MyCity » Ambulanta -> Arhiva Ambulante » Pomoc

Pomoc

Napisano na dan: 26.4.2019

Pomoc

Odgovori

alex1974 Poslao: 26 Apr 2019 16:10 Idi na vrh
offline alex1974 Građanin Pridružio: 28 Nov 2009 Poruke: 145	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Malo pre mi je uleteo neki virus koji je sve extenzije preimenovao u "EJUDQNNJTY" evo i slike obavestenja koje mi se nalazi u svakom folderu. Probao sam Malwarebytes ali nista. Zarazeni su fajlovi na oba HDD-a. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015 Ran by abcd (administrator) on ABC (26-04-2019 17:05:54) Running from C:\Users\abcd\Desktop Loaded Profiles: abcd (Available Profiles: abcd) Platform: Windows 8.1 Pro (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Nero AG) C:\Program Files (x86)\Nero\Nero 2019\Nero BackItUp\NBService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe () C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\ACDSeeCommanderUltimate9.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-265419222-215988636-1602561688-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [4411488 2014-03-16] () HKU\S-1-5-21-265419222-215988636-1602561688-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-265419222-215988636-1602561688-1001\...\Run: [OscarEditor] => C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [3345408 2012-08-17] () HKU\S-1-5-21-265419222-215988636-1602561688-1001\...\Run: [ACDSeeCommanderUltimate9] => C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\ACDSeeCommanderUltimate9.exe [3143352 2018-02-04] () HKU\S-1-5-21-265419222-215988636-1602561688-1001\...\MountPoints2: {5ebccc4b-1b1d-11e8-8271-e81fe5428423} - "F:\Lenovo_Suite.exe" HKU\S-1-5-21-265419222-215988636-1602561688-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => No File ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => No File ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => No File ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => No File ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => No File Startup: C:\Users\abcd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sbbuduai.lnk [2019-04-26] ShortcutTarget: sbbuduai.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2018-02-04] ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2018-02-04] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\Parameters: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{9A5D0149-C4E1-40E9-BD38-1BE50169F07A}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{9A5D0149-C4E1-40E9-BD38-1BE50169F07A}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{BB78AF2B-D070-41BC-8A3C-D5C55B749498}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{BB78AF2B-D070-41BC-8A3C-D5C55B749498}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 8.8.8.8 Internet Explorer: ================== HKU\S-1-5-21-265419222-215988636-1602561688-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10438__180719__yaie SearchScopes: HKU\S-1-5-21-265419222-215988636-1602561688-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10438__180719__yaie&p={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-21] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-21] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-21] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-21] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\abcd\AppData\Roaming\Mozilla\Firefox\Profiles\lkcclznq.default FF Homepage: about:blank FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-16] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-16] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-06] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-02-06] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-02-06] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google LLC) Chrome: ======= CHR Profile: C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Slides) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-11] CHR Extension: (Docs) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-11] CHR Extension: (Google Drive) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-11] CHR Extension: (YouTube) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-11] CHR Extension: (Sheets) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-11] CHR Extension: (Google Docs Offline) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-12] CHR Extension: (Chrome Web Store Payments) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-11] CHR Extension: (Gmail) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-11] CHR Extension: (Chrome Media Router) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-05] Opera: ======= StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11082536 2019-04-16] (Microsoft Corporation) S2 Crypkey License; C:\WINDOWS\system32\crypserv.exe [126976 2010-03-18] (CrypKey (Canada) Ltd.) [File not signed] S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe [1268720 2019-04-04] (Google Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes) R2 NeroBackItUpBackgroundService2019; C:\Program Files (x86)\Nero\Nero 2019\Nero BackItUp\NBService.exe [287000 2018-08-07] (Nero AG) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [767368 2019-02-06] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [798976 2019-02-08] (NVIDIA Corporation) R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-20] (Stardock Software, Inc) S2 symsrv; C:\Program Files\windows nt\symsrv.exe [145168 2019-04-26] (Microsoft Corporation) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (TuneUp Software) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2018-02-18] (Disc Soft Ltd) R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2018-02-17] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-04-26] (Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-04-26] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-04-26] (Malwarebytes) R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-26] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [114040 2019-04-26] (Malwarebytes) R1 NetworkX; C:\Windows\system32\ckldrv.sys [30272 2010-03-19] () S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation) S3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation) S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2018-02-18] (Duplex Secure Ltd.) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-03-26] (TuneUp Software) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-11-04] (CyberLink Corp.) S1 hvbceyok; \??\C:\WINDOWS\system32\drivers\hvbceyok.sys [X] S1 mszuahbj; \??\C:\WINDOWS\system32\drivers\mszuahbj.sys [X] S1 oohrublp; \??\C:\WINDOWS\system32\drivers\oohrublp.sys [X] S1 rwmvgajt; \??\C:\WINDOWS\system32\drivers\rwmvgajt.sys [X] S1 tasxgakb; \??\C:\WINDOWS\system32\drivers\tasxgakb.sys [X] S1 uulcgisc; \??\C:\WINDOWS\system32\drivers\uulcgisc.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-04-26 17:02 - 2019-04-26 17:02 - 00013590 _____ C:\Users\abcd\Desktop\Addition.txt 2019-04-26 17:01 - 2019-04-26 17:05 - 00017866 _____ C:\Users\abcd\Desktop\FRST.txt 2019-04-26 17:01 - 2019-04-26 17:05 - 00000000 ____D C:\FRST 2019-04-26 16:50 - 2019-04-26 16:50 - 00127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2019-04-26 16:50 - 2019-04-26 16:50 - 00114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2019-04-26 16:50 - 2019-04-26 16:50 - 00073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2019-04-26 16:47 - 2019-04-26 16:47 - 00319024 _____ C:\active_protection.txt 2019-04-26 16:47 - 2019-04-26 16:47 - 00035928 _____ C:\url_setting_definitions.txt 2019-04-26 16:40 - 2019-04-26 16:40 - 00001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-04-26 16:40 - 2019-04-26 16:40 - 00000000 ____D C:\Users\abcd\AppData\Local\mbamtray 2019-04-26 16:40 - 2019-04-26 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-04-26 16:40 - 2019-01-08 16:32 - 00153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-04-26 16:27 - 2019-04-26 16:49 - 00000000 ____D C:\Program Files\Reimage 2019-04-26 16:27 - 2019-04-26 16:47 - 00000000 ____D C:\rei 2019-04-26 16:21 - 2019-04-26 16:22 - 00000335 _____ C:\local.conf 2019-04-26 16:10 - 2019-04-26 16:10 - 00000020 ___SH C:\Users\abcd\ntuser.ini 2019-04-26 16:09 - 2019-04-26 16:09 - 00000000 _____ C:\Users\abcd\Desktop\01.01.17.txt 2019-04-26 15:22 - 2019-04-26 15:22 - 00008690 _____ C:\Users\Public\EJUDQNNJTY-MANUAL.txt 2019-04-26 15:22 - 2019-04-26 15:22 - 00008690 _____ C:\Users\Public\Downloads\EJUDQNNJTY-MANUAL.txt 2019-04-26 15:22 - 2019-04-26 15:22 - 00008690 _____ C:\Users\Public\Documents\EJUDQNNJTY-MANUAL.txt 2019-04-26 15:22 - 2019-04-26 15:22 - 00008690 _____ C:\Users\abcd\AppData\Roaming\Microsoft\Windows\Start Menu\EJUDQNNJTY-MANUAL.txt 2019-04-26 15:21 - 2019-04-26 15:21 - 00008690 _____ C:\Users\abcd\Downloads\EJUDQNNJTY-MANUAL.txt 2019-04-26 15:21 - 2019-04-26 15:21 - 00008690 _____ C:\Users\abcd\Documents\EJUDQNNJTY-MANUAL.txt 2019-04-26 15:16 - 2019-04-26 15:16 - 00008690 _____ C:\Users\abcd\Desktop\EJUDQNNJTY-MANUAL.txt 2019-04-26 15:12 - 2019-04-26 15:12 - 00008690 _____ C:\Users\abcd\EJUDQNNJTY-MANUAL.txt 2019-04-26 15:12 - 2019-04-26 15:12 - 00008690 _____ C:\Users\abcd\AppData\Roaming\EJUDQNNJTY-MANUAL.txt 2019-04-26 15:12 - 2019-04-26 15:12 - 00008690 _____ C:\Users\abcd\AppData\EJUDQNNJTY-MANUAL.txt 2019-04-26 12:56 - 2019-04-26 12:56 - 00003264 _____ C:\WINDOWS\System32\Tasks\KMS_VL_ALL 2019-04-26 12:45 - 2019-04-26 15:12 - 00000000 ____D C:\Users\abcd\AppData\Local\CrashDumps 2019-04-26 11:40 - 2019-04-26 16:40 - 00274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-04-26 11:40 - 2019-04-26 16:40 - 00198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2019-04-26 11:40 - 2019-04-26 16:26 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2019-04-26 11:21 - 2019-04-26 16:39 - 00000000 ____D C:\ProgramData\TEMP 2019-04-26 10:56 - 2019-04-26 16:47 - 00000000 __SHD C:\ProgramData\hsdfb8asdad7sdfbsZYSXa 2019-04-26 10:52 - 2019-04-26 16:47 - 00000000 ____D C:\WINDOWS\SysWOW64\fxyypliv 2019-04-26 10:52 - 2019-04-26 10:52 - 00722944 _____ C:\Users\abcd\AppData\Local\sha.db 2019-04-26 10:52 - 2019-04-26 10:52 - 00140800 _____ C:\Users\abcd\AppData\Local\installer.dat 2019-04-26 10:01 - 2019-04-26 15:20 - 00000000 ____D C:\Users\abcd\Desktop\New folder (4) 2019-04-26 09:25 - 2019-04-26 15:20 - 00000000 ____D C:\Users\abcd\Desktop\Punomoc 2019-04-23 10:02 - 2019-04-26 15:21 - 00000000 ____D C:\Users\abcd\Downloads\Arctic (2018) [BluRay] [1080p] [YTS.AM] 2019-04-23 10:01 - 2019-04-26 15:16 - 00000000 ____D C:\Users\abcd\Desktop\Arctic 2019-04-22 07:23 - 2019-04-26 15:21 - 00000000 ____D C:\Users\abcd\Downloads\Game.of.Thrones.S08E02.WEBRip.x264-ION10 2019-04-17 14:58 - 2019-04-26 15:22 - 00000000 ____D C:\Users\abcd\Downloads\NCIS.S16E20.WEBRip.x264-ION10 2019-04-15 17:19 - 2019-04-26 15:21 - 00000000 ____D C:\Users\abcd\Downloads\NCIS.Los.Angeles.S10E20.WEBRip.x264-ION10 2019-04-15 17:08 - 2019-04-26 15:21 - 00000000 ____D C:\Users\abcd\Downloads\Game.of.Thrones.S08E01.WEBRip.x264-ION10 2019-04-14 21:41 - 2019-04-26 15:22 - 00000000 ____D C:\Users\abcd\Downloads\The 54th ACM Country Music Awards 2019 720p 2019-04-13 11:30 - 2019-04-26 15:21 - 00000000 ____D C:\Users\abcd\Downloads\Hawaii.Five-0.S09E21.WEBRip.x264-ION10 2019-04-10 11:01 - 2019-04-26 15:21 - 00000000 ____D C:\Users\abcd\Downloads\NCIS.S16E19.WEBRip.x264-ION10 2019-04-10 08:23 - 2019-04-02 03:16 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-04-10 08:23 - 2019-03-30 22:57 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys 2019-04-10 08:23 - 2019-03-26 18:11 - 07079936 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2019-04-10 08:23 - 2019-03-26 17:57 - 05276160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2019-04-10 08:23 - 2019-03-26 17:40 - 07798272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-04-10 08:23 - 2019-03-26 17:35 - 05270528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-04-10 08:23 - 2019-03-26 10:16 - 01311976 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2019-04-10 08:23 - 2019-03-26 08:14 - 25736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-04-10 08:23 - 2019-03-26 08:00 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll 2019-04-10 08:23 - 2019-03-26 07:52 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-04-10 08:23 - 2019-03-26 07:50 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-04-10 08:23 - 2019-03-26 07:40 - 05777920 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-04-10 08:23 - 2019-03-26 07:40 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-04-10 08:23 - 2019-03-26 07:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2019-04-10 08:23 - 2019-03-26 07:15 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2019-04-10 08:23 - 2019-03-26 07:12 - 20280832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-04-10 08:23 - 2019-03-26 07:10 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2019-04-10 08:23 - 2019-03-26 07:09 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2019-04-10 08:23 - 2019-03-26 07:08 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2019-04-10 08:23 - 2019-03-26 07:06 - 02135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2019-04-10 08:23 - 2019-03-26 07:05 - 15284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-04-10 08:23 - 2019-03-26 07:00 - 04858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-04-10 08:23 - 2019-03-26 06:56 - 01040384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2019-04-10 08:23 - 2019-03-26 06:51 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-04-10 08:23 - 2019-03-26 06:48 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-04-10 08:23 - 2019-03-26 06:48 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-04-10 08:23 - 2019-03-26 06:43 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2019-04-10 08:23 - 2019-03-26 06:36 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2019-04-10 08:23 - 2019-03-26 06:29 - 04494848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-04-10 08:23 - 2019-03-26 06:26 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2019-04-10 08:23 - 2019-03-26 06:24 - 13682176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-04-10 08:23 - 2019-03-26 06:23 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2019-04-10 08:23 - 2019-03-26 06:22 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2019-04-10 08:23 - 2019-03-26 06:22 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2019-04-10 08:23 - 2019-03-26 06:21 - 02059776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2019-04-10 08:23 - 2019-03-26 06:08 - 04386304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-04-10 08:23 - 2019-03-26 06:04 - 01332224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-04-10 08:23 - 2019-03-26 06:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2019-04-10 08:23 - 2019-03-21 03:29 - 02452432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-04-10 08:23 - 2019-03-16 06:03 - 02535664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-04-10 08:23 - 2019-03-16 05:46 - 00805176 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-04-10 08:23 - 2019-03-16 05:36 - 01902752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-04-10 08:23 - 2019-03-16 05:29 - 00611656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2019-04-10 08:23 - 2019-03-16 04:51 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-04-10 08:23 - 2019-03-16 04:49 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-04-10 08:23 - 2019-03-16 04:48 - 03324416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-04-10 08:23 - 2019-03-16 04:47 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-04-10 08:23 - 2019-03-16 04:39 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2019-04-10 08:23 - 2019-03-16 04:39 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2019-04-10 08:23 - 2019-03-14 07:57 - 07368952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-04-10 08:23 - 2019-03-14 07:56 - 01677024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-04-10 08:23 - 2019-03-14 07:56 - 01537560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-04-10 08:23 - 2019-03-13 21:13 - 01369096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2019-04-10 08:23 - 2019-03-09 19:08 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll 2019-04-10 08:23 - 2019-03-09 18:51 - 01115136 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2019-04-10 08:23 - 2019-03-09 18:47 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll 2019-04-10 08:23 - 2019-03-09 18:43 - 03822080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2019-04-10 08:23 - 2019-03-09 18:35 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2019-04-10 08:23 - 2019-03-09 18:31 - 03274752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2019-04-10 08:23 - 2019-03-09 18:28 - 02348544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2019-04-10 08:23 - 2019-03-09 18:19 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2019-04-10 08:23 - 2019-03-09 18:01 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-04-10 08:23 - 2019-03-09 16:20 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-04-10 08:23 - 2019-03-09 16:20 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2019-04-10 08:23 - 2019-03-09 16:20 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2019-04-10 08:23 - 2019-03-09 16:20 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-04-10 08:23 - 2019-03-09 16:20 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2019-04-10 08:23 - 2019-02-24 16:43 - 01308456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2019-04-10 08:23 - 2019-02-21 19:36 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys 2019-04-10 08:23 - 2019-02-21 19:35 - 00684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2019-04-10 08:23 - 2019-02-21 19:34 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2019-04-10 08:23 - 2019-02-21 19:34 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2019-04-10 08:23 - 2019-02-21 18:31 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2019-04-10 08:23 - 2019-02-12 05:48 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2019-04-10 08:23 - 2019-02-09 20:55 - 22373096 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-04-10 08:23 - 2019-02-09 20:23 - 19790664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-04-06 19:17 - 2019-04-26 15:21 - 00000000 ____D C:\Users\abcd\Downloads\Escape Room (2019) [WEBRip] [1080p] [YTS.AM] 2019-04-06 15:47 - 2019-04-26 15:21 - 00000000 ____D C:\Users\abcd\Downloads\Hawaii.Five-0.S09E20.WEBRip.x264-ION10 2019-04-05 19:48 - 2019-04-26 12:49 - 00000258 __RSH C:\ProgramData\ntuser.pol 2019-04-05 16:34 - 2019-04-05 16:34 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe 2019-04-05 16:34 - 2019-04-05 16:34 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll 2019-04-05 15:59 - 2019-04-05 16:00 - 00000000 ____D C:\Program Files\Mini KMS Activator Ultimate 1.3 2019-04-05 15:32 - 2019-04-26 16:51 - 00003758 _____ C:\WINDOWS\System32\Tasks\AutoKMS 2019-04-03 16:15 - 2019-04-26 15:21 - 00000000 ____D C:\Users\abcd\Downloads\NCIS.S16E18.WEB.x264-TBS[rarbg] 2019-04-01 17:13 - 2019-04-26 15:21 - 00000000 ____D C:\Users\abcd\Downloads\NCIS.Los.Angeles.S10E19.WEBRip.x264-ION10 2019-03-30 01:21 - 2019-04-26 15:22 - 00000000 ____D C:\Users\abcd\Downloads\Purgatory (1999) [WEBRip] [1080p] [YTS.AM] 2019-03-29 10:13 - 2019-03-30 09:30 - 00000000 ____D C:\WINDOWS\sr-Cyrl-RS 2019-03-28 23:34 - 2019-03-30 09:30 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS 2019-03-28 23:34 - 2019-03-30 09:30 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS 2019-03-27 09:41 - 2019-04-26 15:21 - 00000000 ____D C:\Users\abcd\Downloads\NCIS.S16E17.WEBRip.x264-ION10 ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-04-26 17:01 - 2013-08-22 15:36 - 00000000 ____D C:\Windows 2019-04-26 16:55 - 2013-09-30 06:14 - 00865068 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-04-26 16:55 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2019-04-26 16:54 - 2018-02-04 20:41 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265419222-215988636-1602561688-1001 2019-04-26 16:50 - 2018-10-11 10:50 - 00000000 ____D C:\ProgramData\MCShield 2019-04-26 16:50 - 2018-02-04 22:45 - 00000000 ____D C:\Users\abcd\AppData\LocalLow\Mozilla 2019-04-26 16:50 - 2018-02-04 22:33 - 00000000 ____D C:\Users\abcd\.rainlendar2 2019-04-26 16:50 - 2018-02-04 20:55 - 00000000 ____D C:\ProgramData\NVIDIA 2019-04-26 16:50 - 2013-08-22 15:25 - 00000112 _____ C:\WINDOWS\win.ini 2019-04-26 16:49 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-04-26 16:40 - 2018-10-13 19:36 - 00000000 ____D C:\ProgramData\Malwarebytes 2019-04-26 16:26 - 2018-02-05 14:44 - 00000000 ____D C:\Users\abcd\Desktop\mbar 2019-04-26 16:17 - 2018-02-04 21:24 - 00000000 ____D C:\Users\abcd\AppData\Roaming\GHISLER 2019-04-26 16:10 - 2018-02-04 20:36 - 00000000 ____D C:\Users\abcd 2019-04-26 16:08 - 2018-02-07 11:11 - 00000000 ____D C:\Users\abcd\AppData\Roaming\BSplayer PRO 2019-04-26 15:22 - 2019-02-17 14:40 - 00000000 ____D C:\Users\Public\Documents\Steam 2019-04-26 15:22 - 2018-11-15 15:59 - 00000000 ____D C:\Users\abcd\Downloads\The.52nd.Annual.CMA.Awards.2018.WEB.x264-TBS[rarbg] 2019-04-26 15:22 - 2018-06-11 23:02 - 00000000 ____D C:\Users\abcd\Downloads\YTD Video Downloader Pro 5.9.7.4 [(zabranjeno)zSoft] 2019-04-26 15:22 - 2018-06-03 00:17 - 00000000 ____D C:\Users\Public\CyberLink 2019-04-26 15:22 - 2018-05-21 18:31 - 00000000 ____D C:\Users\Public\Documents\CyberLink 2019-04-26 15:22 - 2018-02-28 10:33 - 00000000 ___RD C:\Users\abcd\OneDrive 2019-04-26 15:22 - 2018-02-19 09:31 - 00004636 _____ C:\Users\Public\Documents\0000A6CC.LCS.ejudqnnjty 2019-04-26 15:22 - 2018-02-05 12:04 - 00000000 __RHD C:\Users\Public\AccountPictures 2019-04-26 15:22 - 2018-02-05 11:57 - 00000000 ____D C:\Users\Public\Foxit Software 2019-04-26 15:22 - 2018-02-04 20:36 - 00000560 ___SH C:\Users\abcd\ntuser.ini.ejudqnnjty 2019-04-26 15:22 - 2018-02-04 20:36 - 00000000 ____D C:\Users\abcd\AppData\Local\VirtualStore 2019-04-26 15:22 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries 2019-04-26 15:21 - 2019-03-25 09:37 - 00000000 ____D C:\Users\abcd\Downloads\NCIS.Los.Angeles.S10E18.WEBRip.x264-ION10 2019-04-26 15:21 - 2019-03-18 23:06 - 00071096 _____ C:\Users\abcd\Desktop\Tipske gumene patosnice ASTRA F 01-700x600.JPG.ejudqnnjty 2019-04-26 15:21 - 2019-03-18 16:28 - 00000000 ____D C:\Users\abcd\Downloads\NCIS.Los.Angeles.S10E17.WEBRip.x264-ION10 2019-04-26 15:21 - 2019-03-16 09:25 - 00000000 ____D C:\Users\abcd\Downloads\Hawaii.Five-0.S09E19.WEBRip.x264-ION10 2019-04-26 15:21 - 2019-03-13 10:59 - 00000000 ____D C:\Users\abcd\Downloads\NCIS.S16E16.WEBRip.x264-ION10 2019-04-26 15:21 - 2019-03-09 16:45 - 00000000 ____D C:\Users\abcd\Downloads\Hawaii.Five-0.S09E18.WEBRip.x264-ION10 2019-04-26 15:21 - 2019-03-07 23:39 - 00000000 ____D C:\Users\abcd\Downloads\Guardians Of The Galaxy Vol. 2 (2017) [1080p] [YTS.AG] 2019-04-26 15:21 - 2019-03-07 21:00 - 00000000 ____D C:\Users\abcd\Downloads\Guardians of the Galaxy (2014) [1080p] 2019-04-26 15:21 - 2019-03-04 16:38 - 00000000 ____D C:\Users\abcd\Downloads\NCIS.Los.Angeles.S10E16.WEBRip.x264-ION10 2019-04-26 15:21 - 2019-03-04 16:24 - 00000000 ____D C:\Users\abcd\Downloads\Bounty Killer (2013) [1080p] 2019-04-26 15:21 - 2019-03-01 11:24 - 00000000 ____D C:\Users\abcd\Downloads\Fantastic Four (2005) [1080p] [YTS.AG] 2019-04-26 15:21 - 2019-02-27 11:00 - 00000000 ____D C:\Users\abcd\Downloads\NCIS.S16E15.WEBRip.x264-ION10 2019-04-26 15:21 - 2019-02-23 16:33 - 00000000 ____D C:\Users\abcd\Downloads\Hawaii.Five-0.S09E17.WEBRip.x264-ION10 2019-04-26 15:21 - 2019-02-23 16:33 - 00000000 ____D C:\Users\abcd\Downloads\Hawaii.Five-0.S09E16.WEBRip.x264-ION10 2019-04-26 15:21 - 2019-02-20 14:10 - 00000000 ____D C:\Users\abcd\Downloads\NCIS.S16E14.WEBRip.x264-ION10 2019-04-26 15:21 - 2019-02-18 21:00 - 00000000 ____D C:\Users\abcd\Downloads\NCIS.Los.Angeles.S10E15.WEBRip.x264-ION10 2019-04-26 15:21 - 2019-02-05 20:15 - 00000000 ____D C:\Users\abcd\Downloads\Ant Videos 2019-04-26 15:21 - 2018-11-24 12:47 - 00000000 ____D C:\Users\abcd\Downloads\iGO_HERE_Europe_2018.Q3 2019-04-26 15:21 - 2018-10-06 19:40 - 02447976 _____ C:\Users\abcd\Desktop\Stihl MS 180.pdf.ejudqnnjty 2019-04-26 15:21 - 2018-09-23 16:28 - 00000000 ____D C:\Users\abcd\Downloads\iGO_TomTom_Europe_2018.Q2 2019-04-26 15:21 - 2018-08-09 17:23 - 00000000 ____D C:\Users\abcd\Downloads\Nashville.2012.S06E13.WEB.x264-TBS[eztv] 2019-04-26 15:21 - 2018-06-29 23:31 - 00000000 ____D C:\Users\abcd\Downloads\Nashville.S06E12.WEBRip.x264-ION10 2019-04-26 15:21 - 2018-05-22 23:15 - 00000000 ____D C:\Users\abcd\Desktop\The.53rd.Academy.of.Country.Music.Awards.2018.WEB.x264-TBS[ettv] 2019-04-26 15:21 - 2018-05-21 18:31 - 00000000 ____D C:\Users\abcd\Documents\CyberLink 2019-04-26 15:21 - 2018-05-20 23:53 - 00000000 ____D C:\Users\abcd\Documents\Freemake 2019-04-26 15:21 - 2018-02-18 18:00 - 00000000 ____D C:\Users\abcd\Downloads\Haynes pro 2015 2019-04-26 15:21 - 2018-02-12 20:33 - 00065825 _____ C:\Users\abcd\Desktop\t.jpg.ejudqnnjty 2019-04-26 15:21 - 2018-02-11 22:14 - 00000000 ___RD C:\Users\abcd\Desktop\Za slusanje 2019-04-26 15:21 - 2018-02-05 15:03 - 111501766 _____ C:\Users\abcd\Desktop\SpyHunter_4.23.2.4686_Portable.rar.ejudqnnjty 2019-04-26 15:21 - 2018-02-05 15:03 - 00000733 _____ C:\Users\abcd\Desktop\titlovi.com.txt.ejudqnnjty 2019-04-26 15:21 - 2018-02-05 15:03 - 00000000 ____D C:\Users\abcd\Desktop\ZA BRISANJE SA HDD-a 2019-04-26 15:21 - 2018-02-05 15:03 - 00000000 ____D C:\Users\abcd\Desktop\Wireless Network Watcher 2019-04-26 15:21 - 2018-02-05 15:03 - 00000000 ____D C:\Users\abcd\Desktop\Timestalkers !!!!!!!!!!!!!!!!!!! 2019-04-26 15:21 - 2018-02-05 15:03 - 00000000 ____D C:\Users\abcd\Desktop\SVASTA NESTO ZA SAMSUNGA !!!!!!!!!!!!!!!!!!!!!!! 2019-04-26 15:21 - 2018-02-05 15:03 - 00000000 ____D C:\Users\abcd\Desktop\SpyHunter_4.23.2.4686_Portable 2019-04-26 15:21 - 2018-02-05 14:45 - 00000000 ____D C:\Users\abcd\Desktop\SERIJE 2019-04-26 15:21 - 2018-02-05 14:44 - 00000000 ___RD C:\Users\abcd\Desktop\RAZNO 2019-04-26 15:21 - 2018-02-05 13:41 - 00000000 ____D C:\Users\abcd\Desktop\Uzbudilnik - B92 2019-04-26 15:21 - 2018-02-05 11:55 - 00000000 ____D C:\Users\abcd\Documents\WhereIsIt Catalogs 2019-04-26 15:20 - 2019-03-10 16:58 - 00000000 ____D C:\Users\abcd\Desktop\New folder 2019-04-26 15:20 - 2019-03-06 03:01 - 00000920 _____ C:\Users\abcd\Desktop\New Text Document.txt.ejudqnnjty 2019-04-26 15:20 - 2019-01-08 20:57 - 00001532 _____ C:\Users\abcd\Desktop\napajanje.txt.ejudqnnjty 2019-04-26 15:20 - 2018-11-28 18:46 - 00000000 ____D C:\Users\abcd\Desktop\New folder (2) 2019-04-26 15:20 - 2018-06-03 00:01 - 01974965 _____ C:\Users\abcd\Desktop\Nokia mediamaster 9902s.pdf.ejudqnnjty 2019-04-26 15:20 - 2018-04-24 22:57 - 00000000 ____D C:\Users\abcd\Desktop\PLjiŽ 2019-04-26 15:20 - 2018-02-18 23:41 - 00000000 ____D C:\Users\abcd\Desktop\Haynes pro 2015 2019-04-26 15:20 - 2018-02-05 14:44 - 00000000 ____D C:\Users\abcd\Desktop\New folder (3) 2019-04-26 15:20 - 2018-02-05 14:44 - 00000000 ____D C:\Users\abcd\Desktop\LOVATO 2019-04-26 15:17 - 2018-02-06 02:12 - 00000000 ____D C:\Users\abcd\Desktop\Drzavni Posao 2019-04-26 15:17 - 2018-02-05 15:03 - 32305407 _____ C:\Users\abcd\Desktop\Freemake Video Converter Gold v4.1.9.21.7z.ejudqnnjty 2019-04-26 15:17 - 2018-02-05 14:44 - 00000000 ____D C:\Users\abcd\Desktop\Freemake Video Converter Gold v4.1.9.21 2019-04-26 15:17 - 2018-02-05 14:44 - 00000000 ____D C:\Users\abcd\Desktop\Freemake 2019-04-26 15:17 - 2018-02-05 13:41 - 00000000 ____D C:\Users\abcd\Desktop\Filmovi 2019-04-26 15:16 - 2019-03-08 21:43 - 00000555 _____ C:\Users\abcd\Desktop\24 V 2019.txt.ejudqnnjty 2019-04-26 15:16 - 2019-01-15 12:39 - 01026560 _____ C:\Users\abcd\Desktop\913838-an-01-en-A4_TECH_GAMING_MOUSE_XL_747H.pdf.ejudqnnjty 2019-04-26 15:16 - 2018-11-18 09:15 - 00000000 ____D C:\Users\abcd\AppData\Roaming\Nero 2019-04-26 15:16 - 2018-07-21 07:27 - 00000000 ____D C:\Users\abcd\AppData\Roaming\qBittorrent 2019-04-26 15:16 - 2018-07-03 16:02 - 00000000 ____D C:\Users\abcd\Desktop\Camera 2019-04-26 15:16 - 2018-06-03 17:12 - 00305708 _____ C:\Users\abcd\Desktop\cache_48132485.jpg.ejudqnnjty 2019-04-26 15:16 - 2018-05-20 22:21 - 00000000 ____D C:\Users\abcd\Desktop\BRAVA NA KOLIMA 2019-04-26 15:16 - 2018-04-08 21:16 - 00000000 ____D C:\Users\abcd\AppData\Roaming\Opera Software 2019-04-26 15:16 - 2018-03-29 15:13 - 00000000 ____D C:\Users\abcd\AppData\Roaming\MPC-HC 2019-04-26 15:16 - 2018-02-19 12:07 - 00000000 ____D C:\Users\abcd\AppData\Roaming\ProtectDISC 2019-04-26 15:16 - 2018-02-07 00:50 - 00000000 ____D C:\Users\abcd\AppData\Roaming\TuneUp Software 2019-04-26 15:16 - 2018-02-06 09:39 - 00000000 ____D C:\Users\abcd\AppData\Roaming\Winamp 2019-04-26 15:16 - 2018-02-05 14:39 - 00000000 ____D C:\Users\abcd\Desktop\BEZ PREVODA 2019-04-26 15:16 - 2018-02-05 13:36 - 00000000 ____D C:\Users\abcd\Desktop\Daško & Mlađa 2019-04-26 15:16 - 2018-02-05 10:04 - 00000000 ____D C:\Users\abcd\AppData\Roaming\uTorrent 2019-04-26 15:16 - 2018-02-05 00:01 - 00000000 ____D C:\Users\abcd\AppData\Roaming\WinRAR 2019-04-26 15:16 - 2018-02-04 23:21 - 00000000 ____D C:\Users\abcd\AppData\Roaming\NVIDIA 2019-04-26 15:16 - 2018-02-04 22:51 - 00000000 ____D C:\Users\abcd\AppData\Roaming\POP Peeper 2019-04-26 15:16 - 2018-02-04 22:15 - 00000000 ____D C:\Users\abcd\AppData\Roaming\TP-LINK 2019-04-26 15:16 - 2018-02-04 21:54 - 00000000 ____D C:\Users\abcd\AppData\Roaming\URSoft 2019-04-26 15:13 - 2018-05-21 18:31 - 00000000 ____D C:\Users\abcd\AppData\Roaming\CyberLink 2019-04-26 15:13 - 2018-05-21 00:00 - 00000000 ____D C:\Users\abcd\AppData\Roaming\dvdcss 2019-04-26 15:13 - 2018-02-18 17:37 - 00000000 ____D C:\Users\abcd\AppData\Roaming\Macromedia 2019-04-26 15:13 - 2018-02-17 15:13 - 00000000 ____D C:\Users\abcd\AppData\Roaming\DAEMON Tools Lite 2019-04-26 15:13 - 2018-02-17 15:12 - 00000000 ____D C:\Users\abcd\AppData\Roaming\DAEMON Tools iSCSI Target 2019-04-26 15:13 - 2018-02-05 11:57 - 00000000 ____D C:\Users\abcd\AppData\Roaming\Foxit Software 2019-04-26 15:13 - 2018-02-04 22:45 - 00000000 ____D C:\Users\abcd\AppData\Roaming\Mozilla 2019-04-26 15:13 - 2018-02-04 22:16 - 00000000 ____D C:\Users\abcd\AppData\Roaming\InstallShield 2019-04-26 15:12 - 2018-02-04 23:21 - 00000000 ____D C:\Users\abcd\AppData\Roaming\ACD Systems 2019-04-26 15:12 - 2018-02-04 20:36 - 00000000 ____D C:\Users\abcd\AppData\Roaming\Adobe 2019-04-26 12:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\addins 2019-04-26 12:09 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows NT 2019-04-26 11:33 - 2019-01-05 10:58 - 00000000 ____D C:\Program Files\qBittorrent 2019-04-26 11:32 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2019-04-26 09:22 - 2018-02-05 05:22 - 00000000 ___DC C:\WINDOWS\Panther 2019-04-21 20:06 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-04-21 20:06 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2019-04-21 20:05 - 2018-02-28 10:45 - 00000000 ____D C:\Program Files\Microsoft Office 2019-04-21 19:51 - 2018-04-08 21:16 - 00003824 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1523214981 2019-04-21 19:51 - 2018-04-08 21:16 - 00001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk 2019-04-21 19:51 - 2018-04-08 21:14 - 00000000 ____D C:\Program Files\Opera 2019-04-14 17:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2019-04-12 08:29 - 2018-02-04 22:53 - 00000000 ____D C:\Program Files\Mozilla Firefox 2019-04-12 08:29 - 2018-02-04 22:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-04-12 08:29 - 2013-08-22 16:44 - 00474176 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-04-12 08:24 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2019-04-12 00:50 - 2018-02-04 22:53 - 00000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-04-10 08:43 - 2018-02-06 23:25 - 00000000 ____D C:\Program Files\WindowsApps 2019-04-10 08:43 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2019-04-10 08:43 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2019-04-10 08:41 - 2018-02-06 13:16 - 00000000 ____D C:\WINDOWS\system32\MRT 2019-04-10 08:29 - 2018-02-06 13:16 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-04-09 08:58 - 2018-10-11 08:45 - 00002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-04-05 15:32 - 2018-02-04 21:59 - 00000000 ____D C:\WINDOWS\AutoKMS 2019-04-02 14:45 - 2019-02-13 09:36 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2019-03-29 22:07 - 2019-01-13 00:47 - 00835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-03-29 22:07 - 2019-01-13 00:47 - 00179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2019-03-29 10:45 - 2018-02-04 20:36 - 00000000 ____D C:\Users\abcd\AppData\Local\Packages 2019-03-29 10:13 - 2013-09-30 05:50 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2019-03-29 10:13 - 2013-09-30 05:50 - 00000000 ____D C:\WINDOWS\system32\WCN 2019-03-29 10:13 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2019-03-29 10:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore 2019-03-29 10:13 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2019-03-29 10:13 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender 2019-03-29 10:13 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2019-03-29 10:13 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2019-03-28 23:35 - 2018-10-11 08:43 - 00003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2019-03-28 23:35 - 2018-10-11 08:43 - 00003202 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2019-03-28 23:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\FileManager ==================== Files in the root of some directories ======= 2019-04-26 15:12 - 2019-04-26 15:12 - 0008690 _____ () C:\Users\abcd\AppData\Roaming\EJUDQNNJTY-MANUAL.txt 2019-04-26 15:13 - 2019-04-26 15:13 - 0008690 _____ () C:\Users\abcd\AppData\Roaming\Microsoft\EJUDQNNJTY-MANUAL.txt 2019-04-26 10:52 - 2019-04-26 10:52 - 0140800 _____ () C:\Users\abcd\AppData\Local\installer.dat 2019-04-26 10:52 - 2019-04-26 10:52 - 0722944 _____ () C:\Users\abcd\AppData\Local\sha.db Some files in TEMP: ==================== C:\Users\abcd\AppData\Local\Temp\1AAF.tmp.exe C:\Users\abcd\AppData\Local\Temp\l1y8u6y7q9y8u60d.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-04-25 08:01 ==================== End of FRST.txt ============================ mycity.rs/must-login.png mycity.rs/must-login.png

Profil

Sass Drake Poslao: 28 Apr 2019 08:43 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zakačio si Gandcrab ransomware. Probaj sa ovim da vratiš podatke. http://download.bitdefender.com/am/malware_removal/BDGandCrabDecryptTool.exe

Profil

alex1974 Poslao: 28 Apr 2019 08:53 Idi na vrh
offline alex1974 Građanin Pridružio: 28 Nov 2009 Poruke: 145	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 28 Apr 2019 8:52 Hvalaprobao sam sa tim ali nije mogao da pronadje "ransom note" Tako da sam na kraju formatirao oba harda. Dopuna: 28 Apr 2019 8:53 Cime bih se mogao zastititi da ponovo ne dodje do toga?

Profil

Sass Drake Poslao: 28 Apr 2019 18:06 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Antivirusnim programom i većom pažnjom prilikom preuzimanja raznoraznih fajlova na Internetu.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pomoc

Ko je trenutno na forumu

Ukupno su 890 korisnika na forumu :: 17 registrovanih, 2 sakrivenih i 871 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, _Sale, A.R.Chafee.Jr., bobomicek, Bubimir, dekan.m, Dimitrise93, DragoslavS, Lazarus, Milos82, Mixelotti, mnn2, mrav pesadinac, paja69, vathra, yrraf, zziko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by