MyCity » Ambulanta -> Arhiva Ambulante » Browser ludi,sam prebacuje i otvara reklame.

Browser ludi,sam prebacuje i otvara reklame.

Napisano na dan: 6.10.2015
2

Browser ludi,sam prebacuje i otvara reklame.
Pagination Prethodna strana

Idi na vrh

Poslao: 07 Okt 2015 20:23
Idi na vrh
offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

Napisano: 07 Okt 2015 20:12

Zoek.exe v5.0.0.1 Updated 06-October-2015
Tool run by Blue on 07-Oct-15 at 19:48:12.50.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Blue\Desktop\zoek\zoek.scr [Scan all users] [Script inserted]

==== System Restore Info ======================

07-Oct-15 7:49:22 PM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\9d98ba84-95f1-42c1-bd4e-641aef007d5a deleted successfully
C:\PROGRA~2\by Decepticon deleted successfully
C:\PROGRA~2\Konami deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\R.G. Games deleted successfully
C:\PROGRA~2\R.G. Mechanics deleted successfully
C:\PROGRA~2\URUSoft deleted successfully
C:\Program Files\ATI Technologies deleted successfully
C:\PROGRA~3\Anvsoft deleted successfully
C:\PROGRA~3\Lexmark Package Logs deleted successfully
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\Users\Blue\AppData\Roaming\Skinux deleted successfully
C:\Users\Blue\AppData\Local\2K Games deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C1AB04C-3AF8-4AB6-9121-FA3B49176949} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F16022A-494B-466E-AE19-51E91CAB4E4B} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23B30774-890C-46E8-BC17-6B7C555E4E5C} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28D478-3298-4221-AB54-FC5B554D75A2} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F49B3CD-E112-42B7-BE82-B4CFD01F5DB8} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32D637-801E-469B-BFD7-661DB29DF61E} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36E54C67-7525-492B-8348-DAD272F5641} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C6D0575-A3B6-459C-8D9F-16135151B266} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44E07240-EB78-429F-8715-CA53C4BA99D6} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44E6EF61-60DB-4679-A728-3B061CFAAFC} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49DB7CC5-5687-48AE-8812-CEC78F9D52} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E2FCA20-FD8D-40A6-A527-57E02CD515D} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E573710-5A7A-4AF2-B4CD-15D14822935C} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56357206-218-4B76-86CE-3626A23268A4} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D1D4CB-E3BB-4561-AD3C-B79863265BC} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{632CF4CB-ED8F-49BF-B713-64E7D0CFAAAC} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68DAC575-CB10-4D61-9CA9-F11E32B69224} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72D04A3B-A2AA-40F5-81F0-374DF074F433} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B97CC47-FEC7-4B58-8D9E-2716C15D255} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90AD507D-C44D-4A76-B02E-D9E58CD89215} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A51E67A7-ED22-4D8A-90DD-A8D2530A15D} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8918360-C8DE-40D7-8B19-93D421B44AD5} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C135866E-5D37-4DA4-B040-8923B82B663} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FEBEAA-E37D-4DC5-B635-8625975579CE} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD3AAEA5-152F-48DE-B879-84D1F16AAA6} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE2946B7-72A3-4D63-955B-18D1D744D46} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E49BFA10-12D2-44C6-A1DF-5999755248B} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0D0DCB9-AA4C-48FB-A45-578BA77CD40} deleted successfully
HKEY_USERS\S-1-5-21-1697143202-2978083806-735747886-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F80D1197-5C2-4DF3-96E2-DD2C22A8C5A2} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HyperDeskCustomThemeEnabler deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\HyperDeskCustomThemeEnabler deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~2\9d98ba84-95f1-42c1-bd4e-641aef007d5a not found
C:\PROGRA~2\by Decepticon not found
C:\PROGRA~2\Konami not found
C:\PROGRA~2\R.G. Games not found
C:\PROGRA~2\R.G. Mechanics not found
C:\PROGRA~2\URUSoft not found
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
C:\PROGRA~2\DAEMON Tools Pro deleted
C:\PROGRA~2\BitLord deleted
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Blue\AppData\Local\Installer deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Photo Pro X3 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitLord deleted
C:\Users\Blue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\Users\Blue\AppData\Local\LumaEmu" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06-Oct-15 06:39 AM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default
- 158d7cb370394a758e0b3bd0a464edd2 - %ProfilePath%\extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default
C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash


==== Fake Chromium Profiles Check ======================

Fake profile C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 45.0.2454.101

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06-Oct-15 06:39 AM]

Avast Online Security - Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Hotword Shared Module - Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
dckjilenognecmpjjpeckgekikdpchli - Blue\AppData\Roaming\Opera Software\Opera Stable\Extensions\dckjilenognecmpjjpeckgekikdpchli

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Blue\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Blue\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Blue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Blue\AppData\Local\Mozilla\Firefox\Profiles\epsd5qrt.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Blue\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=80 folders=45 137298120 bytes)

==== Empty Temp Folders ======================

C:\Users\Blue\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Blue\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 07-Oct-15 at 20:10:24.52 ======================

Dopuna: 07 Okt 2015 20:15

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Blue (administrator) on BLUE-PC (07-10-2015 20:13:15)
Running from C:\Users\Blue\Desktop
Loaded Profiles: Blue (Available Profiles: Blue)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Corel, Inc.) C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Corel) C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe
(ACD Systems, Ltd.) C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [Standby] => c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe [105632 2010-01-07] (Corel)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2008-09-06] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Device Detector] => DevDetect.exe -autorun
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-10-06] (AVAST Software)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-07-07] (AMD)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [Corel Photo Downloader] => C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [523408 2009-12-30] (Corel, Inc.)
HKU\S-1-5-21-1697143202-2978083806-735747886-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53735968 2015-08-07] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-06] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 178.79.22.6 8.8.8.8
Tcpip\..\Interfaces\{C2F82EE5-2188-4099-A32D-49870BC5726C}: [DhcpNameServer] 178.79.22.6 8.8.8.8

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1697143202-2978083806-735747886-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-06] (AVAST Software)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-06] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-06] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Extension: 158d7cb370394a758e0b3bd0a464edd2 - C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2} [2015-10-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-06]

Chrome:
=======
CHR Profile: C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-01]
CHR Extension: (Google Docs) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-01]
CHR Extension: (Google Drive) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-01]
CHR Extension: (YouTube) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-01]
CHR Extension: (Google Search) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-01]
CHR Extension: (Google Sheets) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-01]
CHR Extension: (Google Docs Offline) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-02]
CHR Extension: (Avast Online Security) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-10-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-01]
CHR Extension: (Gmail) - C:\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-10-06]

Opera:
=======
OPR Extension: (dckjilenognecmpjjpeckgekikdpchli) - C:\Users\Blue\AppData\Roaming\Opera Software\Opera Stable\Extensions\dckjilenognecmpjjpeckgekikdpchli [2015-10-06]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-06] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-06] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-06] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-10] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2015-09-02] (Padus, Inc.) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-07 20:13 - 2015-10-07 20:13 - 00013596 _____ C:\Users\Blue\Desktop\FRST.txt
2015-10-07 20:11 - 2015-10-07 20:11 - 00000000 ____D C:\Users\Blue\Desktop\New folder (2)
2015-10-07 20:05 - 2014-02-13 23:59 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-10-07 19:49 - 2015-10-07 20:10 - 00012511 _____ C:\zoek-results.log
2015-10-07 19:48 - 2015-10-07 20:01 - 00000000 ____D C:\zoek_backup
2015-10-07 19:47 - 2015-10-07 19:47 - 00000000 ____D C:\Users\Blue\Desktop\zoek
2015-10-07 19:43 - 2015-10-07 19:43 - 04335672 _____ C:\Users\Blue\Downloads\zoek.rar
2015-10-07 19:19 - 2015-10-07 19:19 - 00039033 _____ C:\mbam 2.txt
2015-10-07 19:16 - 2015-10-07 19:16 - 00006799 _____ C:\Users\Blue\Desktop\mbam.txt
2015-10-07 19:08 - 2015-10-07 19:08 - 00001123 _____ C:\Users\Blue\Desktop\tyutyu.txt
2015-10-07 18:48 - 2015-10-07 20:09 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-07 18:48 - 2015-10-07 18:48 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-07 18:48 - 2015-10-07 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-07 18:48 - 2015-10-07 18:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-07 18:48 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-07 18:48 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-07 18:48 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-07 18:47 - 2015-10-07 18:48 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Blue\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-07 06:35 - 2015-10-07 06:35 - 03096064 _____ C:\Users\Blue\Downloads\1.01_BitLord_1.01new.exe
2015-10-06 20:45 - 2015-10-06 20:46 - 00000000 ____D C:\AdwCleaner
2015-10-06 20:45 - 2015-10-06 20:45 - 01681920 _____ C:\Users\Blue\Desktop\AdwCleaner.exe
2015-10-06 07:19 - 2015-10-07 20:13 - 00000000 ____D C:\FRST
2015-10-06 07:04 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-06 07:04 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-06 07:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-06 07:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-06 07:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-06 07:04 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-06 07:04 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-06 07:04 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-06 07:03 - 2015-10-06 07:12 - 00000000 ____D C:\Qoobox
2015-10-06 07:02 - 2015-10-06 07:11 - 00000000 ____D C:\Windows\erdnt
2015-10-06 07:01 - 2015-10-06 07:01 - 02193920 _____ (Farbar) C:\Users\Blue\Desktop\FRST64.exe
2015-10-06 06:41 - 2015-10-06 06:41 - 00000000 ____D C:\Users\Blue\AppData\Roaming\AVAST Software
2015-10-06 06:40 - 2015-10-06 06:40 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-06 06:40 - 2015-10-06 06:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-10-06 06:39 - 2015-10-06 06:39 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-10-06 06:39 - 2015-10-06 06:39 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-10-06 06:39 - 2015-10-06 06:39 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-10-06 06:39 - 2015-10-06 06:39 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-10-06 06:37 - 2015-10-06 06:37 - 00000000 ____D C:\Program Files\AVAST Software
2015-10-02 18:56 - 2015-10-02 18:56 - 00000000 ____D C:\Users\Blue\Documents\CPY_SAVES
2015-10-02 17:04 - 2015-10-02 17:05 - 00000000 ____D C:\Users\Blue\Desktop\new za rezanje
2015-10-02 17:00 - 2015-10-02 17:03 - 00001849 _____ C:\Users\Public\Desktop\Winamp.lnk
2015-10-02 17:00 - 2015-10-02 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-10-02 16:59 - 2015-10-02 17:00 - 00000000 ____D C:\Users\Blue\AppData\Roaming\Winamp
2015-10-02 16:59 - 2015-10-02 16:59 - 10328598 _____ (Nullsoft, Inc.) C:\Users\Blue\Downloads\winamp5666_full_en-us_redux.exe
2015-10-02 16:45 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-10-02 16:44 - 2015-10-02 16:44 - 00000000 ____D C:\Users\Blue\Documents\ËѺüÓ°Òô
2015-10-02 16:43 - 2015-10-02 16:47 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-02 16:43 - 2015-10-02 16:43 - 00000000 ____D C:\Users\Blue\AppData\Local\Temp尰
2015-09-29 11:37 - 2015-09-29 11:37 - 03643690 _____ C:\Users\Blue\Downloads\Mad Max +7 Trainer-Alex.rar
2015-09-29 11:36 - 2015-09-29 11:36 - 01953281 _____ C:\Users\Blue\Downloads\MadMax+4Tr-LNG_v1.0.rar
2015-09-25 17:27 - 2015-10-02 18:56 - 00000000 ____D C:\Users\Blue\Documents\WB Games
2015-09-25 17:23 - 2015-09-25 17:24 - 00000000 ____D C:\Users\Blue\Downloads\Mad.Max.(zabranjeno).v3.Only
2015-09-24 09:27 - 2015-09-25 17:22 - 00000000 ____D C:\Users\Blue\AppData\LocalLow\uTorrent
2015-09-24 09:03 - 2015-09-24 10:33 - 00000000 ____D C:\Users\Blue\Downloads\METAL GEAR SOLID V THE PHANTOM PAIN_RePack by SEYTER
2015-09-23 20:41 - 2015-09-23 20:42 - 03885075 _____ C:\Users\Blue\Downloads\SamFirm_v0.3.3.zip
2015-09-21 20:52 - 2015-09-21 20:52 - 00958976 _____ C:\Users\Blue\Downloads\Sygic PC maps DOWNLOADER - [20.8.2015].exe
2015-09-21 20:52 - 2015-09-21 20:52 - 00000000 ____D C:\Users\Blue\Downloads\HERE
2015-09-21 20:28 - 2015-09-21 20:28 - 00126457 _____ C:\Users\Blue\Downloads\battlefield.hardline.save.game.rar
2015-09-21 20:18 - 2015-09-21 20:19 - 00000000 ____D C:\Users\Blue\Documents\BFH
2015-09-21 08:23 - 2015-09-21 11:53 - 00020189 _____ C:\Users\Blue\Desktop\sss.pdm
2015-09-13 18:31 - 2015-09-18 09:59 - 00000000 ____D C:\Users\Blue\Desktop\New folder
2015-09-10 17:38 - 2015-09-10 17:38 - 00000000 ____D C:\Program Files (x86)\GOG.com
2015-09-09 06:52 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 06:52 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 06:52 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-09 06:52 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 06:52 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-09 06:52 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-09 06:51 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 06:51 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 06:51 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 06:51 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 06:51 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 06:51 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 06:51 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 06:51 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 06:51 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 06:51 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 06:51 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 06:51 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 06:51 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 06:51 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 06:51 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 06:51 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 06:51 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 06:51 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 06:51 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 06:51 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 06:51 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 06:51 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-09 06:51 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 06:51 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 06:51 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 06:51 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 06:51 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 06:51 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-09 06:51 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-09 06:51 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 06:51 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-09 06:51 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-09 06:51 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 06:51 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-09 06:51 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-09 06:51 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-09 06:51 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 06:51 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-09 06:51 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-09 06:51 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 06:51 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 06:51 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 06:51 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 06:51 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-09 06:51 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 06:51 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-09 06:51 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-09 06:51 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-09 06:51 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-09 06:51 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 06:51 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 06:51 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 06:51 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 06:51 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 06:51 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-09 06:51 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 06:51 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 06:51 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 06:51 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 06:51 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 06:51 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-09 06:51 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-09 06:51 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-09 06:51 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-09 06:51 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-09 06:51 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-09 06:51 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-09 06:51 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-09 06:51 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-09 06:51 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-09 06:51 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-09 06:51 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-09 06:51 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-09 06:51 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-09 06:51 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-09 06:51 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 06:51 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-09 06:51 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-09 06:51 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-09 06:51 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-09 06:51 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-09 06:51 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-09 06:51 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-09 06:51 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-09 06:51 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-09 06:51 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-09 06:51 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-09 06:51 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-09 06:51 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-09 06:51 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 06:51 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-09 06:51 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-09 06:51 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-09 06:51 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-09 06:51 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-09 06:51 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 06:51 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 06:51 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-09 06:51 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-09 06:51 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-09 06:51 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-09 06:51 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 06:51 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 06:51 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-09 06:51 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 06:50 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 06:50 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 06:50 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 06:50 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 06:50 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-09 06:50 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 06:50 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-09 06:50 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-09 06:50 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 06:50 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 06:50 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 06:50 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 06:50 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 06:50 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 06:50 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 06:50 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 06:50 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 06:50 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-09 06:50 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 06:50 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 06:50 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 06:50 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 06:50 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 06:50 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 06:50 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 06:50 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 06:50 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 06:50 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-09 06:50 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 06:50 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-09 06:50 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-09 06:50 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 06:50 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 06:50 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 06:50 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 06:50 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 06:50 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 06:50 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-07 20:13 - 2014-09-01 18:15 - 01272688 _____ C:\Windows\WindowsUpdate.log
2015-10-07 20:12 - 2014-09-01 10:23 - 00000000 ____D C:\Users\Blue\AppData\Roaming\Skype
2015-10-07 20:10 - 2014-11-23 13:55 - 00000498 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-10-07 20:10 - 2014-09-16 08:41 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-07 20:10 - 2014-09-01 09:46 - 00000000 ____D C:\ProgramData\MCShield
2015-10-07 20:09 - 2010-11-21 05:47 - 00521272 _____ C:\Windows\PFRO.log
2015-10-07 20:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-07 20:09 - 2009-07-14 06:51 - 00085160 _____ C:\Windows\setupact.log
2015-10-07 19:57 - 2014-09-16 08:41 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-07 19:19 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-07 19:19 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-07 19:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-10-07 08:19 - 2014-09-25 08:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-06 20:49 - 2014-09-01 19:21 - 00000000 ____D C:\Users\Blue\AppData\Local\CrashDumps
2015-10-06 19:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\L2Schemas
2015-10-06 18:58 - 2014-09-03 06:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-06 07:12 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-10-06 07:10 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-10-06 06:59 - 2014-12-24 10:18 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-10-06 06:59 - 2014-12-24 10:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-10-06 06:35 - 2014-09-01 09:42 - 00000000 ____D C:\ProgramData\AVAST Software
2015-10-06 06:28 - 2014-09-16 08:42 - 00001438 _____ C:\Users\Blue\Desktop\Google Chrome.lnk
2015-10-05 18:10 - 2014-09-01 12:39 - 00000000 ____D C:\Users\Blue\Documents\My Games
2015-10-02 17:00 - 2014-09-01 09:51 - 00000000 ____D C:\Program Files (x86)\Winamp
2015-10-02 16:55 - 2014-09-16 08:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-02 16:55 - 2014-09-01 09:42 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-02 16:55 - 2014-09-01 09:42 - 00001049 _____ C:\Users\Blue\Desktop\Mozilla Firefox.lnk
2015-10-02 16:52 - 2015-04-01 18:48 - 00000000 ____D C:\Users\Blue\AppData\Roaming\Subtitle Edit
2015-10-01 07:11 - 2009-07-14 07:13 - 00781782 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-25 21:05 - 2014-11-27 22:01 - 00000000 ____D C:\Users\Blue\AppData\Roaming\uTorrent
2015-09-25 14:55 - 2014-12-09 11:03 - 00000000 ____D C:\Games
2015-09-24 18:58 - 2014-09-16 09:26 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-09-24 08:47 - 2014-09-01 11:02 - 00438605 _____ C:\Windows\DirectX.log
2015-09-21 11:53 - 2014-09-01 19:08 - 00000000 ____D C:\Users\Blue\AppData\Roaming\Photo DVD Slideshow
2015-09-21 11:53 - 2014-09-01 11:29 - 00000000 ____D C:\ProgramData\TEMP
2015-09-21 08:17 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-17 10:52 - 2014-09-16 08:41 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 10:52 - 2014-09-16 08:41 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-10 17:41 - 2015-02-16 09:57 - 00000000 ____D C:\Users\Blue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-10 06:22 - 2010-11-21 09:16 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 13:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-09 12:14 - 2009-07-14 06:45 - 00308416 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 12:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-09 07:32 - 2014-09-04 19:34 - 00000000 ____D C:\Windows\system32\MRT
2015-09-08 21:39 - 2014-09-01 09:59 - 00000000 ____D C:\Users\Blue\AppData\Roaming\BSplayer PRO

==================== Files in the root of some directories =======

2014-09-01 11:08 - 2014-09-01 11:08 - 0003584 _____ () C:\Users\Blue\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-01 11:08 - 2015-01-18 16:18 - 0006266 ___SH () C:\ProgramData\KGyGaAvL.sys

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-01 12:47

==================== End of FRST.txt ============================
https://www.mycity.rs/must-login.png

Dopuna: 07 Okt 2015 20:23

i dalje haos pravi ,ala je uleteo svaka mu cast

Poslao: 07 Okt 2015 20:34
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
FF Extension: 158d7cb370394a758e0b3bd0a464edd2 - C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2} [2015-10-06]



2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Posle toga idi u Control Panel i probaj da nadjes globalupdate Helper i da deinstaliras.

Poslao: 07 Okt 2015 20:45
Idi na vrh
offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

Napisano: 07 Okt 2015 20:45

Fix result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Blue (2015-10-07 20:44:05) Run:2
Running from C:\Users\Blue\Desktop
Loaded Profiles: Blue (Available Profiles: Blue)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
FF Extension: 158d7cb370394a758e0b3bd0a464edd2 - C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2} [2015-10-06]
*****************

Restore point was successfully created.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent => value removed successfully
C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2} => moved successfully
C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\epsd5qrt.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2} => path removed successfully

==== End of Fixlog 20:44:22 ====

Dopuna: 07 Okt 2015 20:45

Iscupao si ga ,svaka cast ...

Poslao: 07 Okt 2015 20:50
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Da li je sada u redu?

Poslao: 07 Okt 2015 21:01
Idi na vrh
offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

Sve je u redu ,

Poslao: 07 Okt 2015 21:07
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Jos malo ciscenja.

Preuzmi Junkware Removal Tool ( JRT ) i sacuvaj ga na desktop.

zatvori browser i ostale pokrenute programe;

Privremeno deaktiviraj zastitni softver (Uputstvo);

dvoklikom na ikonicu ( )pokreni program JRT;

Kod obavestenja "press any key" pritisnuti bilo koji taster i alat ce zapoceti skeniranje.
Napomena: u ovisnosti od sistemske specifikacije vreme skeniranja u nekim slucajevima moze da potraje.

Kada zavrsi otvorice se log sa izvestajem koji ce biti sacuvan na desktopu pod nazivom JRT.txt

Arrow Kopiraj sadrzaj tog loga u temu.

Poslao: 08 Okt 2015 06:01
Idi na vrh
offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Ultimate x64
Ran by Blue on 08-Oct-15 at 5:54:25.67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Blue\AppData\Roaming\mozilla\firefox\profiles\epsd5qrt.default\minidumps [179 files]



~~~ Chrome


[C:\Users\Blue\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Blue\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Blue\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Blue\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08-Oct-15 at 5:58:16.68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Poslao: 08 Okt 2015 08:36
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

To je to.

Sledeća procedura će implementirati završno čišćenje.



Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.

Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;
Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.

Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno.


Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
- Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
- DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Poslao: 08 Okt 2015 16:17
Idi na vrh
offline
  • Blue  Male
  • Elitni građanin
  • Pridružio: 06 Avg 2003
  • Poruke: 2214

Odradjeno ,hvala puno ,bas je bio zavucen ovaj malware ,nisam imao ovako tesku infekciju nikad

MyCity » Ambulanta -> Arhiva Ambulante » Browser ludi,sam prebacuje i otvara reklame.

Ko je trenutno na forumu
 

Ukupno su 922 korisnika na forumu :: 27 registrovanih, 4 sakrivenih i 891 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 9k38, A.R.Chafee.Jr., antonije64, bojcistv, BRATORIII, crnitrn, dankisha, darionis, Georgius, hawkeye, HrcAk47, ladro, laki_bb, Lazarus, Leonov, Litostroton, mercedesamg, Mercury, MiroslavD, moldway, nikoli_ca, royst33, Srle993, stegonosa, Trpe Grozni, vathra, vukovi