MyCity » Ambulanta -> Arhiva Ambulante » Browser ludi,sam prebacuje i otvara reklame.

Browser ludi,sam prebacuje i otvara reklame.

Napisano na dan: 6.10.2015
2

Browser ludi,sam prebacuje i otvara reklame.
Pagination Prethodna strana

Idi na vrh

Poslao: 07 Okt 2015 20:23
Idi na vrh
offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

Napisano: 07 Okt 2015 20:12

Zoek.exe v5.0.0.1 Updated 06-October-2015
Tool run by Blue on 07-Oct-15 at 19:48:12.50.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Blue\Desktop\zoek\zoek.scr [Scan all users] [Script inserted]

==== System Restore Info ======================

07-Oct-15 7:49:22 PM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\9d98ba84-95f1-42c1-bd4e-641aef007d5a deleted successfully
C:\PROGRA~2\by Decepticon deleted successfully
C:\PROGRA~2\Konami deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\R.G. Games deleted successfully
C:\PROGRA~2\R.G. Mechanics deleted successfully
C:\PROGRA~2\URUSoft deleted successfully
C:\Program Files\ATI Technologies deleted successfully
C:\PROGRA~3\Anvsoft deleted successfully
C:\PROGRA~3\Lexmark Package Logs deleted successfully
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\Users\Blue\AppData\Roaming\Skinux deleted successfully
C:\Users\Blue\AppData\Local\2K Games deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C1AB04C-3AF8-4AB6-9121-FA3B49176949} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F16022A-494B-466E-AE19-51E91CAB4E4B} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23B30774-890C-46E8-BC17-6B7C555E4E5C} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28D478-3298-4221-AB54-FC5B554D75A2} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F49B3CD-E112-42B7-BE82-B4CFD01F5DB8} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32D637-801E-469B-BFD7-661DB29DF61E} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36E54C67-7525-492B-8348-DAD272F5641} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C6D0575-A3B6-459C-8D9F-16135151B266} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44E07240-EB78-429F-8715-CA53C4BA99D6} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44E6EF61-60DB-4679-A728-3B061CFAAFC} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49DB7CC5-5687-48AE-8812-CEC78F9D52} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E2FCA20-FD8D-40A6-A527-57E02CD515D} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E573710-5A7A-4AF2-B4CD-15D14822935C} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56357206-218-4B76-86CE-3626A23268A4} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D1D4CB-E3BB-4561-AD3C-B79863265BC} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{632CF4CB-ED8F-49BF-B713-64E7D0CFAAAC} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68DAC575-CB10-4D61-9CA9-F11E32B69224} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72D04A3B-A2AA-40F5-81F0-374DF074F433} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B97CC47-FEC7-4B58-8D9E-2716C15D255} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90AD507D-C44D-4A76-B02E-D9E58CD89215} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A51E67A7-ED22-4D8A-90DD-A8D2530A15D} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8918360-C8DE-40D7-8B19-93D421B44AD5} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C135866E-5D37-4DA4-B040-8923B82B663} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FEBEAA-E37D-4DC5-B635-8625975579CE} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD3AAEA5-152F-48DE-B879-84D1F16AAA6} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE2946B7-72A3-4D63-955B-18D1D744D46} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E49BFA10-12D2-44C6-A1DF-5999755248B} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0D0DCB9-AA4C-48FB-A45-578BA77CD40} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F80D1197-5C2-4DF3-96E2-DD2C22A8C5A2} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HyperDeskCustomThemeEnabler deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\HyperDeskCustomThemeEnabler deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~2\9d98ba84-95f1-42c1-bd4e-641aef007d5a not found
C:\PROGRA~2\by Decepticon not found
C:\PROGRA~2\Konami not found
C:\PROGRA~2\R.G. Games not found
C:\PROGRA~2\R.G. Mechanics not found
C:\PROGRA~2\URUSoft not found
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
C:\PROGRA~2\DAEMON Tools Pro deleted
C:\PROGRA~2\BitLord deleted
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Blue\AppData\Local\Installer deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Photo Pro X3 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitLord deleted
C:\Users\Blue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\Users\Blue\AppData\Local\LumaEmu" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06-Oct-15 06:39 AM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default
- 158d7cb370394a758e0b3bd0a464edd2 - %ProfilePath%\extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default
C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash


==== Fake Chromium Profiles Check ======================

Fake profile C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 45.0.2454.101

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06-Oct-15 06:39 AM]

Avast Online Security - Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Hotword Shared Module - Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
dckjilenognecmpjjpeckgekikdpchli - Blue\AppData\Roaming\Opera Software\Opera Stable\Extensions\dckjilenognecmpjjpeckgekikdpchli

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Blue\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Blue\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Blue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Blue\AppData\Local\Mozilla\Firefox\Profiles\epsd5qrt.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Blue\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=80 folders=45 137298120 bytes)

==== Empty Temp Folders ======================

C:\Users\Blue\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Blue\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 07-Oct-15 at 20:10:24.52 ======================

Dopuna: 07 Okt 2015 20:15

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Blue (administrator) on BLUE-PC (07-10-2015 20:13:15)
Running from C:\Users\Blue\Desktop
Loaded Profiles: Blue (Available Profiles: Blue)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Corel, Inc.) C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Corel) C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe
(ACD Systems, Ltd.) C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [Standby] => c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe [105632 2010-01-07] (Corel)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2008-09-06] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Device Detector] => DevDetect.exe -autorun
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-10-06] (AVAST Software)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-07-07] (AMD)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [Corel Photo Downloader] => C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [523408 2009-12-30] (Corel, Inc.)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53735968 2015-08-07] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-06] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 178.79.22.6 8.8.8.8
Tcpip\..\Interfaces\{C2F82EE5-2188-4099-A32D-49870BC5726C}: [DhcpNameServer] 178.79.22.6 8.8.8.8

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1697143202-2978083806-735747886-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-06] (AVAST Software)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-06] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-06] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Extension: 158d7cb370394a758e0b3bd0a464edd2 - C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2} [2015-10-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-06]

Chrome:
=======
CHR Profile: C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-01]
CHR Extension: (Google Docs) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-01]
CHR Extension: (Google Drive) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-01]
CHR Extension: (YouTube) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-01]
CHR Extension: (Google Search) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-01]
CHR Extension: (Google Sheets) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-01]
CHR Extension: (Google Docs Offline) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-02]
CHR Extension: (Avast Online Security) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-10-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-01]
CHR Extension: (Gmail) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-10-06]

Opera:
=======
OPR Extension: (dckjilenognecmpjjpeckgekikdpchli) - C:\Users\Blue\AppData\Roaming\Opera Software\Opera Stable\Extensions\dckjilenognecmpjjpeckgekikdpchli [2015-10-06]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-06] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-06] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-06] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-10] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2015-09-02] (Padus, Inc.) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-07 20:13 - 2015-10-07 20:13 - 00013596 _____ C:\Users\Blue\Desktop\FRST.txt
2015-10-07 20:11 - 2015-10-07 20:11 - 00000000 ____D C:\Users\Blue\Desktop\New folder (2)
2015-10-07 20:05 - 2014-02-13 23:59 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-10-07 19:49 - 2015-10-07 20:10 - 00012511 _____ C:\zoek-results.log
2015-10-07 19:48 - 2015-10-07 20:01 - 00000000 ____D C:\zoek_backup
2015-10-07 19:47 - 2015-10-07 19:47 - 00000000 ____D C:\Users\Blue\Desktop\zoek
2015-10-07 19:43 - 2015-10-07 19:43 - 04335672 _____ C:\Users\Blue\Downloads\zoek.rar
2015-10-07 19:19 - 2015-10-07 19:19 - 00039033 _____ C:\mbam 2.txt
2015-10-07 19:16 - 2015-10-07 19:16 - 00006799 _____ C:\Users\Blue\Desktop\mbam.txt
2015-10-07 19:08 - 2015-10-07 19:08 - 00001123 _____ C:\Users\Blue\Desktop\tyutyu.txt
2015-10-07 18:48 - 2015-10-07 20:09 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-07 18:48 - 2015-10-07 18:48 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-07 18:48 - 2015-10-07 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-07 18:48 - 2015-10-07 18:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-07 18:48 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-07 18:48 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-07 18:48 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-07 18:47 - 2015-10-07 18:48 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Blue\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-07 06:35 - 2015-10-07 06:35 - 03096064 _____ C:\Users\Blue\Downloads\1.01_BitLord_1.01new.exe
2015-10-06 20:45 - 2015-10-06 20:46 - 00000000 ____D C:\AdwCleaner
2015-10-06 20:45 - 2015-10-06 20:45 - 01681920 _____ C:\Users\Blue\Desktop\AdwCleaner.exe
2015-10-06 07:19 - 2015-10-07 20:13 - 00000000 ____D C:\FRST
2015-10-06 07:04 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-06 07:04 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-06 07:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-06 07:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-06 07:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-06 07:04 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-06 07:04 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-06 07:04 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-06 07:03 - 2015-10-06 07:12 - 00000000 ____D C:\Qoobox
2015-10-06 07:02 - 2015-10-06 07:11 - 00000000 ____D C:\Windows\erdnt
2015-10-06 07:01 - 2015-10-06 07:01 - 02193920 _____ (Farbar) C:\Users\Blue\Desktop\FRST64.exe
2015-10-06 06:41 - 2015-10-06 06:41 - 00000000 ____D C:\Users\Blue\AppData\Roaming\AVAST Software
2015-10-06 06:40 - 2015-10-06 06:40 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-06 06:40 - 2015-10-06 06:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-10-06 06:39 - 2015-10-06 06:39 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-10-06 06:39 - 2015-10-06 06:39 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-10-06 06:39 - 2015-10-06 06:39 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-10-06 06:37 - 2015-10-06 06:37 - 00000000 ____D C:\Program Files\AVAST Software
2015-10-02 18:56 - 2015-10-02 18:56 - 00000000 ____D C:\Users\Blue\Documents\CPY_SAVES
2015-10-02 17:04 - 2015-10-02 17:05 - 00000000 ____D C:\Users\Blue\Desktop\new za rezanje
2015-10-02 17:00 - 2015-10-02 17:03 - 00001849 _____ C:\Users\Public\Desktop\Winamp.lnk
2015-10-02 17:00 - 2015-10-02 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-10-02 16:59 - 2015-10-02 17:00 - 00000000 ____D C:\Users\Blue\AppData\Roaming\Winamp
2015-10-02 16:59 - 2015-10-02 16:59 - 10328598 _____ (Nullsoft, Inc.) C:\Users\Blue\Downloads\winamp5666_full_en-us_redux.exe
2015-10-02 16:45 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-10-02 16:44 - 2015-10-02 16:44 - 00000000 ____D C:\Users\Blue\Documents\ËѺüÓ°Òô
2015-10-02 16:43 - 2015-10-02 16:47 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-02 16:43 - 2015-10-02 16:43 - 00000000 ____D C:\Users\Blue\AppData\Local\Temp尰
2015-09-29 11:37 - 2015-09-29 11:37 - 03643690 _____ C:\Users\Blue\Downloads\Mad Max +7 Trainer-Alex.rar
2015-09-29 11:36 - 2015-09-29 11:36 - 01953281 _____ C:\Users\Blue\Downloads\MadMax+4Tr-LNG_v1.0.rar
2015-09-25 17:27 - 2015-10-02 18:56 - 00000000 ____D C:\Users\Blue\Documents\WB Games
2015-09-25 17:23 - 2015-09-25 17:24 - 00000000 ____D C:\Users\Blue\Downloads\Mad.Max.(zabranjeno).v3.Only
2015-09-24 09:27 - 2015-09-25 17:22 - 00000000 ____D C:\Users\Blue\AppData\LocalLow\uTorrent
2015-09-24 09:03 - 2015-09-24 10:33 - 00000000 ____D C:\Users\Blue\Downloads\METAL GEAR SOLID V THE PHANTOM PAIN_RePack by SEYTER
2015-09-23 20:41 - 2015-09-23 20:42 - 03885075 _____ C:\Users\Blue\Downloads\SamFirm_v0.3.3.zip
2015-09-21 20:52 - 2015-09-21 20:52 - 00958976 _____ C:\Users\Blue\Downloads\Sygic PC maps DOWNLOADER - [20.8.2015].exe
2015-09-21 20:52 - 2015-09-21 20:52 - 00000000 ____D C:\Users\Blue\Downloads\HERE
2015-09-21 20:28 - 2015-09-21 20:28 - 00126457 _____ C:\Users\Blue\Downloads\battlefield.hardline.save.game.rar
2015-09-21 20:18 - 2015-09-21 20:19 - 00000000 ____D C:\Users\Blue\Documents\BFH
2015-09-21 08:23 - 2015-09-21 11:53 - 00020189 _____ C:\Users\Blue\Desktop\sss.pdm
2015-09-13 18:31 - 2015-09-18 09:59 - 00000000 ____D C:\Users\Blue\Desktop\New folder
2015-09-10 17:38 - 2015-09-10 17:38 - 00000000 ____D C:\Program Files (x86)\GOG.com
2015-09-09 06:52 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 06:52 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 06:52 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-09 06:52 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 06:52 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-09 06:52 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-09 06:51 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 06:51 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 06:51 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 06:51 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 06:51 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 06:51 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 06:51 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 06:51 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 06:51 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 06:51 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 06:51 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 06:51 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 06:51 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 06:51 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 06:51 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 06:51 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 06:51 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 06:51 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 06:51 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 06:51 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 06:51 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 06:51 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-09 06:51 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 06:51 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 06:51 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 06:51 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 06:51 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 06:51 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-09 06:51 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-09 06:51 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 06:51 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-09 06:51 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-09 06:51 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 06:51 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-09 06:51 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-09 06:51 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-09 06:51 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 06:51 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-09 06:51 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-09 06:51 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 06:51 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 06:51 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 06:51 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 06:51 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-09 06:51 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 06:51 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-09 06:51 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-09 06:51 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-09 06:51 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-09 06:51 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 06:51 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 06:51 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 06:51 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 06:51 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 06:51 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-09 06:51 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 06:51 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 06:51 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 06:51 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 06:51 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 06:51 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-09 06:51 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-09 06:51 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-09 06:51 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-09 06:51 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-09 06:51 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-09 06:51 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-09 06:51 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-09 06:51 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-09 06:51 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-09 06:51 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-09 06:51 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-09 06:51 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-09 06:51 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-09 06:51 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-09 06:51 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-09 06:51 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-09 06:51 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-09 06:51 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-09 06:51 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-09 06:51 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-09 06:51 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-09 06:51 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-09 06:51 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-09 06:51 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-09 06:51 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-09 06:51 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 06:51 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-09 06:51 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-09 06:51 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-09 06:51 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-09 06:51 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-09 06:51 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 06:51 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-09 06:51 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-09 06:51 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-09 06:51 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-09 06:51 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 06:51 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 06:51 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-09 06:51 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 06:50 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 06:50 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 06:50 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 06:50 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 06:50 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-09 06:50 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 06:50 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-09 06:50 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-09 06:50 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 06:50 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 06:50 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 06:50 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 06:50 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 06:50 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 06:50 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 06:50 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 06:50 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 06:50 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-09 06:50 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 06:50 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 06:50 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 06:50 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 06:50 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 06:50 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 06:50 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 06:50 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 06:50 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-09 06:50 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 06:50 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-09 06:50 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-09 06:50 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 06:50 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 06:50 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 06:50 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 06:50 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 06:50 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 06:50 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-07 20:13 - 2014-09-01 18:15 - 01272688 _____ C:\Windows\WindowsUpdate.log
2015-10-07 20:12 - 2014-09-01 10:23 - 00000000 ____D C:\Users\Blue\AppData\Roaming\Skype
2015-10-07 20:10 - 2014-11-23 13:55 - 00000498 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-10-07 20:10 - 2014-09-16 08:41 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-07 20:10 - 2014-09-01 09:46 - 00000000 ____D C:\ProgramData\MCShield
2015-10-07 20:09 - 2010-11-21 05:47 - 00521272 _____ C:\Windows\PFRO.log
2015-10-07 20:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-07 20:09 - 2009-07-14 06:51 - 00085160 _____ C:\Windows\setupact.log
2015-10-07 19:57 - 2014-09-16 08:41 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-07 19:19 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-07 19:19 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-07 19:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-10-07 08:19 - 2014-09-25 08:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-06 20:49 - 2014-09-01 19:21 - 00000000 ____D C:\Users\Blue\AppData\Local\CrashDumps
2015-10-06 19:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\L2Schemas
2015-10-06 18:58 - 2014-09-03 06:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-06 07:12 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-10-06 07:10 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-10-06 06:59 - 2014-12-24 10:18 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-10-06 06:59 - 2014-12-24 10:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-10-06 06:35 - 2014-09-01 09:42 - 00000000 ____D C:\ProgramData\AVAST Software
2015-10-06 06:28 - 2014-09-16 08:42 - 00001438 _____ C:\Users\Blue\Desktop\Google Chrome.lnk
2015-10-05 18:10 - 2014-09-01 12:39 - 00000000 ____D C:\Users\Blue\Documents\My Games
2015-10-02 17:00 - 2014-09-01 09:51 - 00000000 ____D C:\Program Files (x86)\Winamp
2015-10-02 16:55 - 2014-09-16 08:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-02 16:55 - 2014-09-01 09:42 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-02 16:55 - 2014-09-01 09:42 - 00001049 _____ C:\Users\Blue\Desktop\Mozilla Firefox.lnk
2015-10-02 16:52 - 2015-04-01 18:48 - 00000000 ____D C:\Users\Blue\AppData\Roaming\Subtitle Edit
2015-10-01 07:11 - 2009-07-14 07:13 - 00781782 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-25 21:05 - 2014-11-27 22:01 - 00000000 ____D C:\Users\Blue\AppData\Roaming\uTorrent
2015-09-25 14:55 - 2014-12-09 11:03 - 00000000 ____D C:\Games
2015-09-24 18:58 - 2014-09-16 09:26 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-09-24 08:47 - 2014-09-01 11:02 - 00438605 _____ C:\Windows\DirectX.log
2015-09-21 11:53 - 2014-09-01 19:08 - 00000000 ____D C:\Users\Blue\AppData\Roaming\Photo DVD Slideshow
2015-09-21 11:53 - 2014-09-01 11:29 - 00000000 ____D C:\ProgramData\TEMP
2015-09-21 08:17 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-17 10:52 - 2014-09-16 08:41 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 10:52 - 2014-09-16 08:41 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-10 17:41 - 2015-02-16 09:57 - 00000000 ____D C:\Users\Blue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-10 06:22 - 2010-11-21 09:16 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 13:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-09 12:14 - 2009-07-14 06:45 - 00308416 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 12:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-09 07:32 - 2014-09-04 19:34 - 00000000 ____D C:\Windows\system32\MRT
2015-09-08 21:39 - 2014-09-01 09:59 - 00000000 ____D C:\Users\Blue\AppData\Roaming\BSplayer PRO

==================== Files in the root of some directories =======

2014-09-01 11:08 - 2014-09-01 11:08 - 0003584 _____ () C:\Users\Blue\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-01 11:08 - 2015-01-18 16:18 - 0006266 ___SH () C:\ProgramData\KGyGaAvL.sys

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-01 12:47

==================== End of FRST.txt ============================
[Link mogu videti samo ulogovani korisnici]

Dopuna: 07 Okt 2015 20:23

i dalje haos pravi ,ala je uleteo svaka mu cast



Poslao: 07 Okt 2015 20:34
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8643
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
FF Extension: 158d7cb370394a758e0b3bd0a464edd2 - C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2} [2015-10-06]



2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Posle toga idi u Control Panel i probaj da nadjes globalupdate Helper i da deinstaliras.



Poslao: 07 Okt 2015 20:45
Idi na vrh
offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

Napisano: 07 Okt 2015 20:45

Fix result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Blue (2015-10-07 20:44:05) Run:2
Running from C:\Users\Blue\Desktop
Loaded Profiles: Blue (Available Profiles: Blue)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
FF Extension: 158d7cb370394a758e0b3bd0a464edd2 - C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2} [2015-10-06]
*****************

Restore point was successfully created.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent => value removed successfully
C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2} => moved successfully
C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2} => path removed successfully

==== End of Fixlog 20:44:22 ====

Dopuna: 07 Okt 2015 20:45

Iscupao si ga ,svaka cast ...

Poslao: 07 Okt 2015 20:50
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8643
  • Gde živiš: Novi Beograd

Da li je sada u redu?

Poslao: 07 Okt 2015 21:01
Idi na vrh
offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

Sve je u redu ,

Poslao: 07 Okt 2015 21:07
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8643
  • Gde živiš: Novi Beograd

Jos malo ciscenja.

Preuzmi Junkware Removal Tool ( JRT ) i sacuvaj ga na desktop.

zatvori browser i ostale pokrenute programe;

Privremeno deaktiviraj zastitni softver (Uputstvo);

dvoklikom na ikonicu ( )pokreni program JRT;

Kod obavestenja "press any key" pritisnuti bilo koji taster i alat ce zapoceti skeniranje.
Napomena: u ovisnosti od sistemske specifikacije vreme skeniranja u nekim slucajevima moze da potraje.

Kada zavrsi otvorice se log sa izvestajem koji ce biti sacuvan na desktopu pod nazivom JRT.txt

Arrow Kopiraj sadrzaj tog loga u temu.

Poslao: 08 Okt 2015 06:01
Idi na vrh
offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Ultimate x64
Ran by Blue on 08-Oct-15 at 5:54:25.67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Blue\AppData\Roaming\mozilla\firefox\profiles\epsd5qrt.default\minidumps [179 files]



~~~ Chrome


[C:\Users\Blue\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Blue\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Blue\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Blue\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08-Oct-15 at 5:58:16.68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Poslao: 08 Okt 2015 08:36
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8643
  • Gde živiš: Novi Beograd

To je to.

Sledeća procedura će implementirati završno čišćenje.



Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.

Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;
Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.

Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno.


Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
- Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
- DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Poslao: 08 Okt 2015 16:17
Idi na vrh
offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

Odradjeno ,hvala puno ,bas je bio zavucen ovaj malware ,nisam imao ovako tesku infekciju nikad

MyCity » Ambulanta -> Arhiva Ambulante » Browser ludi,sam prebacuje i otvara reklame.

Ko je trenutno na forumu
 

Ukupno su 1117 korisnika na forumu :: 92 registrovanih, 6 sakrivenih i 1019 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 13297 - dana 20 Jan 2026 17:42

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -Max-, Abebe Bikila, Aleksa 3215, alex71, amonsrb, Aska, B61, Beardonitch, Belac91, bigfoot, Bobrock1, bojcistv, Boris.A, Borkanović, brundo65, Burovnyak, chichabg, Coficab, d.arsenal321, Dambi, darkojovxp, dayal, Denaya, Dogma21, DonRumataEstorski, dragan_mig31, dragoljub11987, Flanker-G, goran.vvv, Hans Gajger, HrcAk47, IvanMiletic, Ivica1102, Jakonjveliki, jalos, Jan, jeen yuhs, jmsk, jodzula, Jose, Jovan.D, Kenanjoz, kolateralnasteta, kuntakinte, laki_bb, luka35, marko.markovic, mercedesamg, mgolub, MIKI63, mikrimaus, milan 990, miljannis, Miloš.90, Mićko, moldway, nelezele, nemkea71, nikolapetkovic, Nmr, novator, oldtimer, Papadubi, Pavel Medved, Pekman, perko91, PlayerOne, plazma keks, Putnik22, raf87, sales, Sava89, Sevatar, sickmouse, skylab1111, sova72, Steeeefan, stefan95, stegonosa, StepskiVuk, Stoilkovic, tamno.nebo, TRZH92, Username1000, Viktor Vuk, vukajlo71, Wepp, wizzardone, Yugol33, YugoSlav, zemljanin, zzapNDjuric99