.rs/must-login.png

Profil

argus Poslao: 07 Nov 2014 12:26 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Moras kompletno da reinstaliras Google Chrome 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start Task: {6B482138-0ACC-442A-A270-552C6DCA3758} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe <==== ATTENTION Task: {6B95AB3F-59DC-4C7F-9103-051AFD059677} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION Task: {8DCB4461-497F-4019-AC5F-F9DE44B0F00B} - System32\Tasks\PC Performer Scheduled Scan => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION Task: {911489DC-6E2E-4F09-B460-3A82FC9AFAA7} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION Task: {B587900C-0B7D-411A-868F-35A0FCED1012} - System32\Tasks\DTChk => C:\Users\Public\Util\DTChk.exe [2014-05-06] (Search Results, LLC) <==== ATTENTION Task: {BA638DF1-C83D-4029-8CF9-F095BA353961} - System32\Tasks\PC Performer Logon Scan => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION Task: {C19A106A-A949-4B85-BC77-D20853FC6578} - System32\Tasks\DTReg => C:\Windows\system32\config\systemprofile\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION Task: {D726FD80-2E68-429D-AD03-E3B7B0049BCA} - \SW-Booster-S-792098896 No Task File <==== ATTENTION Task: {E6D8520C-8184-4BDF-93AA-FE4F441BC620} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION Task: C:\Windows\Tasks\SW-Booster-S-792098896.job => c:\programdata\trusted publisher\sw-booster\SW-Booster.exe <==== ATTENTION AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\ProgramData\Temp:A4A25FD3 AlternateDataStreams: C:\ProgramData\Temp:C1C68908 AlternateDataStreams: C:\ProgramData\Temp:F6C0CA66 GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searc-hall.info/?pid=3521&r=2014/11/05&hid=10735638589503141386&lg=EN&cc=RS&unqvl=65 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1410526485&from=amt&uid=HITACHIXHTS547550A9E384_J2150050KG0J3CKG0J3CX HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1410526485&from=amt&uid=HITACHIXHTS547550A9E384_J2150050KG0J3CKG0J3CX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1410526485&from=amt&uid=HITACHIXHTS547550A9E384_J2150050KG0J3CKG0J3CX HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1410526485&from=amt&uid=HITACHIXHTS547550A9E384_J2150050KG0J3CKG0J3CX HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1410526485&from=amt&uid=HITACHIXHTS547550A9E384_J2150050KG0J3CKG0J3CX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1410526485&from=amt&uid=HITACHIXHTS547550A9E384_J2150050KG0J3CKG0J3CX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1410526485&from=amt&uid=HITACHIXHTS547550A9E384_J2150050KG0J3CKG0J3CX HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searc-hall.info/?pid=3521&r=2014/11/05&hid=10735638589503141386&lg=EN&cc=RS&unqvl=65 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1410526485&from=amt&uid=HITACHIXHTS547550A9E384_J2150050KG0J3CKG0J3CX&q={searchTerms} URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-2469946165-4281633537-2586476627-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1410526485&from=amt&uid=HITACHIXHTS547550A9E384_J2150050KG0J3CKG0J3CX&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1410526485&from=amt&uid=HITACHIXHTS547550A9E384_J2150050KG0J3CKG0J3CX&q={searchTerms} SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=114&itype=a&ver=13277&tm=277&src=ds&p={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3521&r=2014/11/05&hid=10735638589503141386&lg=EN&cc=RS&unqvl=65 SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1410526485&from=amt&uid=HITACHIXHTS547550A9E384_J2150050KG0J3CKG0J3CX&q={searchTerms} SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=114&itype=a&ver=13277&tm=277&src=ds&p={searchTerms} SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searc-hall.info/?l=1&q={searchTerms}&pid=3521&r=2014/11/05&hid=10735638589503141386&lg=EN&cc=RS&unqvl=65 SearchScopes: HKCU - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = SearchScopes: HKCU - {2A18FF81-FB2D-4754-8BFE-40F724398B53} URL = http://asksearch.ask.com/redirect?client=ie&src=kw&tb=SGT-V6&itbv=11.8.1.568&o=APN10026&locale=en_EU&apn_uid=790C0869-67F9-4DC6-B7F5-C705C06DE234&apn_ptnrs=^AM3&apn_dtid=^YYYYYY^XJ^RS&apn_dbr=ff_20.0&doi=2013-04-27&q={searchTerms}& SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=114&itype=a&ver=13277&tm=277&src=ds&p={searchTerms} SearchScopes: HKCU - {D09596AC-F059-4700-9EF2-F541928BAC65} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468 SearchScopes: HKCU - {E3EA5796-17E9-4CBC-AA79-9B9E67D3D765} URL = http://www.mysearchresults.com/search?c=3523&t=01&q={searchTerms} SearchScopes: HKCU - {e78375f4-11f2-49bc-a345-15019f00b591} URL = http://www.findamo.com/search.html?&q={searchTerms}&cid=4151ch=2 SearchScopes: HKCU - {F4528B3A-4ADF-4241-96F0-8B8BFEDA144F} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091 BHO: GoSave -> {2c3bf76a-6b87-4438-99ac-b18a15cc9069} -> C:\Program Files (x86)\GoSave\8aVejH4ew79Czm.x64.dll () BHO: YoutubeAdBlocke -> {47a5ad0c-d509-45b5-9920-a2dcc56aebcb} -> C:\Program Files (x86)\YoutubeAdBlocke\nBiyYxJ8t6dnjs.x64.dll () C:\Program Files (x86)\GoSave C:\Program Files (x86)\YoutubeAdBlocke BHO-x32: No Name -> {2c3bf76a-6b87-4438-99ac-b18a15cc9069} -> No File BHO-x32: No Name -> {47a5ad0c-d509-45b5-9920-a2dcc56aebcb} -> No File FF DefaultSearchUrl: hxxp://websearch.searc-hall.info/?pid=3521&r=2014/11/05&hid=10735638589503141386&lg=EN&cc=RS&unqvl=65&l=1&q= FF SearchEngineOrder.1: WebSearch FF SearchEngineOrder.1,S: WebSearch FF SelectedSearchEngine,S: WebSearch FF Keyword.URL: hxxp://websearch.searc-hall.info/?pid=3521&r=2014/11/05&hid=10735638589503141386&lg=EN&cc=RS&unqvl=65&l=1&q= FF SearchPlugin: C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\searchplugins\buenosearch.xml C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\searchplugins\buenosearch.xml FF Extension: GoSave - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\Extensions\Hobtd8@H.com [2014-11-05] FF Extension: YoutubeAdBlocke - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\Extensions\NcUVXitTT@n.net [2014-11-05] C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\Extensions\Hobtd8@H.com C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\Extensions\NcUVXitTT@n.net FF Extension: Lost Friends Notifier - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\Extensions\jid1-s0hS918atYzRdw@jetpack.xpi [2014-10-30] C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\ajdtlbur.default-1400141415692\Extensions\jid1-s0hS918atYzRdw@jetpack.xpi CHR DefaultSearchKeyword: Default -> 1293CFC8D7878E2CBD95C2D9C72083DC57271F308E85A916E8ABEC74F1837448 CHR DefaultSearchURL: Default -> 4A6753BE5369F964C2490838FA89D1F83C626A405D7E6585105051C5621E8F3F CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Sale\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-08-26] C:\Users\Sale\AppData\Local\CRE C:\ProgramData\GoSave C:\Program Files (x86)\GoSave C:\ProgramData\fontcacheev1.dat Emptytemp: End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. ======================= Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

Profil

goust Poslao: 07 Nov 2014 14:17 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: 1. Reinstalirao Google Chrome 2. Iskopirao i na desktop kao .txt sacuvao fixlist.txt 3. Preskenirao FRST/FRST64-om i Fix-irao https://www.mycity.rs/must-login.png 4. Preskenirao i ocistio AdwCleaner-om i trazio je restart evo tog Notepada: https://www.mycity.rs/must-login.png Za sad ne primecujem da se odvratni pop-up pojavljuje opet.

Profil

argus Poslao: 07 Nov 2014 14:19 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To je ta prica • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

goust Poslao: 07 Nov 2014 14:57 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jedno jos pitanje, ako moze i ako imas odgovor. Mozda znas gde se ovo zapatilo, cisto da pazim cega treba da se cuvam?

Profil

argus Poslao: 07 Nov 2014 15:00 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 07 Nov 2014 14:59 Instalirao si tu extenziju, kako i kad ne bih znao. Pun je net takvih problema ako ti je tako lakse Dopuna: 07 Nov 2014 15:00 Nije nista opasno koliko je iritirajuce.

Profil

goust Poslao: 07 Nov 2014 15:01 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! I naravno, VELIKO; VELIKO HVALA!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » aal.coumpatch.com popup problem

Ko je trenutno na forumu

Ukupno su 1149 korisnika na forumu :: 29 registrovanih, 4 sakrivenih i 1116 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., babaroga, bbogdan, bokisha253, Brana01, Dimitrije Paunovic, djuradj, DPera, Duh sa sekirom, ffbikersar, hvost, ILGromovnik, jukeboxer, MB120mm, mercedesamg, mikrimaus, mnn2, Motocar, nenad81, nextyamb, nikoladim, novator, Primus17, proka89, Romibrat, ruma, stankolich, tubular, voja64

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by