MyCity » Ambulanta -> Arhiva Ambulante » Provera

Provera

Napisano na dan: 15.5.2017

Provera

Odgovori

zoxknez Poslao: 15 Maj 2017 15:35 Idi na vrh
offline zoxknez Zaslužni građanin Pridružio: 27 Avg 2005 Poruke: 556	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Postavljam log od drugarovog kompa kaze da ima virusa Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017 Ran by ComTech (administrator) on COMTECH-PC (15-05-2017 16:33:14) Running from C:\Users\ComTech\Desktop Loaded Profiles: ComTech (Available Profiles: ComTech) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe (Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-07-30] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-07-30] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-07-30] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-07-30] (Realtek Semiconductor) HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5060864 2015-07-31] (Realtek semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2986224 2013-06-20] (Synaptics Incorporated) HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [675568 2013-06-20] (Synaptics) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13915888 2016-11-22] (Zemana Ltd.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-10] (AVAST Software) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKU\S-1-5-21-1042645234-1658568069-2296401382-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.) HKU\S-1-5-21-1042645234-1658568069-2296401382-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd) HKU\S-1-5-21-1042645234-1658568069-2296401382-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation) Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-10] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-10] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{3E6EC9DC-76FA-4E80-8734-E704E1001F95}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{882E274C-FADC-45E1-9323-CD525CBD30FD}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1042645234-1658568069-2296401382-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26] (Intel Security) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-05] (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26] (Intel Security) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-27] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-05] (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-27] (Oracle Corporation) Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26] (Intel Security) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26] (Intel Security) Toolbar: HKU\S-1-5-21-1042645234-1658568069-2296401382-1000 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26] (Intel Security) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-27] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default [2017-05-15] CHR Extension: (Google Docs) - C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-24] CHR Extension: (Google Drive) - C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-24] CHR Extension: (CGN - Central Gazeta de Notícias) - C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeopplcfpohpdplnpoahkebkpiefmpb [2017-05-02] CHR Extension: (YouTube) - C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-24] CHR Extension: (Adobe Acrobat) - C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-13] CHR Extension: (Google Docs Offline) - C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24] CHR Extension: (AdBlock) - C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13] CHR Extension: (Chrome Web Store Payments) - C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Gmail) - C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-24] CHR Extension: (Chrome Media Router) - C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13] CHR HKU\S-1-5-21-1042645234-1658568069-2296401382-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-10] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-10] (AVAST Software) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-07-10] (Intel Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996736 2017-04-18] (McAfee, Inc.) R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16160 2017-04-18] (McAfee, Inc.) S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86776 2017-04-18] (McAfee, Inc.) R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49456 2014-11-24] (Synaptics Incorporated) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13915888 2016-11-22] (Zemana Ltd.) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc.) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-10] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-10] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-10] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-10] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-10] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-05-10] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-10] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-10] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-10] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-10] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-10] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-10] (AVAST Software) S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [60928 2012-07-06] (GenesysLogic) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2015-07-24] (Intel Corporation) R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Intel Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2015-07-07] (Intel Corporation) R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [301784 2015-06-01] (Realtek Semiconductor Corp.) R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [3075328 2015-07-31] (Realtek Semiconductor Corp.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2015-06-17] (Synaptics Incorporated) R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-11-28] (Zemana Ltd.) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-11-28] (Zemana Ltd.) S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-05-15 16:33 - 2017-05-15 16:33 - 00015834 _____ C:\Users\ComTech\Desktop\FRST.txt 2017-05-15 16:33 - 2017-05-15 16:33 - 00000000 ____D C:\FRST 2017-05-15 16:31 - 2017-05-15 16:32 - 02429952 _____ (Farbar) C:\Users\ComTech\Desktop\FRST64.exe 2017-05-15 16:28 - 2017-05-15 16:28 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-05-12 11:28 - 2017-05-12 11:28 - 00037346 _____ C:\Users\ComTech\Documents\cc_20170512_112813.reg 2017-05-12 11:27 - 2017-05-12 11:27 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2017-05-12 11:27 - 2017-05-12 11:27 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-05-12 11:27 - 2017-05-12 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-05-12 11:27 - 2017-05-12 11:27 - 00000000 ____D C:\Program Files\CCleaner 2017-05-12 11:26 - 2017-05-12 11:26 - 09390672 _____ (Piriform Ltd) C:\Users\ComTech\Downloads\ccsetup529.exe 2017-05-12 11:07 - 2017-05-12 11:07 - 00002066 _____ C:\Users\ComTech\Desktop\Counter-Strike 1.6.lnk 2017-05-12 11:07 - 2017-05-12 11:07 - 00000000 ____D C:\Users\ComTech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 2017-05-12 11:02 - 2017-05-12 11:06 - 219570826 _____ () C:\Users\ComTech\Downloads\counter-strike1.6s (1).exe 2017-05-12 11:02 - 2017-05-12 11:02 - 00017784 _____ C:\Users\ComTech\Downloads\Counter Strike 1.6 full game.torrent 2017-05-12 10:58 - 2017-05-12 10:58 - 00000000 ____D C:\Users\ComTech\Downloads\Syriana[2005].DvDrip[Eng]-aXXo - Copy 2017-05-12 10:58 - 2017-05-12 10:58 - 00000000 ____D C:\Users\ComTech\Downloads\DOPUNA PETAK 2 - Copy 2017-05-12 10:58 - 2017-05-12 10:58 - 00000000 ____D C:\Users\ComTech\Downloads\DOPUNA PETAK 1 - Copy 2017-05-12 10:58 - 2017-04-04 00:01 - 00030152 _____ C:\Users\ComTech\Downloads\137474-Syriana_2005_.DvDrip_Eng_aXXo - Copy.rar 2017-05-12 10:58 - 2017-02-28 00:02 - 00030764 _____ C:\Users\ComTech\Downloads\226025-the.lobster.2015.1080p.bluray.x264.ac3etrg - Copy.zip 2017-05-12 10:58 - 2017-02-27 23:56 - 00030423 _____ C:\Users\ComTech\Downloads\224693-thelobster - Copy.zip 2017-05-12 10:58 - 2017-02-20 00:14 - 00022312 _____ C:\Users\ComTech\Downloads\101696-The.Book.Of.Eli_2010_DvDripaXXo - Copy.zip 2017-05-12 10:58 - 2016-11-24 00:10 - 00034018 _____ C:\Users\ComTech\Downloads\211536-focus20151080pbrripx264dtsjyk - Copy.zip 2017-05-12 10:58 - 2016-10-27 14:27 - 00737344 _____ (Oracle Corporation) C:\Users\ComTech\Downloads\chromeinstall-8u111 - Copy.exe 2017-05-12 10:58 - 2016-10-13 22:05 - 37853246 _____ C:\Users\ComTech\Downloads\CoD_1.5_Patch - Copy.exe 2017-05-12 10:58 - 2016-10-06 00:34 - 00023400 _____ C:\Users\ComTech\Downloads\231353-wazir.2016.hindi.dvdrip.x264.aac.5.1hon3y_mrgsr - Copy.zip 2017-05-12 10:58 - 2016-10-02 23:46 - 00061255 _____ C:\Users\ComTech\Downloads\234828-13hoursthesecretsoldiersofbenghazi - Copy.zip 2017-05-12 10:58 - 2016-03-24 17:50 - 219570826 _____ () C:\Users\ComTech\Downloads\counter-strike1.6s - Copy.exe 2017-05-10 00:42 - 2017-05-10 00:42 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-05-01 19:45 - 2017-05-01 19:45 - 00305832 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys 2017-04-28 16:20 - 2017-04-28 16:21 - 69089656 _____ (TeamSpeak Systems GmbH) C:\Users\ComTech\Downloads\TeamSpeak3-Client-win32-3.1.4.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-05-15 16:33 - 2017-04-09 02:45 - 00070208 _____ C:\Windows\ZAM.krnl.trace 2017-05-15 16:33 - 2017-04-09 02:45 - 00039516 _____ C:\Windows\ZAM_Guard.krnl.trace 2017-05-15 15:49 - 2016-03-24 17:51 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 OMONAS 2017-05-15 13:36 - 2017-03-13 13:10 - 00000000 ____D C:\Users\ComTech\AppData\Local\CrashDumps 2017-05-15 11:51 - 2016-03-24 12:51 - 00000000 ____D C:\Users\ComTech\AppData\Roaming\Skype 2017-05-15 08:28 - 2009-07-14 07:13 - 00785302 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-15 08:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-05-15 08:23 - 2016-03-24 12:10 - 00000000 __SHD C:\Users\ComTech\IntelGraphicsProfiles 2017-05-15 08:23 - 2016-03-24 11:56 - 00000000 ____D C:\ProgramData\Validity 2017-05-15 08:23 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-14 12:56 - 2016-05-13 08:32 - 00000000 ____D C:\Windows\Minidump 2017-05-14 12:56 - 2016-03-25 02:43 - 00322512 ____N C:\Windows\Minidump\051417-6224-01.dmp 2017-05-13 00:42 - 2016-03-24 12:53 - 00158880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2017-05-12 11:27 - 2016-11-28 14:48 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-05-12 11:27 - 2016-03-25 03:43 - 00000000 ____D C:\Windows\Panther 2017-05-12 10:43 - 2016-11-28 14:05 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-12 10:43 - 2016-11-28 14:05 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-05-11 11:11 - 2017-03-15 22:11 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-05-11 11:11 - 2016-03-24 12:52 - 00000000 ____D C:\ProgramData\Skype 2017-05-10 00:43 - 2016-03-24 17:42 - 00003896 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458834162 2017-05-10 00:42 - 2017-04-05 12:17 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-05-10 00:42 - 2017-04-05 12:17 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-05-10 00:42 - 2017-04-05 12:17 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-05-10 00:42 - 2017-04-05 12:17 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-05-10 00:42 - 2017-04-05 12:17 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-05-10 00:42 - 2016-03-24 12:57 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2017-05-10 00:42 - 2016-03-24 12:53 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-05-10 00:42 - 2016-03-24 12:53 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-05-10 00:42 - 2016-03-24 12:53 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2017-05-10 00:42 - 2016-03-24 12:53 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-05-10 00:42 - 2016-03-24 12:53 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-05-10 00:42 - 2016-03-24 12:53 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-05-10 00:42 - 2016-03-24 12:53 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-05-07 21:43 - 2016-07-19 01:12 - 00000000 ____D C:\Users\ComTech\AppData\Local\Popcorn-Time-CE 2017-05-05 08:27 - 2016-10-27 14:25 - 00000000 ____D C:\Program Files (x86)\McAfee 2017-05-05 08:27 - 2016-10-27 14:15 - 00000000 ____D C:\Program Files\TrueKey 2017-05-04 22:41 - 2016-10-27 14:15 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-05-04 11:10 - 2016-10-27 14:27 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk 2017-05-04 11:10 - 2016-10-27 14:27 - 00001151 _____ C:\Users\Public\Desktop\True Key.lnk 2017-04-28 00:36 - 2016-03-24 12:57 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-28 00:36 - 2016-03-24 12:57 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-23 00:24 - 2016-06-23 09:02 - 00000000 ____D C:\Users\ComTech\AppData\Local\ElevatedDiagnostics ==================== Files in the root of some directories ======= 2017-03-03 18:57 - 2017-03-03 18:57 - 0000036 _____ () C:\Users\ComTech\AppData\Local\housecall.guid.cache 2016-03-24 11:59 - 2016-03-24 11:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-05-13 13:01 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017 Ran by ComTech (15-05-2017 16:33:47) Running from C:\Users\ComTech\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2016-03-24 09:47:05) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1042645234-1658568069-2296401382-500 - Administrator - Disabled) ComTech (S-1-5-21-1042645234-1658568069-2296401382-1000 - Administrator - Enabled) => C:\Users\ComTech Guest (S-1-5-21-1042645234-1658568069-2296401382-501 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.00.1683, 29.12.2015 - AIMP DevTeam) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software) CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform) Counter-Strike 1.6 (HKU\S-1-5-21-1042645234-1658568069-2296401382-1000\...\Counter-Strike 1.6) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Intel Security True Key (HKLM\...\TrueKey) (Version: 4.16.112.1 - Intel Security) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4251 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.3.1 - PandoraTV) Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10120.11117 - Realtek Semiconductor Corp.) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft) Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7572 - Realtek Semiconductor Corp.) SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.19 - Synaptics Incorporated) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer) Uninstall Popcorn Time CE (HKU\S-1-5-21-1042645234-1658568069-2296401382-1000\...\{6C134338-8281-4CDC-A209-046EAE74C00A}}_is1) (Version: 0.3.9-12 - PopcornTimeCE) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.25 - Zemana Ltd.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1042645234-1658568069-2296401382-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {079B0E0B-321A-486C-89FC-8E8932A1B033} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-10] (AVAST Software) Task: {759BA2DA-4653-44DF-8477-9B9FB0524542} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-24] (Google Inc.) Task: {B07C5B8D-982F-4A58-8F83-8FAFAD65A5ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-24] (Google Inc.) Task: {BD4B00F3-4D38-4502-AC8B-066237E79699} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd) Task: {CB118DF7-6E42-4BFC-AAD7-D950F404EC5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {CD312AD5-FD0D-4FF7-810F-C87DE7A4757C} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-12-15] (McAfee, Inc.) Task: {DB3374E7-E511-490E-B273-0EC79E66BEE8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-14] (AVAST Software) Task: {E99CF069-F181-4600-887C-1A51491810AC} - System32\Tasks\SafeZone scheduled Autoupdate 1458834162 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-03-24 11:58 - 2015-07-30 06:02 - 00133696 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe 2017-05-10 00:42 - 2017-05-10 00:42 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-05-10 00:42 - 2017-05-10 00:42 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-05-10 00:42 - 2017-05-10 00:42 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-05-14 12:56 - 2017-05-14 12:56 - 05978624 _____ () C:\Program Files\AVAST Software\Avast\defs\17051402\algo.dll 2017-05-10 00:42 - 2017-05-10 00:42 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-05-10 00:42 - 2017-05-10 00:42 - 00230632 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2017-05-10 00:42 - 2017-05-10 00:42 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll 2017-05-10 00:42 - 2017-05-10 00:42 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-05-10 00:42 - 2017-05-10 00:42 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2016-11-28 14:50 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1042645234-1658568069-2296401382-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ComTech\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{5302D2E5-D376-496C-B3F9-AA96ADFABDD8}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{A457CC40-D8AB-4CCD-B72C-09DEAB0CB8D9}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{0DBF4F29-2B41-4FAD-A6EC-B95978DB705B}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{A6499B29-777C-4AD9-887B-6F8935543D7A}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{59CAD552-D216-4B70-A166-B11B291AD449}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{39932C71-23BB-4469-B1D1-1221FD966F70}C:\program files (x86)\counter-strike 1.6 omonas\hl.exe] => (Block) C:\program files (x86)\counter-strike 1.6 omonas\hl.exe FirewallRules: [UDP Query User{1A05B924-8648-47CD-BC02-3C15FFFCB93C}C:\program files (x86)\counter-strike 1.6 omonas\hl.exe] => (Block) C:\program files (x86)\counter-strike 1.6 omonas\hl.exe FirewallRules: [{B9F2481C-D49B-4338-B571-591727973698}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{7C2D7C27-9417-46D6-A9A5-6A7E3C35EA77}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [TCP Query User{EA75D191-FC06-4E08-B627-2989F84C11B6}C:\users\comtech\appdata\local\popcorn time ce\nw.exe] => (Allow) C:\users\comtech\appdata\local\popcorn time ce\nw.exe FirewallRules: [UDP Query User{E3BEFAFA-F5D4-492D-8477-ABD455D5FA59}C:\users\comtech\appdata\local\popcorn time ce\nw.exe] => (Allow) C:\users\comtech\appdata\local\popcorn time ce\nw.exe FirewallRules: [{FDCB2A65-367E-4893-BBD9-BB0195285F92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{F39033C7-053E-4F38-940B-C1670C651627}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D5981EDF-A06D-4882-BCAA-680652CDFE92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{272E7991-41A1-447A-970A-AF76E965FF9F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{5497C19C-10F3-45A9-BF76-BDAA789BD70D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe FirewallRules: [{6D552A5A-20FA-45BF-849C-B91244C32941}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe FirewallRules: [{F1967183-3CE9-4160-B0B6-59D1E2E25E05}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 17-04-2017 16:01:54 Scheduled Checkpoint 25-04-2017 00:44:16 Scheduled Checkpoint 02-05-2017 18:43:02 Scheduled Checkpoint 09-05-2017 20:31:02 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/15/2017 01:36:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: hl.exe, version: 1.1.1.1, time stamp: 0x48feaf5a Faulting module name: steamclient.dll, version: 0.0.0.0, time stamp: 0x4aa7bb95 Exception code: 0xc0000005 Fault offset: 0x0001d1a0 Faulting process id: 0x1138 Faulting application start time: 0x01d2cd6f52f1c5de Faulting application path: C:\Program Files (x86)\Counter-Strike 1.6 OMONAS\hl.exe Faulting module path: c:\program files (x86)\counter-strike 1.6 omonas\steamclient.dll Report Id: abae31be-3962-11e7-a4d3-b8868756af5e Error: (05/15/2017 08:23:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/14/2017 12:56:16 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/14/2017 10:47:27 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/13/2017 12:21:33 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/12/2017 06:54:14 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: The index cannot be initialized. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/12/2017 06:54:14 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: The application cannot be initialized. Context: Windows Application Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/12/2017 06:54:14 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/12/2017 06:54:14 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in <Search.TripoliIndexer> cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: Element not found. (HRESULT : 0x80070490) (0x80070490) Error: (05/12/2017 06:54:14 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in <Search.JetPropStore> cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) System errors: ============= Error: (05/14/2017 12:56:06 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000000, 0xfffff800030a6662). A dump was saved in: C:\Windows\Minidump\051417-6224-01.dmp. Report Id: 051417-6224-01. Error: (05/14/2017 12:56:05 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 12:54:59 PM on ‎5/‎14/‎2017 was unexpected. Error: (05/12/2017 06:54:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (05/12/2017 06:54:14 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The Windows Search service terminated with service-specific error %%-1073473535. Error: (05/12/2017 10:32:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Service Installer TrueKey service failed to start due to the following error: The system cannot find the file specified. Error: (05/12/2017 01:17:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Service Installer TrueKey service failed to start due to the following error: The system cannot find the file specified. Error: (05/11/2017 10:44:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Service Installer TrueKey service failed to start due to the following error: The system cannot find the file specified. Error: (05/10/2017 09:28:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Service Installer TrueKey service failed to start due to the following error: The system cannot find the file specified. Error: (05/09/2017 08:40:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Service Installer TrueKey service failed to start due to the following error: The system cannot find the file specified. Error: (05/09/2017 08:40:53 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000000, 0xfffff800030d3662). A dump was saved in: C:\Windows\Minidump\050917-6240-01.dmp. Report Id: 050917-6240-01. CodeIntegrity: =================================== Date: 2016-09-21 10:15:00.029 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswHdsKe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-21 10:15:00.028 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswHdsKe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) 3205U @ 1.50GHz Percentage of memory in use: 35% Total physical RAM: 4014.94 MB Available physical RAM: 2588.27 MB Total Virtual: 8028.08 MB Available Virtual: 6414.02 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:119.14 GB) (Free:81.11 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: D9FA2484) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================

Profil

Sass Drake Poslao: 16 Maj 2017 09:26 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. `CHR Extension: (CGN - Central Gazeta de Notícias) - C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeopplcfpohpdplnpoahkebkpiefmpb [2017-05-02] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx` U okviru Notepad-a klikni na File --> Save As Pod Encoding izaberi UTF-8. Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Profil

zoxknez Poslao: 16 Maj 2017 10:50 Idi na vrh
offline zoxknez Zaslužni građanin Pridružio: 27 Avg 2005 Poruke: 556	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017 Ran by ComTech (16-05-2017 11:49:21) Run:1 Running from C:\Users\ComTech\Desktop Loaded Profiles: ComTech (Available Profiles: ComTech) Boot Mode: Normal ============================================== fixlist content: *************** CHR Extension: (CGN - Central Gazeta de Notícias) - C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeopplcfpohpdplnpoahkebkpiefmpb [2017-05-02] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx *************** C:\Users\ComTech\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeopplcfpohpdplnpoahkebkpiefmpb => moved successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => key removed successfully ==== End of Fixlog 11:49:21 ====

Profil

Sass Drake Poslao: 16 Maj 2017 16:21 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sad stanje?

Profil

zoxknez Poslao: 17 Maj 2017 16:40 Idi na vrh
offline zoxknez Zaslužni građanin Pridružio: 27 Avg 2005 Poruke: 556	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Popricao sam malo sa njim imao je problema sa protokom itd ali su ga danas zvali da dodje po neki novi ruter pa ce biti kao bolje ali hvala u svakom slucaju barem si mu resio koliko vidim neku zlonamernu ekstenziju

Profil

Sass Drake Poslao: 17 Maj 2017 17:02 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provera

Ko je trenutno na forumu

Ukupno su 847 korisnika na forumu :: 7 registrovanih, 0 sakrivenih i 840 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., ALBION101, babaroga, gorantrojka, Marko Marković, Maschinekalibar, suton

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by