Reset kompa i autopico daily restart

Reset kompa i autopico daily restart

offline
  • Pridružio: 28 Feb 2009
  • Poruke: 190
  • Gde živiš: Beograd

Od pre dan, dva komp se sam resetuje i tako vise puta dok je upaljen.
MBAM je pronasao vise stvari i prebacio u karantin izmedju ostalog i neki autopico daily restart.
Koristio sam i UnKackMe i on je odradio posao.
Medjutim nakon ciscenja ponovo krece problem restetovanja.

Evo izvestaja FIRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-10-2015 01
Ran by lanmilan (administrator) on LANMI (23-10-2015 18:16:43)
Running from C:\Users\lanmilan\Desktop
Loaded Profiles: lanmilan (Available Profiles: lanmilan & Guest)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(PornTime) C:\Users\lanmilan\AppData\Roaming\PT\updater.exe
(TeamViewer GmbH) C:\Users\Public\temp\TeamViewer\TeamViewer_Service.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-25] (AVAST Software)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKU\S-1-5-21-3318695099-3213434911-3798809956-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3318695099-3213434911-3798809956-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-11] (AVAST Software)
Startup: C:\Users\lanmilan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2015-10-23]
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\lanmilan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar733.lnk [2015-10-23]
ShortcutTarget: Sidebar733.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
BootExecute: autocheck autochk * Partizan

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C7CA8F6A-45AC-4C20-98C8-2E85F4104A01}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3318695099-3213434911-3798809956-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\5khn7kk6.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: google.rs
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-21] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-21] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> E:\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\5khn7kk6.default\searchplugins\firefox-add-ons.xml [2015-08-17]
FF Extension: Easy Screenshot - C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\5khn7kk6.default\Extensions\easyscreenshot@mozillaonline.com [2015-08-17]
FF Extension: Qualys BrowserCheck - C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\5khn7kk6.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2015-10-21] [not signed]
FF Extension: anonymoX - C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\5khn7kk6.default\Extensions\client@anonymox.net.xpi [2015-09-29]
FF Extension: Facebook Color Changer - C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\5khn7kk6.default\Extensions\jid0-Eyur3vR97jbHklhdHVBnn9OBILU@jetpack.xpi [2015-08-17]
FF Extension: YouTube™ AdBlock - C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\5khn7kk6.default\Extensions\jid1-w4wG5nJhx4LJZr@jetpack.xpi [2015-09-27]
FF Extension: Adblock Plus - C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\5khn7kk6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: ADB Helper - C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\0fzyovf3.dev-edition-default\Extensions\adbhelper@mozilla.org [2015-10-22]
FF Extension: Easy Screenshot - C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\0fzyovf3.dev-edition-default\Extensions\easyscreenshot@mozillaonline.com [2015-09-27]
FF Extension: Valence - C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\0fzyovf3.dev-edition-default\Extensions\fxdevtools-adapters@mozilla.org [2015-10-22]
FF Extension: ChatZilla - C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\0fzyovf3.dev-edition-default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2015-09-28]
FF Extension: anonymoX - C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\0fzyovf3.dev-edition-default\Extensions\client@anonymox.net.xpi [2015-09-28]
FF Extension: AdBlock for YouTube™ - C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\0fzyovf3.dev-edition-default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2015-10-07]
FF Extension: Adblock Plus - C:\Users\lanmilan\AppData\Roaming\Mozilla\Firefox\Profiles\0fzyovf3.dev-edition-default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-11] [not signed]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://google.rs/
CHR StartupUrls: Default -> "hxxp://www.google.rs/"
CHR Profile: C:\Users\lanmilan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\lanmilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-11]
CHR Extension: (Google Docs) - C:\Users\lanmilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-11]
CHR Extension: (Google Drive) - C:\Users\lanmilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\lanmilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\lanmilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-24]
CHR Extension: (Google Search) - C:\Users\lanmilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-11]
CHR Extension: (Google Sheets) - C:\Users\lanmilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-11]
CHR Extension: (Google Docs Offline) - C:\Users\lanmilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-24]
CHR Extension: (AdBlock) - C:\Users\lanmilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-16]
CHR Extension: (Avast Online Security) - C:\Users\lanmilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lanmilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-11]
CHR Extension: (Gmail) - C:\Users\lanmilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-11] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-11] (Avast Software)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 (film-za-odrasle)-Time Updater; C:\Users\lanmilan\AppData\Roaming\PT\updater.exe [165888 2015-06-15] (PornTime) [File not signed]
R2 TeamViewer; C:\Users\Public\temp\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-07-17] (Popcorn Time) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-11] (AVAST Software)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-11] (AVAST Software)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2015-10-23] (Greatis Software)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-11] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S2 NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-23 18:16 - 2015-10-23 18:17 - 00014953 _____ C:\Users\lanmilan\Desktop\FRST.txt
2015-10-23 18:16 - 2015-10-23 18:16 - 00000000 ____D C:\FRST
2015-10-23 18:15 - 2015-10-23 18:15 - 02196480 _____ (Farbar) C:\Users\lanmilan\Desktop\FRST64.exe
2015-10-23 17:24 - 2015-10-23 17:24 - 03802952 _____ (Reason Software Company Inc.) C:\Users\lanmilan\Downloads\reason-core-security-setup.exe
2015-10-23 08:04 - 2015-10-23 18:12 - 00000252 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
2015-10-23 08:04 - 2015-10-23 08:04 - 00000000 ____D C:\@RestoreQuarantine
2015-10-23 08:01 - 2015-10-23 08:01 - 00001042 _____ C:\Users\lanmilan\Desktop\555.txt
2015-10-23 08:00 - 2015-10-23 08:01 - 00000080 _____ C:\Users\Public\Desktop\mIRC VxD $¢ri_+ 8.lnk
2015-10-23 08:00 - 2015-10-23 08:00 - 00000080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\mIRC VxD $¢ri_+ 8.lnk
2015-10-23 07:58 - 2015-10-23 17:40 - 00000000 ____D C:\ProgramData\RegRun
2015-10-23 07:57 - 2015-10-23 07:57 - 00040304 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2015-10-23 07:56 - 2015-10-23 17:42 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2015-10-23 07:56 - 2015-10-23 17:42 - 00000000 ____D C:\Users\lanmilan\Documents\RegRun2
2015-10-23 07:56 - 2015-10-23 17:12 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2015-10-23 07:56 - 2015-10-23 08:00 - 00001023 _____ C:\Users\lanmilan\Desktop\UnHackMe.lnk
2015-10-23 07:56 - 2015-10-23 07:56 - 00003324 _____ C:\Windows\System32\Tasks\UnHackMe Task Scheduler
2015-10-23 07:56 - 2015-10-23 07:56 - 00000002 RSHOT C:\Windows\winstart.bat
2015-10-23 07:56 - 2015-10-23 07:56 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2015-10-23 07:56 - 2015-10-23 07:56 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2015-10-23 07:56 - 2015-10-23 07:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2015-10-23 07:56 - 2015-10-09 14:02 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
2015-10-23 07:56 - 2015-09-17 13:47 - 00047920 _____ (Greatis Software) C:\Windows\system32\partizan.exe
2015-10-23 07:55 - 2015-10-23 07:55 - 20288793 _____ C:\Users\lanmilan\Downloads\unhackme.zip
2015-10-23 07:44 - 2015-10-23 17:47 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-23 07:44 - 2015-10-23 08:01 - 00001112 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-23 07:44 - 2015-10-23 07:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-23 07:44 - 2015-10-23 07:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-23 07:44 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-23 07:44 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-23 07:44 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-23 07:43 - 2015-10-23 07:43 - 22908888 _____ (Malwarebytes ) C:\Users\lanmilan\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-22 19:45 - 2015-10-23 08:00 - 00001426 _____ C:\Users\lanmilan\Desktop\Professional Script v.5.lnk
2015-10-22 19:45 - 2015-10-22 19:45 - 00001426 _____ C:\Users\Guest\Desktop\Professional Script v.5.lnk
2015-10-22 19:45 - 2015-10-22 19:45 - 00000000 ____D C:\Users\lanmilan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Professional Script v.5
2015-10-22 19:45 - 2015-10-22 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Professional Script v.5
2015-10-22 19:44 - 2015-10-22 19:44 - 09486080 _____ () C:\Users\lanmilan\Downloads\PScript.exe
2015-10-22 19:40 - 2015-08-10 19:10 - 00371518 _____ C:\Users\lanmilan\Desktop\bookmarks.html
2015-10-22 19:22 - 2015-10-23 08:00 - 00001516 _____ C:\Users\lanmilan\Desktop\firefox - Shortcut.lnk
2015-10-22 19:10 - 2015-10-22 19:10 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-10-22 19:06 - 2015-10-13 00:54 - 00000494 _____ C:\Users\lanmilan\Desktop\blocker
2015-10-22 18:32 - 2015-10-23 08:01 - 00000984 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2015-10-22 18:32 - 2015-10-22 18:32 - 01199856 _____ ( ) C:\Users\lanmilan\Downloads\hwmonitor_1.28.exe
2015-10-22 18:32 - 2015-10-22 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-10-22 18:32 - 2015-10-22 18:32 - 00000000 ____D C:\Program Files\CPUID
2015-10-22 16:47 - 2015-10-22 18:10 - 00000000 ____D C:\Program Files\Firefox Developer Edition
2015-10-21 19:06 - 2015-10-22 16:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-17 22:39 - 2015-10-17 22:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-10-14 23:42 - 2015-09-19 05:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-14 23:42 - 2015-09-18 15:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-14 23:42 - 2015-09-18 15:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 23:42 - 2015-09-18 15:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-14 23:42 - 2015-09-18 15:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-14 23:42 - 2015-09-18 15:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-14 23:42 - 2015-09-18 15:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-13 20:58 - 2015-09-29 14:31 - 07457624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-13 20:58 - 2015-09-29 14:31 - 01658536 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-13 20:58 - 2015-09-29 14:31 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-13 20:58 - 2015-09-29 14:31 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-13 20:58 - 2015-09-29 14:31 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-13 20:58 - 2015-09-24 19:51 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2015-10-13 20:58 - 2015-09-24 19:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2015-10-13 20:58 - 2015-09-24 19:30 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2015-10-13 20:58 - 2015-09-24 18:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2015-10-13 20:58 - 2015-09-24 18:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-10-13 20:58 - 2015-09-10 20:02 - 25851392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-13 20:58 - 2015-09-10 19:09 - 20358144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-13 20:58 - 2015-08-27 04:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-13 20:58 - 2015-08-27 04:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-13 20:58 - 2015-08-07 23:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-13 20:58 - 2015-08-07 23:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-13 20:58 - 2015-08-07 23:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-13 20:58 - 2015-08-07 23:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-13 20:58 - 2015-08-07 23:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-13 20:58 - 2015-08-07 16:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-13 20:58 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-10-13 20:58 - 2015-08-06 18:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-13 20:58 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-10-13 20:58 - 2015-08-06 18:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-10-13 20:57 - 2015-09-29 14:29 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-13 20:57 - 2015-09-28 20:45 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-13 20:57 - 2015-09-28 20:26 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-10-13 20:57 - 2015-09-28 20:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-13 20:57 - 2015-09-28 20:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-13 20:57 - 2015-09-28 20:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-13 20:57 - 2015-09-28 20:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-13 20:57 - 2015-09-28 20:22 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-13 20:57 - 2015-09-28 20:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-13 20:57 - 2015-09-28 20:15 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-13 20:57 - 2015-09-28 20:13 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-13 20:57 - 2015-09-28 20:12 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-13 20:57 - 2015-09-10 19:19 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-13 20:57 - 2015-09-10 19:18 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-13 20:57 - 2015-09-10 19:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-13 20:57 - 2015-09-10 19:14 - 05990400 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-13 20:57 - 2015-09-10 19:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-13 20:57 - 2015-09-10 19:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-13 20:57 - 2015-09-10 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-13 20:57 - 2015-09-10 18:39 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-13 20:57 - 2015-09-10 18:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-13 20:57 - 2015-09-10 18:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-13 20:57 - 2015-09-10 18:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-13 20:57 - 2015-09-10 18:33 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-13 20:57 - 2015-09-10 18:28 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-10-13 20:57 - 2015-09-10 18:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-13 20:57 - 2015-09-10 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-13 20:57 - 2015-09-10 18:24 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-13 20:57 - 2015-09-10 18:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-13 20:57 - 2015-09-10 18:19 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-13 20:57 - 2015-09-10 18:19 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-13 20:57 - 2015-09-10 18:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-13 20:57 - 2015-09-10 18:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-13 20:57 - 2015-09-10 18:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-13 20:57 - 2015-09-10 18:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-13 20:57 - 2015-09-10 18:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-13 20:57 - 2015-09-10 18:02 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-13 20:57 - 2015-09-10 18:01 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-10-13 20:57 - 2015-09-10 18:00 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-13 20:57 - 2015-09-10 17:57 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-13 20:57 - 2015-09-10 17:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-13 20:57 - 2015-09-10 17:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-13 20:57 - 2015-09-10 17:55 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-13 20:57 - 2015-09-10 17:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-13 20:57 - 2015-09-10 17:45 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-13 20:57 - 2015-09-10 17:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 20:57 - 2015-09-10 17:31 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-13 20:57 - 2015-09-10 17:27 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-13 20:57 - 2015-09-10 17:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 20:57 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 20:57 - 2015-07-16 20:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2015-10-13 08:26 - 2015-10-13 08:26 - 00000841 _____ C:\Users\lanmilan\Desktop\pvt.txt
2015-10-10 18:33 - 2015-10-10 18:34 - 00000000 ____D C:\Users\Guest\AppData\LocalLow\Mozilla
2015-10-09 21:20 - 2015-10-09 21:21 - 00001908 _____ C:\Windows\diagwrn.xml
2015-10-09 21:20 - 2015-10-09 21:21 - 00001908 _____ C:\Windows\diagerr.xml
2015-10-09 21:20 - 2015-10-09 21:20 - 00000000 ___HD C:\$WINDOWS.~BT
2015-10-09 20:42 - 2015-10-09 20:42 - 00000000 ____D C:\Users\lanmilan\AppData\LocalLow\uTorrent
2015-10-09 20:00 - 2015-10-09 20:26 - 00000000 ____D C:\Users\lanmilan\Desktop\Windows Vista Ultimate SP2 (32 Bit)
2015-10-08 18:07 - 2015-10-08 18:07 - 00000000 ____D C:\Users\lanmilan\.android
2015-10-07 19:14 - 2015-10-07 19:14 - 00000000 ____D C:\Users\lanmilan\AppData\Local\Viber
2015-10-07 19:14 - 2015-10-07 19:14 - 00000000 ____D C:\Users\lanmilan\.ViberPC
2015-10-07 19:14 - 2015-10-07 19:14 - 00000000 ____D C:\Users\lanmilan\.QtWebEngineProcess
2015-10-06 21:19 - 2015-10-06 21:25 - 00000000 ____D C:\Users\Guest\AppData\Local\Mozilla
2015-10-06 21:19 - 2015-10-06 21:19 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Mozilla
2015-10-05 19:41 - 2015-10-23 18:08 - 00000000 ____D C:\Program Files\Nightly
2015-10-05 17:35 - 2015-10-23 18:07 - 00000000 ____D C:\Users\lanmilan\AppData\LocalLow\Mozilla
2015-10-05 17:34 - 2015-10-05 17:34 - 46457264 _____ C:\Users\lanmilan\Downloads\firefox-44.0a1.en-US.win64.installer.exe
2015-10-05 08:20 - 2015-10-05 08:20 - 00001564 _____ C:\Users\lanmilan\Desktop\rrrrr.txt
2015-10-04 17:18 - 2015-10-04 17:18 - 00093183 _____ C:\Users\lanmilan\Downloads\popups.zip
2015-10-04 16:28 - 2015-10-04 16:28 - 00000223 _____ C:\Users\lanmilan\Downloads\clonescanner.zip
2015-10-04 12:11 - 2015-10-04 12:11 - 00000565 _____ C:\Users\Public\Desktop\mIRC VxÐ $¢®iþ† 8.lnk
2015-10-04 12:11 - 2015-10-04 12:11 - 00000565 _____ C:\ProgramData\Microsoft\Windows\Start Menu\mIRC VxÐ $¢®iþ† 8.lnk
2015-10-04 12:11 - 2015-10-04 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC VxÐ $¢®iþ† 8
2015-10-04 12:08 - 2015-10-04 12:09 - 08593051 _____ C:\Users\lanmilan\Downloads\NECR0N8.rar
2015-09-30 00:05 - 2015-10-23 08:00 - 00001453 _____ C:\Users\lanmilan\Desktop\Port Forward Network Utilities.lnk
2015-09-30 00:05 - 2015-09-30 00:05 - 00000000 ____D C:\Users\lanmilan\AppData\Roaming\PortForward.com
2015-09-30 00:05 - 2015-09-30 00:05 - 00000000 ____D C:\Users\lanmilan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com
2015-09-30 00:05 - 2015-09-30 00:05 - 00000000 ____D C:\Program Files (x86)\Portforward.com
2015-09-30 00:04 - 2015-09-30 00:04 - 01670800 _____ C:\Users\lanmilan\Downloads\setup-network-utilities.exe
2015-09-29 17:44 - 2015-09-29 17:44 - 00000000 ____D C:\Users\Guest\AppData\Roaming\AVAST Software
2015-09-29 17:44 - 2015-09-29 17:44 - 00000000 ____D C:\Users\Guest\AppData\Roaming\ATI
2015-09-29 17:44 - 2015-09-29 17:44 - 00000000 ____D C:\Users\Guest\AppData\Local\ATI
2015-09-29 17:43 - 2015-09-29 17:44 - 00002275 _____ C:\Users\Guest\Desktop\Google Chrome.lnk
2015-09-29 17:43 - 2015-09-29 17:43 - 00001442 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-29 17:43 - 2015-09-29 17:43 - 00000020 ___SH C:\Users\Guest\ntuser.ini
2015-09-29 17:43 - 2015-09-29 17:43 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Adobe
2015-09-29 17:43 - 2015-09-29 17:43 - 00000000 ____D C:\Users\Guest\AppData\Local\VirtualStore
2015-09-29 17:43 - 2015-09-29 17:43 - 00000000 ____D C:\Users\Guest\AppData\Local\Packages
2015-09-29 17:43 - 2015-09-29 17:43 - 00000000 ____D C:\Users\Guest\AppData\Local\Google
2015-09-29 17:43 - 2015-09-29 17:43 - 00000000 ____D C:\Users\Guest
2015-09-29 17:43 - 2015-08-19 20:00 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-29 17:43 - 2015-08-19 20:00 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-29 17:43 - 2015-08-15 10:16 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-29 17:43 - 2014-02-22 06:37 - 00000369 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-09-29 17:43 - 2014-02-22 06:37 - 00000369 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-09-29 17:43 - 2013-08-22 17:36 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-28 22:37 - 2015-09-28 22:50 - 00000000 ____D C:\Program Files (x86)\Professional §©®ÎÞt v.2
2015-09-28 22:37 - 2015-09-28 22:37 - 00002046 _____ C:\Users\lanmilan\Desktop\Professional §©®ÎÞt v.2.lnk
2015-09-28 22:37 - 2015-09-28 22:37 - 00000000 ____D C:\Users\lanmilan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Professional §©®ÎÞt v.2
2015-09-28 22:37 - 2015-09-28 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Professional §©®ÎÞt v.2
2015-09-28 22:36 - 2015-09-28 22:36 - 07997181 _____ C:\Users\lanmilan\Downloads\Professional_Script_v_2.zip
2015-09-28 08:31 - 2015-09-28 08:31 - 00000032 _____ C:\Users\lanmilan\Desktop\ddd.txt
2015-09-27 18:57 - 2015-10-23 08:01 - 00001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2015-09-27 18:49 - 2015-09-27 18:51 - 45856440 _____ C:\Users\lanmilan\Downloads\firefox-43.0a2.en-US.win64.installer.exe
2015-09-27 18:45 - 2015-09-27 18:45 - 19032798 _____ (Mozilla) C:\Users\lanmilan\Downloads\firefox-14.0a1.en-US.win64-x86_64.installer.exe
2015-09-27 14:20 - 2015-09-27 14:20 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2015-09-26 23:31 - 2015-09-27 12:52 - 00024064 ___SH C:\Users\lanmilan\Downloads\Thumbs.db
2015-09-24 15:41 - 2015-09-24 15:41 - 00000426 _____ C:\Users\lanmilan\Desktop\Router Settings.txt
2015-09-24 14:41 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-24 14:41 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-24 14:41 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-24 14:41 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-24 14:41 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-24 14:41 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-24 14:40 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-24 14:40 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-24 14:40 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-24 14:40 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-24 14:40 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-24 14:40 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-24 14:40 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-24 14:40 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-24 14:40 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-24 14:40 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-24 14:40 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-24 14:40 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-24 14:40 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-24 14:39 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-24 14:39 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-24 14:39 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-24 14:39 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-24 14:39 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-24 14:39 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-24 14:39 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-24 14:39 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-23 18:17 - 2015-08-11 10:30 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3318695099-3213434911-3798809956-1001
2015-10-23 18:13 - 2015-08-11 10:47 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-23 18:12 - 2015-08-11 10:23 - 00000000 ____D C:\Users\lanmilan
2015-10-23 18:12 - 2013-08-22 16:46 - 00013914 _____ C:\Windows\setupact.log
2015-10-23 18:12 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-23 18:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-10-23 17:53 - 2015-08-11 10:29 - 00818732 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-23 17:36 - 2015-08-11 10:47 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-23 17:15 - 2015-08-11 10:32 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{31F3BEAE-F1D5-4B9F-B257-BCBF6267FBCB}
2015-10-23 17:15 - 2015-08-11 10:19 - 01296588 _____ C:\Windows\WindowsUpdate.log
2015-10-23 17:12 - 2015-08-11 10:51 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-23 17:11 - 2015-08-11 18:28 - 00077802 _____ C:\Windows\PFRO.log
2015-10-23 08:01 - 2015-08-19 19:39 - 00001650 _____ C:\Users\Public\Desktop\Logitech Webcam Software .lnk
2015-10-23 08:01 - 2015-08-19 17:29 - 00001044 _____ C:\Users\lanmilan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
2015-10-23 08:01 - 2015-08-19 13:55 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-23 08:01 - 2015-08-19 13:23 - 00000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-10-23 08:01 - 2015-08-19 13:19 - 00000670 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-10-23 08:01 - 2015-08-19 13:19 - 00000616 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-10-23 08:01 - 2015-08-11 10:35 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-23 08:01 - 2015-08-11 10:24 - 00001422 _____ C:\Users\lanmilan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-23 08:00 - 2015-08-19 13:40 - 00000682 _____ C:\Users\lanmilan\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2015-10-23 08:00 - 2015-08-11 11:09 - 00003019 _____ C:\Users\lanmilan\Desktop\Microsoft Word 2010.lnk
2015-10-23 07:44 - 2015-08-11 11:10 - 00000000 ____D C:\PScript5
2015-10-22 18:10 - 2015-08-11 10:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-22 16:48 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-10-21 19:08 - 2015-08-11 10:38 - 00000000 ____D C:\Users\lanmilan\AppData\Local\Adobe
2015-10-21 07:19 - 2015-08-11 11:46 - 00000000 ____D C:\Users\lanmilan\AppData\Roaming\Skype
2015-10-20 22:10 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-20 20:46 - 2015-08-17 19:42 - 00007606 _____ C:\Users\lanmilan\AppData\Local\Resmon.ResmonCfg
2015-10-17 22:33 - 2015-08-19 17:29 - 00000000 ____D C:\Users\lanmilan\AppData\Roaming\ViberPC
2015-10-16 06:51 - 2015-08-17 11:49 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-16 06:51 - 2015-08-17 11:49 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 19:44 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-10-15 18:06 - 2015-08-15 10:16 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 18:06 - 2015-08-15 10:16 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-15 00:03 - 2015-08-19 13:56 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-14 18:06 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-10-14 08:49 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-14 08:48 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-10-13 21:22 - 2015-08-13 03:06 - 00000000 ____D C:\Windows\system32\MRT
2015-10-13 21:16 - 2015-08-13 03:06 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-13 00:28 - 2015-08-11 11:46 - 00000000 ____D C:\ProgramData\Skype
2015-10-09 21:39 - 2015-08-19 12:14 - 00000000 ____D C:\Users\lanmilan\AppData\Roaming\uTorrent
2015-10-09 21:20 - 2013-08-22 16:46 - 00000000 _____ C:\Windows\setuperr.log
2015-10-06 06:55 - 2015-08-15 10:16 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-06 04:53 - 2015-08-15 10:16 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-03 10:52 - 2015-08-11 10:47 - 00000000 ____D C:\Users\lanmilan\AppData\Local\Google
2015-09-28 18:07 - 2015-08-11 11:42 - 00697856 ___SH C:\Users\lanmilan\Desktop\Thumbs.db
2015-09-27 19:32 - 2015-08-21 13:01 - 00000000 ____D C:\Users\lanmilan\Desktop\Intervjui GS
2015-09-25 17:31 - 2013-08-22 16:44 - 00481864 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-25 08:28 - 2013-08-22 21:11 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-25 08:28 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-25 06:08 - 2015-08-17 13:27 - 00000000 ____D C:\Program Files (x86)\Popcorn Time
2015-09-24 14:31 - 2015-08-11 10:47 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-24 14:31 - 2015-08-11 10:47 - 00003654 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2015-08-17 19:42 - 2015-10-20 20:46 - 0007606 _____ () C:\Users\lanmilan\AppData\Local\Resmon.ResmonCfg
2015-08-19 14:25 - 2015-08-19 14:41 - 0000700 ___SH () C:\Users\lanmilan\AppData\Local\systemFL7.dat
2015-10-22 19:10 - 2015-10-22 19:10 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Some files in TEMP:
====================
C:\Users\lanmilan\AppData\Local\Temp\ExPromo.exe
C:\Users\lanmilan\AppData\Local\Temp\ose00000.exe
C:\Users\lanmilan\AppData\Local\Temp\setup_105B.exe
C:\Users\lanmilan\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-23 04:56

==================== End of FRST.txt ============================

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Čist si što se malwarea i adwarea tiče. Provjeri ispravnost hardvera.

Ko je trenutno na forumu
 

Ukupno su 1369 korisnika na forumu :: 27 registrovanih, 4 sakrivenih i 1338 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Alibaba1981, aramis s, bestguarder, Bobrock1, croato, Djokislav, FileFinder, GandorCC, Georgius, hyla, jackreacher011011, janbo, Koca Popovic, ladro, laki_bb, M1los, Mi lao shu, Milometer, Oscar, Parker, stegonosa, vathra, Volkhov-M, vukdra, W123, zlaya011, zzapNDjuric99