MyCity » Ambulanta -> Arhiva Ambulante » Blokiran desktop,pomoc.

Blokiran desktop,pomoc.

Napisano na dan: 15.10.2013

Strana:
1
2
3

Blokiran desktop,pomoc.

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

izida Poslao: 15 Okt 2013 11:53 Idi na vrh
offline izida Građanin Pridružio: 15 Feb 2011 Poruke: 112	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nema problema,cujemo se kad dodjes.

Profil

TwinHeadedEagle Poslao: 15 Okt 2013 14:59 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvori Notepad i iskopiraj sledeci tekst koji se nalazi unutar osencenog prostora. `C:\Users\Aloha\AppData\Local\N7rOonLyK C:\Users\Aloha\AppData\Roaming\svhost*` U okviru Notepad-a klikni na File --> Save As Fajl nazovi fixlist.txt i sacuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sacekaj dok program ne završi Ukoliko program zatraži restart racunara, omoguci mu da to nesmetano obavi. Nakon završetka rada, otvorice se Notepad, sa sadržajem koji treba da kopiraš u temu. Takode, na Desktop-u ce se nalaziti fixlog.txt.

Profil

izida Poslao: 15 Okt 2013 18:45 Idi na vrh
offline izida Građanin Pridružio: 15 Feb 2011 Poruke: 112	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013 Ran by Aloha at 2013-10-15 18:41:31 Run:2 Running from C:\Users\Aloha\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** C:\Users\Aloha\AppData\Local\N7rOonLyK C:\Users\Aloha\AppData\Roaming\svhost* ***************** "C:\Users\Aloha\AppData\Local\N7rOonLyK " directory move: Could not move "C:\Users\Aloha\AppData\Local\N7rOonLyK " directory. => Scheduled to move on reboot. C:\Users\Aloha\AppData\Roaming\svhost* => Moved successfully. =========== Result of Scheduled Files to move =========== "C:\Users\Aloha\AppData\Local\N7rOonLyK " => Directory could not move. ==== End of Fixlog ====

Profil

TwinHeadedEagle Poslao: 15 Okt 2013 19:19 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi The Avenger na Desktop. Raspakuj arhivu u neki folder Dvoklikom pokreni avenger.exe Iskopiraj tekst koji se nalazi unutar Kod polja u (beli) prozor programa: `Folders to delete: C:\Users\Aloha\AppData\Local\N7rOonLyK` Klikni Execute, a zatim Yes u sledeća dva prozora koji će se otvoriti Kompjuter će se restartovati (u određenim slučajevima: dva puta) i započeti će proces čišćenja/skeniranja Kada proces bude završen, logfile C:\avenger.txt će se otvoriti u Notepad-u Iskopiraj sadržaj dobijenog loga u temu na forumu. Nakon toga, ponovo pokreni FRST i dostavi mi svez izvestaj.

Profil

izida Poslao: 15 Okt 2013 19:36 Idi na vrh
offline izida Građanin Pridružio: 15 Feb 2011 Poruke: 112	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skinuo Avanger,raspakovao arhivu u folder,pokrenuo Avanger,u polje ubacio skriptu,isao na izvrsenje,dobijam poruku da ce se restartovati racunar i da ce pokrenuti scan posle boot-a. Ovo se ne desava,sistem se podigne normalno,pokusao sam dva puta. Na pomenutoj lokaciji nema avanger.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013 Ran by Aloha (administrator) on ALOHA-PC on 15-10-2013 19:32:30 Running from C:\Users\Aloha\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE (AMD) C:\Windows\system32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe () C:\Program Files (x86)\DVBViewer\Remotes\starter.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\DVBViewer\Remotes\ts_winlirc.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation) HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google) HKCU\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd) HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2369536 2010-03-15] (VIA) HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation) HKLM-x32\...\Run: [DVBViewer Starter] - C:\Program Files (x86)\DVBViewer\Remotes\starter.exe [175104 2005-10-11] () HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.rs/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x40B773ABAD95CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={sear BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: javascript - No CLSID Value - Handler-x32: javascript - No CLSID Value - Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Aloha\AppData\Roaming\Mozilla\Firefox\Profiles\84hfvcsk.default FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @verimatrix.com/ViewRightWeb - C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @verimatrix.com/ViewRightWeb - C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pogodakyu.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vokabular.xml FF Extension: xnotifier.lite - C:\Users\Aloha\AppData\Roaming\Mozilla\Firefox\Profiles\84hfvcsk.default\Extensions\xnotifier.lite@tobwithu.org.xpi FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt Chrome: ======= CHR HomePage: hxxp://www.elitesecurity.org/f101 CHR RestoreOnStartup: "hxxp://www.elitesecurity.org/f101-PC-DVB-kartice" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Magic Actions for YouTube\u2122) - C:\Users\Aloha\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\6.2.4_0 CHR Extension: (Google Drive) - C:\Users\Aloha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Aloha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (X-notifier (for Gmail\u2122,Hotmail,Yahoo,AOL...)) - C:\Users\Aloha\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfjbkbddpfnoplfhceolpopfoepleco\3.3.6_0 CHR Extension: (Google Search) - C:\Users\Aloha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (AdBlock) - C:\Users\Aloha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\Aloha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\Aloha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-04] () ==================== Drivers (Whitelisted) ==================== R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57512 2012-11-20] (Advanced Micro Devices) S3 AR9271; C:\Windows\System32\DRIVERS\athuwx.sys [2224160 2011-07-29] (Atheros Communications, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation) R3 MTSBDA; C:\Windows\System32\Drivers\MtsBda.sys [344592 2009-07-13] (TechniSat Provide) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] () R3 MtsHID; C:\Windows\System32\drivers\MtsHID.sys [27664 2009-07-13] (TechniSat Provide) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-18] (Duplex Secure Ltd.) U3 ae9acrx6; C:\Windows\System32\Drivers\ae9acrx6.sys [0 ] (Advanced Micro Devices) S0 dgvncx; system32\drivers\uslhk.sys [x] S0 lkkrjrni; system32\drivers\apgxuyk.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-15 19:29 - 2013-10-15 19:29 - 00061440 _____ C:\Windows\SysWOW64\Drivers\uslhk.sys 2013-10-15 19:29 - 2013-10-15 19:29 - 00000120 _____ C:\Windows\SysWOW64\szlfuwa.txt 2013-10-15 19:23 - 2013-10-15 19:23 - 00061440 _____ C:\Windows\SysWOW64\Drivers\apgxuyk.sys 2013-10-15 19:23 - 2013-10-15 19:23 - 00000120 _____ C:\Program Files (x86)\npodi.txt 2013-10-15 19:23 - 2013-10-15 19:23 - 00000000 ____D C:\Users\Aloha\Desktop\avenger 2013-10-15 19:22 - 2013-10-15 19:22 - 00724952 _____ C:\Users\Aloha\Desktop\avenger.zip 2013-10-15 18:59 - 2013-10-15 18:59 - 00000000 ____D C:\download 2013-10-15 18:55 - 2013-10-15 19:15 - 00000000 ____D C:\Users\Aloha\Desktop\Jdownloader2 2013-10-15 18:49 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-10-15 18:49 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-10-15 18:49 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2013-10-15 18:49 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2013-10-15 18:49 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-10-15 18:49 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-10-15 18:49 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2013-10-15 18:49 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-10-15 18:49 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2013-10-15 18:49 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-10-15 18:49 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-10-15 18:49 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-10-15 18:49 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2013-10-15 18:49 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-10-15 18:49 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2013-10-15 18:49 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-10-15 18:49 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-10-15 18:49 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-10-15 18:49 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-10-15 18:49 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2013-10-15 18:49 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2013-10-15 18:49 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2013-10-15 18:49 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2013-10-15 18:49 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2013-10-15 18:49 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2013-10-15 18:42 - 2013-10-15 18:42 - 00000336 _____ C:\Windows\PFRO.log 2013-10-15 14:20 - 2013-10-15 14:20 - 00000000 ____D C:\Users\Aloha\AppData\Roaming\Mozilla 2013-10-15 14:20 - 2013-10-15 14:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-15 14:20 - 2013-10-15 14:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-15 14:16 - 2013-10-15 19:31 - 00007840 _____ C:\Windows\setupact.log 2013-10-15 14:16 - 2013-10-15 14:16 - 00000000 _____ C:\Windows\setuperr.log 2013-10-15 14:02 - 2013-10-15 14:02 - 00016132 _____ C:\Users\Aloha\Desktop\jdownloader dlc.dlc 2013-10-15 14:00 - 2013-10-15 14:02 - 03433837 _____ C:\Users\Aloha\Desktop\jd 15-10-2013.rar 2013-10-15 13:58 - 2013-10-15 14:34 - 107651823 _____ C:\Users\Aloha\Desktop\jd2 fully loaded 15-10-2013.rar 2013-10-15 13:54 - 2013-10-15 13:54 - 00000000 ____D C:\Users\Aloha\.appwork 2013-10-15 10:07 - 2013-10-15 18:43 - 00000000 ____D C:\FRST 2013-10-15 10:07 - 2013-10-15 10:07 - 01954124 _____ (Farbar) C:\Users\Aloha\Desktop\FRST64.exe 2013-10-15 10:00 - 2013-10-15 10:00 - 00000000 ____D C:\Users\Aloha\AppData\Roaming\Malwarebytes 2013-10-15 10:00 - 2013-10-15 10:00 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-15 10:00 - 2013-10-15 10:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-15 10:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-15 09:39 - 2013-10-15 09:39 - 00000000 ____D C:\Users\Aloha\AppData\Local\N7rOonLyK 2013-10-09 22:24 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-10-09 22:24 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-10-09 22:24 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-10-09 22:24 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-10-09 22:24 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-10-09 22:24 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-10-09 22:24 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-10-09 22:24 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-10-09 22:24 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-10-09 22:24 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-09 22:24 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-09 22:24 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-09 22:24 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-09 22:24 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-10-09 22:24 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-10-09 22:24 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-10-09 22:24 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-10-09 22:24 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-09 22:24 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-10-09 22:24 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-09 22:24 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-10-09 22:23 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-10-09 22:23 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-10-09 22:23 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-10-09 22:23 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-10-09 22:23 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-10-09 22:23 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-09 22:23 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-09 22:23 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-09 22:23 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-09 22:23 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-09 17:32 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-09 17:32 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-09 17:32 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-09 17:32 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-09 17:32 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 17:32 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 17:32 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2013-10-09 17:32 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-09 17:32 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2013-10-09 17:32 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-10-09 17:32 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-09 17:32 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-09 17:32 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2013-10-09 17:32 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-10-09 17:32 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2013-10-09 17:32 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-10-09 17:32 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2013-10-09 17:32 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2013-10-09 17:32 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2013-10-09 17:32 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-09 17:32 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2013-10-09 17:32 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2013-10-09 17:31 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-09 17:31 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-09 17:31 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-10-09 17:31 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2013-10-09 17:31 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-10-08 17:53 - 2013-10-08 17:54 - 00000000 ____D C:\Users\Aloha\Documents\Battlefield 4 Beta 2013-10-07 22:47 - 2013-10-07 22:47 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-10-07 22:47 - 2013-10-07 22:47 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2013-10-06 18:47 - 2013-10-06 18:47 - 00001281 _____ C:\Users\Public\Desktop\PESEdit 2014 Selector.lnk 2013-10-04 18:40 - 2013-10-04 18:40 - 00000000 ____D C:\Users\Aloha\AppData\Local\PunkBuster 2013-10-04 18:39 - 2013-10-04 18:39 - 00000000 ____D C:\Users\Aloha\Documents\Battlefield 4 2013-10-04 18:38 - 2013-10-04 18:38 - 00001205 _____ C:\Users\Public\Desktop\Battlefield 4™ Beta.lnk 2013-10-04 18:38 - 2013-10-04 18:38 - 00000000 ____D C:\Users\Aloha\AppData\Local\ESN 2013-10-04 18:38 - 2013-10-04 18:38 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins 2013-10-04 18:37 - 2013-10-15 11:10 - 00215416 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2013-10-04 18:37 - 2013-10-15 11:10 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-10-04 18:37 - 2013-10-04 18:37 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2013-10-04 18:36 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2013-10-04 18:36 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2013-10-04 18:36 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2013-10-04 18:36 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2013-10-04 18:36 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2013-10-03 19:26 - 2013-10-03 23:17 - 00000000 ____D C:\Program Files (x86)\Origin Games 2013-10-02 18:28 - 2013-10-03 19:26 - 00000000 ____D C:\Users\Aloha\AppData\Local\Origin 2013-10-02 18:27 - 2013-10-15 11:08 - 00000000 ____D C:\Program Files (x86)\Origin 2013-10-02 18:27 - 2013-10-04 18:39 - 00000000 ____D C:\ProgramData\Electronic Arts 2013-10-02 18:27 - 2013-10-03 19:19 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk 2013-09-27 17:44 - 2013-10-15 18:53 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-27 17:44 - 2013-10-08 21:53 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-25 18:46 - 2013-09-25 18:46 - 00000000 ____D C:\Program Files\CPUID 2013-09-23 17:35 - 2013-10-05 21:40 - 00000000 ____D C:\Users\Aloha\Desktop\The Bridge 2013-09-22 20:21 - 2013-09-22 20:21 - 00000000 ____D C:\Users\Aloha\AppData\Roaming\Ashampoo 2013-09-22 20:20 - 2013-09-22 20:20 - 00000000 ____D C:\Users\Aloha\AppData\Local\ashampoo 2013-09-22 20:20 - 2013-09-22 20:20 - 00000000 ____D C:\ProgramData\Ashampoo 2013-09-22 20:20 - 2013-09-22 20:20 - 00000000 ____D C:\Program Files (x86)\Ashampoo 2013-09-21 22:38 - 2013-09-21 23:10 - 00000000 ____D C:\Users\Aloha\Desktop\greece 2013-09-21 21:32 - 2013-09-21 21:32 - 00001289 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk 2013-09-21 21:32 - 2013-09-21 21:32 - 00000000 ____D C:\ProgramData\YTD Video Downloader 2013-09-21 21:32 - 2013-09-21 21:32 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications 2013-09-21 14:49 - 2013-09-21 14:49 - 00000000 ____D C:\ProgramData\ATI 2013-09-21 14:49 - 2013-09-21 14:49 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-09-21 14:48 - 2013-09-21 14:48 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201309211448476992.log 2013-09-21 14:41 - 2013-10-04 18:37 - 00000000 ____D C:\ProgramData\Package Cache 2013-09-18 22:46 - 2013-09-18 22:46 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2013-09-18 22:45 - 2013-10-04 23:29 - 00000000 ____D C:\Users\Aloha\AppData\Roaming\DAEMON Tools Pro 2013-09-18 22:45 - 2013-09-18 22:57 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro 2013-09-18 22:45 - 2013-09-18 22:50 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro 2013-09-18 14:20 - 2013-09-18 14:20 - 00040446 _____ (Beepa Pty Ltd) C:\Program Files (x86)\uninstall.exe 2013-09-18 14:20 - 2013-09-18 14:20 - 00000857 _____ C:\Users\Public\Desktop\Fraps.lnk 2013-09-18 14:20 - 2013-09-18 14:20 - 00000000 ____D C:\Program Files (x86)\HELP ==================== One Month Modified Files and Folders ======= 2013-10-15 19:31 - 2013-10-15 14:16 - 00007840 _____ C:\Windows\setupact.log 2013-10-15 19:30 - 2013-08-29 23:14 - 00000356 _____ C:\Windows\Tasks\AmiUpdXp.job 2013-10-15 19:30 - 2013-08-10 11:41 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-15 19:30 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-15 19:29 - 2013-10-15 19:29 - 00061440 _____ C:\Windows\SysWOW64\Drivers\uslhk.sys 2013-10-15 19:29 - 2013-10-15 19:29 - 00000120 _____ C:\Windows\SysWOW64\szlfuwa.txt 2013-10-15 19:29 - 2013-08-09 18:07 - 01886354 _____ C:\Windows\WindowsUpdate.log 2013-10-15 19:29 - 2009-07-14 07:13 - 00786558 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-15 19:29 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-15 19:29 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-15 19:23 - 2013-10-15 19:23 - 00061440 _____ C:\Windows\SysWOW64\Drivers\apgxuyk.sys 2013-10-15 19:23 - 2013-10-15 19:23 - 00000120 _____ C:\Program Files (x86)\npodi.txt 2013-10-15 19:23 - 2013-10-15 19:23 - 00000000 ____D C:\Users\Aloha\Desktop\avenger 2013-10-15 19:22 - 2013-10-15 19:22 - 00724952 _____ C:\Users\Aloha\Desktop\avenger.zip 2013-10-15 19:20 - 2013-08-10 12:16 - 00000000 ____D C:\Users\Aloha\AppData\Local\Mozilla 2013-10-15 19:15 - 2013-10-15 18:55 - 00000000 ____D C:\Users\Aloha\Desktop\Jdownloader2 2013-10-15 18:59 - 2013-10-15 18:59 - 00000000 ____D C:\download 2013-10-15 18:53 - 2013-09-27 17:44 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-15 18:51 - 2013-08-10 11:41 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-15 18:50 - 2013-08-10 12:10 - 00001945 _____ C:\Windows\epplauncher.mif 2013-10-15 18:50 - 2013-08-10 12:09 - 00000000 ____D C:\Program Files\Microsoft Security Client 2013-10-15 18:50 - 2013-08-10 12:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2013-10-15 18:43 - 2013-10-15 10:07 - 00000000 ____D C:\FRST 2013-10-15 18:42 - 2013-10-15 18:42 - 00000336 _____ C:\Windows\PFRO.log 2013-10-15 17:34 - 2013-08-10 19:37 - 00000000 ____D C:\Program Files (x86)\DVBViewer 2013-10-15 14:34 - 2013-10-15 13:58 - 107651823 _____ C:\Users\Aloha\Desktop\jd2 fully loaded 15-10-2013.rar 2013-10-15 14:20 - 2013-10-15 14:20 - 00000000 ____D C:\Users\Aloha\AppData\Roaming\Mozilla 2013-10-15 14:20 - 2013-10-15 14:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-15 14:20 - 2013-10-15 14:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-15 14:16 - 2013-10-15 14:16 - 00000000 _____ C:\Windows\setuperr.log 2013-10-15 14:10 - 2013-08-10 03:56 - 00000000 ____D C:\Windows\Panther 2013-10-15 14:09 - 2013-08-10 17:05 - 00000000 ____D C:\Program Files (x86)\JDownloader 2013-10-15 14:02 - 2013-10-15 14:02 - 00016132 _____ C:\Users\Aloha\Desktop\jdownloader dlc.dlc 2013-10-15 14:02 - 2013-10-15 14:00 - 03433837 _____ C:\Users\Aloha\Desktop\jd 15-10-2013.rar 2013-10-15 13:54 - 2013-10-15 13:54 - 00000000 ____D C:\Users\Aloha\.appwork 2013-10-15 13:54 - 2013-08-09 18:10 - 00000000 ____D C:\Users\Aloha 2013-10-15 11:10 - 2013-10-04 18:37 - 00215416 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2013-10-15 11:10 - 2013-10-04 18:37 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-10-15 11:08 - 2013-10-02 18:27 - 00000000 ____D C:\Program Files (x86)\Origin 2013-10-15 10:07 - 2013-10-15 10:07 - 01954124 _____ (Farbar) C:\Users\Aloha\Desktop\FRST64.exe 2013-10-15 10:00 - 2013-10-15 10:00 - 00000000 ____D C:\Users\Aloha\AppData\Roaming\Malwarebytes 2013-10-15 10:00 - 2013-10-15 10:00 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-15 10:00 - 2013-10-15 10:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-15 09:45 - 2013-08-25 14:22 - 00000069 _____ C:\Windows\NeroDigital.ini 2013-10-15 09:39 - 2013-10-15 09:39 - 00000000 ____D C:\Users\Aloha\AppData\Local\N7rOonLyK 2013-10-14 13:31 - 2013-08-09 18:23 - 00000000 ____D C:\Users\Aloha\AppData\Roaming\Skype 2013-10-11 18:46 - 2013-08-10 11:41 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-11 18:46 - 2013-08-10 11:41 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-10 19:17 - 2009-07-14 06:45 - 00422152 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-09 22:25 - 2013-08-10 12:36 - 00778680 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-10-09 22:23 - 2013-08-10 16:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-09 22:23 - 2013-08-10 16:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-09 22:22 - 2013-08-10 18:28 - 00000000 ____D C:\Windows\system32\MRT 2013-10-09 22:20 - 2013-08-10 18:20 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-10-09 22:20 - 2013-08-10 11:38 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-10-08 21:53 - 2013-09-27 17:44 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-10-08 21:53 - 2013-08-11 22:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-08 21:53 - 2013-08-11 22:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-08 17:54 - 2013-10-08 17:53 - 00000000 ____D C:\Users\Aloha\Documents\Battlefield 4 Beta 2013-10-07 22:47 - 2013-10-07 22:47 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-10-07 22:47 - 2013-10-07 22:47 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2013-10-06 18:47 - 2013-10-06 18:47 - 00001281 _____ C:\Users\Public\Desktop\PESEdit 2014 Selector.lnk 2013-10-06 18:40 - 2013-08-10 16:59 - 00000000 ____D C:\Users\Aloha\AppData\Roaming\uTorrent 2013-10-05 21:40 - 2013-09-23 17:35 - 00000000 ____D C:\Users\Aloha\Desktop\The Bridge 2013-10-04 23:29 - 2013-09-18 22:45 - 00000000 ____D C:\Users\Aloha\AppData\Roaming\DAEMON Tools Pro 2013-10-04 18:40 - 2013-10-04 18:40 - 00000000 ____D C:\Users\Aloha\AppData\Local\PunkBuster 2013-10-04 18:39 - 2013-10-04 18:39 - 00000000 ____D C:\Users\Aloha\Documents\Battlefield 4 2013-10-04 18:39 - 2013-10-02 18:27 - 00000000 ____D C:\ProgramData\Electronic Arts 2013-10-04 18:39 - 2013-08-13 20:49 - 00000000 ____D C:\ProgramData\Origin 2013-10-04 18:38 - 2013-10-04 18:38 - 00001205 _____ C:\Users\Public\Desktop\Battlefield 4™ Beta.lnk 2013-10-04 18:38 - 2013-10-04 18:38 - 00000000 ____D C:\Users\Aloha\AppData\Local\ESN 2013-10-04 18:38 - 2013-10-04 18:38 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins 2013-10-04 18:37 - 2013-10-04 18:37 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2013-10-04 18:37 - 2013-09-21 14:41 - 00000000 ____D C:\ProgramData\Package Cache 2013-10-03 23:17 - 2013-10-03 19:26 - 00000000 ____D C:\Program Files (x86)\Origin Games 2013-10-03 19:26 - 2013-10-02 18:28 - 00000000 ____D C:\Users\Aloha\AppData\Local\Origin 2013-10-03 19:26 - 2013-08-13 20:50 - 00000000 ____D C:\Users\Aloha\AppData\Roaming\Origin 2013-10-03 19:19 - 2013-10-02 18:27 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk 2013-09-25 18:46 - 2013-09-25 18:46 - 00000000 ____D C:\Program Files\CPUID 2013-09-25 18:43 - 2013-08-09 18:21 - 00000000 ____D C:\Program Files\WinRAR 2013-09-23 01:28 - 2013-10-09 22:23 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-23 01:28 - 2013-10-09 22:23 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-23 01:27 - 2013-10-09 22:24 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-23 01:27 - 2013-10-09 22:24 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-23 01:27 - 2013-10-09 22:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-23 01:27 - 2013-10-09 22:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-23 01:27 - 2013-10-09 22:24 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-23 01:27 - 2013-10-09 22:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-23 01:27 - 2013-10-09 22:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-23 01:27 - 2013-10-09 22:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-23 01:27 - 2013-10-09 22:23 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-23 01:27 - 2013-10-09 22:23 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-23 01:27 - 2013-10-09 22:23 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-23 00:55 - 2013-10-09 22:24 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-23 00:55 - 2013-10-09 22:23 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-23 00:55 - 2013-10-09 22:23 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-23 00:54 - 2013-10-09 22:24 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-23 00:54 - 2013-10-09 22:24 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-23 00:54 - 2013-10-09 22:24 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-23 00:54 - 2013-10-09 22:24 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-23 00:54 - 2013-10-09 22:24 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-23 00:54 - 2013-10-09 22:24 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-23 00:54 - 2013-10-09 22:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-23 00:54 - 2013-10-09 22:24 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-23 00:54 - 2013-10-09 22:23 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-23 00:54 - 2013-10-09 22:23 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-23 00:54 - 2013-10-09 22:23 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-22 20:21 - 2013-09-22 20:21 - 00000000 ____D C:\Users\Aloha\AppData\Roaming\Ashampoo 2013-09-22 20:20 - 2013-09-22 20:20 - 00000000 ____D C:\Users\Aloha\AppData\Local\ashampoo 2013-09-22 20:20 - 2013-09-22 20:20 - 00000000 ____D C:\ProgramData\Ashampoo 2013-09-22 20:20 - 2013-09-22 20:20 - 00000000 ____D C:\Program Files (x86)\Ashampoo 2013-09-21 23:10 - 2013-09-21 22:38 - 00000000 ____D C:\Users\Aloha\Desktop\greece 2013-09-21 21:32 - 2013-09-21 21:32 - 00001289 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk 2013-09-21 21:32 - 2013-09-21 21:32 - 00000000 ____D C:\ProgramData\YTD Video Downloader 2013-09-21 21:32 - 2013-09-21 21:32 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications 2013-09-21 14:49 - 2013-09-21 14:49 - 00000000 ____D C:\ProgramData\ATI 2013-09-21 14:49 - 2013-09-21 14:49 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-09-21 14:49 - 2013-08-10 12:11 - 00000000 ____D C:\ProgramData\AMD 2013-09-21 14:48 - 2013-09-21 14:48 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201309211448476992.log 2013-09-21 14:48 - 2013-08-09 18:13 - 00000000 ____D C:\Program Files\ATI Technologies 2013-09-21 10:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-09-21 05:38 - 2013-10-09 22:24 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-21 05:30 - 2013-10-09 22:24 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-21 04:48 - 2013-10-09 22:24 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-21 04:39 - 2013-10-09 22:24 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-09-19 02:45 - 2013-08-10 21:47 - 00000000 ____D C:\Program Files (x86)\KONAMI 2013-09-18 23:11 - 2013-08-10 22:13 - 00000000 ____D C:\Users\Aloha\Documents\KONAMI 2013-09-18 23:05 - 2013-08-11 09:54 - 00000000 ____D C:\ProgramData\KONAMI 2013-09-18 22:57 - 2013-09-18 22:45 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro 2013-09-18 22:50 - 2013-09-18 22:45 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro 2013-09-18 22:46 - 2013-09-18 22:46 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2013-09-18 14:20 - 2013-09-18 14:20 - 00040446 _____ (Beepa Pty Ltd) C:\Program Files (x86)\uninstall.exe 2013-09-18 14:20 - 2013-09-18 14:20 - 00000857 _____ C:\Users\Public\Desktop\Fraps.lnk 2013-09-18 14:20 - 2013-09-18 14:20 - 00000000 ____D C:\Program Files (x86)\HELP 2013-09-16 09:17 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries Some content of TEMP: ==================== C:\Users\Aloha\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Aloha\AppData\Local\Temp\i4jdel0.exe C:\Users\Aloha\AppData\Local\Temp\proxy_vole6964995729109446211.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-21 10:08 ==================== End Of Log ============================

Profil

TwinHeadedEagle Poslao: 15 Okt 2013 20:06 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku; Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata; Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata; Ako nakon restarta dobijaš grešku prilikom startovanja pojedinih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to ce rešiti problem.

Profil

izida Poslao: 15 Okt 2013 20:50 Idi na vrh
offline izida Građanin Pridružio: 15 Feb 2011 Poruke: 112	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 15 Okt 2013 20:49 Evo u prilogu je postavljeno Dopuna: 15 Okt 2013 20:50 ComboFix 13-10-15.02 - Aloha 10/15/2013 20:38:23.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2701 [GMT 2:00] Running from: c:\users\Aloha\Desktop\ComboFix.exe AV: Microsoft Security Essentials Disabled/Updated {641105E6-77ED-3F35-A304-765193BCB75F} SP: Microsoft Security Essentials Disabled/Updated {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\fraps.exe c:\program files (x86)\fraps32.dll c:\program files (x86)\fraps64.dat c:\program files (x86)\fraps64.dll c:\program files (x86)\frapslcd.dll c:\program files (x86)\Uninstall.exe c:\users\Aloha\AppData\Local\Temp\_MEI30562\_ctypes.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\_elementtree.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\_hashlib.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\_multiprocessing.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\_socket.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\_ssl.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\msvcp100.dll c:\users\Aloha\AppData\Local\Temp\_MEI30562\msvcr100.dll c:\users\Aloha\AppData\Local\Temp\_MEI30562\pyexpat.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\pysqlite2._sqlite.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\python27.dll c:\users\Aloha\AppData\Local\Temp\_MEI30562\pythoncom27.dll c:\users\Aloha\AppData\Local\Temp\_MEI30562\PyWinTypes27.dll c:\users\Aloha\AppData\Local\Temp\_MEI30562\select.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\unicodedata.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\win32api.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\win32com.shell.shell.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\win32crypt.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\win32event.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\win32file.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\win32inet.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\win32pdh.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\win32process.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\win32profile.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\win32security.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\win32ts.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\windows._cacheinvalidation.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\wx._controls_.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\wx._core_.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\wx._gdi_.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\wx._html2.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\wx._misc_.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\wx._windows_.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\wx._wizard.pyd c:\users\Aloha\AppData\Local\Temp\_MEI30562\wxbase294u_net_vc90.dll c:\users\Aloha\AppData\Local\Temp\_MEI30562\wxbase294u_vc90.dll c:\users\Aloha\AppData\Local\Temp\_MEI30562\wxmsw294u_adv_vc90.dll c:\users\Aloha\AppData\Local\Temp\_MEI30562\wxmsw294u_core_vc90.dll c:\users\Aloha\AppData\Local\Temp\_MEI30562\wxmsw294u_html_vc90.dll c:\users\Aloha\AppData\Local\Temp\_MEI30562\wxmsw294u_webview_vc90.dll c:\windows\pkunzip.pif c:\windows\pkzip.pif c:\windows\SysWow64\frapsvid.dll . . ((((((((((((((((((((((((( Files Created from 2013-09-15 to 2013-10-15 ))))))))))))))))))))))))))))))) . . 2013-10-15 17:29 . 2013-10-15 17:29 61440 ----a-w- c:\windows\SysWow64\drivers\uslhk.sys 2013-10-15 17:23 . 2013-10-15 17:23 61440 ----a-w- c:\windows\SysWow64\drivers\apgxuyk.sys 2013-10-15 16:59 . 2013-10-15 16:59 -------- d-----w- C:\download 2013-10-15 12:20 . 2013-10-15 12:20 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2013-10-15 11:54 . 2013-10-15 11:54 -------- d-----w- c:\users\Aloha\.appwork 2013-10-15 08:33 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0EEFF409-7054-4804-8A77-7A02CA157CD3}\mpengine.dll 2013-10-15 08:07 . 2013-10-15 16:43 -------- d-----w- C:\FRST 2013-10-15 08:00 . 2013-10-15 08:00 -------- d-----w- c:\users\Aloha\AppData\Roaming\Malwarebytes 2013-10-15 08:00 . 2013-10-15 08:00 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-10-15 08:00 . 2013-10-15 08:00 -------- d-----w- c:\programdata\Malwarebytes 2013-10-15 08:00 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-10-15 07:39 . 2013-10-15 07:39 -------- d-----w- c:\users\Aloha\AppData\Local\N7rOonLyK 2013-10-14 07:50 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-10-09 20:23 . 2013-09-22 23:28 817664 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-10-09 20:23 . 2013-09-22 23:27 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll 2013-10-09 20:23 . 2013-09-22 22:55 1365504 ----a-w- c:\windows\system32\urlmon.dll 2013-10-09 20:23 . 2013-09-22 23:28 1767936 ----a-w- c:\windows\SysWow64\wininet.dll 2013-10-09 20:23 . 2013-09-22 22:55 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-10-09 20:23 . 2013-09-22 22:54 53248 ----a-w- c:\windows\system32\jsproxy.dll 2013-10-09 20:23 . 2013-09-22 22:55 2241024 ----a-w- c:\windows\system32\wininet.dll 2013-10-09 20:23 . 2013-09-22 22:54 15404544 ----a-w- c:\windows\system32\ieframe.dll 2013-10-09 20:23 . 2013-09-22 22:54 19252224 ----a-w- c:\windows\system32\mshtml.dll 2013-10-09 15:31 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys 2013-10-09 15:31 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys 2013-10-09 15:31 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2013-10-09 15:31 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys 2013-10-09 15:31 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys 2013-10-07 20:47 . 2013-10-07 20:47 -------- d-----w- c:\users\Default\AppData\Local\Google 2013-10-04 16:40 . 2013-10-04 16:40 -------- d-----w- c:\users\Aloha\AppData\Local\PunkBuster 2013-10-04 16:38 . 2013-10-04 16:38 -------- d-----w- c:\users\Aloha\AppData\Local\ESN 2013-10-04 16:38 . 2013-10-04 16:38 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller 2013-10-04 16:37 . 2013-10-15 09:10 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2013-10-04 16:37 . 2013-10-15 09:10 215416 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2013-10-04 16:37 . 2013-10-04 16:37 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2013-10-04 16:36 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll 2013-10-04 16:36 . 2008-10-15 04:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll 2013-10-04 16:36 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll 2013-10-04 16:36 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll 2013-10-04 16:36 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll 2013-10-02 16:28 . 2013-10-03 17:26 -------- d-----w- c:\users\Aloha\AppData\Local\Origin 2013-10-02 16:27 . 2013-10-15 17:56 -------- d-----w- c:\programdata\Electronic Arts 2013-10-02 16:27 . 2013-10-15 17:55 -------- d-----w- c:\program files (x86)\Origin 2013-09-25 16:46 . 2013-09-25 16:46 -------- d-----w- c:\program files\CPUID 2013-09-22 18:21 . 2013-09-22 18:21 -------- d-----w- c:\users\Aloha\AppData\Roaming\Ashampoo 2013-09-22 18:20 . 2013-09-22 18:20 -------- d-----w- c:\users\Aloha\AppData\Local\ashampoo 2013-09-22 18:20 . 2013-09-22 18:20 -------- d-----w- c:\programdata\Ashampoo 2013-09-22 18:20 . 2013-09-22 18:20 -------- d-----w- c:\program files (x86)\Ashampoo 2013-09-21 19:32 . 2013-09-21 19:32 -------- d-----w- c:\programdata\YTD Video Downloader 2013-09-21 19:32 . 2013-09-21 19:32 -------- d-----w- c:\program files (x86)\GreenTree Applications 2013-09-21 12:49 . 2013-09-21 12:49 -------- d-----w- c:\programdata\ATI 2013-09-21 12:49 . 2013-09-21 12:49 -------- d-----w- c:\program files (x86)\AMD AVT 2013-09-21 12:41 . 2013-10-04 16:37 -------- d-----w- c:\programdata\Package Cache 2013-09-18 20:46 . 2013-09-18 20:46 564824 ----a-w- c:\windows\system32\drivers\sptd.sys 2013-09-18 20:45 . 2013-10-04 21:29 -------- d-----w- c:\users\Aloha\AppData\Roaming\DAEMON Tools Pro 2013-09-18 20:45 . 2013-09-18 20:50 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro 2013-09-18 20:45 . 2013-09-18 20:57 -------- d-----w- c:\programdata\DAEMON Tools Pro 2013-09-18 12:20 . 2013-09-18 12:20 -------- d-----w- c:\program files (x86)\HELP . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-10-09 20:20 . 2013-08-10 16:20 80541720 ----a-w- c:\windows\system32\MRT.exe 2013-10-08 19:53 . 2013-08-11 20:08 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-08 19:53 . 2013-08-11 20:08 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-09-05 20:58 . 2013-09-05 20:58 965008 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{130DBB1C-FE82-45C1-A38F-E99456B46141}\gapaengine.dll 2013-08-31 00:14 . 2013-08-31 00:14 78432 ----a-w- c:\windows\system32\atimpc64.dll 2013-08-31 00:14 . 2013-08-31 00:14 78432 ----a-w- c:\windows\system32\amdpcom64.dll 2013-08-31 00:14 . 2013-08-31 00:14 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll 2013-08-31 00:14 . 2013-08-31 00:14 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll 2013-08-31 00:14 . 2013-08-31 00:14 125824 ----a-w- c:\windows\SysWow64\atiuxpag.dll 2013-08-31 00:14 . 2013-03-29 02:37 142792 ----a-w- c:\windows\system32\atiuxp64.dll 2013-08-31 00:13 . 2013-03-29 02:37 97984 ----a-w- c:\windows\SysWow64\atiu9pag.dll 2013-08-31 00:13 . 2013-03-29 02:37 114488 ----a-w- c:\windows\system32\atiu9p64.dll 2013-08-31 00:13 . 2013-03-29 02:37 1233080 ----a-w- c:\windows\system32\aticfx64.dll 2013-08-31 00:13 . 2013-03-29 02:37 1027544 ----a-w- c:\windows\SysWow64\aticfx32.dll 2013-08-31 00:13 . 2013-03-29 02:36 9464840 ----a-w- c:\windows\system32\atidxx64.dll 2013-08-31 00:13 . 2013-08-31 00:13 8215992 ----a-w- c:\windows\SysWow64\atidxx32.dll 2013-08-31 00:13 . 2013-03-29 02:36 6176008 ----a-w- c:\windows\SysWow64\atiumdva.dll 2013-08-31 00:13 . 2013-03-29 02:36 6189416 ----a-w- c:\windows\SysWow64\atiumdag.dll 2013-08-31 00:13 . 2013-08-31 00:13 6767240 ----a-w- c:\windows\system32\atiumd6a.dll 2013-08-31 00:13 . 2013-08-31 00:13 7256496 ----a-w- c:\windows\system32\atiumd64.dll 2013-08-31 00:11 . 2013-08-31 00:11 12528640 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2013-08-30 23:48 . 2013-08-30 23:48 127488 ----a-w- c:\windows\system32\coinst_13.152.dll 2013-08-30 23:48 . 2013-08-30 23:48 229376 ----a-w- c:\windows\system32\clinfo.exe 2013-08-30 23:47 . 2013-08-30 23:47 98816 ----a-w- c:\windows\system32\OpenVideo64.dll 2013-08-30 23:47 . 2013-08-30 23:47 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll 2013-08-30 23:47 . 2013-08-30 23:47 86528 ----a-w- c:\windows\system32\OVDecode64.dll 2013-08-30 23:47 . 2013-08-30 23:47 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll 2013-08-30 23:47 . 2013-08-30 23:47 28192256 ----a-w- c:\windows\system32\amdocl64.dll 2013-08-30 23:45 . 2013-08-30 23:45 23760896 ----a-w- c:\windows\SysWow64\amdocl.dll 2013-08-30 23:43 . 2013-08-30 23:43 63488 ----a-w- c:\windows\system32\OpenCL.dll 2013-08-30 23:43 . 2013-08-30 23:43 57344 ----a-w- c:\windows\SysWow64\OpenCL.dll 2013-08-30 23:35 . 2013-08-30 23:35 25387520 ----a-w- c:\windows\system32\atio6axx.dll 2013-08-30 23:18 . 2013-08-30 23:18 368640 ----a-w- c:\windows\system32\atiapfxx.exe 2013-08-30 23:18 . 2013-08-30 23:18 62464 ----a-w- c:\windows\system32\aticalrt64.dll 2013-08-30 23:18 . 2013-08-30 23:18 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll 2013-08-30 23:18 . 2013-08-30 23:18 55808 ----a-w- c:\windows\system32\aticalcl64.dll 2013-08-30 23:18 . 2013-08-30 23:18 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll 2013-08-30 23:17 . 2013-08-30 23:17 15716352 ----a-w- c:\windows\system32\aticaldd64.dll 2013-08-30 23:14 . 2013-08-30 23:14 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll 2013-08-30 23:13 . 2013-08-30 23:13 21400064 ----a-w- c:\windows\SysWow64\atioglxx.dll 2013-08-30 22:59 . 2013-03-29 01:35 442368 ----a-w- c:\windows\system32\atidemgy.dll 2013-08-30 22:58 . 2013-08-30 22:58 26112 ----a-w- c:\windows\system32\atimuixx.dll 2013-08-30 22:58 . 2013-08-30 22:58 571904 ----a-w- c:\windows\system32\atieclxx.exe 2013-08-30 22:57 . 2013-08-30 22:57 239616 ----a-w- c:\windows\system32\atiesrxx.exe 2013-08-30 22:56 . 2013-08-30 22:56 190976 ----a-w- c:\windows\system32\atitmm64.dll 2013-08-30 22:33 . 2013-03-29 01:10 784384 ----a-w- c:\windows\system32\atiadlxx.dll 2013-08-30 22:33 . 2013-08-30 22:33 594944 ----a-w- c:\windows\SysWow64\atiadlxy.dll 2013-08-30 22:33 . 2013-08-30 22:33 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2013-08-30 22:32 . 2013-08-30 22:32 75264 ----a-w- c:\windows\system32\atig6pxx.dll 2013-08-30 22:32 . 2013-08-30 22:32 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll 2013-08-30 22:32 . 2013-08-30 22:32 69632 ----a-w- c:\windows\system32\atiglpxx.dll 2013-08-30 22:32 . 2013-08-30 22:32 100352 ----a-w- c:\windows\system32\atig6txx.dll 2013-08-30 22:32 . 2013-08-30 22:32 96768 ----a-w- c:\windows\SysWow64\atigktxx.dll 2013-08-30 22:32 . 2013-08-30 22:32 618496 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2013-08-30 17:58 . 2013-08-30 17:58 51200 ----a-w- c:\windows\system32\kdbsdk64.dll 2013-08-30 17:53 . 2013-08-30 17:53 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll 2013-08-29 01:48 . 2013-10-15 16:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-08-23 17:38 . 2013-08-23 17:38 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-08-14 14:29 . 2013-08-14 14:29 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-08-14 14:29 . 2013-08-10 21:15 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-08-14 14:29 . 2013-08-10 21:15 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-08-13 14:12 . 2013-08-13 14:12 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2013-08-13 14:12 . 2013-08-13 14:12 310688 ----a-w- c:\windows\system32\javaws.exe 2013-08-13 14:12 . 2013-08-13 14:12 188832 ----a-w- c:\windows\system32\javaw.exe 2013-08-13 14:12 . 2013-08-13 14:12 188320 ----a-w- c:\windows\system32\java.exe 2013-08-12 12:32 . 2013-08-10 13:26 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2013-08-11 18:25 . 2013-08-10 21:21 972712 ----a-w- c:\windows\system32\deployJava1.dll 2013-08-11 18:25 . 2013-08-10 21:21 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-08-11 13:58 . 2013-08-11 13:58 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-08-11 13:58 . 2013-08-11 13:58 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-08-11 13:58 . 2013-08-11 13:58 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-08-11 13:58 . 2013-08-11 13:58 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-08-11 13:58 . 2013-08-11 13:58 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-08-11 13:58 . 2013-08-11 13:58 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-08-11 13:58 . 2013-08-11 13:58 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-08-11 13:58 . 2013-08-11 13:58 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-08-11 13:58 . 2013-08-11 13:58 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-08-11 13:58 . 2013-08-11 13:58 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-08-11 13:58 . 2013-08-11 13:58 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-08-11 13:58 . 2013-08-11 13:58 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-08-11 13:58 . 2013-08-11 13:58 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-08-11 13:58 . 2013-08-11 13:58 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-08-11 13:58 . 2013-08-11 13:58 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-08-11 13:58 . 2013-08-11 13:58 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-08-11 13:58 . 2013-08-11 13:58 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-08-11 13:58 . 2013-08-11 13:58 216064 ----a-w- c:\windows\system32\msls31.dll 2013-08-11 13:58 . 2013-08-11 13:58 197120 ----a-w- c:\windows\system32\msrating.dll 2013-08-11 13:58 . 2013-08-11 13:58 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-08-11 13:58 . 2013-08-11 13:58 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-08-11 13:58 . 2013-08-11 13:58 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-08-11 13:58 . 2013-08-11 13:58 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-08-11 13:58 . 2013-08-11 13:58 81408 ----a-w- c:\windows\system32\icardie.dll 2013-08-11 13:58 . 2013-08-11 13:58 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-08-11 13:58 . 2013-08-11 13:58 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-08-11 13:58 . 2013-08-11 13:58 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-08-11 13:58 . 2013-08-11 13:58 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-08-11 13:58 . 2013-08-11 13:58 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-08-11 13:58 . 2013-08-11 13:58 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-08-11 13:58 . 2013-08-11 13:58 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-08-11 13:58 . 2013-08-11 13:58 441856 ----a-w- c:\windows\system32\html.iec . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-08-10 20:46 222832 ----a-w- c:\users\Aloha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-08-10 20:46 222832 ----a-w- c:\users\Aloha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-08-10 20:46 222832 ----a-w- c:\users\Aloha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-09-25 20133824] "DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 3108480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-03-15 2369536] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "DVBViewer Starter"="c:\program files (x86)\DVBViewer\Remotes\starter.exe" [2005-10-11 175104] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-08-30 766208] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R0 dgvncx;dgvncx;c:\windows\system32\drivers\uslhk.sys;c:\windows\SYSNATIVE\drivers\uslhk.sys [x] R0 lkkrjrni;lkkrjrni;c:\windows\system32\drivers\apgxuyk.sys;c:\windows\SYSNATIVE\drivers\apgxuyk.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athuwx.sys;c:\windows\SYSNATIVE\DRIVERS\athuwx.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x] S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x] S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 MTSBDA;TechniSat SkyStar HD2;c:\windows\system32\Drivers\MtsBda.sys;c:\windows\SYSNATIVE\Drivers\MtsBda.sys [x] S3 MtsHID;TechniSat Mantis BDA HID Driver;c:\windows\system32\drivers\MtsHID.sys;c:\windows\SYSNATIVE\drivers\MtsHID.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x] . . --- Other Services/Drivers In Memory --- . NewlyCreated - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-10-05 04:46 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-10-15 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-11 19:53] . 2013-10-15 c:\windows\Tasks\AmiUpdXp.job - c:\users\Aloha\AppData\Local\SwvUpdater\Updater.exe [2013-08-29 21:13] . 2013-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-10 09:41] . 2013-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-10 09:41] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-08-10 20:46 261744 ----a-w- c:\users\Aloha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-08-10 20:46 261744 ----a-w- c:\users\Aloha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-08-10 20:46 261744 ----a-w- c:\users\Aloha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-08-12 1356240] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-07-31 3091224] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.rs/ uDefault_Search_URL = hxxp://www.google.com/ie mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Aloha\AppData\Roaming\Mozilla\Firefox\Profiles\84hfvcsk.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.facebook.com/profile.php?id=100006864753189 FF - ExtSQL: 2013-10-15 14:22; xnotifier.lite@tobwithu.org; c:\users\Aloha\AppData\Roaming\Mozilla\Firefox\Profiles\84hfvcsk.default\extensions\xnotifier.lite@tobwithu.org.xpi . . ------- File Associations ------- . .txt=Text File . - - - - ORPHANS REMOVED - - - - . AddRemove-Fraps - c:\program files (x86)\uninstall.exe AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\Battlefield 4 Beta\pbsvc.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe c:\program files (x86)\DVBViewer\Remotes\ts_winlirc.exe . ************************************************************************** . Completion time: 2013-10-15 20:46:58 - machine was rebooted ComboFix-quarantined-files.txt 2013-10-15 18:46 . Pre-Run: 83,166,687,232 bytes free Post-Run: 82,647,166,976 bytes free . - - End Of File - - 9238AFE4B438BE2BB297B5D22E8CD86C A36C5E4F47E84449FF07ED3517B43A31

Profil

TwinHeadedEagle Poslao: 15 Okt 2013 21:08 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Folder:: C:\Users\Aloha\AppData\Local\N7rOonLyK` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

izida Poslao: 16 Okt 2013 00:57 Idi na vrh
offline izida Građanin Pridružio: 15 Feb 2011 Poruke: 112	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 13-10-15.02 - Aloha 10/16/2013 0:48.2.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.3020 [GMT 2:00] Running from: c:\users\Aloha\Desktop\ComboFix.exe Command switches used :: c:\users\Aloha\Desktop\CFScript.txt AV: Microsoft Security Essentials Disabled/Updated {641105E6-77ED-3F35-A304-765193BCB75F} SP: Microsoft Security Essentials Disabled/Updated {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Aloha\AppData\Local\N7rOonLyK c:\users\Aloha\AppData\Local\N7rOonLyK\27c7LEaWx.exe c:\users\Aloha\AppData\Local\Temp\_MEI27322\_ctypes.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\_elementtree.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\_hashlib.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\_multiprocessing.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\_socket.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\_ssl.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\msvcp100.dll c:\users\Aloha\AppData\Local\Temp\_MEI27322\msvcr100.dll c:\users\Aloha\AppData\Local\Temp\_MEI27322\pyexpat.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\pysqlite2._sqlite.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\python27.dll c:\users\Aloha\AppData\Local\Temp\_MEI27322\pythoncom27.dll c:\users\Aloha\AppData\Local\Temp\_MEI27322\PyWinTypes27.dll c:\users\Aloha\AppData\Local\Temp\_MEI27322\select.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\unicodedata.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\win32api.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\win32com.shell.shell.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\win32crypt.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\win32event.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\win32file.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\win32inet.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\win32pdh.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\win32process.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\win32profile.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\win32security.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\win32ts.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\windows._cacheinvalidation.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\wx._controls_.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\wx._core_.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\wx._gdi_.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\wx._html2.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\wx._misc_.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\wx._windows_.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\wx._wizard.pyd c:\users\Aloha\AppData\Local\Temp\_MEI27322\wxbase294u_net_vc90.dll c:\users\Aloha\AppData\Local\Temp\_MEI27322\wxbase294u_vc90.dll c:\users\Aloha\AppData\Local\Temp\_MEI27322\wxmsw294u_adv_vc90.dll c:\users\Aloha\AppData\Local\Temp\_MEI27322\wxmsw294u_core_vc90.dll c:\users\Aloha\AppData\Local\Temp\_MEI27322\wxmsw294u_html_vc90.dll c:\users\Aloha\AppData\Local\Temp\_MEI27322\wxmsw294u_webview_vc90.dll . . ((((((((((((((((((((((((( Files Created from 2013-09-15 to 2013-10-15 ))))))))))))))))))))))))))))))) . . 2013-10-15 22:52 . 2013-10-15 22:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-10-15 17:29 . 2013-10-15 17:29 61440 ----a-w- c:\windows\SysWow64\drivers\uslhk.sys 2013-10-15 17:23 . 2013-10-15 17:23 61440 ----a-w- c:\windows\SysWow64\drivers\apgxuyk.sys 2013-10-15 16:59 . 2013-10-15 16:59 -------- d-----w- C:\download 2013-10-15 12:20 . 2013-10-15 12:20 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2013-10-15 11:54 . 2013-10-15 11:54 -------- d-----w- c:\users\Aloha\.appwork 2013-10-15 08:33 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0EEFF409-7054-4804-8A77-7A02CA157CD3}\mpengine.dll 2013-10-15 08:07 . 2013-10-15 16:43 -------- d-----w- C:\FRST 2013-10-15 08:00 . 2013-10-15 08:00 -------- d-----w- c:\users\Aloha\AppData\Roaming\Malwarebytes 2013-10-15 08:00 . 2013-10-15 08:00 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-10-15 08:00 . 2013-10-15 08:00 -------- d-----w- c:\programdata\Malwarebytes 2013-10-15 08:00 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-10-14 07:50 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-10-09 20:23 . 2013-09-22 23:28 817664 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-10-09 20:23 . 2013-09-22 23:27 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll 2013-10-09 20:23 . 2013-09-22 22:55 1365504 ----a-w- c:\windows\system32\urlmon.dll 2013-10-09 20:23 . 2013-09-22 23:28 1767936 ----a-w- c:\windows\SysWow64\wininet.dll 2013-10-09 20:23 . 2013-09-22 22:55 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-10-09 20:23 . 2013-09-22 22:54 53248 ----a-w- c:\windows\system32\jsproxy.dll 2013-10-09 20:23 . 2013-09-22 22:55 2241024 ----a-w- c:\windows\system32\wininet.dll 2013-10-09 20:23 . 2013-09-22 22:54 15404544 ----a-w- c:\windows\system32\ieframe.dll 2013-10-09 20:23 . 2013-09-22 22:54 19252224 ----a-w- c:\windows\system32\mshtml.dll 2013-10-09 15:31 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys 2013-10-09 15:31 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys 2013-10-09 15:31 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2013-10-09 15:31 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys 2013-10-09 15:31 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys 2013-10-07 20:47 . 2013-10-07 20:47 -------- d-----w- c:\users\Default\AppData\Local\Google 2013-10-04 16:40 . 2013-10-04 16:40 -------- d-----w- c:\users\Aloha\AppData\Local\PunkBuster 2013-10-04 16:38 . 2013-10-04 16:38 -------- d-----w- c:\users\Aloha\AppData\Local\ESN 2013-10-04 16:38 . 2013-10-04 16:38 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller 2013-10-04 16:37 . 2013-10-15 09:10 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2013-10-04 16:37 . 2013-10-15 09:10 215416 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2013-10-04 16:37 . 2013-10-04 16:37 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2013-10-04 16:36 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll 2013-10-04 16:36 . 2008-10-15 04:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll 2013-10-04 16:36 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll 2013-10-04 16:36 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll 2013-10-04 16:36 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll 2013-10-02 16:28 . 2013-10-03 17:26 -------- d-----w- c:\users\Aloha\AppData\Local\Origin 2013-10-02 16:27 . 2013-10-15 17:56 -------- d-----w- c:\programdata\Electronic Arts 2013-10-02 16:27 . 2013-10-15 17:55 -------- d-----w- c:\program files (x86)\Origin 2013-09-25 16:46 . 2013-09-25 16:46 -------- d-----w- c:\program files\CPUID 2013-09-22 18:21 . 2013-09-22 18:21 -------- d-----w- c:\users\Aloha\AppData\Roaming\Ashampoo 2013-09-22 18:20 . 2013-09-22 18:20 -------- d-----w- c:\users\Aloha\AppData\Local\ashampoo 2013-09-22 18:20 . 2013-09-22 18:20 -------- d-----w- c:\programdata\Ashampoo 2013-09-22 18:20 . 2013-09-22 18:20 -------- d-----w- c:\program files (x86)\Ashampoo 2013-09-21 19:32 . 2013-09-21 19:32 -------- d-----w- c:\programdata\YTD Video Downloader 2013-09-21 19:32 . 2013-09-21 19:32 -------- d-----w- c:\program files (x86)\GreenTree Applications 2013-09-21 12:49 . 2013-09-21 12:49 -------- d-----w- c:\programdata\ATI 2013-09-21 12:49 . 2013-09-21 12:49 -------- d-----w- c:\program files (x86)\AMD AVT 2013-09-21 12:41 . 2013-10-04 16:37 -------- d-----w- c:\programdata\Package Cache 2013-09-18 20:46 . 2013-09-18 20:46 564824 ----a-w- c:\windows\system32\drivers\sptd.sys 2013-09-18 20:45 . 2013-10-04 21:29 -------- d-----w- c:\users\Aloha\AppData\Roaming\DAEMON Tools Pro 2013-09-18 20:45 . 2013-09-18 20:50 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro 2013-09-18 20:45 . 2013-09-18 20:57 -------- d-----w- c:\programdata\DAEMON Tools Pro 2013-09-18 12:20 . 2013-09-18 12:20 -------- d-----w- c:\program files (x86)\HELP . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-10-09 20:20 . 2013-08-10 16:20 80541720 ----a-w- c:\windows\system32\MRT.exe 2013-10-08 19:53 . 2013-08-11 20:08 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-08 19:53 . 2013-08-11 20:08 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-09-05 20:58 . 2013-09-05 20:58 965008 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{130DBB1C-FE82-45C1-A38F-E99456B46141}\gapaengine.dll 2013-08-31 00:14 . 2013-08-31 00:14 78432 ----a-w- c:\windows\system32\atimpc64.dll 2013-08-31 00:14 . 2013-08-31 00:14 78432 ----a-w- c:\windows\system32\amdpcom64.dll 2013-08-31 00:14 . 2013-08-31 00:14 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll 2013-08-31 00:14 . 2013-08-31 00:14 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll 2013-08-31 00:14 . 2013-08-31 00:14 125824 ----a-w- c:\windows\SysWow64\atiuxpag.dll 2013-08-31 00:14 . 2013-03-29 02:37 142792 ----a-w- c:\windows\system32\atiuxp64.dll 2013-08-31 00:13 . 2013-03-29 02:37 97984 ----a-w- c:\windows\SysWow64\atiu9pag.dll 2013-08-31 00:13 . 2013-03-29 02:37 114488 ----a-w- c:\windows\system32\atiu9p64.dll 2013-08-31 00:13 . 2013-03-29 02:37 1233080 ----a-w- c:\windows\system32\aticfx64.dll 2013-08-31 00:13 . 2013-03-29 02:37 1027544 ----a-w- c:\windows\SysWow64\aticfx32.dll 2013-08-31 00:13 . 2013-03-29 02:36 9464840 ----a-w- c:\windows\system32\atidxx64.dll 2013-08-31 00:13 . 2013-08-31 00:13 8215992 ----a-w- c:\windows\SysWow64\atidxx32.dll 2013-08-31 00:13 . 2013-03-29 02:36 6176008 ----a-w- c:\windows\SysWow64\atiumdva.dll 2013-08-31 00:13 . 2013-03-29 02:36 6189416 ----a-w- c:\windows\SysWow64\atiumdag.dll 2013-08-31 00:13 . 2013-08-31 00:13 6767240 ----a-w- c:\windows\system32\atiumd6a.dll 2013-08-31 00:13 . 2013-08-31 00:13 7256496 ----a-w- c:\windows\system32\atiumd64.dll 2013-08-31 00:11 . 2013-08-31 00:11 12528640 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2013-08-30 23:48 . 2013-08-30 23:48 127488 ----a-w- c:\windows\system32\coinst_13.152.dll 2013-08-30 23:48 . 2013-08-30 23:48 229376 ----a-w- c:\windows\system32\clinfo.exe 2013-08-30 23:47 . 2013-08-30 23:47 98816 ----a-w- c:\windows\system32\OpenVideo64.dll 2013-08-30 23:47 . 2013-08-30 23:47 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll 2013-08-30 23:47 . 2013-08-30 23:47 86528 ----a-w- c:\windows\system32\OVDecode64.dll 2013-08-30 23:47 . 2013-08-30 23:47 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll 2013-08-30 23:47 . 2013-08-30 23:47 28192256 ----a-w- c:\windows\system32\amdocl64.dll 2013-08-30 23:45 . 2013-08-30 23:45 23760896 ----a-w- c:\windows\SysWow64\amdocl.dll 2013-08-30 23:43 . 2013-08-30 23:43 63488 ----a-w- c:\windows\system32\OpenCL.dll 2013-08-30 23:43 . 2013-08-30 23:43 57344 ----a-w- c:\windows\SysWow64\OpenCL.dll 2013-08-30 23:35 . 2013-08-30 23:35 25387520 ----a-w- c:\windows\system32\atio6axx.dll 2013-08-30 23:18 . 2013-08-30 23:18 368640 ----a-w- c:\windows\system32\atiapfxx.exe 2013-08-30 23:18 . 2013-08-30 23:18 62464 ----a-w- c:\windows\system32\aticalrt64.dll 2013-08-30 23:18 . 2013-08-30 23:18 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll 2013-08-30 23:18 . 2013-08-30 23:18 55808 ----a-w- c:\windows\system32\aticalcl64.dll 2013-08-30 23:18 . 2013-08-30 23:18 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll 2013-08-30 23:17 . 2013-08-30 23:17 15716352 ----a-w- c:\windows\system32\aticaldd64.dll 2013-08-30 23:14 . 2013-08-30 23:14 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll 2013-08-30 23:13 . 2013-08-30 23:13 21400064 ----a-w- c:\windows\SysWow64\atioglxx.dll 2013-08-30 22:59 . 2013-03-29 01:35 442368 ----a-w- c:\windows\system32\atidemgy.dll 2013-08-30 22:58 . 2013-08-30 22:58 26112 ----a-w- c:\windows\system32\atimuixx.dll 2013-08-30 22:58 . 2013-08-30 22:58 571904 ----a-w- c:\windows\system32\atieclxx.exe 2013-08-30 22:57 . 2013-08-30 22:57 239616 ----a-w- c:\windows\system32\atiesrxx.exe 2013-08-30 22:56 . 2013-08-30 22:56 190976 ----a-w- c:\windows\system32\atitmm64.dll 2013-08-30 22:33 . 2013-03-29 01:10 784384 ----a-w- c:\windows\system32\atiadlxx.dll 2013-08-30 22:33 . 2013-08-30 22:33 594944 ----a-w- c:\windows\SysWow64\atiadlxy.dll 2013-08-30 22:33 . 2013-08-30 22:33 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2013-08-30 22:32 . 2013-08-30 22:32 75264 ----a-w- c:\windows\system32\atig6pxx.dll 2013-08-30 22:32 . 2013-08-30 22:32 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll 2013-08-30 22:32 . 2013-08-30 22:32 69632 ----a-w- c:\windows\system32\atiglpxx.dll 2013-08-30 22:32 . 2013-08-30 22:32 100352 ----a-w- c:\windows\system32\atig6txx.dll 2013-08-30 22:32 . 2013-08-30 22:32 96768 ----a-w- c:\windows\SysWow64\atigktxx.dll 2013-08-30 22:32 . 2013-08-30 22:32 618496 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2013-08-30 17:58 . 2013-08-30 17:58 51200 ----a-w- c:\windows\system32\kdbsdk64.dll 2013-08-30 17:53 . 2013-08-30 17:53 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll 2013-08-29 01:48 . 2013-10-15 16:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-08-23 17:38 . 2013-08-23 17:38 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-08-14 14:29 . 2013-08-14 14:29 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-08-14 14:29 . 2013-08-10 21:15 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-08-14 14:29 . 2013-08-10 21:15 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-08-13 14:12 . 2013-08-13 14:12 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2013-08-13 14:12 . 2013-08-13 14:12 310688 ----a-w- c:\windows\system32\javaws.exe 2013-08-13 14:12 . 2013-08-13 14:12 188832 ----a-w- c:\windows\system32\javaw.exe 2013-08-13 14:12 . 2013-08-13 14:12 188320 ----a-w- c:\windows\system32\java.exe 2013-08-12 12:32 . 2013-08-10 13:26 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2013-08-11 18:25 . 2013-08-10 21:21 972712 ----a-w- c:\windows\system32\deployJava1.dll 2013-08-11 18:25 . 2013-08-10 21:21 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-08-11 13:58 . 2013-08-11 13:58 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-08-11 13:58 . 2013-08-11 13:58 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-08-11 13:58 . 2013-08-11 13:58 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-08-11 13:58 . 2013-08-11 13:58 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-08-11 13:58 . 2013-08-11 13:58 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-08-11 13:58 . 2013-08-11 13:58 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-08-11 13:58 . 2013-08-11 13:58 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-08-11 13:58 . 2013-08-11 13:58 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-08-11 13:58 . 2013-08-11 13:58 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-08-11 13:58 . 2013-08-11 13:58 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-08-11 13:58 . 2013-08-11 13:58 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-08-11 13:58 . 2013-08-11 13:58 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-08-11 13:58 . 2013-08-11 13:58 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-08-11 13:58 . 2013-08-11 13:58 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-08-11 13:58 . 2013-08-11 13:58 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-08-11 13:58 . 2013-08-11 13:58 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-08-11 13:58 . 2013-08-11 13:58 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-08-11 13:58 . 2013-08-11 13:58 216064 ----a-w- c:\windows\system32\msls31.dll 2013-08-11 13:58 . 2013-08-11 13:58 197120 ----a-w- c:\windows\system32\msrating.dll 2013-08-11 13:58 . 2013-08-11 13:58 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-08-11 13:58 . 2013-08-11 13:58 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-08-11 13:58 . 2013-08-11 13:58 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-08-11 13:58 . 2013-08-11 13:58 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-08-11 13:58 . 2013-08-11 13:58 81408 ----a-w- c:\windows\system32\icardie.dll 2013-08-11 13:58 . 2013-08-11 13:58 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-08-11 13:58 . 2013-08-11 13:58 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-08-11 13:58 . 2013-08-11 13:58 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-08-11 13:58 . 2013-08-11 13:58 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-08-11 13:58 . 2013-08-11 13:58 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-08-11 13:58 . 2013-08-11 13:58 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-08-11 13:58 . 2013-08-11 13:58 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-08-11 13:58 . 2013-08-11 13:58 441856 ----a-w- c:\windows\system32\html.iec . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-08-10 20:46 222832 ----a-w- c:\users\Aloha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-08-10 20:46 222832 ----a-w- c:\users\Aloha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-08-10 20:46 222832 ----a-w- c:\users\Aloha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-09-25 20133824] "DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 3108480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-03-15 2369536] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "DVBViewer Starter"="c:\program files (x86)\DVBViewer\Remotes\starter.exe" [2005-10-11 175104] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-08-30 766208] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R0 dgvncx;dgvncx;c:\windows\system32\drivers\uslhk.sys;c:\windows\SYSNATIVE\drivers\uslhk.sys [x] R0 lkkrjrni;lkkrjrni;c:\windows\system32\drivers\apgxuyk.sys;c:\windows\SYSNATIVE\drivers\apgxuyk.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athuwx.sys;c:\windows\SYSNATIVE\DRIVERS\athuwx.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x] S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x] S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 MTSBDA;TechniSat SkyStar HD2;c:\windows\system32\Drivers\MtsBda.sys;c:\windows\SYSNATIVE\Drivers\MtsBda.sys [x] S3 MtsHID;TechniSat Mantis BDA HID Driver;c:\windows\system32\drivers\MtsHID.sys;c:\windows\SYSNATIVE\drivers\MtsHID.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-10-05 04:46 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-10-15 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-11 19:53] . 2013-10-15 c:\windows\Tasks\AmiUpdXp.job - c:\users\Aloha\AppData\Local\SwvUpdater\Updater.exe [2013-08-29 21:13] . 2013-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-10 09:41] . 2013-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-10 09:41] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-08-10 20:46 261744 ----a-w- c:\users\Aloha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-08-10 20:46 261744 ----a-w- c:\users\Aloha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-08-10 20:46 261744 ----a-w- c:\users\Aloha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-08-12 1356240] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-07-31 3091224] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.rs/ uDefault_Search_URL = hxxp://www.google.com/ie mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Aloha\AppData\Roaming\Mozilla\Firefox\Profiles\84hfvcsk.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.facebook.com/profile.php?id=100006864753189 FF - ExtSQL: 2013-10-15 14:22; xnotifier.lite@tobwithu.org; c:\users\Aloha\AppData\Roaming\Mozilla\Firefox\Profiles\84hfvcsk.default\extensions\xnotifier.lite@tobwithu.org.xpi . - - - - ORPHANS REMOVED - - - - . AddRemove-Fraps - c:\program files (x86)\uninstall.exe AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\Battlefield 4 Beta\pbsvc.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe . ************************************************************************** . Completion time: 2013-10-16 00:56:27 - machine was rebooted ComboFix-quarantined-files.txt 2013-10-15 22:56 ComboFix2.txt 2013-10-15 18:46 . Pre-Run: 82,850,160,640 bytes free Post-Run: 82,749,661,184 bytes free . - - End Of File - - 2D38B4B5B1B411DD189E2E0BDDD5C242 A36C5E4F47E84449FF07ED3517B43A31

Profil

TwinHeadedEagle Poslao: 16 Okt 2013 08:30 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odlicno, to bi bilo to, malware je u potpunosti uklonjen Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti i 7 koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sljedeće: ComboFix /Uninstall Primjeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop Dvoklikom pokreni program. Štikliraj sledeće opcije: Remove disinfection tools Purge System Restore Reset system settings Klikni na dugme "Run" i pričekaj da program završi rad. Alat ce ukloniti sve koriscene alate u ovoj temi... Kada alat završi, otvoriće izvestaj u notepadu. Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt Nije potrebno dostavljati izvestaj. Obrisi Javu i Adobe Reader iz Control Panel-a, jer koristis zastarele verzije, a najnovije skini sa sledecih linkova: Java --> http://www.java.com/en/ Adobe Reader --> http://get.adobe.com/reader/ Preporučujem da za zaštitu USB memorijskih uredjaja koristiš MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad, a pokazao se kao jedan od najboljih vidova zaštite od malware-a koji se prenosi putem USB mem. uređaja. Skineš, instaliraš, ubodeš USB mem. uređaj, izvrši se skeniranje nakon čega dobiješ obaveštenje da je uređaj čist (ukoliko je stvarno tako); ili dobiješ log u kome vidiš informacije o malware-u koji je nađen i obrisan. Home Page MCShield-a ::Anti-Malware Tool:: v2: http://amf.mycity.rs/mcshield/ Više o MCShield-u možeš saznati u ovim temama: v1: http://www.mycity.rs/MyCity-Laboratorija/MCShield.html v2: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj. Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html TwinHeadedEagle (AMF Tim)

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Blokiran desktop,pomoc.

Ko je trenutno na forumu

Ukupno su 1071 korisnika na forumu :: 26 registrovanih, 6 sakrivenih i 1039 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., babaroga, Bickoooo, dankisha, Dogma21, draganl, Dukelander, Frunze, Goran 0000, Jeremiah, Kotarle, Krusarac, kybonacci, Lieutenant, Mcdado, mercedesamg, Mercury, MiroslavD, mkukoleca, nebkv, Panter, pein, raketaš, sabros, stegonosa, Vatreni Zmaj

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by