MyCity » Ambulanta -> Arhiva Ambulante » Virus

Virus

Napisano na dan: 16.3.2016

Strana:
1
2

Virus

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Eyes Poslao: 16 Mar 2016 22:21 Idi na vrh
offline Eyes Građanin Pridružio: 10 Jan 2015 Poruke: 202 Gde živiš: Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 16 Mar 2016 22:07 Imam virus sve mi menja skin windowsa i u My Computer kad udjem drugacije je.Redirektuje me na neke druge stranice na browseru lokacija jednog je C:/ProgramData/cb7a8f7c/9664e7ea.dll.uradio sam skeniranje avastom boot scan ali nisam skroz jer predugo traje.nisam palio kompjuter par dana i danas kad sam ga upalio hteo sam na fb i odjednom virus je poceo da radi svoje. [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01 Ran by Dezika (administrator) on DEZIKA-PC (16-03-2016 21:52:52) Running from C:\Users\Dezika\Desktop Loaded Profiles: Dezika (Available Profiles: Dezika) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Popcorn Time) C:\Program Files\Popcorn Time\Updater.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Windows\System32\UMonit.exe (Skillbrains) C:\Program Files\Skillbrains\lightshot\5.2.1.1\Lightshot.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avBugReport.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7137664 2016-03-12] (AVAST Software) HKLM\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe HKLM\...\Run: [UMonit] => C:\Windows\System32\UMonit.exe [53832 2015-07-09] () HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-10-13] (NVIDIA Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-12-22] (Oracle Corporation) HKU\S-1-5-21-3609390036-2450797130-3040472919-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-3609390036-2450797130-3040472919-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-3609390036-2450797130-3040472919-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd) HKU\S-1-5-21-3609390036-2450797130-3040472919-1000\...\MountPoints2: {030dcc60-bb49-11e4-a925-0015831080cf} - G:\setup.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-11] (AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BlueSoleil.lnk [2015-02-09] ShortcutTarget: BlueSoleil.lnk -> C:\Program Files\IVT Corporation\BlueSoleil\gprs.exe (IVT Corporation.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50 Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134 Tcpip\..\Interfaces\{2CD06948-3AC5-400C-A27A-D1047A13D5B0}: [NameServer] 82.163.142.7 95.211.158.134 Tcpip\..\Interfaces\{2CD06948-3AC5-400C-A27A-D1047A13D5B0}: [DhcpNameServer] 89.216.1.40 89.216.1.50 Tcpip\..\Interfaces\{81F9879A-E5E5-45FA-B450-CA1DA5B3A68E}: [NameServer] 82.163.142.7 95.211.158.134 Tcpip\..\Interfaces\{81F9879A-E5E5-45FA-B450-CA1DA5B3A68E}: [DhcpNameServer] 82.163.142.7 Internet Explorer: ================== HKU\S-1-5-21-3609390036-2450797130-3040472919-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]{2848FFAA-2AB5-4572-B941-ED2647408E5E}&i= HKU\S-1-5-21-3609390036-2450797130-3040472919-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]{2848FFAA-2AB5-4572-B941-ED2647408E5E}&i= SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3609390036-2450797130-3040472919-1000 -> DefaultScope {4F55141A-0CA4-49E3-B089-4B06C118FABA} URL = [Link mogu videti samo ulogovani korisnici]{2848FFAA-2AB5-4572-B941-ED2647408E5E}&action=default_search&k={searchTerms} SearchScopes: HKU\S-1-5-21-3609390036-2450797130-3040472919-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKU\S-1-5-21-3609390036-2450797130-3040472919-1000 -> {1E0CDCD2-259B-4129-91EF-F40BC2A4DD5B} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&fr=tightropetb&type=11433 SearchScopes: HKU\S-1-5-21-3609390036-2450797130-3040472919-1000 -> {4F55141A-0CA4-49E3-B089-4B06C118FABA} URL = [Link mogu videti samo ulogovani korisnici]{2848FFAA-2AB5-4572-B941-ED2647408E5E}&action=default_search&k={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_72\bin\ssv.dll [2016-01-30] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-11] (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-01-30] (Oracle Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: WSISVCUchrome - No CLSID Value - FireFox: ======== FF ProfilePath: C:\Users\Dezika\AppData\Roaming\Mozilla\Firefox\Profiles\yy0bgpfp.default-1433615665144 FF NewTab: FF DefaultSearchEngine: eShield Safe Web FF Homepage: [Link mogu videti samo ulogovani korisnici] about:preferences FF Keyword.URL: [Link mogu videti samo ulogovani korisnici]{2848FFAA-2AB5-4572-B941-ED2647408E5E}&action=default_search&k= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-13] () FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [No File] FF Plugin: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-01-30] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-01-30] (Oracle Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3609390036-2450797130-3040472919-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dezika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF user.js: detected! => C:\Users\Dezika\AppData\Roaming\Mozilla\Firefox\Profiles\yy0bgpfp.default-1433615665144\user.js [2016-02-24] FF SearchPlugin: C:\Users\Dezika\AppData\Roaming\Mozilla\Firefox\Profiles\yy0bgpfp.default-1433615665144\searchplugins\facebook.xml [2016-02-15] FF Extension: Adblock Plus - C:\Users\Dezika\AppData\Roaming\Mozilla\Firefox\Profiles\yy0bgpfp.default-1433615665144\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23] FF Extension: YouTube Flash Video Player - C:\Users\Dezika\AppData\Roaming\Mozilla\Firefox\Profiles\yy0bgpfp.default-1433615665144\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-03-13] FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-13] [not signed] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-12] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-12] Chrome: ======= CHR HKLM\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - [Link mogu videti samo ulogovani korisnici] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-11] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-11] (AVAST Software) S4 BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [166520 2007-12-27] () R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-10-13] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-10-13] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2015-10-13] (NVIDIA Corporation) S4 Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [51816 2007-12-27] () R2 Update service; C:\Program Files\Popcorn Time\Updater.exe [339968 2015-07-17] (Popcorn Time) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X] S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-02-11] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-03-12] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-02-11] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-02-11] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-03-12] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447848 2016-02-23] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [127432 2016-02-11] (AVAST Software) S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38984 2015-02-12] (The OpenVPN Project) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221240 2016-02-11] (AVAST Software) R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [34312 2007-06-24] (IVT Corporation.) R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [27656 2007-06-24] (IVT Corporation.) R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [18320 2007-03-05] (IVT Corporation.) S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [38920 2007-06-24] (IVT Corporation.) R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [20880 2007-03-05] (IVT Corporation.) R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [35600 2007-03-05] (IVT Corporation.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2015-02-23] (Disc Soft Ltd) R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [105392 2015-07-09] (GenesysLogic) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-10-13] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2015-10-13] (NVIDIA Corporation) R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [34448 2007-03-05] (IVT Corporation.) R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [44304 2007-03-05] (IVT Corporation.) U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-03-16 21:52 - 2016-03-16 21:53 - 00014074 _____ C:\Users\Dezika\Desktop\FRST.txt 2016-03-16 21:52 - 2016-03-16 21:52 - 00000000 ____D C:\FRST 2016-03-16 21:51 - 2016-03-16 21:51 - 01725440 _____ (Farbar) C:\Users\Dezika\Desktop\FRST.exe 2016-03-16 18:59 - 2016-03-16 18:59 - 00000000 ____D C:\ProgramData\eccebb83-6dc3-0 2016-03-16 18:59 - 2016-03-16 18:59 - 00000000 ____D C:\ProgramData\cb7a8f7c 2016-03-16 18:59 - 2016-03-16 18:59 - 00000000 ____D C:\ProgramData\{254fb608-212c-1} 2016-03-16 18:59 - 2016-03-16 18:59 - 00000000 ____D C:\ProgramData\{202938bc-412c-1} 2016-03-16 18:59 - 2016-03-16 18:59 - 00000000 ____D C:\ProgramData\{1c052d84-312c-0} 2016-03-16 18:59 - 2016-03-16 18:59 - 00000000 ____D C:\ProgramData\{02fa7eb7-112c-0} 2016-03-16 18:57 - 2016-03-16 18:57 - 00057960 _____ C:\Users\Dezika\AppData\Local\GDIPFONTCACHEV1.DAT 2016-03-16 18:55 - 2016-03-16 18:55 - 00266272 _____ C:\Windows\system32\FNTCACHE.DAT 2016-03-13 10:29 - 2016-03-13 16:38 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-03-13 00:17 - 2016-03-16 21:53 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-03-13 00:17 - 2016-03-13 00:19 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-03-13 00:17 - 2016-03-13 00:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-03-12 16:28 - 2016-02-19 19:50 - 00034240 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-03-12 16:28 - 2016-02-19 19:41 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-03-12 16:28 - 2016-02-19 15:07 - 01206784 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-03-12 16:28 - 2016-02-11 15:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-03-12 16:28 - 2016-02-05 15:07 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-03-12 16:28 - 2016-02-05 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-03-12 16:28 - 2016-02-05 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-03-12 16:28 - 2016-02-03 18:59 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2016-03-12 16:27 - 2016-02-12 19:39 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-03-12 16:27 - 2016-02-12 19:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-03-12 16:27 - 2016-02-12 19:26 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-03-12 16:27 - 2016-02-12 19:07 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-03-12 16:27 - 2016-02-12 19:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-03-12 16:27 - 2016-02-12 19:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-03-12 16:27 - 2016-02-12 19:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-03-12 16:27 - 2016-02-12 19:05 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-03-12 16:27 - 2016-02-12 19:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-03-12 16:27 - 2016-02-12 19:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-03-12 16:27 - 2016-02-12 19:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-03-12 16:27 - 2016-02-11 19:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2016-03-12 16:27 - 2016-02-11 19:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-03-12 16:27 - 2016-02-11 19:44 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-03-12 16:27 - 2016-02-11 19:44 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-03-12 16:27 - 2016-02-11 19:41 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-03-12 16:27 - 2016-02-11 19:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-03-12 16:27 - 2016-02-11 19:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-03-12 16:27 - 2016-02-11 19:37 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-03-12 16:27 - 2016-02-11 19:37 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-03-12 16:27 - 2016-02-11 19:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-03-12 16:27 - 2016-02-11 19:37 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-03-12 16:27 - 2016-02-11 19:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-03-12 16:27 - 2016-02-11 19:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-03-12 16:27 - 2016-02-11 19:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-03-12 16:27 - 2016-02-11 19:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-03-12 16:27 - 2016-02-11 19:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-03-12 16:27 - 2016-02-11 19:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-03-12 16:27 - 2016-02-11 19:33 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-03-12 16:27 - 2016-02-11 19:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-03-12 16:27 - 2016-02-11 19:31 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-03-12 16:27 - 2016-02-11 19:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-03-12 16:27 - 2016-02-11 19:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-03-12 16:27 - 2016-02-11 19:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-03-12 16:27 - 2016-02-11 19:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-03-12 16:27 - 2016-02-11 18:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-03-12 16:27 - 2016-02-11 18:37 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-03-12 16:27 - 2016-02-11 18:32 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-03-12 16:27 - 2016-02-11 18:32 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-03-12 16:27 - 2016-02-11 18:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-03-12 16:27 - 2016-02-11 18:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-03-12 16:27 - 2016-02-11 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-03-12 16:27 - 2016-02-11 18:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-03-12 16:27 - 2016-02-11 18:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-03-12 16:27 - 2016-02-09 10:50 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2016-03-12 16:27 - 2016-02-05 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-03-12 16:27 - 2016-02-05 19:44 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2016-03-12 16:27 - 2016-02-05 19:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2016-03-12 16:27 - 2016-02-05 18:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-03-12 16:27 - 2016-02-05 18:43 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-03-12 16:27 - 2016-02-04 19:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2016-03-12 16:27 - 2016-02-04 18:46 - 02387456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-03-12 16:25 - 2016-02-03 19:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-03-12 16:25 - 2016-02-03 19:49 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll 2016-03-12 16:25 - 2016-02-03 19:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-03-12 16:16 - 2016-02-09 07:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-03-12 16:16 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-03-12 16:16 - 2016-02-08 21:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-03-12 16:16 - 2016-02-08 21:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-03-12 16:16 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-03-12 16:16 - 2016-02-08 21:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-03-12 16:16 - 2016-02-08 21:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-03-12 16:16 - 2016-02-08 21:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-03-12 16:16 - 2016-02-08 21:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-03-12 16:16 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-03-12 16:16 - 2016-02-08 21:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-03-12 16:16 - 2016-02-08 21:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-03-12 16:16 - 2016-02-08 21:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-03-12 16:16 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-03-12 16:16 - 2016-02-08 21:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-03-12 16:16 - 2016-02-08 21:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-03-12 16:16 - 2016-02-08 21:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-03-12 16:16 - 2016-02-08 21:23 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-03-12 16:16 - 2016-02-08 21:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-03-12 16:16 - 2016-02-08 21:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-03-12 16:16 - 2016-02-08 21:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-03-12 16:16 - 2016-02-08 21:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-03-12 16:16 - 2016-02-08 21:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-03-12 16:16 - 2016-02-08 21:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-03-12 16:16 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-03-12 16:16 - 2016-02-08 21:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-03-12 16:16 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-03-12 16:16 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-03-12 16:16 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-03-12 16:16 - 2016-02-08 21:02 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-03-12 16:16 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-03-12 16:16 - 2016-02-08 21:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-03-12 16:16 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-03-12 16:16 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-03-12 16:16 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-03-12 16:15 - 2016-02-09 10:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2016-03-12 16:15 - 2016-02-09 10:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-03-12 16:15 - 2016-02-09 10:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2016-03-12 16:15 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2016-03-12 16:15 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2016-03-12 16:15 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2016-02-28 15:31 - 2016-02-28 15:31 - 00001172 _____ C:\Users\Public\Desktop\Crysis 2.lnk 2016-02-28 15:31 - 2016-02-28 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\v1nt 2016-02-27 20:58 - 2016-02-27 20:58 - 00000000 ____D C:\Users\Dezika\AppData\LocalLow\uTorrent 2016-02-26 16:09 - 2016-02-26 16:09 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-26 16:07 - 2016-02-28 15:01 - 00000000 ____D C:\Program Files\Rockstar Games 2016-02-24 23:23 - 2016-02-24 23:23 - 00000000 ____D C:\Program Files\Ubisoft 2016-02-24 19:48 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2016-02-24 19:48 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2016-02-24 19:48 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2016-02-24 16:04 - 2016-03-16 19:00 - 00000000 ____D C:\ProgramData\19f69ac9-6425-1 2016-02-24 16:04 - 2016-03-16 18:59 - 00000000 ____D C:\ProgramData\19f69ac9-1337-0 2016-02-24 00:59 - 2016-02-24 19:31 - 00000000 ____D C:\ProgramData\Electronic Arts 2016-02-24 00:59 - 2016-02-24 00:59 - 00000000 ____D C:\ProgramData\EA Core 2016-02-23 22:22 - 2016-02-23 22:22 - 00000000 ____D C:\Users\Dezika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Serious Sam 2 Patch 2.066.00 2016-02-23 22:03 - 2016-02-23 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serious Sam 2 2016-02-23 22:03 - 2016-02-23 22:03 - 00000773 _____ C:\Users\Dezika\Desktop\Serious Sam 2.lnk 2016-02-23 22:03 - 2016-02-23 22:03 - 00000000 ____D C:\Users\Dezika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Serious Sam 2 2016-02-23 21:44 - 2016-02-23 21:44 - 00000000 ____D C:\Users\Dezika\AppData\Roaming\ProductData 2016-02-23 21:43 - 2016-02-23 21:44 - 00000000 ____D C:\Users\Dezika\AppData\LocalLow\IObit 2016-02-23 21:43 - 2016-02-23 21:43 - 00000000 ____D C:\ProgramData\ProductData 2016-02-23 21:42 - 2016-02-23 21:43 - 00000000 ____D C:\Users\Dezika\AppData\Roaming\IObit 2016-02-15 21:32 - 1997-06-02 12:32 - 00314880 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe 2016-02-15 21:29 - 2016-02-15 21:29 - 00000000 __RSH C:\MSDOS.SYS 2016-02-15 21:29 - 2016-02-15 21:29 - 00000000 __RSH C:\IO.SYS 2016-02-15 20:31 - 2016-02-15 20:31 - 00000000 ____D C:\Users\Dezika\AppData\Local\SKIDROW ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-03-16 21:47 - 2015-05-15 21:28 - 00663768 _____ C:\Windows\system32\perfh01D.dat 2016-03-16 21:47 - 2015-05-15 21:28 - 00142582 _____ C:\Windows\system32\perfc01D.dat 2016-03-16 21:47 - 2015-05-15 21:10 - 00428472 _____ C:\Windows\system32\perfh012.dat 2016-03-16 21:47 - 2015-05-15 21:10 - 00120492 _____ C:\Windows\system32\perfc012.dat 2016-03-16 21:47 - 2015-05-15 18:05 - 00416826 _____ C:\Windows\system32\perfh011.dat 2016-03-16 21:47 - 2015-05-15 18:05 - 00122208 _____ C:\Windows\system32\perfc011.dat 2016-03-16 21:47 - 2015-05-15 17:29 - 00481550 _____ C:\Windows\system32\perfh00B.dat 2016-03-16 21:47 - 2015-05-15 17:29 - 00101628 _____ C:\Windows\system32\perfc00B.dat 2016-03-16 21:47 - 2015-05-15 16:58 - 00743546 _____ C:\Windows\system32\perfh013.dat 2016-03-16 21:47 - 2015-05-15 16:58 - 00153210 _____ C:\Windows\system32\perfc013.dat 2016-03-16 21:47 - 2015-05-15 16:46 - 00494562 _____ C:\Windows\system32\perfh014.dat 2016-03-16 21:47 - 2015-05-15 16:46 - 00095512 _____ C:\Windows\system32\perfc014.dat 2016-03-16 21:47 - 2015-05-15 16:17 - 00607036 _____ C:\Windows\system32\perfh008.dat 2016-03-16 21:47 - 2015-05-15 16:17 - 00111236 _____ C:\Windows\system32\perfc008.dat 2016-03-16 21:47 - 2015-05-15 15:59 - 00740094 _____ C:\Windows\system32\perfh010.dat 2016-03-16 21:47 - 2015-05-15 15:59 - 00146954 _____ C:\Windows\system32\perfc010.dat 2016-03-16 21:47 - 2015-05-15 15:49 - 00668888 _____ C:\Windows\system32\perfh005.dat 2016-03-16 21:47 - 2015-05-15 15:49 - 00141534 _____ C:\Windows\system32\perfc005.dat 2016-03-16 21:47 - 2015-05-15 15:40 - 00479062 _____ C:\Windows\system32\perfh001.dat 2016-03-16 21:47 - 2015-05-15 15:40 - 00094880 _____ C:\Windows\system32\perfc001.dat 2016-03-16 21:47 - 2015-05-15 15:26 - 00745764 _____ C:\Windows\system32\perfh00C.dat 2016-03-16 21:47 - 2015-05-15 15:26 - 00149688 _____ C:\Windows\system32\perfc00C.dat 2016-03-16 21:47 - 2015-05-15 15:14 - 00729066 _____ C:\Windows\system32\prfh0816.dat 2016-03-16 21:47 - 2015-05-15 15:14 - 00153014 _____ C:\Windows\system32\prfc0816.dat 2016-03-16 21:47 - 2015-05-15 15:03 - 00509462 _____ C:\Windows\system32\perfh006.dat 2016-03-16 21:47 - 2015-05-15 15:03 - 00098766 _____ C:\Windows\system32\perfc006.dat 2016-03-16 21:47 - 2015-05-15 14:52 - 00745504 _____ C:\Windows\system32\perfh00A.dat 2016-03-16 21:47 - 2015-05-15 14:52 - 00158582 _____ C:\Windows\system32\perfc00A.dat 2016-03-16 21:47 - 2015-05-15 14:39 - 00398390 _____ C:\Windows\system32\prfh0404.dat 2016-03-16 21:47 - 2015-05-15 14:39 - 00115198 _____ C:\Windows\system32\prfc0404.dat 2016-03-16 21:47 - 2015-05-15 14:30 - 00740406 _____ C:\Windows\system32\perfh015.dat 2016-03-16 21:47 - 2015-05-15 14:30 - 00155980 _____ C:\Windows\system32\perfc015.dat 2016-03-16 21:47 - 2015-04-22 12:34 - 00713928 _____ C:\Windows\system32\prfh0416.dat 2016-03-16 21:47 - 2015-04-22 12:34 - 00147764 _____ C:\Windows\system32\prfc0416.dat 2016-03-16 21:47 - 2015-04-22 12:22 - 00697256 _____ C:\Windows\system32\perfh007.dat 2016-03-16 21:47 - 2015-04-22 12:22 - 00149224 _____ C:\Windows\system32\perfc007.dat 2016-03-16 21:47 - 2015-04-22 12:09 - 00656730 _____ C:\Windows\system32\perfh01F.dat 2016-03-16 21:47 - 2015-04-22 12:09 - 00140108 _____ C:\Windows\system32\perfc01F.dat 2016-03-16 21:47 - 2010-11-20 22:01 - 14771376 _____ C:\Windows\system32\PerfStringBackup.INI 2016-03-16 21:47 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf 2016-03-16 21:45 - 2009-07-14 05:34 - 00028704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-03-16 21:45 - 2009-07-14 05:34 - 00028704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-03-16 21:41 - 2015-02-06 17:15 - 00000000 ____D C:\ProgramData\MCShield 2016-03-16 21:40 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-03-16 18:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\lt-LT 2016-03-16 18:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\et-EE 2016-03-14 00:02 - 2015-02-04 02:06 - 00000000 ____D C:\Users\Dezika\AppData\Roaming\Skype 2016-03-13 23:00 - 2015-02-04 00:29 - 00000000 ____D C:\ProgramData\Skype 2016-03-13 19:39 - 2015-02-23 17:58 - 00000000 ____D C:\Users\Dezika\AppData\Roaming\DAEMON Tools Lite 2016-03-13 19:39 - 2015-02-18 21:23 - 00000000 ____D C:\Users\Dezika\AppData\Roaming\uTorrent 2016-03-13 16:38 - 2016-01-24 17:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-03-13 10:12 - 2015-02-04 02:33 - 00000000 ____D C:\Windows\system32\appraiser 2016-03-13 00:19 - 2015-02-07 20:31 - 00000000 ____D C:\Users\Dezika\AppData\Local\Adobe 2016-03-13 00:05 - 2015-04-09 00:17 - 00000000 ____D C:\Windows\system32\Adobe 2016-03-12 13:25 - 2015-08-22 12:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-03-12 13:25 - 2015-03-14 23:27 - 00816304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2016-03-12 13:25 - 2015-03-14 23:27 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys 2016-03-04 19:24 - 2015-08-15 18:04 - 00000000 ____D C:\Users\Dezika\Downloads\PopcornTime 2016-02-26 16:17 - 2015-04-04 14:49 - 00000000 ___SD C:\Windows\system32\GWX 2016-02-24 23:23 - 2015-04-09 00:48 - 00000000 ____D C:\Users\Dezika\AppData\Local\Ubisoft Game Launcher 2016-02-24 23:23 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-02-24 02:13 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\ModemLogs 2016-02-24 02:09 - 2015-02-04 00:34 - 00000000 ____D C:\Program Files\TeamViewer 2016-02-24 02:08 - 2015-02-13 19:33 - 00000000 ____D C:\Users\Dezika\AppData\Local\TeamSpeak 3 Client 2016-02-24 02:08 - 2015-02-05 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-02-23 22:13 - 2015-02-04 03:12 - 00000000 ____D C:\ProgramData\NVIDIA 2016-02-23 21:50 - 2015-06-24 09:19 - 00000000 ___RD C:\Users\Dezika\Documents\Scanned Documents 2016-02-23 21:50 - 2015-03-29 15:48 - 00000000 ____D C:\Users\Dezika\Documents\My Games 2016-02-23 15:49 - 2015-03-14 23:27 - 00447848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2016-02-19 21:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF 2016-02-18 16:00 - 2015-11-15 21:24 - 00000000 ____D C:\Windows\rescache 2016-02-17 21:19 - 2015-02-12 11:15 - 00000000 ____D C:\Users\Dezika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2016-02-15 17:10 - 2009-07-14 05:53 - 00032598 _____ C:\Windows\Tasks\SCHEDLGU.TXT ==================== Files in the root of some directories ======= 2015-08-07 21:16 - 2015-08-07 21:16 - 13545694 _____ () C:\Users\Dezika\AppData\Local\package.nw.new 2015-03-29 13:10 - 2015-03-29 13:10 - 0000017 _____ () C:\Users\Dezika\AppData\Local\resmon.resmoncfg ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-02-18 15:44 ==================== End of FRST.txt ============================ Dopuna: 16 Mar 2016 22:07 Ako moze da se proveri da li ima jos sem ovog Dopuna: 16 Mar 2016 22:12 Vec se nalazi u Kovcegu od avasta ovaj virus sto sam dao lokaciju Dopuna: 16 Mar 2016 22:21 vidi se i da je taskbar drugaciji a win 7 je

Profil

Sass Drake Poslao: 16 Mar 2016 22:41 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. CreateRestorePoint: HKU\S-1-5-21-3609390036-2450797130-3040472919-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://services.eshield.com/general/newhometab.php?hometab=home&partner=11433&guid={2848FFAA-2AB5-4572-B941-ED2647408E5E}&i= HKU\S-1-5-21-3609390036-2450797130-3040472919-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://services.eshield.com/general/newhometab.php?hometab=home&partner=11433&guid={2848FFAA-2AB5-4572-B941-ED2647408E5E}&i= SearchScopes: HKU\S-1-5-21-3609390036-2450797130-3040472919-1000 -> DefaultScope {4F55141A-0CA4-49E3-B089-4B06C118FABA} URL = hxxp://search.eshield.com/serp?guid={2848FFAA-2AB5-4572-B941-ED2647408E5E}&action=default_search&k={searchTerms} SearchScopes: HKU\S-1-5-21-3609390036-2450797130-3040472919-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3609390036-2450797130-3040472919-1000 -> {1E0CDCD2-259B-4129-91EF-F40BC2A4DD5B} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11433 SearchScopes: HKU\S-1-5-21-3609390036-2450797130-3040472919-1000 -> {4F55141A-0CA4-49E3-B089-4B06C118FABA} URL = hxxp://search.eshield.com/serp?guid={2848FFAA-2AB5-4572-B941-ED2647408E5E}&action=default_search&k={searchTerms} FF DefaultSearchEngine: eShield Safe Web FF Homepage: hxxps://www.google.rs/?gws_rd=cr&ei=0T1zVZDJCsqTsgGP-oCICQ FF user.js: detected! => C:\Users\Dezika\AppData\Roaming\Mozilla\Firefox\Profiles\yy0bgpfp.default-1433615665144\user.js [2016-02-24] FF SearchPlugin: C:\Users\Dezika\AppData\Roaming\Mozilla\Firefox\Profiles\yy0bgpfp.default-1433615665144\searchplugins\facebook.xml [2016-02-15] FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-12] CHR HKLM\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - hxxps://clients2.google.com/service/update2/crx Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134 Tcpip\..\Interfaces\{2CD06948-3AC5-400C-A27A-D1047A13D5B0}: [NameServer] 82.163.142.7 95.211.158.134 Tcpip\..\Interfaces\{81F9879A-E5E5-45FA-B450-CA1DA5B3A68E}: [NameServer] 82.163.142.7 95.211.158.134 Tcpip\..\Interfaces\{81F9879A-E5E5-45FA-B450-CA1DA5B3A68E}: [DhcpNameServer] 82.163.142.7 C:\ProgramData\eccebb83-6dc3-0 C:\ProgramData\cb7a8f7c C:\ProgramData\{254fb608-212c-1} C:\ProgramData\{202938bc-412c-1} C:\ProgramData\{1c052d84-312c-0} C:\ProgramData\{02fa7eb7-112c-0} C:\ProgramData\19f69ac9-6425-1 C:\ProgramData\19f69ac9-1337-0 HKU\S-1-5-21-3609390036-2450797130-3040472919-1000\...\MountPoints2: {030dcc60-bb49-11e4-a925-0015831080cf} - G:\setup.exe Task: {13F3553E-684A-4293-8E8A-49AD520D84B5} - System32\Tasks\{5CAF338A-5C56-4FA4-994D-215A00CC60FB} => Firefox.exe Task: {B1BA6301-13F2-4E2E-AFBF-176A744F4A33} - System32\Tasks\{86B81BE9-8A68-439F-9C4E-A9A38DB1A874} => Firefox.exe AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [135] EmptyTemp: U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Korak 2 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. U EULA prozoru klikni na I agree. U Options isključi Reset Winsock settings ako je uključen. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Cleaning i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C1].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Profil

Eyes Poslao: 17 Mar 2016 00:18 Idi na vrh
offline Eyes Građanin Pridružio: 10 Jan 2015 Poruke: 202 Gde živiš: Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 17 Mar 2016 0:03 zeznuo sam sa adwcleanerom nisam ga sacuvao izvestaj,a skinuo sam ga na desktop.i kad pokusam da pronadjem txt fajl nema ga u C [Link mogu videti samo ulogovani korisnici] Dopuna: 17 Mar 2016 0:04 i dalje mi izbacuje reklame na mozzili Dopuna: 17 Mar 2016 0:18 nasao [Link mogu videti samo ulogovani korisnici]

Profil

Sass Drake Poslao: 17 Mar 2016 06:52 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. `Tcpip\..\Interfaces\{2CD06948-3AC5-400C-A27A-D1047A13D5B0}: [NameServer] 82.163.142.7 95.211.158.134 Tcpip\..\Interfaces\{81F9879A-E5E5-45FA-B450-CA1DA5B3A68E}: [NameServer] 82.163.142.7 95.211.158.134 Tcpip\..\Interfaces\{81F9879A-E5E5-45FA-B450-CA1DA5B3A68E}: [DhcpNameServer] 82.163.142.7 cmd: ipconfig /flushdns` U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Profil

Eyes Poslao: 17 Mar 2016 15:56 Idi na vrh
offline Eyes Građanin Pridružio: 10 Jan 2015 Poruke: 202 Gde živiš: Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 17 Mar 2016 15:48 [Link mogu videti samo ulogovani korisnici] Dopuna: 17 Mar 2016 15:56 ove reklame su bas uporne i dalje izlaze

Profil

Sass Drake Poslao: 17 Mar 2016 17:39 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Daj mi nove FRST.txt i Addition.txt izvještaje.

Profil

Eyes Poslao: 17 Mar 2016 18:33 Idi na vrh
offline Eyes Građanin Pridružio: 10 Jan 2015 Poruke: 202 Gde živiš: Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 17 Mar 2016 18:07 [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Dopuna: 17 Mar 2016 18:28 Izbacuje mi u Mozzili nesto kao pop-ups zuto uokvireno kao da otvara nekoliko stranica ali mi izbacuje neku reimagerepair i ovo non stop Dopuna: 17 Mar 2016 18:33

Profil

Sass Drake Poslao: 17 Mar 2016 18:55 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! [Link mogu videti samo ulogovani korisnici] Isprati ovo i otvori prozor gdje se podešava DNS serveri odaberi opciju "Obtain DNS server address automatically" sem u slučaju da si ranije podesio specifičan DNS server. Nakon toga restartuj računar i javi da li ti se reklame i dalje prikazuju. Ako ti se nakon toga ne budu otvarale web stranice, kao DNS stavi Google DNS koji je na 8.8.8.8

Profil

Eyes Poslao: 17 Mar 2016 19:18 Idi na vrh
offline Eyes Građanin Pridružio: 10 Jan 2015 Poruke: 202 Gde živiš: Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 17 Mar 2016 19:14 opet isto stoji mi na automatic nisam ranije nista podesavao niti znam.ali ne kontam gde pisem to dns 8.8.8.8 ako moze neka slika ? ili nesto Dopuna: 17 Mar 2016 19:18 ovako ?i da li to treba na protocolu 4 i 6 ?

Profil

Sass Drake Poslao: 17 Mar 2016 19:26 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Na IP v4. Ukoliko ti u gornja tri polja nije ništa bilo podešeno ranije, postavi ovako kako je kod mene na slici:

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Virus

Ko je trenutno na forumu

Ukupno su 991 korisnika na forumu :: 92 registrovanih, 6 sakrivenih i 893 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 04bokibole, _stipa_, alex71, Batko.VD.65, bbogdan, Belisarius, Bobrock1, Bojcca, Bojke549, Bokimajk, BOOM COMPANY, Borac1983, Bosnjo, Botovac, Brada64, brufen, BUDDAR70, crazydkure, cuvarkuca, cyprus, DalmatinacMF, dane007, Despot1, djonsule, djordjemiklusev, DragoslavS, Drugsparrow, DuškoMraz, Electron, EVIDENTICAR, farabut, fijufijukrozkapiju55, ghoost, Goran_, goxsys, ikan, In_hero, InzenjerBL, jarovitt, Jeremija98, JOntra, kolle.the.kid, Kontrausluga, Kruger, kunktator, kutija11, Lance Guest, Levi, loon123, LostInSpaceandTime, Lucije Kvint, mack8, Mahovljani, maiden6657, mercedez, mgolub, Mig 29, Mikisha, mile.ilic75, mile33, Milos82, mmelezovic, Moldovan, mrav pesadinac, mrkanidja, neko iz mase, nnovakis, novator, Pero, Pewac21, prikolica, raf87, ruma, S2M, SamoGledam, Sarmat, SlaKoj, Slingshot, Srki98, strn, tanzanija, Troja, Trpe Grozni, Vasilije Budović, Vlad000, vladaa012, yrraf, zeka013, Zeljo980, zlaya011, zmajognjeniivan, 1107

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by