MyCity » Ambulanta -> Arhiva Ambulante » Chrome zarazen raznim tollbarovima

Chrome zarazen raznim tollbarovima

Napisano na dan: 24.1.2016

Chrome zarazen raznim tollbarovima

Sledeća strana

Pagination

Odgovori

Luka12 Poslao: 24 Jan 2016 17:30 Idi na vrh
offline Luka12 Novi MyCity građanin Pridružio: 24 Jan 2016 Poruke: 1	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-01-2016 Ran by Luka Opacic (administrator) on LUKA (24-01-2016 17:25:44) Running from C:\Users\Luka Opacic\Desktop Loaded Profiles: Luka Opacic (Available Profiles: Luka Opacic) Platform: Windows 8 Pro (X64) Language: English (United Kingdom) Internet Explorer Version 10 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Tai Wai Shui Mu) C:\Program Files (x86)\WinZipper\winzipersvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (tsvr.com) C:\Users\Luka Opacic\AppData\Roaming\TSv\TSvr.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Windows\sppsvc.exe (TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe (TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe (Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe (TU-Funs LIMITED) C:\ProgramData\yWdMy\WdMan.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (XTab system) C:\Program Files (x86)\MiuiTab\ProtectService.exe (SearchProtect) C:\Program Files (x86)\MiuiTab\CmdShell.exe (XTab system) C:\Program Files (x86)\MiuiTab\HPNotify.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor) HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2010-12-09] (Nullsoft, Inc.) HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2571288 2014-06-22] () HKLM-x32\...\Run: [Adobe Updater] => C:\ProgramData\Adobe\color.vbs [106 2013-12-14] () HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-10-08] (Power Software Ltd) HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG) HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Luka Opacic\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\Run: [Steam] => D:\steam\Steam.exe [3013712 2015-12-14] (Valve Corporation) HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\MountPoints2: E - "E:\autorun.exe" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\MountPoints2: {6d9c14e3-4a7f-11e5-80ff-c8600059b19a} - "E:\Setup.exe" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\MountPoints2: {95f94aa0-936b-11e4-803e-806e6f6e6963} - "G:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\MountPoints2: {95f94b21-936b-11e4-803e-001d0fb6840b} - "G:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\MountPoints2: {a8f2fb20-c95d-11e3-bef3-c8600059b19a} - "E:\setup.exe" IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe Startup: C:\Users\Luka Opacic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-03-02] ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION CHR HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) AutoConfigURL: [S-1-5-21-3830091371-2095282802-1412068493-1001] => hxxp://get-access.me/wpad.dat?fa51c59db377eb5f5545ce0fdb179c341920187 Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\..\Interfaces\{2F2FCA71-A3CA-4905-BE73-712F30F6021C}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{8A602B75-B58F-4F5D-99B3-A571D290B0BB}: [NameServer] 10.21.4.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1438676068&z=36deb427256900536fd3d73g2zfc5bfq2m2q7ecm1g&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://yoursites123.com/web?type=ds&ts=1450950315&z=1406c432ec2daa1fa8e1b64g4z1z8t1w1m4m0t8zbg&from=wpm07173&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1438676068&z=36deb427256900536fd3d73g2zfc5bfq2m2q7ecm1g&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://yoursites123.com/web?type=ds&ts=1450950315&z=1406c432ec2daa1fa8e1b64g4z1z8t1w1m4m0t8zbg&from=wpm07173&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=dspp&ts=1438676102&z=d04b5625118092dd8043fa2g4zcccb3q8mcq3g0e9z&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.uk.msn.com/ HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=en-GB&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.sweet%2Dpage.com%2F%3Ftype%3Dhppp%26ts%3D1438676102%26z%3Dd04b5625118092dd8043fa2g4zcccb3q8mcq3g0e9z%26from%3Dcornl%26uid%3DTOSHIBAXMK3276GSXXH%5F91L6BJEMBXX91L6BJEMB&OSP=http%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3D%7BsearchTerms%7D%26form%3DMSSEDF%26pc%3DMSE1 HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=dspp&ts=1438676102&z=d04b5625118092dd8043fa2g4zcccb3q8mcq3g0e9z&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=100&itype=a&ver=15511&tm=377&src=ds&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450270463&from=zzgbkk123&uid=toshibaxmk3276gsxxh_91l6bjembxx91l6bjemb&z=d80039f040792c7497f60fagfz1w5e1o4m8e4z8qdm&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450270463&from=zzgbkk123&uid=toshibaxmk3276gsxxh_91l6bjembxx91l6bjemb&z=d80039f040792c7497f60fagfz1w5e1o4m8e4z8qdm&q={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=100&itype=a&ver=15511&tm=377&src=ds&p={searchTerms} SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.fastsearchings.info/?l=1&q={searchTerms}&pid=512&r=2014/07/01&hid=15815885714806100210&lg=EN&cc=RS&unqvl=56 SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450270463&from=zzgbkk123&uid=toshibaxmk3276gsxxh_91l6bjembxx91l6bjemb&z=d80039f040792c7497f60fagfz1w5e1o4m8e4z8qdm&q={searchTerms} SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cornl&utm_campaign=install_ie&utm_content=ds&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&ts=1438676123&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cornl&utm_campaign=install_ie&utm_content=ds&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&ts=1438676123&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450270463&from=zzgbkk123&uid=toshibaxmk3276gsxxh_91l6bjembxx91l6bjemb&z=d80039f040792c7497f60fagfz1w5e1o4m8e4z8qdm&q={searchTerms} SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cornl&utm_campaign=install_ie&utm_content=ds&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&ts=1438676123&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cornl&utm_campaign=install_ie&utm_content=ds&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&ts=1438676123&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cornl&utm_campaign=install_ie&utm_content=ds&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&ts=1438676123&type=default&q={searchTerms} BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll [2014-04-27] (AVG Secure Search) StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://www.yoursites123.com/?type=sc&ts=1452249600&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=wpm01073&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB FireFox: ======== FF ProfilePath: C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011 FF NewTab: chrome://quick_start/content/index.html FF DefaultSearchEngine: omniboxes FF SearchEngineOrder.1: default-search.net FF SelectedSearchEngine: omniboxes FF Homepage: hxxp://www.google.com/ FF Keyword.URL: hxxp://www.default-search.net/search?sid=503&aid=100&itype=a&ver=15511&tm=377&src=ds&p= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] () FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-18] (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll [No File] FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin HKU\S-1-5-21-3830091371-2095282802-1412068493-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Luka Opacic\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [No File] FF Plugin HKU\S-1-5-21-3830091371-2095282802-1412068493-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Luka Opacic\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [No File] FF Plugin HKU\S-1-5-21-3830091371-2095282802-1412068493-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File] FF Plugin HKU\S-1-5-21-3830091371-2095282802-1412068493-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32dsw.dll [2007-04-30] (Adobe Systems, Inc.) FF SearchPlugin: C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\searchplugins\default-search.xml [2015-08-04] FF SearchPlugin: C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\searchplugins\delta-homes.xml [2015-11-24] FF SearchPlugin: C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\searchplugins\omniboxes.xml [2016-01-09] FF SearchPlugin: C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\searchplugins\sweet-page.xml [2016-01-10] FF SearchPlugin: C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\searchplugins\yoursites123.xml [2016-01-08] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml [2015-08-04] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml [2014-11-02] FF Extension: YahooToolsProtected - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\yahooprotected@gmail.com.xpi [2016-01-08] [not signed] FF Extension: Default NewTab - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\default_newtabff@gmail.com [2016-01-08] [not signed] FF Extension: Default SearchProtected - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\defsearchp@gmail.com [2016-01-10] [not signed] FF Extension: Ads Remover - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\Extensions\qlwmlnroyzqgvxlsr@ndmznwpkrnflpuql.org [2015-12-03] [not signed] FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.0.443 FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.0.443 [2014-04-27] [not signed] FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode383.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode383\ff => not found FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release991.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release991\ff => not found FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha4405.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4405\ff => not found FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\faststartff@gmail.com => not found FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\defsearchp@gmail.com FF HKLM-x32\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\default_newtabff@gmail.com FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\yahooprotected@gmail.com => not found StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc&ts=1452249600&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=wpm01073&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB Chrome: ======= CHR HomePage: Default -> hxxp://www.google.rs/ CHR StartupUrls: Default -> "hxxp://www.google.rs/","hxxp://www.google.com/" CHR DefaultSearchURL: Default -> hxxp://www.sweet-page.com/web/?type=dspp&ts=1438676102&z=d04b5625118092dd8043fa2g4zcccb3q8mcq3g0e9z&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} CHR DefaultSearchKeyword: Default -> sweet-page CHR Profile: C:\Users\Luka Opacic\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google документи) - C:\Users\Luka Opacic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-24] CHR Extension: (Skype) - C:\Users\Luka Opacic\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-24] CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\Luka Opacic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-24] CHR Profile: C:\Users\Luka Opacic\AppData\Local\Google\Chrome\User Data\Profile 1 CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Luka Opacic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Luka Opacic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx <not found> ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed] R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [119808 2015-12-08] (XTab system) [File not signed] R2 IhPul; C:\Users\Luka Opacic\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-05-06] () R2 SLSvc; C:\Windows\sppsvc.exe [10240 2012-08-25] (Microsoft Corporation) [File not signed] R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [158400 2016-01-08] (TODO: <公司名>) R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed] R2 WdMan; C:\ProgramData\yWdMy\WdMan.exe [326656 2016-01-08] (TU-Funs LIMITED) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation) R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [731824 2016-01-20] (Tai Wai Shui Mu) <==== ATTENTION ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2013-12-19] (Advanced Micro Devices) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-01-25] () R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek ) R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-08-30] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3295984 2012-07-26] (Broadcom Corporation) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-01-25] () R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] () R2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11376 2002-10-08] () [File not signed] S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [20992 2013-02-12] (Microsoft Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44024 2015-01-31] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [275712 2015-01-31] (Microsoft Corporation) S1 F06DEFF2-5B9C-490D-910F-35D3A91196223; \??\C:\Program Files (x86)\Assets Manager\smdmf\x64\smdmfmgrc3.cfg [X] S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-24 17:25 - 2016-01-24 17:26 - 00026965 _____ C:\Users\Luka Opacic\Desktop\FRST.txt 2016-01-24 17:25 - 2016-01-24 17:25 - 02370560 _____ (Farbar) C:\Users\Luka Opacic\Desktop\FRST64.exe 2016-01-24 17:25 - 2016-01-24 17:25 - 00000000 ____D C:\FRST 2016-01-24 17:24 - 2016-01-24 17:25 - 02370560 _____ (Farbar) C:\Users\Luka Opacic\Downloads\FRST64.exe 2016-01-11 22:25 - 2016-01-11 22:25 - 00000000 ____D C:\Users\Luka Opacic\Downloads\PopcornTime 2016-01-08 15:33 - 2016-01-08 15:33 - 00279488 _____ C:\Windows\Minidump\010816-43586-01.dmp 2016-01-08 11:39 - 2016-01-08 11:40 - 00000000 ____D C:\ProgramData\yWdMy 2016-01-07 15:08 - 2016-01-07 15:08 - 00000000 __SHD C:\found.001 2016-01-01 17:02 - 2016-01-01 17:22 - 00000000 ____D C:\Users\Luka Opacic\Desktop\New folder (3) 2015-12-31 14:49 - 2015-12-31 14:49 - 00000000 ____D C:\Users\Luka Opacic\AppData\Roaming\Wargaming.net 2015-12-28 20:28 - 2015-12-28 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2015-12-28 20:28 - 2015-12-28 20:28 - 00000000 ____D C:\Games 2015-12-28 14:33 - 2015-12-28 14:33 - 00001431 _____ C:\Users\Luka Opacic\Desktop\Call of Duty 2 SinglePlayer.lnk ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-08-27 07:11 - 2012-06-02 15:33 - 00132165 _____ C:\Windows\system32\slmgr.vbs 2016-01-24 17:25 - 2012-07-26 06:37 - 00000000 ____D C:\Windows 2016-01-24 17:19 - 2015-10-12 11:18 - 00000000 ____D C:\Program Files (x86)\WinZipper 2016-01-24 17:13 - 2015-09-22 13:47 - 00000000 ____D C:\Program Files (x86)\SFK 2016-01-24 17:10 - 2015-11-28 10:28 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-24 17:08 - 2015-08-30 15:44 - 00000000 ____D C:\Program Files (x86)\Opera 2016-01-24 17:08 - 2013-07-05 12:13 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3830091371-2095282802-1412068493-1001 2016-01-24 17:05 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\tracing 2016-01-24 17:03 - 2015-11-28 10:28 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-24 17:03 - 2014-10-24 14:49 - 00004486 _____ C:\Windows\Tasks\086aa29e-fe25-4df1-9422-85ceb14b5931-4.job 2016-01-24 17:03 - 2014-10-24 14:30 - 00004486 _____ C:\Windows\Tasks\3e12b71c-1809-4db7-b711-0014c07013dc-4.job 2016-01-24 17:03 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-23 20:51 - 2015-07-14 21:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-23 18:10 - 2013-07-05 18:30 - 00000000 ____D C:\Users\Luka Opacic\AppData\Roaming\BitTorrent 2016-01-23 16:08 - 2014-12-17 12:43 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-01-23 15:40 - 2012-07-26 06:26 - 00524288 ___SH C:\Windows\system32\config\BBI 2016-01-21 16:51 - 2015-09-30 13:02 - 00003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1440945961 2016-01-21 16:51 - 2015-08-30 15:46 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-01-20 14:52 - 2015-07-14 21:22 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-01-15 09:47 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\Inf 2016-01-11 20:19 - 2013-07-12 16:44 - 00053248 ____H C:\Users\Luka Opacic\Desktop\photothumb.db 2016-01-11 20:18 - 2015-09-17 15:16 - 00000000 ____D C:\Users\Luka Opacic\Desktop\New folder 2016-01-08 15:33 - 2014-05-06 19:05 - 00000000 ____D C:\Windows\Minidump 2016-01-08 11:41 - 2015-09-22 13:46 - 00000000 ____D C:\Users\Luka Opacic\AppData\Roaming\TSv 2016-01-08 11:39 - 2015-10-12 11:15 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2016-01-01 17:24 - 2014-03-31 16:13 - 00000000 ___RD C:\Users\Luka Opacic\Desktop\Марија 2016-01-01 02:16 - 2014-12-25 17:47 - 00000000 ____D C:\Users\Luka Opacic\AppData\Roaming\TS3Client 2015-12-31 19:24 - 2013-07-19 16:02 - 00000000 ____D C:\Users\Luka Opacic\Documents\GTA San Andreas User Files 2015-12-28 20:29 - 2013-10-18 16:21 - 00000000 ___HD C:\Windows\msdownld.tmp 2015-12-28 20:27 - 2012-07-26 08:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-28 14:33 - 2015-03-28 19:26 - 00001463 _____ C:\Users\Luka Opacic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty 2 SinglePlayer.lnk 2015-12-28 14:33 - 2015-03-28 19:26 - 00001463 _____ C:\Users\Luka Opacic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty 2 MultiPlayer.lnk 2015-12-27 10:56 - 2015-09-27 17:57 - 00000000 ____D C:\ProgramData\eb638b4800003819 2015-12-25 19:38 - 2015-09-27 17:56 - 00000000 ____D C:\ProgramData\b1bbd56c00001143 ==================== Files in the root of some directories ======= 2015-02-01 19:33 - 2015-08-09 21:30 - 0000079 _____ () C:\Program Files (x86)\prefs.js 2015-12-24 10:43 - 2015-12-24 10:44 - 2770377 _____ (iBank) C:\Program Files (x86)\SSFK.exe 2015-05-15 14:52 - 2015-08-17 06:57 - 0000024 _____ () C:\Users\Luka Opacic\AppData\Roaming\appdataFr25.bin 2015-01-28 18:25 - 2015-05-14 13:07 - 0000020 _____ () C:\Users\Luka Opacic\AppData\Roaming\appdataFr3.bin 2014-07-01 14:12 - 2014-07-01 14:28 - 0003841 _____ () C:\Users\Luka Opacic\AppData\Roaming\LiveSupport.exe_log.txt 2014-07-01 14:12 - 2014-07-01 14:28 - 0000092 _____ () C:\Users\Luka Opacic\AppData\Roaming\regsvr32.exe_log.txt 2014-10-24 14:28 - 2014-10-24 14:28 - 2057120 _____ (Object Browser) C:\Users\Luka Opacic\AppData\Roaming\RIZD.exe 2015-08-18 14:57 - 2015-08-18 14:57 - 0011100 _____ () C:\Users\Luka Opacic\AppData\Roaming\TheHunterSettings_live.bin 2015-07-13 21:54 - 2015-07-13 21:54 - 0000041 _____ () C:\Users\Luka Opacic\AppData\Roaming\TheHunterSettings_local.cfg 2015-10-03 21:22 - 2015-12-16 17:10 - 0022016 _____ () C:\Users\Luka Opacic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-07-09 23:07 - 2014-07-09 23:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-10-12 11:15 - 2016-01-08 11:39 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Files to move or delete: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Some files in TEMP: ==================== C:\Users\Luka Opacic\AppData\Local\Temp\1b8738.exe C:\Users\Luka Opacic\AppData\Local\Temp\770.exe C:\Users\Luka Opacic\AppData\Local\Temp\AutoRun.exe C:\Users\Luka Opacic\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Luka Opacic\AppData\Local\Temp\avgF182.exe C:\Users\Luka Opacic\AppData\Local\Temp\bitool.dll C:\Users\Luka Opacic\AppData\Local\Temp\cabex.dll C:\Users\Luka Opacic\AppData\Local\Temp\drm_dyndata_7340013.dll C:\Users\Luka Opacic\AppData\Local\Temp\drm_dyndata_7340016.dll C:\Users\Luka Opacic\AppData\Local\Temp\drm_dyndata_7380006.dll C:\Users\Luka Opacic\AppData\Local\Temp\drm_dyndata_7380009.dll C:\Users\Luka Opacic\AppData\Local\Temp\drm_dyndata_7400009.dll C:\Users\Luka Opacic\AppData\Local\Temp\drm_dyndata_7410004.dll C:\Users\Luka Opacic\AppData\Local\Temp\drvinst-1.exe C:\Users\Luka Opacic\AppData\Local\Temp\drvinst-2.exe C:\Users\Luka Opacic\AppData\Local\Temp\drvinst001.exe C:\Users\Luka Opacic\AppData\Local\Temp\drvinst01.exe C:\Users\Luka Opacic\AppData\Local\Temp\drvinstal1.exe C:\Users\Luka Opacic\AppData\Local\Temp\DseShExt-x64.dll C:\Users\Luka Opacic\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Luka Opacic\AppData\Local\Temp\DSETUP.dll C:\Users\Luka Opacic\AppData\Local\Temp\dsetup32.dll C:\Users\Luka Opacic\AppData\Local\Temp\DTLite1010-0074.exe C:\Users\Luka Opacic\AppData\Local\Temp\DTLite4491-0356.exe C:\Users\Luka Opacic\AppData\Local\Temp\DXSETUP.exe C:\Users\Luka Opacic\AppData\Local\Temp\EAInstall.dll C:\Users\Luka Opacic\AppData\Local\Temp\EBUFACF.exe C:\Users\Luka Opacic\AppData\Local\Temp\EBUFD6E.DLL C:\Users\Luka Opacic\AppData\Local\Temp\ICReinstall_CR_Downloader_for_teenage-mutant-hero-turtles---the-hyperstone-heist.exe C:\Users\Luka Opacic\AppData\Local\Temp\jKQCAeUT59.exe C:\Users\Luka Opacic\AppData\Local\Temp\LEGOLOTR.exe C:\Users\Luka Opacic\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE C:\Users\Luka Opacic\AppData\Local\Temp\nsisvc.exe C:\Users\Luka Opacic\AppData\Local\Temp\nvcuda.exe C:\Users\Luka Opacic\AppData\Local\Temp\ofwz65984.exe C:\Users\Luka Opacic\AppData\Local\Temp\ofwz81662.exe C:\Users\Luka Opacic\AppData\Local\Temp\raptrpatch.exe C:\Users\Luka Opacic\AppData\Local\Temp\raptr_stub.exe C:\Users\Luka Opacic\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Luka Opacic\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\Luka Opacic\AppData\Local\Temp\setacl.exe C:\Users\Luka Opacic\AppData\Local\Temp\Setup.exe C:\Users\Luka Opacic\AppData\Local\Temp\SETUP_AFTERBURNER.EXE C:\Users\Luka Opacic\AppData\Local\Temp\ShopperProJSINJFull.exe C:\Users\Luka Opacic\AppData\Local\Temp\SkidRow.exe C:\Users\Luka Opacic\AppData\Local\Temp\sonarinst.exe C:\Users\Luka Opacic\AppData\Local\Temp\tmp2F9A.tmp.exe C:\Users\Luka Opacic\AppData\Local\Temp\tu17p84.exe C:\Users\Luka Opacic\AppData\Local\Temp\TUUUninstallHelper.exe C:\Users\Luka Opacic\AppData\Local\Temp\TvhkpE2JjV.exe C:\Users\Luka Opacic\AppData\Local\Temp\ubiB1A3.tmp.exe C:\Users\Luka Opacic\AppData\Local\Temp\ubiBF00.tmp.exe C:\Users\Luka Opacic\AppData\Local\Temp\UEFA Champions League 2006-2007_uninst.exe C:\Users\Luka Opacic\AppData\Local\Temp\unelevate.exe C:\Users\Luka Opacic\AppData\Local\Temp\Uninstall.exe C:\Users\Luka Opacic\AppData\Local\Temp\update.exe C:\Users\Luka Opacic\AppData\Local\Temp\Updater.exe C:\Users\Luka Opacic\AppData\Local\Temp\updtr24000.exe C:\Users\Luka Opacic\AppData\Local\Temp\utt87A2.tmp.exe C:\Users\Luka Opacic\AppData\Local\Temp\uttC0A8.tmp.exe C:\Users\Luka Opacic\AppData\Local\Temp\Walking-dead-1_2_3_4_5.exe-1438003155386.exe C:\Users\Luka Opacic\AppData\Local\Temp\Walking-dead-1_2_3_4_5.exe-1438003162308.exe C:\Users\Luka Opacic\AppData\Local\Temp\Walking-dead-1_2_3_4_5.exe-1438003171262.exe C:\Users\Luka Opacic\AppData\Local\Temp\Walking-dead-1_2_3_4_5.exe-1438003175087.exe C:\Users\Luka Opacic\AppData\Local\Temp\Walking-dead-1_2_3_4_5.exe-1438003272162.exe C:\Users\Luka Opacic\AppData\Local\Temp\ytaiesmt.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-01-19 13:45 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-01-2016 Ran by Luka Opacic (2016-01-24 17:28:11) Running from C:\Users\Luka Opacic\Desktop Windows 8 Pro (X64) (2013-07-05 10:56:53) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3830091371-2095282802-1412068493-500 - Administrator - Disabled) Guest (S-1-5-21-3830091371-2095282802-1412068493-501 - Limited - Disabled) Luka Opacic (S-1-5-21-3830091371-2095282802-1412068493-1001 - Administrator - Enabled) => C:\Users\Luka Opacic ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.47.0 - Adobe Systems Incorporated) Adobe Shockwave Player (HKLM-x32\...\Adobe Shockwave Player) (Version: 10.2.0.22 - Adobe Systems, Inc.) Age of Mythology - The Titans Expansion (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: - ) Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - ) Assassin's Creed ® III (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.00 - Ubisoft) Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft) AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.0.443 - AVG Technologies) BitTorrent (HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\BitTorrent) (Version: 7.9.5.41373 - BitTorrent Inc.) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) DARK VOID (HKLM-x32\...\{2D0B560E-493A-47EE-9132-6A47A44A437F}) (Version: 1.0.0.0 - CAPCOM ENTERTAINMENT, INC.) Dishonored Game of the Year Edition (HKLM-x32\...\RGlzaG9ub3JlZA==_is1) (Version: 1 - ) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) Football Manager 2008 (HKLM-x32\...\Football Manager 2008) (Version: 8.0.0.0 - Sports Interactive) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}) (Version: 1.2.0238 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version: - ) Mount&Blade: Warband - Viking Conquest (HKLM-x32\...\Mount&Blade: Warband - Viking Conquest) (Version: - ) Mozilla Firefox 42.0 (x86 sr) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 sr)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla) Mozilla Thunderbird 17.0.8 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 17.0.8 (x86 en-US)) (Version: 17.0.8 - Mozilla) Need for Speed Most Wanted Black Edition (HKLM-x32\...\Need for Speed Most Wanted Black Edition_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky) Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts) Nero 7 Ultra Edition (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301033}) (Version: 7.02.9753 - Nero AG) NVIDIA GAME System Software 2.8.1 (HKLM-x32\...\{4F0C7CCF-5666-474B-B02E-AC514A95EC93}) (Version: 2.8.1 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) Opera Stable 34.0.2036.50 (HKLM-x32\...\Opera 34.0.2036.50) (Version: 34.0.2036.50 - Opera Software) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.0.0 - Popcorn Time) PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd) Pro Evolution Soccer 2010 (HKLM-x32\...\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}) (Version: 1.00.0000 - KONAMI) Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI) Pro Evolution Soccer 4 (HKLM-x32\...\InstallShield_{AC056D10-E6C0-4085-BAD6-EEBB5EC76D66}) (Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) Pro Evolution Soccer 4 (x32 Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) Hidden Prototype(TM) (x32 Version: 1.0 - Activision) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) Rogue Warrior (HKLM-x32\...\{06645A45-8A8E-4984-9065-89864FDE8EC2}) (Version: 1.00.0000 - Bethesda Softworks LLC) SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.) Sniper Elite 3 (HKLM-x32\...\{XXXXXXXX-XXXX-XXXX-XXXX-BLACKBOX0005}) (Version: 6.0 - Black Box) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - ) The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - ) The Sims 4 Deluxe Edition version 1.7.65.1020 (HKLM-x32\...\The Sims 4 Deluxe Edition_is1) (Version: 1.7.65.1020 - Mr DJ) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.) theHunter (remove only) (HKLM-x32\...\theHunter) (Version: - Expansive Worlds) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH) TuneUp Utilities 2014 (x32 Version: 14.0.1000.324 - TuneUp Software) Hidden Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Ultra Video Splitter 6.2.1123 (HKLM-x32\...\Ultra Video Splitter_is1) (Version: - Aone Software) Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton) Warcraft III (HKLM-x32\...\Warcraft III) (Version: - ) Winamp (HKLM-x32\...\Winamp) (Version: 5.601 - Nullsoft, Inc) Winamp Detector Plug-in (HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.137 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION World of Tanks (HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {03EAF5D4-EDD4-4AFA-A62B-B88D4D9A9CC7} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader Task: {0F9CF1AE-B086-42B7-9370-9689BFE07C8C} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector Task: {1B3B2CD3-E909-4429-A2BC-AF28D1775247} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask Task: {274833F0-852A-4A46-9C3B-E15B9A65C25E} - System32\Tasks\UNELEVATE_1240 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1382\jsdrv.exe <==== ATTENTION Task: {307D8C75-FDA3-49D3-AA9F-DB79F405FB59} - System32\Tasks\Microsoft\Windows\Autochk\Proxy Task: {3FA594F4-C2FD-4A63-A981-F04C7B447741} - System32\Tasks\Google Updater and Installer => C:\Users\Luka Opacic\AppData\Local\Google\Update\GoogleUpdate.exe Task: {4703B348-AC55-4E1F-B4B0-3F01BD511048} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver Task: {49A27B32-BE37-480A-888D-810B3FDD72F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated) Task: {4C68F175-0425-4C45-8F71-C79353268F89} - System32\Tasks\UNELEVATE_15 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1382\jsdrv.exe <==== ATTENTION Task: {510B00EE-1ECF-494B-BAB5-931CE9FB6CB8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe Task: {5F200263-106B-43F7-9412-5497F49E88CF} - System32\Tasks\LuckyBrowse => C:\Program Files (x86)\LuckyBrowse\app\luckybrowse.exe [2015-11-22] () <==== ATTENTION Task: {67229DF8-B971-4F31-933D-0FD466D45DE1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater Task: {716C0C27-6170-4396-A32B-40C162285710} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-28] (Google Inc.) Task: {7B1929BD-AF04-42D9-8F82-49635038E105} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-28] (Google Inc.) Task: {7F4B0891-4669-44EC-9B97-14B46EAC3C05} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION Task: {801832E9-C05B-4BD9-8FF1-B88A414A2EEA} - System32\Tasks\3e12b71c-1809-4db7-b711-0014c07013dc-4 => C:\Program Files (x86)\Senses\3e12b71c-1809-4db7-b711-0014c07013dc-4.exe <==== ATTENTION Task: {9F1578F2-3470-4928-BC4F-310518E1E9D8} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation Task: {C78277CE-EE95-4E61-9867-34AA155D0035} - System32\Tasks\086aa29e-fe25-4df1-9422-85ceb14b5931-4 => C:\Program Files (x86)\iWebar\086aa29e-fe25-4df1-9422-85ceb14b5931-4.exe <==== ATTENTION Task: {C84F8A44-9FD3-4273-930B-E488674D2812} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent Task: {CDD73EB8-449A-42F4-8824-632FB45E34C8} - System32\Tasks\Opera scheduled Autoupdate 1440945961 => C:\Program Files (x86)\Opera\launcher.exe [2016-01-18] (Opera Software) Task: {DDD6403D-B9B7-4AEB-8E2C-8906DE169BB5} - System32\Tasks\SystemSoundsService => C:\Users\Luka Opacic\AppData\Local\Temp\nsisvc.exe [2015-05-27] () <==== ATTENTION Task: {E3661099-08F4-4787-A0DF-55FA40036F1D} - System32\Tasks\WPD\SqmUpload_S-1-5-21-3830091371-2095282802-1412068493-1001 Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask Task: {F5D052C0-E288-40A1-A4F4-8A520CBA98F4} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION Task: {F6EEB348-4FCE-484C-B5EE-7FDB5F66360C} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\086aa29e-fe25-4df1-9422-85ceb14b5931-4.job => C:\Program Files (x86)\iWebar\086aa29e-fe25-4df1-9422-85ceb14b5931-4.exe <==== ATTENTION Task: C:\Windows\Tasks\3e12b71c-1809-4db7-b711-0014c07013dc-4.job => C:\Program Files (x86)\Senses\3e12b71c-1809-4db7-b711-0014c07013dc-4.exe <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Luka Opacic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.omniboxes.com/?type=sc&ts=1448635631&z=76f4dff69102d89f6b689d8gaz0z1b1qccfwaq3c0c&from=ient07021&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB ShortcutWithArgument: C:\Users\Luka Opacic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1452249600&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=wpm01073&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB ShortcutWithArgument: C:\Users\Luka Opacic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.omniboxes.com/?type=sc&ts=1448635631&z=76f4dff69102d89f6b689d8gaz0z1b1qccfwaq3c0c&from=ient07021&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB ShortcutWithArgument: C:\Users\Luka Opacic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1452249600&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=wpm01073&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB ShortcutWithArgument: C:\Users\Luka Opacic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450950315&z=1406c432ec2daa1fa8e1b64g4z1z8t1w1m4m0t8zbg&from=wpm07173&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450950315&z=1406c432ec2daa1fa8e1b64g4z1z8t1w1m4m0t8zbg&from=wpm07173&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1452249600&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=wpm01073&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB ==================== Loaded Modules (Whitelisted) ============== 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2015-11-22 19:48 - 2015-11-22 19:48 - 00585728 _____ () C:\Program Files (x86)\LuckyBrowse\app\luckybrowse.exe 2014-04-17 21:29 - 2014-04-17 21:29 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2015-05-06 19:16 - 2015-05-06 19:16 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-10-12 11:18 - 2015-12-19 05:17 - 00582144 _____ () C:\Program Files (x86)\WinZipper\curlpp.dll 2015-10-12 11:18 - 2015-12-19 05:17 - 00065688 _____ () C:\Program Files (x86)\WinZipper\zlib1.dll 2016-01-15 09:10 - 2016-01-12 17:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll 2016-01-15 09:10 - 2016-01-12 17:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 06:26 - 2015-05-27 13:05 - 00001050 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 static3.cdn.ubi.com 127.0.0.1 ubisoft-orbit.s3.amazonaws.com 127.0.0.1 onlineconfigservice.ubi.com 127.0.0.1 orbitservice.ubi.com 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 10.21.4.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "Virtual Router Manager.lnk" HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run32: => "WinampAgent" HKLM\...\StartupApproved\Run32: => "vProt" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKLM\...\StartupApproved\Run32: => "GroupManager" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "mobilegeni daemon" HKLM\...\StartupApproved\Run32: => "StartCCC" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\StartupApproved\Run: => "Google Update" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\StartupApproved\Run: => "RGSC" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\StartupApproved\Run: => "NextLive" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\StartupApproved\Run: => "LiveSupport" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\StartupApproved\Run: => "GoobzoYouTubeAccelerator" HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [TCP Query User{E3013125-2B39-4523-B567-92D2E0C1C6AE}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{1D6E7CBD-6F52-4284-ADE3-7B4754C58F4C}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [{F581F5B8-4D10-49B7-AD10-35B36D05242C}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe FirewallRules: [{BB78CC8B-2AE0-4323-9A5C-04D32D5A7735}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe FirewallRules: [{260F6A1E-821B-4FC6-BCBC-AFBB7102515D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe FirewallRules: [{785D9D3A-23A7-4CE3-ADB3-6F52F7732164}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe FirewallRules: [{633C6C06-5B2E-43E4-AFDF-2CB65DC28BF7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe FirewallRules: [{93703810-3DD8-4EDF-A905-6622B292A1D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe FirewallRules: [{3A1AA62F-780D-4A78-B71B-79EE39F909C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D4549CA2-6E5A-4231-87C9-8B3BD827A65E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4CF62A68-7881-4633-8329-281119106D05}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{F3758567-0673-49DC-BD4F-3E093CDE063A}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{54ECCCA1-5864-4966-AB5D-DD0DD3B76321}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{2A703F67-95AB-4DAD-BEA5-7139F80C8B8A}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{3A297595-4B0E-4441-A577-5FD6FE4C73AD}] => (Allow) LPort=57766 FirewallRules: [{B833C2C0-2F57-4AD5-9B91-EECE457C89A0}] => (Allow) LPort=57766 FirewallRules: [{7398895F-5332-462F-97B0-A6619A56A166}] => (Allow) LPort=57766 FirewallRules: [{9CA234D4-75CE-4145-AC25-E3FA597D7430}] => (Allow) LPort=57766 FirewallRules: [{B66CAC9F-D116-492D-8D33-F84EFE409B52}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [TCP Query User{7E79FD3D-6406-4766-B691-3D19A0FFF97C}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{FB9CE3D9-593D-4E2A-B33D-BDBD2CE56E56}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{DFEFD0BA-98EB-488F-9CF9-F8A18C718BCA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{88BEB99A-C22B-426A-89F4-88228F71A4FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{4CB10428-216E-4D37-A2BC-61ACB536A875}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{7569991F-AC7C-4A2C-91C9-EDD66578D3DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{E95CAC58-DC12-4AF7-8BBD-B7E22D383426}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{3C3DC12D-ED1B-4D27-8A17-9293009A64D7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{CAB48E3B-9ECE-4826-B4FA-8B65A43BC63C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{D2C9539A-BBA1-4491-AFE3-8BFDC4F04BF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [TCP Query User{0E42E045-80CA-45E1-84B9-381A172B48A4}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [UDP Query User{9B056FE4-2E56-4F53-A80B-774333CEEA48}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [{345FA268-1933-466F-A912-49A7A3BB3475}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{A11CB248-5956-4294-A0CD-CDB1FE232597}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{2090B196-2F7F-4F37-8D68-E76DA2972147}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{6472657C-E8D5-4A46-A81C-884A984C4786}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [TCP Query User{4DEC4C38-99C6-47DB-A5E5-74C3F08D5A8C}D:\program files (x86)\murdered soul suspect\binaries\win64\murdered.exe] => (Block) D:\program files (x86)\murdered soul suspect\binaries\win64\murdered.exe FirewallRules: [UDP Query User{7FC645C9-AF01-4799-819A-1C96B15D484E}D:\program files (x86)\murdered soul suspect\binaries\win64\murdered.exe] => (Block) D:\program files (x86)\murdered soul suspect\binaries\win64\murdered.exe FirewallRules: [TCP Query User{8D82BB16-7317-4861-AA0D-1463220F6F22}D:\program files (x86)\dishonored\dishonored nosteam\binaries\win32\dishonored.exe] => (Block) D:\program files (x86)\dishonored\dishonored nosteam\binaries\win32\dishonored.exe FirewallRules: [UDP Query User{324D4C99-C135-486A-ADA3-8DEFCD12E8D5}D:\program files (x86)\dishonored\dishonored nosteam\binaries\win32\dishonored.exe] => (Block) D:\program files (x86)\dishonored\dishonored nosteam\binaries\win32\dishonored.exe FirewallRules: [{47E78AD2-F6E0-46D7-A133-CCDFAB6CFA95}] => (Allow) C:\Program Files (x86)\KONAMI\JSL Patch 2013.exe FirewallRules: [{7C09F856-6E79-4927-886A-D2176D406A2B}] => (Allow) C:\Program Files (x86)\KONAMI\JSL Patch 2013.exe FirewallRules: [{29B49DF9-39CA-426A-8AE5-1E74BC5F61DE}] => (Allow) C:\Program Files (x86)\KONAMI\pes2013.exe FirewallRules: [{20DEDF1C-0697-4663-A99B-225789722985}] => (Allow) C:\Program Files (x86)\KONAMI\pes2013.exe FirewallRules: [TCP Query User{AF83D8ED-8916-4404-92D0-8EDCDDC36ACA}C:\program files (x86)\assassins creed iii\ac3sp.exe] => (Block) C:\program files (x86)\assassins creed iii\ac3sp.exe FirewallRules: [UDP Query User{F4A7CE7A-70CC-4F5B-B21E-2257105FA37C}C:\program files (x86)\assassins creed iii\ac3sp.exe] => (Block) C:\program files (x86)\assassins creed iii\ac3sp.exe FirewallRules: [{94346C73-2E63-4597-B058-5727FC232C37}] => (Allow) C:\Battlefield 4\bf4_x86.exe FirewallRules: [{D844585C-3638-4FBA-8CFC-3148A0C3D774}] => (Allow) C:\Battlefield 4\bf4_x86.exe FirewallRules: [{6887C4AE-910C-41C8-A3D4-FF2A222C2469}] => (Allow) C:\Battlefield 4\bf4.exe FirewallRules: [{7931AB66-6401-4502-A62F-69A720D33162}] => (Allow) C:\Battlefield 4\bf4.exe FirewallRules: [TCP Query User{AB5B999D-7A20-4766-8CBF-FDAE00356B06}C:\users\luka opacic\downloads\left 4 dead 2 2013 pc full game 2.1.2.5 mp+sp ^^nosteam^^\left4dead 2 2013\left4dead2.exe] => (Block) C:\users\luka opacic\downloads\left 4 dead 2 2013 pc full game 2.1.2.5 mp+sp ^^nosteam^^\left4dead 2 2013\left4dead2.exe FirewallRules: [UDP Query User{89C67CEC-F61B-4252-8F5D-795A194250A8}C:\users\luka opacic\downloads\left 4 dead 2 2013 pc full game 2.1.2.5 mp+sp ^^nosteam^^\left4dead 2 2013\left4dead2.exe] => (Block) C:\users\luka opacic\downloads\left 4 dead 2 2013 pc full game 2.1.2.5 mp+sp ^^nosteam^^\left4dead 2 2013\left4dead2.exe FirewallRules: [{88A6AE0C-1797-4313-9FE1-63A4358F1E86}] => (Allow) D:\steam\Steam.exe FirewallRules: [{02C7A846-B71D-4213-B5BD-E1A7627D1494}] => (Allow) D:\steam\Steam.exe FirewallRules: [{D20CC3F8-E577-43A1-A436-6B12377CAB7F}] => (Allow) D:\steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{959425CA-2441-4D6C-9F69-F23B39EAE2A0}] => (Allow) D:\steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [TCP Query User{7447068E-6AB3-4EB6-B422-545AC54D85A7}D:\users\luka opacic\downloads\left 4 dead 2 2013 pc full game 2.1.2.5 mp+sp ^^nosteam^^\left4dead 2 2013\left4dead2.exe] => (Block) D:\users\luka opacic\downloads\left 4 dead 2 2013 pc full game 2.1.2.5 mp+sp ^^nosteam^^\left4dead 2 2013\left4dead2.exe FirewallRules: [UDP Query User{AB804E06-17D0-434C-AA7F-FF59E7F94216}D:\users\luka opacic\downloads\left 4 dead 2 2013 pc full game 2.1.2.5 mp+sp ^^nosteam^^\left4dead 2 2013\left4dead2.exe] => (Block) D:\users\luka opacic\downloads\left 4 dead 2 2013 pc full game 2.1.2.5 mp+sp ^^nosteam^^\left4dead 2 2013\left4dead2.exe FirewallRules: [TCP Query User{BE42B20E-E6DC-4926-8751-7A17CC49DD84}C:\program files (x86)\r.g. mechanics\transformers - rise of the dark spark\binaries\transgame.exe] => (Block) C:\program files (x86)\r.g. mechanics\transformers - rise of the dark spark\binaries\transgame.exe FirewallRules: [UDP Query User{FAB4D2E5-188B-46F5-B625-2E65A7B12701}C:\program files (x86)\r.g. mechanics\transformers - rise of the dark spark\binaries\transgame.exe] => (Block) C:\program files (x86)\r.g. mechanics\transformers - rise of the dark spark\binaries\transgame.exe FirewallRules: [TCP Query User{EB8790CB-A23F-4B4B-ADED-2A9EDA7DD029}D:\program files (x86)\r.g. mechanics\transformers - rise of the dark spark\binaries\transgame.exe] => (Allow) D:\program files (x86)\r.g. mechanics\transformers - rise of the dark spark\binaries\transgame.exe FirewallRules: [UDP Query User{41C8BCAA-B986-42D1-9D55-51DAB75C5881}D:\program files (x86)\r.g. mechanics\transformers - rise of the dark spark\binaries\transgame.exe] => (Allow) D:\program files (x86)\r.g. mechanics\transformers - rise of the dark spark\binaries\transgame.exe FirewallRules: [TCP Query User{74CB91DD-6501-497F-8CAA-2AD196EECE6C}D:\games\transformers rise of the dark spark\binaries\transgame.exe] => (Block) D:\games\transformers rise of the dark spark\binaries\transgame.exe FirewallRules: [UDP Query User{82B1248E-3DC9-4F4E-908A-15B4CDCDCE65}D:\games\transformers rise of the dark spark\binaries\transgame.exe] => (Block) D:\games\transformers rise of the dark spark\binaries\transgame.exe FirewallRules: [{AA04DE08-5863-4956-8D3D-CA3D5E45545B}] => (Allow) D:\steam\bin\steamwebhelper.exe FirewallRules: [{8D940C8C-D15E-4662-93A8-269F0B172C55}] => (Allow) D:\steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{0BB95395-ED28-4AA8-A6F6-7E62FE0E0CF7}D:\program files (x86)\fifa 14\game\fifa14.exe] => (Allow) D:\program files (x86)\fifa 14\game\fifa14.exe FirewallRules: [UDP Query User{17E323B2-DF02-45B0-9E27-7EC6D6D23FE2}D:\program files (x86)\fifa 14\game\fifa14.exe] => (Allow) D:\program files (x86)\fifa 14\game\fifa14.exe FirewallRules: [TCP Query User{3817754D-1FC7-482E-9C60-E3000195CFDF}D:\program files (x86)\dead island\deadislandgame.exe] => (Allow) D:\program files (x86)\dead island\deadislandgame.exe FirewallRules: [UDP Query User{596D8DC0-CA92-4248-924B-CD88C376D0F6}D:\program files (x86)\dead island\deadislandgame.exe] => (Allow) D:\program files (x86)\dead island\deadislandgame.exe FirewallRules: [TCP Query User{7FC8D579-3ACE-4E24-B047-D59563D2FB18}C:\program files (x86)\npc\my product name\left 4 dead 2\left4dead2.exe] => (Allow) C:\program files (x86)\npc\my product name\left 4 dead 2\left4dead2.exe FirewallRules: [UDP Query User{2E8D4D43-0EC4-43D5-B563-1E797383B1D3}C:\program files (x86)\npc\my product name\left 4 dead 2\left4dead2.exe] => (Allow) C:\program files (x86)\npc\my product name\left 4 dead 2\left4dead2.exe FirewallRules: [TCP Query User{D41EC04D-F48E-4F6A-872D-E4B77144796E}D:\games\portal 2\portal2.exe] => (Block) D:\games\portal 2\portal2.exe FirewallRules: [UDP Query User{330338AA-E9DD-4A77-8A92-8BE0CCF9BBD0}D:\games\portal 2\portal2.exe] => (Block) D:\games\portal 2\portal2.exe FirewallRules: [{F7A7522B-2D54-4775-B241-6B376CA57A0D}] => (Allow) D:\Games\Pro Evolution Soccer 2013\pes2013.exe FirewallRules: [{1B6035FB-07C0-4C69-BD34-12A40BF9F9C1}] => (Allow) D:\Games\Pro Evolution Soccer 2013\pes2013.exe FirewallRules: [{396EF483-0B81-4DBC-BDFD-13A15E39D6CD}] => (Allow) D:\Games\KONAMI\Pro Evolution Soccer 2013\pes2013.exe FirewallRules: [{D2A9CF8A-D034-440F-89A0-54B3E9F00BDB}] => (Allow) D:\Games\KONAMI\Pro Evolution Soccer 2013\pes2013.exe FirewallRules: [TCP Query User{D8AFCAB8-144D-4B22-B609-784B8BC5F4E3}D:\games\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\games\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe FirewallRules: [UDP Query User{BCCF67AD-AA61-4386-89A2-59458BFB110C}D:\games\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\games\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe FirewallRules: [TCP Query User{E5CEBB8C-F595-4321-8447-33C342AD590E}C:\games\cs 1.6 original\hl.exe] => (Block) C:\games\cs 1.6 original\hl.exe FirewallRules: [UDP Query User{DB3F2DDC-9AAE-4187-92D1-52E4F466E90D}C:\games\cs 1.6 original\hl.exe] => (Block) C:\games\cs 1.6 original\hl.exe FirewallRules: [TCP Query User{13B3EE14-B6B2-439A-9EB1-2BBA628D4EC2}C:\games\counter-strike\hl.exe] => (Block) C:\games\counter-strike\hl.exe FirewallRules: [UDP Query User{3108F212-F706-42E2-BA11-CB54DCC9EDF1}C:\games\counter-strike\hl.exe] => (Block) C:\games\counter-strike\hl.exe FirewallRules: [TCP Query User{68FC6285-D261-42C1-A48D-191D6902F601}D:\games\stronghold crusader 2\bin\win32_release\crusader2.exe] => (Block) D:\games\stronghold crusader 2\bin\win32_release\crusader2.exe FirewallRules: [UDP Query User{8E9C3960-98F5-4D14-A969-4745FB38C1C9}D:\games\stronghold crusader 2\bin\win32_release\crusader2.exe] => (Block) D:\games\stronghold crusader 2\bin\win32_release\crusader2.exe FirewallRules: [TCP Query User{12C7D09E-5DAE-407D-9DE7-4DAF8973E3D9}D:\games\warcraft iii\war3.exe] => (Block) D:\games\warcraft iii\war3.exe FirewallRules: [UDP Query User{6AB33B37-8D2E-4AD4-95D9-4711D8ED3B55}D:\games\warcraft iii\war3.exe] => (Block) D:\games\warcraft iii\war3.exe FirewallRules: [TCP Query User{4404B8EF-03BB-4E55-945D-DEC3FDF8172E}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe FirewallRules: [UDP Query User{2E2A0938-26BF-49A6-BE11-89E3777104E9}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe FirewallRules: [{4B166857-AAAD-477E-9915-143D394E68D3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{E198EC0B-1ED5-474E-9A75-F49B47CCE130}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CF8B1CE2-4C68-44E9-92CE-567464FE0703}] => (Allow) C:\Users\Luka Opacic\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{193DA7DE-1CDF-4A0D-9F59-1D527B46E2C3}] => (Allow) C:\Users\Luka Opacic\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{DE0E9B99-3410-497F-998F-923EA035E502}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{87F97001-55B6-473B-A9C5-30131260C3E5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{82C48C34-E23C-4A34-B707-C17DEB9746AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{CB5962B5-CEE7-437F-BEAE-C8CC6ACFD285}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{85631673-089D-4CA4-B764-AE4C1698390D}C:\program files (x86)\call of duty black ops 2\t6mp.exe] => (Block) C:\program files (x86)\call of duty black ops 2\t6mp.exe FirewallRules: [UDP Query User{C45125B8-EA65-40DB-908A-8BAF1347D214}C:\program files (x86)\call of duty black ops 2\t6mp.exe] => (Block) C:\program files (x86)\call of duty black ops 2\t6mp.exe FirewallRules: [TCP Query User{F0BA3F00-37CF-4D94-AF2E-896BE76DA7CE}D:\program files (x86)\call of duty 2\cod2mp_s.exe] => (Allow) D:\program files (x86)\call of duty 2\cod2mp_s.exe FirewallRules: [UDP Query User{4FFEE179-35EE-49DB-94E0-EA700AB5FA6F}D:\program files (x86)\call of duty 2\cod2mp_s.exe] => (Allow) D:\program files (x86)\call of duty 2\cod2mp_s.exe FirewallRules: [{613A9751-901E-48B6-B38C-8FECBFF6CA85}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe FirewallRules: [{BC5F2E55-A09E-4605-8801-D09C03EB1A7C}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe FirewallRules: [TCP Query User{F943BB1E-5505-4795-B421-1395C0F1A702}C:\users\luka opacic\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Block) C:\users\luka opacic\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [UDP Query User{50C310E9-15B4-4921-94CF-9A6002A664CD}C:\users\luka opacic\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Block) C:\users\luka opacic\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [TCP Query User{CD0B8DFE-4C00-4EAE-B9AE-C2C37E73A829}D:\users\luka opacic\downloads\call of duty 2 multiplayer\cod2mp_s.exe] => (Allow) D:\users\luka opacic\downloads\call of duty 2 multiplayer\cod2mp_s.exe FirewallRules: [UDP Query User{2A4BB41F-DF92-4B94-95A1-A95402EA11EA}D:\users\luka opacic\downloads\call of duty 2 multiplayer\cod2mp_s.exe] => (Allow) D:\users\luka opacic\downloads\call of duty 2 multiplayer\cod2mp_s.exe FirewallRules: [TCP Query User{B3CD5B47-5D6A-4FED-91F4-50030D4CDE08}D:\games\stronghold 3\bin\win32_release\stronghold3.exe] => (Block) D:\games\stronghold 3\bin\win32_release\stronghold3.exe FirewallRules: [UDP Query User{B423E7CB-4D8A-4763-922A-3D805114B343}D:\games\stronghold 3\bin\win32_release\stronghold3.exe] => (Block) D:\games\stronghold 3\bin\win32_release\stronghold3.exe FirewallRules: [TCP Query User{5A80643A-AAA0-48BD-9947-A4463B4E1580}D:\users\call of duty 2\cod2mp_s.exe] => (Block) D:\users\call of duty 2\cod2mp_s.exe FirewallRules: [UDP Query User{A9FCCA49-EE19-459A-83C7-A889F0BD87DD}D:\users\call of duty 2\cod2mp_s.exe] => (Block) D:\users\call of duty 2\cod2mp_s.exe FirewallRules: [TCP Query User{D9F7E450-CA63-4F6C-80BE-A1A06CBFEA89}C:\program files (x86)\call of duty black ops 2\t6zm.exe] => (Block) C:\program files (x86)\call of duty black ops 2\t6zm.exe FirewallRules: [UDP Query User{3BABDAB0-F4C6-4BCB-9DA7-1492BABB33D6}C:\program files (x86)\call of duty black ops 2\t6zm.exe] => (Block) C:\program files (x86)\call of duty black ops 2\t6zm.exe FirewallRules: [TCP Query User{3A359612-62E4-4BC2-9086-021AA96BEDE3}D:\games\call of duty world at war\call of duty - world at war\cod5sp.exe] => (Allow) D:\games\call of duty world at war\call of duty - world at war\cod5sp.exe FirewallRules: [UDP Query User{0A4A8595-6AB0-442F-8FA0-3BD8EB085DFE}D:\games\call of duty world at war\call of duty - world at war\cod5sp.exe] => (Allow) D:\games\call of duty world at war\call of duty - world at war\cod5sp.exe FirewallRules: [TCP Query User{B7FA46B5-28C8-4815-9E39-B4138B1CBCF8}D:\games\call of duty world at war\call of duty - world at war\cod5mp.exe] => (Block) D:\games\call of duty world at war\call of duty - world at war\cod5mp.exe FirewallRules: [UDP Query User{9B0E0045-9AE8-4032-9BC3-F3EEE72DDD0D}D:\games\call of duty world at war\call of duty - world at war\cod5mp.exe] => (Block) D:\games\call of duty world at war\call of duty - world at war\cod5mp.exe FirewallRules: [{7FFBF481-4200-429F-9B36-B86C3C7B1363}] => (Allow) D:\steam\SteamApps\common\Loadout\Loadout.exe FirewallRules: [{54CB3346-947D-4205-932C-1D0355737DB4}] => (Allow) D:\steam\SteamApps\common\Loadout\Loadout.exe FirewallRules: [{964BEC3E-EA07-4DD7-B6E2-F8B2AA397BF4}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2010\jsl2010.exe FirewallRules: [{7B08741D-526C-422C-BBBA-386AB529DA07}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2010\jsl2010.exe FirewallRules: [{A7D4E37E-4917-4412-BA49-F19AA1B3F040}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe FirewallRules: [{E0486974-647A-40C2-9EDC-666E5A044997}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe FirewallRules: [{82FA140E-5CD9-4BA4-999C-4E0305ACFD95}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe FirewallRules: [{54A7D624-A7D1-4073-999E-D60C00788075}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe FirewallRules: [{551BCDE2-B959-4893-8938-2ECD4FACE3D5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe FirewallRules: [{999FF409-961E-4F27-881F-3BA30FBAD65B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe FirewallRules: [{B7C3A1BE-F9CA-4500-9895-C5EB4BAFF882}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe FirewallRules: [{377070A0-91B6-48AA-A0DA-FAB5FDCC5CA3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe FirewallRules: [TCP Query User{BE6A8BBB-3036-4A50-B94E-93E5BE7BB86B}D:\games\call of duty and call of duty united offensive\codmp.exe] => (Block) D:\games\call of duty and call of duty united offensive\codmp.exe FirewallRules: [UDP Query User{CC1B838F-DD94-4C84-AC95-7D76492ED3BF}D:\games\call of duty and call of duty united offensive\codmp.exe] => (Block) D:\games\call of duty and call of duty united offensive\codmp.exe FirewallRules: [{25C2A831-47CB-4EE3-B9CA-E5495867743E}] => (Allow) D:\Games\fm08\fm.exe FirewallRules: [{F34342E9-EBD1-49A2-BDF9-C52A50A49EDD}] => (Allow) D:\Games\fm08\fm.exe FirewallRules: [TCP Query User{52384004-1232-4BEF-AA9F-16600D3C4C3B}D:\games\assassins creed2\assassin's creed ii\server.exe] => (Block) D:\games\assassins creed2\assassin's creed ii\server.exe FirewallRules: [UDP Query User{D20F81F4-E3BF-40B7-8798-7CAD39CC5041}D:\games\assassins creed2\assassin's creed ii\server.exe] => (Block) D:\games\assassins creed2\assassin's creed ii\server.exe FirewallRules: [{4BA26B8A-D6E0-45BA-81C1-208621E1B5F3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{BE7BDB8B-2AA8-456D-9658-95854D592C9D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{BD218045-BDBF-4D33-A36B-85AC1D0245D4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{904FFB6F-4232-4E70-BE37-2C9982773F17}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{94DA7D45-F81A-4D2C-A60C-B56346012ABB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{6B3C11F7-9DDA-4C12-A99C-88C8C964B2D8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [TCP Query User{696C0530-CBD3-4470-B520-7A5DC130607B}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Block) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe FirewallRules: [UDP Query User{A4D6AC47-D285-4082-98FF-3C5956BCC29E}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Block) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe FirewallRules: [TCP Query User{B427E6B5-FB5C-40C9-B763-45FD385240DC}D:\users\luka opacic\downloads\dayz standalone v0.46\dayz whitelister.exe] => (Block) D:\users\luka opacic\downloads\dayz standalone v0.46\dayz whitelister.exe FirewallRules: [UDP Query User{7EBFA33F-CA2A-4EA9-8677-8814EDF1A6B5}D:\users\luka opacic\downloads\dayz standalone v0.46\dayz whitelister.exe] => (Block) D:\users\luka opacic\downloads\dayz standalone v0.46\dayz whitelister.exe FirewallRules: [TCP Query User{B8C8B4FB-E22A-4B6A-947F-EB133D69BA87}D:\users\luka opacic\downloads\dayz standalone v0.46\dayz.exe] => (Block) D:\users\luka opacic\downloads\dayz standalone v0.46\dayz.exe FirewallRules: [UDP Query User{30A881D8-4866-4B8B-8384-1B107454535A}D:\users\luka opacic\downloads\dayz standalone v0.46\dayz.exe] => (Block) D:\users\luka opacic\downloads\dayz standalone v0.46\dayz.exe FirewallRules: [TCP Query User{8E3194D6-0580-4ED5-9103-1BF4A4DC221A}D:\games\dishonored\binaries\win32\dishonored.exe] => (Block) D:\games\dishonored\binaries\win32\dishonored.exe FirewallRules: [UDP Query User{9F9A372C-B4FC-4006-BA41-91B59620472C}D:\games\dishonored\binaries\win32\dishonored.exe] => (Block) D:\games\dishonored\binaries\win32\dishonored.exe FirewallRules: [TCP Query User{88D7633C-504E-4F1E-9F1F-05E616152522}C:\users\luka opacic\appdata\local\popcorn time\nw.exe] => (Block) C:\users\luka opacic\appdata\local\popcorn time\nw.exe FirewallRules: [UDP Query User{F889891D-B7F8-4A27-8864-581F7F819448}C:\users\luka opacic\appdata\local\popcorn time\nw.exe] => (Block) C:\users\luka opacic\appdata\local\popcorn time\nw.exe FirewallRules: [{83A375A0-7457-482D-98DA-DE64ADC5DA8C}] => (Allow) C:\Program Files (x86)\theHunter\launcher\launcher.exe FirewallRules: [{E6685B4F-1E15-42F7-AABE-66554B9C65F8}] => (Allow) C:\Program Files (x86)\theHunter\launcher\launcher.exe FirewallRules: [{8393059E-BD15-4D03-A4BB-C4411D01E95F}] => (Allow) C:\Program Files (x86)\theHunter\game\theHunter.exe FirewallRules: [{7E976DDA-20BB-4FDF-864C-6EC564EED678}] => (Allow) C:\Program Files (x86)\theHunter\game\theHunter.exe FirewallRules: [{2B944AB5-FFC0-4143-BD6A-F5B77206BA8B}] => (Allow) C:\Users\Luka Opacic\Desktop\games\jsl2010.exe FirewallRules: [{E4EA9671-B46C-4467-A2E4-02C1C4A1CC89}] => (Allow) C:\Users\Luka Opacic\Desktop\games\jsl2010.exe FirewallRules: [{EF305D05-85BF-4929-90C5-25C0D8C14B5A}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2010\pes2010.exe FirewallRules: [{7B1865B4-5B20-4327-BB6A-FDDE3D75BCCE}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2010\pes2010.exe FirewallRules: [TCP Query User{97C20CB1-3793-4211-8986-479358FB94D8}D:\users\luka opacic\downloads\left 4 dead 2 v2.0.2.7 full-rip {blaze69}\left 4 dead 2\left4dead2.exe] => (Block) D:\users\luka opacic\downloads\left 4 dead 2 v2.0.2.7 full-rip {blaze69}\left 4 dead 2\left4dead2.exe FirewallRules: [UDP Query User{0B2354D9-1FCD-427F-A5EA-CDDDEF43C64D}D:\users\luka opacic\downloads\left 4 dead 2 v2.0.2.7 full-rip {blaze69}\left 4 dead 2\left4dead2.exe] => (Block) D:\users\luka opacic\downloads\left 4 dead 2 v2.0.2.7 full-rip {blaze69}\left 4 dead 2\left4dead2.exe FirewallRules: [{4E59C60F-11FD-471E-B9A4-FC6651669792}] => (Allow) D:\Program Files (x86)\The Sims 4\Mr DJ\The Sims 4 Deluxe Edition\Game\Bin\TS4.exe FirewallRules: [{536BDA35-5C33-443E-A63F-823643E4331A}] => (Allow) D:\Program Files (x86)\The Sims 4\Mr DJ\The Sims 4 Deluxe Edition\Game\Bin\TS4.exe FirewallRules: [{1D73C1DF-43CA-4A85-B067-E20EB1FFA9DB}] => (Allow) D:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{0F5ECF77-7C1E-425F-B4C2-721E3D0C09C9}] => (Allow) D:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{29AFB03D-BC74-400E-BBAE-9AC720C745DF}] => (Allow) C:\Program Files (x86)\Sports Interactive\Football Manager 2008\fm.exe FirewallRules: [{05DAACFD-78AD-4C80-A6DD-32EFC61B8ECB}] => (Allow) C:\Program Files (x86)\Sports Interactive\Football Manager 2008\fm.exe FirewallRules: [TCP Query User{49ADF142-7506-403B-9B79-39A29782A71D}D:\games\dead island\deadislandgame.exe] => (Block) D:\games\dead island\deadislandgame.exe FirewallRules: [UDP Query User{DED2FB03-2CA3-4825-AB20-7470D73DB7D5}D:\games\dead island\deadislandgame.exe] => (Block) D:\games\dead island\deadislandgame.exe FirewallRules: [{731464EF-2703-4799-B63F-2E9982BF7F06}] => (Allow) D:\steam\SteamApps\common\Unturned\Unturned.exe FirewallRules: [{5EECC504-DBAE-4FF6-A3A4-58F10B76974A}] => (Allow) D:\steam\SteamApps\common\Unturned\Unturned.exe FirewallRules: [{5F860584-4D5C-44DC-8C9D-3C628C0E1CA4}] => (Allow) D:\steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{DC99CE96-9D73-496D-8BC1-D20437395455}] => (Allow) D:\steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{472442AD-8443-4B43-8891-3E5EE1E98D06}] => (Allow) D:\steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{DB8743A8-BC57-4D3A-ABC8-17534FFD4A87}] => (Allow) D:\steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5B9F69C9-50EE-4414-A2EE-C2828EF831E7}] => (Allow) D:\steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe FirewallRules: [{B56F2964-1683-4172-A9E2-EE7B5BA488C0}] => (Allow) D:\steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe FirewallRules: [{35C09A9F-AF25-4219-9E1F-4D66A5C2335B}] => (Allow) C:\Program Files (x86)\CAPCOM\DARK VOID\Launcher.exe FirewallRules: [{5CC1BABB-FB94-4690-B307-739E52594687}] => (Allow) C:\Program Files (x86)\CAPCOM\DARK VOID\Launcher.exe FirewallRules: [TCP Query User{18AEA2D8-AA81-47C7-9A07-2D4A03BF2B89}C:\program files (x86)\capcom\dark void\nativepc\binaries\shippingpc-skygame.exe] => (Block) C:\program files (x86)\capcom\dark void\nativepc\binaries\shippingpc-skygame.exe FirewallRules: [UDP Query User{8067FBDB-E97D-40CF-B864-1449C51DACE8}C:\program files (x86)\capcom\dark void\nativepc\binaries\shippingpc-skygame.exe] => (Block) C:\program files (x86)\capcom\dark void\nativepc\binaries\shippingpc-skygame.exe FirewallRules: [{5E063A1F-39C3-4A68-B191-DDFBFAA3485E}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{C6F682F4-818F-4B9F-9B3D-D795FC74CE6A}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{B95B72C4-4D6B-42F3-A41A-B2A007A8313F}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{29A79296-70A7-4B5B-A3BB-55E964FD6F06}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{09B435B4-3283-4DF0-B737-E6D7495DCA10}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{970868FB-D192-47EA-9B84-4CB7594AC9E2}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{73CFB3B2-900B-4EF2-8AAF-6D9D03470525}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe FirewallRules: [{A235F875-A041-49CC-96D9-6595AE904B9F}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe FirewallRules: [{A8051A56-F676-449E-AC0D-BE5D7A269DC2}] => (Allow) C:\Users\Luka Opacic\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{EB0D4302-8059-438B-9754-FE8D4A7588C3}] => (Allow) C:\Program Files (x86)\SpringFiles\SpringFiles.exe FirewallRules: [{6E38E1E4-4160-4E28-82E9-E1C140473789}] => (Allow) C:\Program Files (x86)\SpringFiles\SpringFiles.exe FirewallRules: [{9AAF5F78-BBC3-48ED-B8CB-D7432379264B}] => (Allow) C:\Program Files (x86)\SpringFiles\downloader.exe FirewallRules: [{CC4B0E97-2C09-42F4-91D3-F3F4B2C63C56}] => (Allow) C:\Program Files (x86)\SpringFiles\downloader.exe FirewallRules: [{6C5D9768-4B8F-4E66-B573-2EF80B26CD56}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{1950582D-C4C3-47FD-ADCE-5E3249743AD6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9F83628A-D47C-4823-96D0-53278271C7AB}] => (Allow) C:\Program Files (x86)\Pro Evolution Soccer 2013\pes2013.exe FirewallRules: [{38069E48-8670-4B41-B726-346BF28E6186}] => (Allow) C:\Program Files (x86)\Pro Evolution Soccer 2013\pes2013.exe FirewallRules: [TCP Query User{89CCA7F3-DF6A-4A56-8596-4651FB211B3E}D:\users\luka opacic\downloads\call of duty 2 full game mp - sp -=aviara=-\call of duty 2\cod2mp_s.exe] => (Block) D:\users\luka opacic\downloads\call of duty 2 full game mp - sp -=aviara=-\call of duty 2\cod2mp_s.exe FirewallRules: [UDP Query User{78DDCDA8-F476-49C8-BBCD-CDB0F629CA21}D:\users\luka opacic\downloads\call of duty 2 full game mp - sp -=aviara=-\call of duty 2\cod2mp_s.exe] => (Block) D:\users\luka opacic\downloads\call of duty 2 full game mp - sp -=aviara=-\call of duty 2\cod2mp_s.exe FirewallRules: [{64C2C39A-8EFE-4A5D-B43B-D87D9D0B200B}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{11F6F121-5D78-471A-A4D2-AD543D8975F9}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{404DA18B-9134-4F93-9E46-9F60BB26A958}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{D27FA186-6393-47C1-9211-49866AC6A068}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{43E212BB-FB69-4DCE-B083-9C5EF1CABC69}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 05-01-2016 15:58:17 Scheduled Checkpoint 10-01-2016 18:37:19 Removed redist 22-01-2016 19:07:33 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/24/2016 05:12:32 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (01/23/2016 08:11:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (01/23/2016 03:41:38 PM) (Source: ESENT) (EventID: 489) (User: ) Description: taskhostex (1776) An attempt to open the file "C:\Users\Luka Opacic\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). Error: (01/23/2016 01:37:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (01/22/2016 04:07:43 PM) (Source: ESENT) (EventID: 489) (User: ) Description: taskhostex (1856) An attempt to open the file "C:\Users\Luka Opacic\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). Error: (01/22/2016 02:04:03 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (01/21/2016 04:49:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (01/21/2016 04:47:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luka) Description: Activation of application Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (01/20/2016 04:23:17 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (01/20/2016 04:18:24 PM) (Source: ESENT) (EventID: 454) (User: ) Description: DllHost (2024) WebCacheLocal: Database recovery/restore failed with unexpected error -1032. System errors: ============= Error: (01/24/2016 05:02:45 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY) Description: 0xc000014d0 Error: (01/24/2016 05:03:08 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 21:01:18 on 23/01/2016 was unexpected. Error: (01/23/2016 04:08:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Interactive Services Detection service terminated with the following error: %%1 Error: (01/23/2016 03:41:06 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY) Description: 0xc000014d0 Error: (01/23/2016 03:14:03 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: The ScRegSetValueExW call failed for FailureCommand with the following error: %%5 Error: (01/23/2016 03:13:48 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: The ScRegSetValueExW call failed for Start with the following error: %%5 Error: (01/22/2016 04:06:58 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY) Description: 0xc000014d0 Error: (01/20/2016 04:17:55 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 15:39:40 on 20/01/2016 was unexpected. Error: (01/20/2016 04:17:43 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY) Description: 0xc000014d0 Error: (01/19/2016 01:43:36 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: The ScRegSetValueExW call failed for FailureCommand with the following error: %%5 CodeIntegrity: =================================== Date: 2016-01-07 16:41:55.087 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.BingTravel_2.0.0.326_x64__8wekyb3d8bbwe\Platform.winmd with signing level Authenticode while the system requires signing level 6 or better to load. Date: 2015-08-05 19:33:45.191 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Microsoft or better to load. Date: 2015-08-05 19:33:45.049 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Microsoft or better to load. Date: 2015-08-05 19:33:44.908 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Microsoft or better to load. Date: 2015-08-05 19:33:44.767 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Microsoft or better to load. Date: 2015-08-05 19:33:44.624 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Microsoft or better to load. Date: 2015-08-05 19:33:44.398 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Microsoft or better to load. Date: 2015-08-05 19:33:44.257 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Microsoft or better to load. Date: 2015-08-05 19:33:44.115 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Microsoft or better to load. Date: 2015-08-05 19:33:43.974 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Microsoft or better to load. ==================== Memory info =========================== Processor: AMD Sempron(tm) 145 Processor Percentage of memory in use: 29% Total physical RAM: 6142.11 MB Available physical RAM: 4342.46 MB Total Virtual: 12286.11 MB Available Virtual: 10075.46 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:159.14 GB) (Free:12.79 GB) NTFS Drive d: (Document's) (Fixed) (Total:138.61 GB) (Free:26.12 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: ECE2B16E) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=159.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=138.6 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================

Profil

return void Poslao: 24 Jan 2016 19:57 Idi na vrh
offline return void Anti Malware Fighter Rank 1 Pridružio: 02 Jan 2008 Poruke: 2167	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav i dobro dosao u Ambulantu! Za pocetak, deinstaliraj sledece programe: WinZipper AVG Security Toolbar Sto se tice ovih programa dole, predlozio bih brisanje (na tebi je da odlucis da li ces to uciniti ili ne). Oni nisu malver, ali zbog nacina rada ovih programa, predlazem brisanje jer, u sustini, to su programi ciji je kranji cilj da korisnika ubede da ih kupi, ioako nisu vredni para: TuneUp Utilities 2014 Dll-Files.com Fixer Nakon toga, isprati ova uputstva: 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: CreateRestorePoint: (Tai Wai Shui Mu) C:\Program Files (x86)\WinZipper\winzipersvc.exe C:\Program Files (x86)\WinZipper () C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe C:\Program Files (x86)\LuckyBrowse (tsvr.com) C:\Users\Luka Opacic\AppData\Roaming\TSv\TSvr.exe C:\Users\Luka Opacic\AppData\Roaming\TSv File: C:\Windows\sppsvc.exe (TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe (TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe C:\Program Files (x86)\SFK (TU-Funs LIMITED) C:\ProgramData\yWdMy\WdMan.exe C:\ProgramData\yWdMy (XTab system) C:\Program Files (x86)\MiuiTab\ProtectService.exe (SearchProtect) C:\Program Files (x86)\MiuiTab\CmdShell.exe (XTab system) C:\Program Files (x86)\MiuiTab\HPNotify.exe C:\Program Files (x86)\MiuiTab HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2571288 2014-06-22] () C:\Program Files (x86)\AVG Secure Search HKLM-x32\...\Run: [Adobe Updater] => C:\ProgramData\Adobe\color.vbs [106 2013-12-14] () C:\ProgramData\Adobe HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Luka Opacic\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l C:\Users\Luka Opacic\AppData\Roaming\newnext.me IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION CHR HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1438676068&z=36deb427256900536fd3d73g2zfc5bfq2m2q7ecm1g&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://yoursites123.com/web?type=ds&ts=1450950315&z=1406c432ec2daa1fa8e1b64g4z1z8t1w1m4m0t8zbg&from=wpm07173&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1438676068&z=36deb427256900536fd3d73g2zfc5bfq2m2q7ecm1g&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://yoursites123.com/web?type=ds&ts=1450950315&z=1406c432ec2daa1fa8e1b64g4z1z8t1w1m4m0t8zbg&from=wpm07173&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=dspp&ts=1438676102&z=d04b5625118092dd8043fa2g4zcccb3q8mcq3g0e9z&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.uk.msn.com/ HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=en-GB&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.sweet%2Dpage.com%2F%3Ftype%3Dhppp%26ts%3D1438676102%26z%3Dd04b5625118092dd8043fa2g4zcccb3q8mcq3g0e9z%26from%3Dcornl%26uid%3DTOSHIBAXMK3276GSXXH%5F91L6BJEMBXX91L6BJEMB&OSP=http%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3D%7BsearchTerms%7D%26form%3DMSSEDF%26pc%3DMSE1 HKU\S-1-5-21-3830091371-2095282802-1412068493-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=dspp&ts=1438676102&z=d04b5625118092dd8043fa2g4zcccb3q8mcq3g0e9z&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=100&itype=a&ver=15511&tm=377&src=ds&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450270463&from=zzgbkk123&uid=toshibaxmk3276gsxxh_91l6bjembxx91l6bjemb&z=d80039f040792c7497f60fagfz1w5e1o4m8e4z8qdm&q={searchTerms} SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450270463&from=zzgbkk123&uid=toshibaxmk3276gsxxh_91l6bjembxx91l6bjemb&z=d80039f040792c7497f60fagfz1w5e1o4m8e4z8qdm&q={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=100&itype=a&ver=15511&tm=377&src=ds&p={searchTerms} SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.fastsearchings.info/?l=1&q={searchTerms}&pid=512&r=2014/07/01&hid=15815885714806100210&lg=EN&cc=RS&unqvl=56 SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450270463&from=zzgbkk123&uid=toshibaxmk3276gsxxh_91l6bjembxx91l6bjemb&z=d80039f040792c7497f60fagfz1w5e1o4m8e4z8qdm&q={searchTerms} SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cornl&utm_campaign=install_ie&utm_content=ds&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&ts=1438676123&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cornl&utm_campaign=install_ie&utm_content=ds&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&ts=1438676123&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450270463&from=zzgbkk123&uid=toshibaxmk3276gsxxh_91l6bjembxx91l6bjemb&z=d80039f040792c7497f60fagfz1w5e1o4m8e4z8qdm&q={searchTerms} SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cornl&utm_campaign=install_ie&utm_content=ds&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&ts=1438676123&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cornl&utm_campaign=install_ie&utm_content=ds&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&ts=1438676123&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3830091371-2095282802-1412068493-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cornl&utm_campaign=install_ie&utm_content=ds&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&ts=1438676123&type=default&q={searchTerms} Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll [2014-04-27] (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://www.yoursites123.com/?type=sc&ts=1452249600&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=wpm01073&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB FF NewTab: chrome://quick_start/content/index.html FF DefaultSearchEngine: omniboxes FF SearchEngineOrder.1: default-search.net FF SelectedSearchEngine: omniboxes FF Keyword.URL: hxxp://www.default-search.net/search?sid=503&aid=100&itype=a&ver=15511&tm=377&src=ds&p= FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll [No File] FF SearchPlugin: C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\searchplugins\default-search.xml [2015-08-04] FF SearchPlugin: C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\searchplugins\delta-homes.xml [2015-11-24] FF SearchPlugin: C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\searchplugins\omniboxes.xml [2016-01-09] FF SearchPlugin: C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\searchplugins\sweet-page.xml [2016-01-10] FF SearchPlugin: C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\searchplugins\yoursites123.xml [2016-01-08] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml [2015-08-04] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml [2014-11-02] FF Extension: YahooToolsProtected - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\yahooprotected@gmail.com.xpi [2016-01-08] [not signed] FF Extension: Default NewTab - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\default_newtabff@gmail.com [2016-01-08] [not signed] FF Extension: Default SearchProtected - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\defsearchp@gmail.com [2016-01-10] [not signed] FF Extension: Ads Remover - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\Extensions\qlwmlnroyzqgvxlsr@ndmznwpkrnflpuql.org [2015-12-03] [not signed] FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.0.443 FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode383.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode383\ff => not found FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release991.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release991\ff => not found FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha4405.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4405\ff => not found FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\faststartff@gmail.com => not found FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\defsearchp@gmail.com FF HKLM-x32\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\default_newtabff@gmail.com FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\Luka Opacic\AppData\Roaming\Mozilla\Firefox\Profiles\vobp17dt.default-1414262557011\extensions\yahooprotected@gmail.com => not found StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc&ts=1452249600&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=wpm01073&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB CHR DefaultSearchURL: Default -> hxxp://www.sweet-page.com/web/?type=dspp&ts=1438676102&z=d04b5625118092dd8043fa2g4zcccb3q8mcq3g0e9z&from=cornl&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB&q={searchTerms} CHR DefaultSearchKeyword: Default -> sweet-page CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Luka Opacic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Luka Opacic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx <not found> R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [119808 2015-12-08] (XTab system) [File not signed] R2 IhPul; C:\Users\Luka Opacic\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com) R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [158400 2016-01-08] (TODO: <公司名>) R2 WdMan; C:\ProgramData\yWdMy\WdMan.exe [326656 2016-01-08] (TU-Funs LIMITED) [File not signed] R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [731824 2016-01-20] (Tai Wai Shui Mu) <==== ATTENTION File: C:\Windows\SysWOW64\drivers\SECDRV.SYS S1 F06DEFF2-5B9C-490D-910F-35D3A91196223; \??\C:\Program Files (x86)\Assets Manager\smdmf\x64\smdmfmgrc3.cfg [X] C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\Program Files (x86)\SSFK.exe C:\Users\Luka Opacic\AppData\Roaming\appdataFr25.bin C:\Users\Luka Opacic\AppData\Roaming\appdataFr3.bin C:\Users\Luka Opacic\AppData\Roaming\LiveSupport.exe_log.txt C:\Users\Luka Opacic\AppData\Roaming\regsvr32.exe_log.txt C:\Users\Luka Opacic\AppData\Roaming\RIZD.exe Task: {1B3B2CD3-E909-4429-A2BC-AF28D1775247} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION C:\Program Files (x86)\YourFileDownloader Task: {274833F0-852A-4A46-9C3B-E15B9A65C25E} - System32\Tasks\UNELEVATE_1240 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1382\jsdrv.exe <==== ATTENTION C:\Program Files (x86)\ShopperPro Task: {4C68F175-0425-4C45-8F71-C79353268F89} - System32\Tasks\UNELEVATE_15 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1382\jsdrv.exe <==== ATTENTION Task: {5F200263-106B-43F7-9412-5497F49E88CF} - System32\Tasks\LuckyBrowse => C:\Program Files (x86)\LuckyBrowse\app\luckybrowse.exe [2015-11-22] () <==== ATTENTION C:\Program Files (x86)\LuckyBrowse Task: {7F4B0891-4669-44EC-9B97-14B46EAC3C05} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION C:\Program Files (x86)\OLBPre Task: {801832E9-C05B-4BD9-8FF1-B88A414A2EEA} - System32\Tasks\3e12b71c-1809-4db7-b711-0014c07013dc-4 => C:\Program Files (x86)\Senses\3e12b71c-1809-4db7-b711-0014c07013dc-4.exe <==== ATTENTION C:\Program Files (x86)\Senses Task: {C78277CE-EE95-4E61-9867-34AA155D0035} - System32\Tasks\086aa29e-fe25-4df1-9422-85ceb14b5931-4 => C:\Program Files (x86)\iWebar\086aa29e-fe25-4df1-9422-85ceb14b5931-4.exe <==== ATTENTION C:\Program Files (x86)\iWebar Task: {DDD6403D-B9B7-4AEB-8E2C-8906DE169BB5} - System32\Tasks\SystemSoundsService => C:\Users\Luka Opacic\AppData\Local\Temp\nsisvc.exe [2015-05-27] () <==== ATTENTION Task: {F5D052C0-E288-40A1-A4F4-8A520CBA98F4} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION C:\Program Files (x86)\GoforFiles Task: C:\Windows\Tasks\086aa29e-fe25-4df1-9422-85ceb14b5931-4.job => C:\Program Files (x86)\iWebar\086aa29e-fe25-4df1-9422-85ceb14b5931-4.exe <==== ATTENTION Task: C:\Windows\Tasks\3e12b71c-1809-4db7-b711-0014c07013dc-4.job => C:\Program Files (x86)\Senses\3e12b71c-1809-4db7-b711-0014c07013dc-4.exe <==== ATTENTION ShortcutWithArgument: C:\Users\Luka Opacic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.omniboxes.com/?type=sc&ts=1448635631&z=76f4dff69102d89f6b689d8gaz0z1b1qccfwaq3c0c&from=ient07021&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB ShortcutWithArgument: C:\Users\Luka Opacic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1452249600&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=wpm01073&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB ShortcutWithArgument: C:\Users\Luka Opacic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.omniboxes.com/?type=sc&ts=1448635631&z=76f4dff69102d89f6b689d8gaz0z1b1qccfwaq3c0c&from=ient07021&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB ShortcutWithArgument: C:\Users\Luka Opacic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1452249600&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=wpm01073&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB ShortcutWithArgument: C:\Users\Luka Opacic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450950315&z=1406c432ec2daa1fa8e1b64g4z1z8t1w1m4m0t8zbg&from=wpm07173&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450950315&z=1406c432ec2daa1fa8e1b64g4z1z8t1w1m4m0t8zbg&from=wpm07173&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1452249600&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=wpm01073&uid=TOSHIBAXMK3276GSXXH_91L6BJEMBXX91L6BJEMB AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\RGSC DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\NextLive DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\LiveSupport DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\GoobzoYouTubeAccelerator DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\vProt FirewallRules: [{73CFB3B2-900B-4EF2-8AAF-6D9D03470525}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe FirewallRules: [{A235F875-A041-49CC-96D9-6595AE904B9F}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe FirewallRules: [{EB0D4302-8059-438B-9754-FE8D4A7588C3}] => (Allow) C:\Program Files (x86)\SpringFiles\SpringFiles.exe FirewallRules: [{6E38E1E4-4160-4E28-82E9-E1C140473789}] => (Allow) C:\Program Files (x86)\SpringFiles\SpringFiles.exe FirewallRules: [{9AAF5F78-BBC3-48ED-B8CB-D7432379264B}] => (Allow) C:\Program Files (x86)\SpringFiles\downloader.exe FirewallRules: [{CC4B0E97-2C09-42F4-91D3-F3F4B2C63C56}] => (Allow) C:\Program Files (x86)\SpringFiles\downloader.exe C:\Program Files (x86)\SpringFiles EmptyTemp: 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. Nakon toga, Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Chrome zarazen raznim tollbarovima

Ko je trenutno na forumu

Ukupno su 1619 korisnika na forumu :: 52 registrovanih, 9 sakrivenih i 1558 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 8u47, A.R.Chafee.Jr., aramis s, babaroga, bobomicek, bufanje, cenejac111, cinoeye, croato, DejanSt, Denaya, Dimitrise93, djboj, Djokkinen, Duh sa sekirom, Dukelander, dzoni19, GandorCC, gomago, goxin, hooraay, hyla, Ilija Cvorovic, Karla, kikisp, Klecaviks, Kubovac, kunktator, kybonacci, ljuba, maiden6657, Marko Marković, mercedesamg, Mi lao shu, MikeHammer, mikrimaus, milenko crazy north, milutin134, ObelixSRB, oganj123, procesor, repac, Srle993, suton, theNedjeljko, vathra, Viceroy, VJ, Vladko, wolverined4, Wrangler, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by