MyCity » Ambulanta -> Arhiva Ambulante » Problem prouzrokovan (zabranjeno)-om

Problem prouzrokovan (zabranjeno)-om

Napisano na dan: 17.9.2015

Strana:
1
2

Problem prouzrokovan (zabranjeno)-om

Sledeća strana

Pagination

Odgovori

Strana:
1
2

ajzaklija Poslao: 17 Sep 2015 18:03 Idi na vrh
offline ajzaklija Građanin Pridružio: 14 Dec 2009 Poruke: 154	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 17 Sep 2015 18:01 Posle instaliranja i brisanja igrice "metal gear solid" poceo je posle svakog butovanja wina da mi se pali "hrom" i da ide na stranicu gangnamgames.com Probao sam odmah sa Malwarebytes Anti-Malware i on mi je pobrisao neke silne stvari. Posle ponovnog butovanja nije se vise palio "hrom" i isao na spomenutu adresu, ali mi je zato skroz "posandrcao" kompjuter. Ne mogu vise da upalim NIJEDAN PROGRAM (hrom, Anti-Malware, cc cleaner, anti virus itd...) stoga ne mogu ni da prilozim nista od softvera koji su mi potrebni da pokrenem ovde temu jer ne mogu da ih startujem kad ih instaliram Ovo sve pisem iz safe mode-a gde jedino mogu normalno da koristim internet, ali ne i da pokrenem neku aplikaciju. Molim za pomoc i hvala unapred! Dopuna: 17 Sep 2015 18:03 P.S. jedino sam uspeo da otvorim AdwCleaner i dostavljam vam njegov izvestaj mycity.rs/must-login.png

Profil

magna86 Poslao: 17 Sep 2015 18:40 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Otvori GeekToGo alternativni download link, idi na Download, zatim klik na odgovarajucu verziju; U sledecem prozoru koji se otvori, dole pod File Name: promeni naziv umesto FRST.exe/FRST64.exe stavi npr. genije.exe/genije64.exe. Pokreni FRST i odradi skeniranje. Mozes iz Safe Mode with Netword ili iz Normal Moda. Isto tako, ne mozes postaviti i Malwarebytes logove da vidimo sta je ciljano?

Profil

ajzaklija Poslao: 17 Sep 2015 19:10 Idi na vrh
offline ajzaklija Građanin Pridružio: 14 Dec 2009 Poruke: 154	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 17 Sep 2015 18:54 Uspeo sam sa "genijem" mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015 Ran by Milos (administrator) on MILOS-PC_I3 (17-09-2015 18:52:46) Running from C:\Users\Milos\Desktop Loaded Profiles: Milos (Available Profiles: Milos) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 10 (Default browser: Chrome) Boot Mode: Safe Mode (with Networking) Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\Milos\Desktop\genije64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2770432 2010-02-10] (VIA) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] () HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => D:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\...\Run: [MCShield Monitor] => D:\Program Files\MCShield\MCShieldRTM.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\...\Run: [] => [X] HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\...\Run: [BingSvc] => C:\Users\Milos\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation) HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCl.exe [8358680 2015-06-01] (Piriform Ltd) IFEO\adwcleaner_5.005.exe: [Debugger] svchost.exe IFEO\AnVir.exe: [Debugger] svchost.exe IFEO\AutoLogger.exe: [Debugger] svchost.exe IFEO\avz.exe: [Debugger] svchost.exe IFEO\CCleaner.exe: [Debugger] svchost.exe IFEO\CCleaner64.exe: [Debugger] svchost.exe IFEO\FRST.exe: [Debugger] svchost.exe IFEO\FRST64.exe: [Debugger] svchost.exe IFEO\HiJackThis.exe: [Debugger] svchost.exe IFEO\mbam.exe: [Debugger] svchost.exe IFEO\regedit.exe: [Debugger] svchost.exe IFEO\RegWorks.exe: [Debugger] svchost.exe IFEO\RSIT.exe: [Debugger] svchost.exe IFEO\RSITx64.exe: [Debugger] svchost.exe ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 95.180.0.18 95.180.1.2 Tcpip\..\Interfaces\{2D7825BC-6149-4217-8E78-F1BDE93A8263}: [DhcpNameServer] 95.180.0.18 95.180.1.2 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-26] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-26] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-26] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-26] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: WSWSVCUchrome - No CLSID Value FireFox: ======== FF ProfilePath: C:\Users\Milos\AppData\Roaming\Mozilla\Firefox\Profiles\mjyvr9so.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-13] () FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-26] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-26] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-13] () FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-26] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-26] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.) FF Plugin-x32: Adobe Acrobat -> D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1028166717-2969663755-3555985625-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-06-05] () FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-09-29] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: No Name - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [not found] Chrome: ======= CHR HomePage: Default -> about:blank CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=dss_yset_chr__PARAM__ CHR DefaultSearchKeyword: Default -> Yahoo CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll => No File CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\pdf.dll => No File CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => No File CHR Plugin: (Java Deployment Toolkit 8.0.310.13) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll => No File CHR Plugin: (Java(TM) Platform SE 8 U31) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll => No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll => No File CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll => No File CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll () CHR Plugin: (Microsoft Office 2010) - D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File CHR Profile: C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Yahoo Web) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjpdakpjonkfmggcmanlhdakfkhloii [2015-04-05] CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2013-03-18] CHR Extension: (Angry Birds) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-10-31] CHR Extension: (SoundCloud Downloader) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjckonbgbnaihkahaolpfjpllplfifjo [2015-01-26] CHR Extension: (IMDB Ratings Viewer) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\daaoegihbflfijkdhalidlmochdbobgb [2014-09-29] CHR Extension: (Photo Zoom for Facebook) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2011-04-16] CHR Extension: (Type Scout - Better Typing! ) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj [2012-12-17] CHR Extension: (Go to IMDb) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fipkcplmpmhcmfgkgahliaabodplkjio [2011-06-18] CHR Extension: (AdBlock) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-17] CHR Extension: (Yahoo! Mail Checker) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgocemgcnfciljelchmfknmaojcbgea [2015-04-06] CHR Extension: (Downloads) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2011-06-18] CHR Extension: (crxMouse Chrome Gestures) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2014-03-06] CHR Extension: (Until AM Web App) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2012-12-17] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04] CHR Extension: (Webcam Toy) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2012-12-17] CHR Extension: (AudioSauna) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2012-12-17] CHR Extension: (Star Gazer) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme [2011-10-31] CHR Extension: (Google Mail Checker) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2011-06-18] CHR Extension: (Chrome Web Store Payments) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06] CHR Extension: (GIFPAL) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch [2012-12-17] CHR Extension: ((zabranjeno)-BB Search) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfeeplagpidgdgceaicggccompdgcon [2011-06-19] CHR Extension: (Psykopaint) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2012-12-17] CHR Extension: (Gmail) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-15] CHR Extension: (Cube Slam) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcoeeddamedegogbcmdbadnoifmfipn [2015-04-08] CHR Extension: (Canvas Rider) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2011-12-01] CHR HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Milos\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found> CHR HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23] CHR HKLM-x32\...\Chrome\Extension: [egnimkioipookhfihpljiedpgjffibpa] - <no Path/update_url> ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-08-03] (Advanced Micro Devices) [File not signed] S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2013-06-23] (Autodesk) S3 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed] S3 Crypkey License; C:\Windows\SysWOW64\crypserv.exe [69632 2006-03-01] (CrypKey (Canada) Ltd.) [File not signed] S2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2011-05-12] () [File not signed] S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S3 Microsoft SharePoint Workspace Audit Service; D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [31125880 2011-06-12] (Microsoft Corporation) S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2007-11-28] (Sony Corporation) [File not signed] S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed] S3 Origin Client Service; D:\Program Files\Origin\OriginClientService.exe [2057736 2015-09-09] (Electronic Arts) S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2007-11-28] (Sony Corporation) [File not signed] S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed] S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-01-12] () S3 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation) S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2007-11-28] (Sony Corporation) [File not signed] S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation) S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH) S4 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed] S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [File not signed] S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [256912 2015-05-27] (Wondershare) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [297672 2015-08-04] (Advanced Micro Devices) S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-05-28] () S3 CX88VID; C:\Windows\System32\drivers\cxavsvid.sys [469888 2006-07-21] (Leadtek Research Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-18] (Disc Soft Ltd) S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-01-30] (ESET) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-01-30] (ESET) S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-01-30] (ESET) S1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-03-17] (EldoS Corporation) S2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2015-01-30] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2015-01-30] (ESET) S0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-01-30] (ESET) S3 esgiguard; no ImagePath S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-05-28] () S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () S1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] () S1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-08-12] (EldoS Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-18] (Duplex Secure Ltd.) S3 TBPanel; no ImagePath S3 ULCDRHlp; C:\Windows\SysWOW64\Drivers\ULCDRHlp.sys [27392 2004-12-23] (Ulead Systems, Inc.) [File not signed] S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [8944 1999-05-05] (Microsoft Corporation) [File not signed] U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) S3 WinRing0_1_2_0; no ImagePath S3 andnetadb; System32\Drivers\lgandnetadb.sys [X] S3 AndnetBus; system32\DRIVERS\lgandnetbus64.sys [X] S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X] S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X] U3 DfSdkS; no ImagePath S4 NVHDA; system32\drivers\nvhda64v.sys [X] S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] S3 SANDRA; \??\D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3\WNt500x64\Sandra.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-17 18:52 - 2015-09-17 18:53 - 00024963 _____ C:\Users\Milos\Desktop\FRST.txt 2015-09-17 18:52 - 2015-09-17 18:52 - 00000000 ____D C:\FRST 2015-09-17 18:50 - 2015-09-17 18:50 - 00000488 _____ C:\Windows\WindowsUpdate.log 2015-09-17 18:12 - 2015-09-17 18:12 - 00000574 _____ C:\Windows\Tasks\Tweaking.com - Windows Repair Tray Icon.job 2015-09-17 18:09 - 2015-09-17 18:09 - 00541750 _____ C:\Users\Milos\Documents\cc_20150917_180914.reg 2015-09-17 17:52 - 2015-09-17 17:52 - 00002049 _____ C:\Users\Milos\Desktop\AdwCleaner[C2].txt 2015-09-17 17:47 - 2015-09-17 17:47 - 02191360 _____ (Farbar) C:\Users\Milos\Desktop\genije64.exe 2015-09-17 17:38 - 2015-09-17 17:52 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job 2015-09-17 17:34 - 2015-09-17 17:34 - 00001106 _____ C:\Users\Public\Desktop\donpicko.lnk 2015-09-17 17:34 - 2015-09-17 17:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-09-17 17:34 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-09-17 17:34 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-09-17 17:31 - 2015-09-17 17:31 - 00000979 _____ C:\Users\Public\Desktop\CCL.lnk 2015-09-17 17:26 - 2015-09-17 18:08 - 00000000 ____D C:\Program Files\CCleaner 2015-09-17 17:19 - 2015-09-17 17:20 - 00000000 ____D C:\Windows\Tasks\360Disabled 2015-09-17 15:11 - 2015-09-17 15:11 - 00000000 ____D C:\Users\Milos\Desktop\Pro Evolution Soccer 2016 2015-09-17 15:06 - 2015-09-17 17:52 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS 2015-09-11 11:40 - 2015-09-14 17:32 - 00000000 ____D C:\Users\Milos\Documents\WB Games 2015-09-09 12:49 - 2015-09-09 12:49 - 00000000 ____D C:\Users\Milos\AppData\Local\CEF 2015-09-09 12:36 - 2015-09-08 22:40 - 00000000 ____D C:\Update 2015-09-09 11:49 - 2015-09-17 12:29 - 00000000 ____D C:\Users\Milos\Documents\FIFA 16 Demo 2015-09-07 12:50 - 2015-09-17 17:50 - 00000000 ____D C:\AdwCleaner 2015-09-01 19:31 - 2015-09-02 09:24 - 00000000 ____D C:\Program Files (x86)\PlaysTV 2015-09-01 17:10 - 2015-09-01 17:10 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-09-01 17:10 - 2015-09-01 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-08-31 10:15 - 2015-08-31 10:15 - 00000000 ____D C:\Users\Milos\AppData\Roaming\AMD 2015-08-26 22:45 - 2015-08-26 22:45 - 00000000 _____ C:\Windows\SysWOW64\REN89BE.tmp 2015-08-26 22:43 - 2015-08-26 22:44 - 00000000 ____D C:\Users\Milos\.oracle_jre_usage 2015-08-26 22:43 - 2015-08-26 22:43 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Sun 2015-08-18 21:50 - 2015-08-18 21:50 - 00000000 ____D C:\Program Files (x86)\LG Electronics 2015-08-18 21:44 - 2015-08-18 21:44 - 00000000 ____D C:\Users\Milos\Documents\LG OSP 2015-08-18 21:44 - 2015-08-18 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG On-Screen Phone ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-17 18:09 - 2013-09-18 19:35 - 00000000 ____D C:\Users\Milos\AppData\Roaming\DAEMON Tools Pro 2015-09-17 18:09 - 2012-11-16 14:31 - 00000000 ____D C:\Users\Milos\AppData\Roaming\uTorrent 2015-09-17 18:09 - 2011-06-20 15:48 - 00000000 ____D C:\Users\Milos\AppData\Roaming\DAEMON Tools Lite 2015-09-17 18:09 - 2011-04-17 17:50 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Skype 2015-09-17 18:09 - 2011-04-17 17:42 - 00000000 ____D C:\Users\Milos\Tracing 2015-09-17 18:05 - 2009-07-14 07:13 - 00772352 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-17 17:53 - 2015-08-17 13:11 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2015-09-17 17:52 - 2012-03-15 13:45 - 00000000 ____D C:\ProgramData\MCShield 2015-09-17 17:52 - 2009-07-14 06:45 - 00025536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-09-17 17:52 - 2009-07-14 06:45 - 00025536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-09-17 17:51 - 2015-05-19 20:52 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d09264f9c1129b.job 2015-09-17 17:51 - 2015-03-20 19:27 - 00000346 _____ C:\Windows\Tasks\DriverToolkit Autorun.job 2015-09-17 17:51 - 2015-02-04 12:45 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04067be148f03.job 2015-09-17 17:51 - 2014-10-08 16:23 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-17 17:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-17 17:33 - 2011-04-18 19:52 - 00000000 ____D C:\ProgramData\TEMP 2015-09-17 17:20 - 2015-07-12 19:23 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate 2015-09-17 17:20 - 2014-05-22 13:05 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Notepad++ 2015-09-17 17:20 - 2011-10-31 22:52 - 00000000 ____D C:\Users\Milos\AppData\Roaming\TeamViewer 2015-09-17 17:20 - 2011-05-12 18:44 - 00000000 ____D C:\Users\Milos\AppData\Roaming\vlc 2015-09-17 17:11 - 2013-11-20 16:02 - 07914496 ___SH C:\Users\Milos\Desktop\Thumbs.db 2015-09-17 16:57 - 2015-02-04 12:45 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04067bec5b92b.job 2015-09-17 16:56 - 2015-05-19 20:52 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d09264fa8b6792.job 2015-09-17 16:50 - 2014-10-08 16:23 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-17 16:29 - 2012-04-02 12:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-09-17 16:25 - 2012-02-17 17:07 - 00000000 ____D C:\ProgramData\Origin 2015-09-17 15:27 - 2015-03-24 18:10 - 00163296 _____ C:\Users\Milos\AppData\Local\GDIPFONTCACHEV1.DAT 2015-09-17 15:27 - 2014-11-13 02:26 - 00000000 ____D C:\Users\Milos\Documents\KONAMI 2015-09-17 15:25 - 2011-06-20 19:36 - 00000000 ____D C:\ProgramData\KONAMI 2015-09-17 15:04 - 2009-07-14 09:46 - 00000000 ____D C:\Windows\CSC 2015-09-17 15:04 - 2009-07-14 06:45 - 05122216 _____ C:\Windows\system32\FNTCACHE.DAT 2015-09-17 13:47 - 2009-07-14 04:34 - 00000514 _____ C:\Windows\win.ini 2015-09-17 12:59 - 2011-09-15 12:03 - 00772352 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-09-17 12:50 - 2015-08-17 13:07 - 00000000 ____D C:\Program Files (x86)\Raptr 2015-09-17 12:30 - 2013-12-30 19:23 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher 2015-09-17 12:30 - 2011-04-15 19:18 - 00000000 ____D C:\Users\Milos 2015-09-17 12:29 - 2015-07-12 19:23 - 00000000 ____D C:\Users\Milos\Documents\Wondershare MediaServer 2015-09-17 12:29 - 2015-06-30 20:24 - 00000000 ____D C:\Users\Milos\Documents\FLiNGTrainer 2015-09-17 12:29 - 2015-04-16 15:50 - 00000000 ____D C:\Users\Milos\AppData\Roaming\MK10 2015-09-17 12:29 - 2015-04-04 13:31 - 00000000 ____D C:\Users\Milos\AppData\Local\CAPCOM 2015-09-17 12:29 - 2015-03-30 17:17 - 00000000 ____D C:\Users\Milos\AppData\Roaming\phpDesigner 2015-09-17 12:29 - 2014-12-23 16:47 - 00000000 ____D C:\Users\Milos\AppData\Local\Eclipse 2015-09-17 12:29 - 2014-11-06 19:20 - 00000000 ____D C:\Users\Milos\AppData\Local\Futuremark 2015-09-17 12:29 - 2014-11-06 19:10 - 00000000 ____D C:\Users\Milos\AppData\Local\Futuremark_Corporation 2015-09-17 12:29 - 2014-10-09 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-09-17 12:29 - 2014-10-08 16:27 - 00000000 ___RD C:\Users\Milos\Google Drive 2015-09-17 12:29 - 2014-07-10 13:41 - 00000000 ____D C:\Users\Milos\AppData\Roaming\FairStars CD Ripper 2015-09-17 12:29 - 2014-05-12 21:24 - 00000000 ____D C:\Users\Milos\.android 2015-09-17 12:29 - 2014-05-12 19:23 - 00000000 ____D C:\Users\Milos\AppData\Roaming\LG Electronics 2015-09-17 12:29 - 2014-03-05 16:37 - 00000000 ____D C:\Users\Milos\AppData\Roaming\EasyDuplicateFinder 2015-09-17 12:29 - 2014-03-03 19:16 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-09-17 12:29 - 2013-10-21 16:56 - 00000000 ____D C:\Users\Milos\Documents\Brace Kovac 2015-09-17 12:29 - 2013-08-16 17:12 - 00000000 ____D C:\Users\Milos\AppData\Roaming\2K Sports 2015-09-17 12:29 - 2013-07-04 22:22 - 00000000 ____D C:\Users\Milos\AppData\Roaming\MKKE 2015-09-17 12:29 - 2013-06-05 19:40 - 00000000 ____D C:\Users\Milos\AppData\Roaming\XnSketch 2015-09-17 12:29 - 2013-03-18 20:30 - 00000000 ____D C:\Windows\AutoKMS 2015-09-17 12:29 - 2013-02-05 23:18 - 00000000 ____D C:\Users\Milos\AppData\Roaming\ActiveX 2015-09-17 12:29 - 2012-11-24 14:38 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Digital_Paper_Products,_I 2015-09-17 12:29 - 2012-11-24 14:37 - 00000000 ____D C:\Users\Milos\AppData\Local\Digital_Paper_Products,_I 2015-09-17 12:29 - 2012-11-20 16:20 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-09-17 12:29 - 2012-10-30 18:35 - 00000000 ____D C:\Users\Milos\AppData\Local\SniperV2 2015-09-17 12:29 - 2012-07-17 00:54 - 00000000 ____D C:\Users\Milos\AppData\Local\liQeNSoft 2015-09-17 12:29 - 2012-06-23 17:23 - 00000000 ____D C:\Users\Milos\AppData\Local\PunkBuster 2015-09-17 12:29 - 2012-06-21 00:15 - 00000000 ____D C:\Users\Milos\AppData\Local\Downloaded Installations 2015-09-17 12:29 - 2012-05-21 18:33 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-09-17 12:29 - 2012-02-25 17:25 - 00000000 ____D C:\Users\Milos\AppData\Roaming\U3 2015-09-17 12:29 - 2012-02-08 00:42 - 00000000 ____D C:\Users\Milos\AppData\Roaming\DarknessII 2015-09-17 12:29 - 2012-01-15 15:58 - 00000000 ____D C:\Users\Milos\AppData\Local\OfficeDrop 2015-09-17 12:29 - 2011-12-27 18:25 - 00000000 ____D C:\Users\Milos\AppData\Roaming\PunkBuster 2015-09-17 12:29 - 2011-12-08 18:12 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps 2015-09-17 12:29 - 2011-10-26 16:01 - 00000000 ____D C:\Users\Milos\AppData\Local\PCSX2 2015-09-17 12:29 - 2011-10-01 13:23 - 00000000 ____D C:\Users\Milos\AppData\Roaming\GetRightToGo 2015-09-17 12:29 - 2011-09-30 17:03 - 00000000 ____D C:\Users\Milos\AppData\Roaming\ArcSoft 2015-09-17 12:29 - 2011-07-25 22:35 - 00000000 ____D C:\Users\Milos\AppData\Roaming\MAGIX 2015-09-17 12:29 - 2011-07-15 23:16 - 00000000 ____D C:\Users\Milos\Documents\Xilisoft Corporation 2015-09-17 12:29 - 2011-06-30 23:01 - 00000000 ____D C:\Users\Milos\AppData\Local\http___www.julien-manici 2015-09-17 12:29 - 2011-06-19 11:05 - 00000000 ____D C:\Users\Milos\AppData\Local\Microsoft Help 2015-09-17 12:29 - 2011-06-06 16:43 - 00000000 ____D C:\Users\Milos\AppData\Local\PDF-TIFF-Tools.com 2015-09-17 12:29 - 2011-05-16 15:57 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Sony 2015-09-17 12:29 - 2011-05-14 17:24 - 00000000 ____D C:\Users\Milos\AppData\Roaming\LimeWire 2015-09-17 12:29 - 2011-05-08 15:16 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Ubisoft 2015-09-17 12:29 - 2011-05-05 22:44 - 00000000 ____D C:\Users\Milos\AppData\Roaming\SystemRequirementsLab 2015-09-17 12:29 - 2011-04-18 10:08 - 00000000 ____D C:\Users\Milos\AppData\Local\Autodesk 2015-09-17 12:29 - 2011-04-17 14:31 - 00000000 ____D C:\Users\Milos\FrostWire 2015-09-17 12:29 - 2011-04-17 14:31 - 00000000 ____D C:\Users\Milos\AppData\Roaming\FrostWire 2015-09-17 12:29 - 2011-04-17 14:07 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webteh 2015-09-17 12:29 - 2011-04-16 17:01 - 00000000 ____D C:\Users\Milos\AppData\Local\Apps\2.0 2015-09-17 12:29 - 2011-04-15 19:18 - 00000000 ___RD C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-09-17 12:29 - 2011-04-15 19:18 - 00000000 ___RD C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-09-17 12:28 - 2015-07-27 17:57 - 00000000 ____D C:\Users\Milos\Documents\Unreal Projects 2015-09-17 12:28 - 2015-07-27 17:22 - 00000000 ____D C:\Users\Milos\AppData\Local\UnrealEngine 2015-09-17 12:28 - 2015-06-30 16:14 - 00000000 ____D C:\Users\Milos\Documents\CPY_SAVES 2015-09-17 12:28 - 2015-06-28 17:40 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Wondershare 2015-09-17 12:28 - 2014-11-06 17:52 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Mozilla 2015-09-17 12:28 - 2014-10-06 18:57 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Steam 2015-09-17 12:28 - 2014-09-03 22:06 - 00000000 ____D C:\Users\Milos\workspace 2015-09-17 12:28 - 2014-04-21 13:44 - 00000000 ____D C:\Users\Milos\Documents\Visual Studio 2010 2015-09-17 12:28 - 2013-10-03 20:29 - 00000000 ____D C:\Users\Milos\AppData\Roaming\AVG 2015-09-17 12:28 - 2013-03-02 15:42 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Doublefine 2015-09-17 12:28 - 2013-02-27 15:58 - 00000000 ____D C:\Users\Milos\Documents\Zoran USB 2015-09-17 12:28 - 2013-02-21 21:50 - 00000000 ____D C:\Users\Milos\AppData\Roaming\qualys 2015-09-17 12:28 - 2012-10-22 16:23 - 00000000 ____D C:\Users\Milos\AppData\Roaming\.minecraft 2015-09-17 12:28 - 2012-07-17 00:54 - 00000000 ____D C:\Users\Milos\AppData\Roaming\liQeNSoft 2015-09-17 12:28 - 2011-12-13 17:57 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Xilisoft 2015-09-17 12:28 - 2011-12-13 17:32 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Thinstall 2015-09-17 12:28 - 2011-07-27 23:23 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Nokia Ovi Suite 2015-09-17 12:28 - 2011-06-20 16:50 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Nokia 2015-09-17 12:28 - 2011-06-15 12:41 - 00000000 ____D C:\Users\Milos\AppData\Local\VirtualStore 2015-09-17 12:28 - 2011-04-18 19:52 - 00000000 ____D C:\Users\Milos\AppData\Roaming\URSoft 2015-09-17 12:28 - 2011-04-18 10:02 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Autodesk 2015-09-17 12:28 - 2011-04-17 14:07 - 00000000 ____D C:\Users\Milos\AppData\Roaming\BSplayer PRO 2015-09-17 12:28 - 2011-04-16 16:30 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Macromedia 2015-09-17 12:28 - 2011-04-16 16:30 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Adobe 2015-09-17 12:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2015-09-17 12:27 - 2015-07-27 17:22 - 00000000 ____D C:\Users\Milos\AppData\Local\CrashReportClient 2015-09-17 12:27 - 2015-07-16 19:50 - 00000000 ____D C:\Users\Milos\AppData\Local\EpicGamesLauncher 2015-09-17 12:27 - 2014-12-23 16:44 - 00000000 ____D C:\Users\Milos\.eclipse 2015-09-17 12:27 - 2014-06-17 16:13 - 00000000 ____D C:\Users\Milos\AppData\Local\ChemTable Software 2015-09-17 12:27 - 2014-06-07 17:07 - 00000000 ____D C:\Users\Milos\AppData\Local\Logitech® Webcam Software 2015-09-17 12:27 - 2014-05-12 19:21 - 00000000 ____D C:\Users\Milos\AppData\Local\LG Electronics 2015-09-17 12:27 - 2014-03-06 15:50 - 00000000 ____D C:\Users\Milos\AppData\Local\Skype 2015-09-17 12:27 - 2012-09-24 14:24 - 00000000 ____D C:\Users\Milos\AppData\Local\Last.fm 2015-09-17 12:27 - 2012-01-05 14:30 - 00000000 ____D C:\Users\Milos\AppData\Local\Oberon Games 2015-09-17 12:27 - 2011-07-03 21:56 - 00000000 ____D C:\Users\Milos\AppData\Local\SKIDROW 2015-09-17 12:27 - 2011-06-20 16:47 - 00000000 ____D C:\Users\Milos\AppData\Local\Nokia 2015-09-17 12:27 - 2011-05-16 15:57 - 00000000 ____D C:\Users\Milos\AppData\Local\Sony 2015-09-17 12:27 - 2011-04-17 18:11 - 00000000 ____D C:\Users\Milos\AppData\Local\Microsoft Games 2015-09-17 12:27 - 2011-04-16 17:01 - 00000000 ____D C:\Users\Milos\AppData\Local\Google 2015-09-17 12:26 - 2011-11-06 14:38 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-17 11:01 - 2011-04-19 12:49 - 00000000 ____D C:\Users\Milos\AppData\Local\Adobe 2015-09-15 11:21 - 2011-06-18 13:53 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{93B7F352-CBA5-463F-8652-77B93D9B5ACA} 2015-09-14 20:51 - 2015-05-19 20:52 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d09264fa8b6792 2015-09-14 20:51 - 2015-05-19 20:52 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d09264f9c1129b 2015-09-09 11:49 - 2013-11-15 14:50 - 00000000 ____D C:\ProgramData\Package Cache 2015-09-09 11:49 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-09-09 11:30 - 2012-02-17 17:07 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Origin 2015-09-02 15:55 - 2013-04-15 13:14 - 00271360 ___SH C:\Users\Milos\Documents\Thumbs.db 2015-09-02 11:17 - 2012-02-25 19:01 - 00000000 ____D C:\Users\Milos\Documents\Milos Marunic - CV 2015-09-02 08:50 - 2012-05-09 12:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-09-02 08:50 - 2012-05-09 12:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-09-01 19:22 - 2012-05-09 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-09-01 17:10 - 2011-04-17 16:27 - 00000000 ____D C:\ProgramData\Skype 2015-08-31 20:12 - 2015-07-16 19:49 - 00001509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2015-08-31 10:19 - 2015-07-13 12:25 - 00000000 ____D C:\Users\Milos\AppData\Roaming\HandBrake 2015-08-28 20:04 - 2011-05-05 22:50 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab 2015-08-26 22:46 - 2013-10-21 15:53 - 00000000 ____D C:\ProgramData\Oracle 2015-08-26 22:45 - 2014-08-18 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-26 22:45 - 2013-02-07 18:06 - 00000000 ____D C:\Program Files\Java 2015-08-26 22:45 - 2011-04-17 13:07 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-26 22:44 - 2014-09-03 22:06 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll ==================== Files in the root of some directories ======= 2013-02-17 05:27 - 2013-02-17 05:27 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll 2012-11-28 21:11 - 2013-05-26 14:39 - 0000545 _____ () C:\Users\Milos\AppData\Roaming\All CPU MeterV3_Settings.ini 2012-11-28 21:08 - 2014-09-19 17:56 - 0000282 _____ () C:\Users\Milos\AppData\Roaming\GPU MeterV2_Settings.ini 2012-05-15 12:47 - 2012-05-15 18:46 - 0099384 _____ () C:\Users\Milos\AppData\Roaming\inst.exe 2012-11-28 21:12 - 2012-11-28 21:12 - 0000384 _____ () C:\Users\Milos\AppData\Roaming\Network Meter_Settings.ini 2012-05-15 12:47 - 2012-05-15 18:46 - 0007859 _____ () C:\Users\Milos\AppData\Roaming\pcouffin.cat 2012-05-15 12:47 - 2012-05-15 18:46 - 0001167 _____ () C:\Users\Milos\AppData\Roaming\pcouffin.inf 2012-05-15 12:48 - 2012-05-15 18:46 - 0000033 _____ () C:\Users\Milos\AppData\Roaming\pcouffin.log 2012-05-15 12:47 - 2012-05-15 18:46 - 0082816 _____ (VSO Software) C:\Users\Milos\AppData\Roaming\pcouffin.sys 2015-03-30 17:19 - 2015-03-30 18:11 - 0028082 _____ () C:\Users\Milos\AppData\Roaming\phpdesigner.xml 2015-07-10 13:22 - 2015-07-10 13:22 - 0000000 _____ () C:\Users\Milos\AppData\Local\{232D338A-58FD-4206-9F27-95F56B724A3C} 2015-07-10 13:22 - 2015-07-10 13:22 - 0000000 _____ () C:\Users\Milos\AppData\Local\{4EFFC8CC-52D9-4563-8A1E-198E4A08245D} 2015-07-10 13:22 - 2015-07-10 13:22 - 0000000 _____ () C:\Users\Milos\AppData\Local\{D3CBD2AE-5751-443A-B220-D379E6C824D8} 2012-07-17 00:45 - 2012-07-17 00:48 - 0182150 _____ () C:\ProgramData\1342478752.2388.bin 2012-07-17 00:45 - 2012-07-17 00:52 - 0008548 _____ () C:\ProgramData\1342478752.3448.bin 2012-07-17 00:45 - 2012-07-17 00:47 - 0007399 _____ () C:\ProgramData\1342478752.3528.bin 2012-07-17 00:45 - 2012-07-17 00:49 - 0017464 _____ () C:\ProgramData\1342478752.3532.bin 2012-07-17 00:45 - 2012-07-17 00:52 - 0000558 _____ () C:\ProgramData\1342478752.4184.bin 2012-07-17 00:45 - 2012-07-17 00:48 - 0025587 _____ () C:\ProgramData\1342478752.4296.bin 2012-07-17 00:45 - 2012-07-17 00:52 - 0003042 _____ () C:\ProgramData\1342478752.4344.bin 2012-07-17 00:45 - 2012-07-17 00:52 - 0013106 _____ () C:\ProgramData\1342478752.4352.bin 2012-07-17 00:45 - 2012-07-17 00:52 - 0000558 _____ () C:\ProgramData\1342478752.4372.bin 2012-07-17 00:45 - 2012-07-17 00:49 - 0096135 _____ () C:\ProgramData\1342478752.5096.bin 2012-07-17 00:47 - 2012-07-17 00:47 - 0001699 _____ () C:\ProgramData\1342478752.596.bin 2012-07-26 18:48 - 2012-07-26 18:48 - 0074932 _____ () C:\ProgramData\1343321167.bdinstall.bin 2012-07-27 14:14 - 2012-07-27 14:14 - 0170734 _____ () C:\ProgramData\1343391053.bdinstall.bin 2011-06-18 19:45 - 2011-06-18 19:45 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2011-09-06 17:18 - 2012-01-15 16:39 - 0000702 _____ () C:\ProgramData\hpzinstall.log Some files in TEMP: ==================== C:\Users\Milos\AppData\Local\Temp\exe2pin.exe C:\Users\Milos\AppData\Local\Temp\jre-8u51-windows-au.exe C:\Users\Milos\AppData\Local\Temp\jre-8u60-windows-au.exe C:\Users\Milos\AppData\Local\Temp\MP3_Launcher_1_36_0_0.exe C:\Users\Milos\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Milos\AppData\Local\Temp\nvStInst.exe C:\Users\Milos\AppData\Local\Temp\raptrpatch.exe C:\Users\Milos\AppData\Local\Temp\raptr_stub.exe C:\Users\Milos\AppData\Local\Temp\Skin.dll C:\Users\Milos\AppData\Local\Temp\SkypeSetup.exe C:\Users\Milos\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-09-11 00:59 ==================== End of FRST.txt ============================ mycity.rs/must-login.png Dopuna: 17 Sep 2015 18:55 A Malwarebytes ne moze na "genije" foru... Dopuna: 17 Sep 2015 19:10 Evo i log sa Combofixa mycity.rs/must-login.png

Profil

magna86 Poslao: 17 Sep 2015 19:24 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dugo si ovde, koje je zlatno pravilo za ComboFix? Sada si mi poremetio sve logove...Sada moram ispocetka ... Hajde pristupi Normal Modu pa tamo pokreni ComboFix sa Desktopa ( ! ! ) i postavi mi svezi ComboFix.txt kao i svez FRST.txt izvestaj takodje iz Normal Moda.

Profil

ajzaklija Poslao: 17 Sep 2015 23:14 Idi na vrh
offline ajzaklija Građanin Pridružio: 14 Dec 2009 Poruke: 154	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Izvinjavam se... mycity.rs/must-login.png ComboFix 15-09-07.01 - Milos 17-Sep-15 19:50:11.3.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8151.5822 [GMT 2:00] Running from: d:\stari hard\Milos\My Downloads\ComboFix.exe FW: ESET Personal firewall Enabled {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} SP: ESET Smart Security 8.0 Enabled/Updated {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} SP: Windows Defender Enabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Resident AV is active . . . ((((((((((((((((((((((((( Files Created from 2015-08-17 to 2015-09-17 ))))))))))))))))))))))))))))))) . . 2015-09-17 17:59 . 2015-09-17 17:59 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-09-17 16:52 . 2015-09-17 16:54 -------- d-----w- C:\FRST 2015-09-17 15:34 . 2015-09-17 15:34 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2015-09-17 15:34 . 2015-04-14 07:37 63704 ----a-w- c:\windows\system32\drivers\mwac.sys 2015-09-17 15:34 . 2015-04-14 07:37 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2015-09-17 15:26 . 2015-09-17 16:08 -------- d-----w- c:\program files\CCleaner 2015-09-17 11:48 . 2015-09-17 13:10 -------- d-----w- c:\windows\system32\catroot2 2015-09-15 08:50 . 2015-09-15 08:50 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CC83724E-2057-41EE-91D1-5805399BE859}\offreg.2428.dll 2015-09-09 10:49 . 2015-09-09 10:49 -------- d-----w- c:\users\Milos\AppData\Local\CEF 2015-09-09 10:36 . 2015-09-08 20:40 -------- d-----w- C:\Update 2015-09-07 10:50 . 2015-09-17 15:50 -------- d-----w- C:\AdwCleaner 2015-09-03 08:12 . 2015-09-03 08:12 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CC83724E-2057-41EE-91D1-5805399BE859}\offreg.3132.dll 2015-09-01 17:31 . 2015-09-02 07:24 -------- d-----w- c:\program files (x86)\PlaysTV 2015-09-01 15:10 . 2015-09-01 15:10 -------- d-----w- c:\program files (x86)\Common Files\Skype 2015-09-01 15:10 . 2015-09-01 15:10 -------- d-----r- c:\program files (x86)\Skype 2015-08-31 08:15 . 2015-08-31 08:15 -------- d-----w- c:\users\Milos\AppData\Roaming\AMD 2015-08-26 20:45 . 2015-08-26 20:45 0 ----a-w- c:\windows\SysWow64\REN89BE.tmp 2015-08-26 20:45 . 2015-08-26 20:45 -------- d-----w- c:\program files (x86)\Common Files\Java 2015-08-26 20:43 . 2015-08-26 20:44 -------- d-----w- c:\users\Milos\.oracle_jre_usage 2015-08-21 15:22 . 2015-08-21 15:22 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CC83724E-2057-41EE-91D1-5805399BE859}\offreg.2504.dll 2015-08-18 19:50 . 2015-08-18 19:50 -------- d-----w- c:\program files (x86)\LG Electronics . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-09-17 15:53 . 2015-08-17 11:11 65536 ----a-w- c:\windows\system32\spu_storage.bin 2015-08-26 20:44 . 2014-09-03 20:06 110688 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2015-08-17 11:14 . 2015-08-17 11:14 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CC83724E-2057-41EE-91D1-5805399BE859}\offreg.3012.dll 2015-08-04 06:29 . 2015-08-04 06:29 107784 ----a-w- c:\windows\system32\amdave64.dll 2015-08-04 06:29 . 2015-08-04 06:29 100568 ----a-w- c:\windows\SysWow64\amdave32.dll 2015-08-04 06:28 . 2015-08-04 06:28 141792 ----a-w- c:\windows\system32\amdhcp64.dll 2015-08-04 06:28 . 2015-08-04 06:28 128384 ----a-w- c:\windows\SysWow64\amdhcp32.dll 2015-08-04 06:28 . 2015-08-04 06:28 78432 ----a-w- c:\windows\system32\atimpc64.dll 2015-08-04 06:28 . 2015-08-04 06:28 78432 ----a-w- c:\windows\system32\amdpcom64.dll 2015-08-04 06:28 . 2015-08-04 06:28 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll 2015-08-04 06:28 . 2015-08-04 06:28 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll 2015-08-04 06:28 . 2015-08-04 06:28 152056 ----a-w- c:\windows\system32\atiuxp64.dll 2015-08-04 06:28 . 2015-08-04 06:28 133016 ----a-w- c:\windows\SysWow64\atiuxpag.dll 2015-08-04 06:28 . 2015-08-04 06:28 120144 ----a-w- c:\windows\system32\atiu9p64.dll 2015-08-04 06:28 . 2015-08-04 06:28 102616 ----a-w- c:\windows\SysWow64\atiu9pag.dll 2015-08-04 06:28 . 2015-08-04 06:28 1445224 ----a-w- c:\windows\system32\aticfx64.dll 2015-08-04 06:28 . 2015-08-04 06:28 1193904 ----a-w- c:\windows\SysWow64\aticfx32.dll 2015-08-04 06:28 . 2015-08-04 06:28 11948704 ----a-w- c:\windows\system32\atidxx64.dll 2015-08-04 06:28 . 2015-08-04 06:28 10094152 ----a-w- c:\windows\SysWow64\atidxx32.dll 2015-08-04 06:28 . 2015-08-04 06:28 7929616 ----a-w- c:\windows\SysWow64\atiumdva.dll 2015-08-04 06:28 . 2015-08-04 06:28 7408936 ----a-w- c:\windows\SysWow64\atiumdag.dll 2015-08-04 06:27 . 2015-08-04 06:27 8893160 ----a-w- c:\windows\system32\atiumd6a.dll 2015-08-04 06:27 . 2015-08-04 06:27 8779872 ----a-w- c:\windows\system32\atiumd64.dll 2015-08-04 06:25 . 2015-08-04 06:25 297672 ----a-w- c:\windows\system32\drivers\amdacpksd.sys 2015-08-04 06:23 . 2015-08-04 06:23 21622784 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2015-08-04 06:19 . 2015-08-04 06:19 235008 ----a-w- c:\windows\system32\clinfo.exe 2015-08-04 06:19 . 2015-08-04 06:19 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe 2015-08-04 06:19 . 2015-08-04 06:19 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe 2015-08-04 06:19 . 2015-08-04 06:19 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe 2015-08-04 06:19 . 2015-08-04 06:19 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe 2015-08-04 06:18 . 2015-08-04 06:18 47785472 ----a-w- c:\windows\system32\amdocl64.dll 2015-08-04 06:14 . 2015-08-04 06:14 39714304 ----a-w- c:\windows\SysWow64\amdocl.dll 2015-08-04 05:58 . 2015-08-04 05:58 27535872 ----a-w- c:\windows\system32\amdocl12cl64.dll 2015-08-04 05:57 . 2015-08-04 05:57 22318592 ----a-w- c:\windows\SysWow64\amdocl12cl.dll 2015-08-04 04:12 . 2015-08-04 04:12 127488 ----a-w- c:\windows\system32\mantle64.dll 2015-08-04 04:12 . 2015-08-04 04:12 113664 ----a-w- c:\windows\SysWow64\mantle32.dll 2015-08-04 04:11 . 2015-08-04 04:11 6477312 ----a-w- c:\windows\system32\amdmantle64.dll 2015-08-04 03:43 . 2015-08-04 03:43 5068288 ----a-w- c:\windows\SysWow64\amdmantle32.dll 2015-08-04 03:21 . 2015-08-04 03:21 93696 ----a-w- c:\windows\system32\mantleaxl64.dll 2015-08-04 03:21 . 2015-08-04 03:21 86528 ----a-w- c:\windows\SysWow64\mantleaxl32.dll 2015-08-04 02:55 . 2015-08-04 02:55 30752256 ----a-w- c:\windows\system32\atio6axx.dll 2015-08-04 02:32 . 2015-08-04 02:32 25299968 ----a-w- c:\windows\SysWow64\atioglxx.dll 2015-08-04 02:25 . 2015-08-04 02:25 367104 ----a-w- c:\windows\system32\atiapfxx.exe 2015-08-04 02:25 . 2015-08-04 02:25 62464 ----a-w- c:\windows\system32\aticalrt64.dll 2015-08-04 02:25 . 2015-08-04 02:25 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll 2015-08-04 02:24 . 2015-08-04 02:24 55808 ----a-w- c:\windows\system32\aticalcl64.dll 2015-08-04 02:24 . 2015-08-04 02:24 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll 2015-08-04 02:24 . 2015-08-04 02:24 15716864 ----a-w- c:\windows\system32\aticaldd64.dll 2015-08-04 02:21 . 2015-08-04 02:21 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll 2015-08-04 02:21 . 2015-08-04 02:21 50688 ----a-w- c:\windows\system32\amdmmcl6.dll 2015-08-04 02:21 . 2015-08-04 02:21 39424 ----a-w- c:\windows\SysWow64\amdmmcl.dll 2015-08-04 02:07 . 2015-08-04 02:07 442368 ----a-w- c:\windows\system32\atidemgy.dll 2015-08-04 02:07 . 2015-08-04 02:07 160256 ----a-w- c:\windows\system32\atieah64.exe 2015-08-04 02:07 . 2015-08-04 02:07 143872 ----a-w- c:\windows\SysWow64\atieah32.exe 2015-08-04 02:07 . 2015-08-04 02:07 204800 ----a-w- c:\windows\system32\amdgfxinfo64.dll 2015-08-04 02:07 . 2015-08-04 02:07 189952 ----a-w- c:\windows\SysWow64\amdgfxinfo32.dll 2015-08-04 02:07 . 2015-08-04 02:07 29696 ----a-w- c:\windows\system32\atimuixx.dll 2015-08-04 02:07 . 2015-08-04 02:07 672768 ----a-w- c:\windows\system32\atieclxx.exe 2015-08-04 02:06 . 2015-08-04 02:06 246784 ----a-w- c:\windows\system32\atiesrxx.exe 2015-08-04 02:05 . 2015-08-04 02:05 190976 ----a-w- c:\windows\system32\atitmm64.dll 2015-08-04 01:48 . 2015-08-04 01:48 865792 ----a-w- c:\windows\system32\coinst_15.20.dll 2015-08-04 01:48 . 2015-08-04 01:48 89088 ----a-w- c:\windows\system32\atisamu64.dll 2015-08-04 01:47 . 2015-08-04 01:47 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll 2015-08-04 01:43 . 2015-08-04 01:43 1247744 ----a-w- c:\windows\system32\atiadlxx.dll 2015-08-04 01:43 . 2015-08-04 01:43 926720 ----a-w- c:\windows\SysWow64\atiadlxy.dll 2015-08-04 01:43 . 2015-08-04 01:43 926720 ----a-w- c:\windows\SysWow64\atiadlxx.dll 2015-08-04 01:43 . 2015-08-04 01:43 75264 ----a-w- c:\windows\system32\atig6pxx.dll 2015-08-04 01:43 . 2015-08-04 01:43 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll 2015-08-04 01:43 . 2015-08-04 01:43 69632 ----a-w- c:\windows\system32\atiglpxx.dll 2015-08-04 01:42 . 2015-08-04 01:42 156672 ----a-w- c:\windows\system32\atig6txx.dll 2015-08-04 01:42 . 2015-08-04 01:42 141824 ----a-w- c:\windows\SysWow64\atigktxx.dll 2015-08-04 01:42 . 2015-08-04 01:42 665088 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2015-08-04 01:37 . 2015-08-04 01:37 102912 ----a-w- c:\windows\system32\hsa-thunk64.dll 2015-08-04 01:37 . 2015-08-04 01:37 102400 ----a-w- c:\windows\SysWow64\hsa-thunk.dll 2015-08-04 01:35 . 2015-08-04 01:35 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2015-08-03 20:32 . 2015-08-03 20:32 363008 ----a-w- c:\windows\system32\amdacpusl.dll 2015-08-03 20:31 . 2015-08-03 20:31 247296 ----a-w- c:\windows\SysWow64\amdacpusl.dll 2015-07-29 07:26 . 2015-07-29 07:26 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CC83724E-2057-41EE-91D1-5805399BE859}\offreg.3316.dll 2015-07-27 15:24 . 2015-07-27 15:24 0 ----a-w- c:\windows\SysWow64\REN25C2.tmp 2015-07-15 10:20 . 2015-07-15 10:20 96256 ----a-w- c:\windows\system32\drivers\AtihdW76.sys 2015-07-15 10:20 . 2015-07-15 10:20 103424 ----a-w- c:\windows\system32\DelayAPO.dll 2015-06-23 11:30 . 2011-04-19 09:44 300704 ------w- c:\windows\system32\MpSigStub.exe 2013-02-17 03:27 . 2013-02-17 03:27 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MCShield Monitor"="d:\program files\MCShield\MCShieldRTM.exe" [2014-04-11 650816] "BingSvc"="c:\users\Milos\AppData\Local\Microsoft\BingSvc\BingSvc.exe" [2015-04-07 144008] "CCleaner Monitoring"="c:\program files\CCleaner\CCl.exe" [2015-06-01 8358680] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-02-10 2770432] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312] "StartCCC"="d:\program files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-08-04 767176] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss] @="Service" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="d:\program files\QuickTime\QTTask.exe" -atboottime "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin "BCSSync"="d:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices "Acrobat Assistant 8.0"="d:\program files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" "SwitchBoard"=c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin "Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true . R1 BAPIDRV;BAPIDRV;c:\windows\system32\DRIVERS\BAPIDRV64.sys;c:\windows\SYSNATIVE\DRIVERS\BAPIDRV64.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x] R2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgandnetadb.sys [x] R3 AndnetBus;LGE Mobile USB Composite Device;c:\windows\system32\DRIVERS\lgandnetbus64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetbus64.sys [x] R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x] R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x] R3 CX88VID;WinFast CX2388x AvStream Driver;c:\windows\system32\drivers\cxavsvid.sys;c:\windows\SYSNATIVE\drivers\cxavsvid.sys [x] R3 esgiguard;esgiguard; [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x] R3 LVUVC64;Logitech QuickCam E3500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x] R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x] R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x] R3 Origin Client Service;Origin Client Service;d:\program files\Origin\OriginClientService.exe;d:\program files\Origin\OriginClientService.exe [x] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 wampapache64;wampapache64;c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe;c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [x] R3 wampmysqld64;wampmysqld64;c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64;c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64 [x] R3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3);c:\windows\system32\drivers\wfeaglxt.sys;c:\windows\SYSNATIVE\drivers\wfeaglxt.sys [x] R3 WinRing0_1_2_0;WinRing0_1_2_0; [x] R3 WsAppService;Wondershare Application Framework Service;c:\program files (x86)\Wondershare\WAF\WsAppService.exe;c:\program files (x86)\Wondershare\WAF\WsAppService.exe [x] R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x] S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys;c:\windows\SYSNATIVE\drivers\ElRawDsk.sys [x] S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x] S1 RawDisk3;RawDisk3;c:\windows\system32\drivers\rawdsk3.sys;c:\windows\SYSNATIVE\drivers\rawdsk3.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 amdacpksd;ACP Kernel Service Driver;c:\windows\system32\drivers\amdacpksd.sys;c:\windows\SYSNATIVE\drivers\amdacpksd.sys [x] S2 amdacpusrsvc;ACP User Service;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [x] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-09-02 18:29 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\45.0.2454.85\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2015-09-17 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 22:33] . 2015-09-17 c:\windows\Tasks\AutoKMS.job - c:\windows\AutoKMS\AutoKMS.exe [2013-03-18 18:30] . 2015-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-08 10:51] . 2015-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d04067be148f03.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-08 10:51] . 2015-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d09264f9c1129b.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-08 10:51] . 2015-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-08 10:51] . 2015-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d04067bec5b92b.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-08 10:51] . 2015-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d09264fa8b6792.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-08 10:51] . 2015-09-17 c:\windows\Tasks\Tweaking.com - Windows Repair Tray Icon.job - c:\program files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11 23:54] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2015-01-28 5595848] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com mStart Page = hxxp://www.google.com IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 95.180.0.18 95.180.1.2 . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\SetID\Internal] @Denied: (A 2) (LocalSystem) "DATA2"="<settings accountStatus=\"1\" oldDevice=\"\" timeDiff=\"1343391865\" expireTime=\"87305734\" productStatus=\"1\" obSize=\"2\" InstallTS=\"1289332796\" isSubsc=\"0\" authStat_ts=\"0\" version=\"14.1\" keyType=\"194\" prodId=\"1\" moduleId1=\"7\" moduleId2=\"10\" relType=\"1\" />" . [HKEY_USERS\S-1-5-21-1028166717-2969663755-3555985625-1000\Software\SecuROM\License information*] "datasecu"=hex:9b,21,83,1d,4f,c5,4d,65,a0,ab,5e,65,74,e7,a3,79,45,9b,4e,ea,17, 23,b0,c4,30,32,60,5b,17,f4,98,98,73,c6,bc,99,69,d4,b0,73,d5,76,57,66,00,d3,\ "rkeysecu"=hex:44,3e,4b,e6,bc,77,05,cd,0f,a8,2e,58,97,da,7e,f5 . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . Completion time: 2015-09-17 20:11:32 ComboFix-quarantined-files.txt 2015-09-17 18:11 ComboFix2.txt 2015-09-17 17:48 ComboFix3.txt 2015-09-17 17:08 . Pre-Run: 69,549,174,784 bytes free Post-Run: 69,450,899,456 bytes free . - - End Of File - - AA9430A93D65EEF08B3089F443DA5FF5 A36C5E4F47E84449FF07ED3517B43A31 mycity.rs/must-login.png mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015 Ran by Milos (administrator) on MILOS-PC_I3 (17-09-2015 23:10:06) Running from C:\Users\Milos\Desktop Loaded Profiles: Milos (Available Profiles: Milos) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 10 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe () C:\Windows\SysWOW64\PnkBstrA.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (MyCity) D:\Program Files\MCShield\MCShieldRTM.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Farbar) C:\Users\Milos\Desktop\genije64.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2770432 2010-02-10] (VIA) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] () HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => D:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\...\Run: [MCShield Monitor] => D:\Program Files\MCShield\MCShieldRTM.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\...\Run: [BingSvc] => C:\Users\Milos\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation) HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCl.exe [8358680 2015-06-01] (Piriform Ltd) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 95.180.0.18 95.180.1.2 Tcpip\..\Interfaces\{2D7825BC-6149-4217-8E78-F1BDE93A8263}: [DhcpNameServer] 95.180.0.18 95.180.1.2 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-26] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-26] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-26] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-26] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: WSWSVCUchrome - No CLSID Value FireFox: ======== FF ProfilePath: C:\Users\Milos\AppData\Roaming\Mozilla\Firefox\Profiles\mjyvr9so.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-13] () FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-26] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-26] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-13] () FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-26] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-26] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.) FF Plugin-x32: Adobe Acrobat -> D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1028166717-2969663755-3555985625-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-06-05] () FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-09-29] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: No Name - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [not found] Chrome: ======= CHR HomePage: Default -> about:blank CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=dss_yset_chr__PARAM__ CHR DefaultSearchKeyword: Default -> Yahoo CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll => No File CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\pdf.dll => No File CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - D:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => No File CHR Plugin: (Java Deployment Toolkit 8.0.310.13) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll => No File CHR Plugin: (Java(TM) Platform SE 8 U31) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll => No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll => No File CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll => No File CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll () CHR Plugin: (Microsoft Office 2010) - D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File CHR Profile: C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Yahoo Web) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjpdakpjonkfmggcmanlhdakfkhloii [2015-04-05] CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2013-03-18] CHR Extension: (Angry Birds) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-10-31] CHR Extension: (SoundCloud Downloader) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjckonbgbnaihkahaolpfjpllplfifjo [2015-01-26] CHR Extension: (IMDB Ratings Viewer) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\daaoegihbflfijkdhalidlmochdbobgb [2014-09-29] CHR Extension: (Photo Zoom for Facebook) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2011-04-16] CHR Extension: (Type Scout - Better Typing! ) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj [2012-12-17] CHR Extension: (Go to IMDb) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fipkcplmpmhcmfgkgahliaabodplkjio [2011-06-18] CHR Extension: (AdBlock) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-17] CHR Extension: (Yahoo! Mail Checker) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgocemgcnfciljelchmfknmaojcbgea [2015-04-06] CHR Extension: (Downloads) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2011-06-18] CHR Extension: (crxMouse Chrome Gestures) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2014-03-06] CHR Extension: (Until AM Web App) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2012-12-17] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04] CHR Extension: (Webcam Toy) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2012-12-17] CHR Extension: (AudioSauna) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2012-12-17] CHR Extension: (Star Gazer) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme [2011-10-31] CHR Extension: (Google Mail Checker) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2011-06-18] CHR Extension: (Chrome Web Store Payments) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06] CHR Extension: (GIFPAL) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch [2012-12-17] CHR Extension: ((zabranjeno)-BB Search) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfeeplagpidgdgceaicggccompdgcon [2011-06-19] CHR Extension: (Psykopaint) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2012-12-17] CHR Extension: (Gmail) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-15] CHR Extension: (Cube Slam) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcoeeddamedegogbcmdbadnoifmfipn [2015-04-08] CHR Extension: (Canvas Rider) - C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2011-12-01] CHR HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Milos\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found> CHR HKU\S-1-5-21-1028166717-2969663755-3555985625-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23] CHR HKLM-x32\...\Chrome\Extension: [egnimkioipookhfihpljiedpgjffibpa] - <no Path/update_url> ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-08-03] (Advanced Micro Devices) [File not signed] S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2013-06-23] (Autodesk) S3 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed] S3 Crypkey License; C:\Windows\SysWOW64\crypserv.exe [69632 2006-03-01] (CrypKey (Canada) Ltd.) [File not signed] R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2011-05-12] () [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S3 Microsoft SharePoint Workspace Audit Service; D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [31125880 2011-06-12] (Microsoft Corporation) S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2007-11-28] (Sony Corporation) [File not signed] R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed] S3 Origin Client Service; D:\Program Files\Origin\OriginClientService.exe [2057736 2015-09-09] (Electronic Arts) S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2007-11-28] (Sony Corporation) [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed] R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-01-12] () S3 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation) S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2007-11-28] (Sony Corporation) [File not signed] S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation) S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH) S4 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed] S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [File not signed] S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [256912 2015-05-27] (Wondershare) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [297672 2015-08-04] (Advanced Micro Devices) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-05-28] () S3 CX88VID; C:\Windows\System32\drivers\cxavsvid.sys [469888 2006-07-21] (Leadtek Research Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-18] (Disc Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-01-30] (ESET) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-01-30] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-01-30] (ESET) R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-03-17] (EldoS Corporation) R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2015-01-30] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2015-01-30] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-01-30] (ESET) S3 esgiguard; no ImagePath R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-05-28] () R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] () R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-08-12] (EldoS Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-18] (Duplex Secure Ltd.) S3 TBPanel; no ImagePath S3 ULCDRHlp; C:\Windows\SysWOW64\Drivers\ULCDRHlp.sys [27392 2004-12-23] (Ulead Systems, Inc.) [File not signed] S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [8944 1999-05-05] (Microsoft Corporation) [File not signed] U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) S3 WinRing0_1_2_0; no ImagePath U3 a6f84nok; C:\Windows\System32\Drivers\a6f84nok.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder) S3 andnetadb; System32\Drivers\lgandnetadb.sys [X] S3 AndnetBus; system32\DRIVERS\lgandnetbus64.sys [X] S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X] S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] U3 DfSdkS; no ImagePath S4 NVHDA; system32\drivers\nvhda64v.sys [X] S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] S3 SANDRA; \??\D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3\WNt500x64\Sandra.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-17 23:10 - 2015-09-17 23:10 - 00024437 _____ C:\Users\Milos\Desktop\FRST.txt 2015-09-17 23:06 - 2015-09-17 23:06 - 00023219 _____ C:\Users\Milos\Desktop\ComboFix.txt 2015-09-17 20:11 - 2015-09-17 20:11 - 00023219 _____ C:\ComboFix.txt 2015-09-17 19:29 - 2015-09-17 20:00 - 00000840 _____ C:\Windows\setupact.log 2015-09-17 19:29 - 2015-09-17 19:29 - 00000552 _____ C:\Windows\PFRO.log 2015-09-17 19:29 - 2015-09-17 19:29 - 00000028 _____ C:\Windows\errord.log 2015-09-17 19:29 - 2015-09-17 19:29 - 00000000 _____ C:\Windows\setuperr.log 2015-09-17 18:57 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2015-09-17 18:57 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2015-09-17 18:57 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-09-17 18:57 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-09-17 18:57 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-09-17 18:57 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2015-09-17 18:57 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2015-09-17 18:57 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2015-09-17 18:56 - 2015-09-17 20:12 - 00000000 ____D C:\Qoobox 2015-09-17 18:56 - 2015-09-17 19:07 - 00000000 ____D C:\Windows\erdnt 2015-09-17 18:52 - 2015-09-17 23:10 - 00000000 ____D C:\FRST 2015-09-17 18:50 - 2015-09-17 18:50 - 00003723 _____ C:\Windows\WindowsUpdate.log 2015-09-17 18:12 - 2015-09-17 18:12 - 00000574 _____ C:\Windows\Tasks\Tweaking.com - Windows Repair Tray Icon.job 2015-09-17 18:09 - 2015-09-17 18:09 - 00541750 _____ C:\Users\Milos\Documents\cc_20150917_180914.reg 2015-09-17 17:47 - 2015-09-17 17:47 - 02191360 _____ (Farbar) C:\Users\Milos\Desktop\genije64.exe 2015-09-17 17:38 - 2015-09-17 19:31 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job 2015-09-17 17:34 - 2015-09-17 17:34 - 00001106 _____ C:\Users\Public\Desktop\donpicko64.lnk 2015-09-17 17:34 - 2015-09-17 17:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-09-17 17:34 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-09-17 17:34 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-09-17 17:31 - 2015-09-17 17:31 - 00000979 _____ C:\Users\Public\Desktop\CCL.lnk 2015-09-17 17:26 - 2015-09-17 18:08 - 00000000 ____D C:\Program Files\CCleaner 2015-09-17 17:19 - 2015-09-17 17:20 - 00000000 ____D C:\Windows\Tasks\360Disabled 2015-09-17 15:11 - 2015-09-17 15:11 - 00000000 ____D C:\Users\Milos\Desktop\Pro Evolution Soccer 2016 2015-09-17 15:06 - 2015-09-17 19:31 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS 2015-09-11 11:40 - 2015-09-14 17:32 - 00000000 ____D C:\Users\Milos\Documents\WB Games 2015-09-09 12:49 - 2015-09-09 12:49 - 00000000 ____D C:\Users\Milos\AppData\Local\CEF 2015-09-09 12:36 - 2015-09-08 22:40 - 00000000 ____D C:\Update 2015-09-09 11:49 - 2015-09-17 12:29 - 00000000 ____D C:\Users\Milos\Documents\FIFA 16 Demo 2015-09-07 12:50 - 2015-09-17 17:50 - 00000000 ____D C:\AdwCleaner 2015-09-01 19:31 - 2015-09-02 09:24 - 00000000 ____D C:\Program Files (x86)\PlaysTV 2015-09-01 17:10 - 2015-09-01 17:10 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-09-01 17:10 - 2015-09-01 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-08-31 10:15 - 2015-08-31 10:15 - 00000000 ____D C:\Users\Milos\AppData\Roaming\AMD 2015-08-26 22:45 - 2015-08-26 22:45 - 00000000 _____ C:\Windows\SysWOW64\REN89BE.tmp 2015-08-26 22:43 - 2015-08-26 22:44 - 00000000 ____D C:\Users\Milos\.oracle_jre_usage 2015-08-26 22:43 - 2015-08-26 22:43 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Sun 2015-08-18 21:50 - 2015-08-18 21:50 - 00000000 ____D C:\Program Files (x86)\LG Electronics 2015-08-18 21:44 - 2015-08-18 21:44 - 00000000 ____D C:\Users\Milos\Documents\LG OSP 2015-08-18 21:44 - 2015-08-18 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG On-Screen Phone ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-17 22:57 - 2015-02-04 12:45 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04067bec5b92b.job 2015-09-17 22:56 - 2015-05-19 20:52 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d09264fa8b6792.job 2015-09-17 22:50 - 2014-10-08 16:23 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-17 22:29 - 2012-04-02 12:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-09-17 20:57 - 2015-02-04 12:45 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04067be148f03.job 2015-09-17 20:56 - 2015-05-19 20:52 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d09264f9c1129b.job 2015-09-17 20:11 - 2014-10-08 16:23 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-17 20:11 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-17 19:59 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2015-09-17 19:49 - 2009-07-14 07:08 - 00032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-09-17 19:48 - 2013-11-20 16:02 - 07914496 ___SH C:\Users\Milos\Desktop\Thumbs.db 2015-09-17 19:36 - 2009-07-14 06:45 - 00025536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-09-17 19:36 - 2009-07-14 06:45 - 00025536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-09-17 19:34 - 2009-07-14 07:13 - 00772352 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-17 19:30 - 2012-03-15 13:45 - 00000000 ____D C:\ProgramData\MCShield 2015-09-17 19:29 - 2012-11-16 14:31 - 00000000 ____D C:\Users\Milos\AppData\Roaming\uTorrent 2015-09-17 18:09 - 2013-09-18 19:35 - 00000000 ____D C:\Users\Milos\AppData\Roaming\DAEMON Tools Pro 2015-09-17 18:09 - 2011-06-20 15:48 - 00000000 ____D C:\Users\Milos\AppData\Roaming\DAEMON Tools Lite 2015-09-17 18:09 - 2011-04-17 17:50 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Skype 2015-09-17 18:09 - 2011-04-17 17:42 - 00000000 ____D C:\Users\Milos\Tracing 2015-09-17 17:53 - 2015-08-17 13:11 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2015-09-17 17:33 - 2011-04-18 19:52 - 00000000 ____D C:\ProgramData\TEMP 2015-09-17 17:20 - 2015-07-12 19:23 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate 2015-09-17 17:20 - 2014-05-22 13:05 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Notepad++ 2015-09-17 17:20 - 2011-10-31 22:52 - 00000000 ____D C:\Users\Milos\AppData\Roaming\TeamViewer 2015-09-17 17:20 - 2011-05-12 18:44 - 00000000 ____D C:\Users\Milos\AppData\Roaming\vlc 2015-09-17 16:25 - 2012-02-17 17:07 - 00000000 ____D C:\ProgramData\Origin 2015-09-17 15:27 - 2015-03-24 18:10 - 00163296 _____ C:\Users\Milos\AppData\Local\GDIPFONTCACHEV1.DAT 2015-09-17 15:27 - 2014-11-13 02:26 - 00000000 ____D C:\Users\Milos\Documents\KONAMI 2015-09-17 15:25 - 2011-06-20 19:36 - 00000000 ____D C:\ProgramData\KONAMI 2015-09-17 15:04 - 2009-07-14 09:46 - 00000000 ____D C:\Windows\CSC 2015-09-17 15:04 - 2009-07-14 06:45 - 05122216 _____ C:\Windows\system32\FNTCACHE.DAT 2015-09-17 13:47 - 2009-07-14 04:34 - 00000514 _____ C:\Windows\win.ini 2015-09-17 12:59 - 2011-09-15 12:03 - 00772352 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-09-17 12:50 - 2015-08-17 13:07 - 00000000 ____D C:\Program Files (x86)\Raptr 2015-09-17 12:30 - 2013-12-30 19:23 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher 2015-09-17 12:30 - 2011-04-15 19:18 - 00000000 ____D C:\Users\Milos 2015-09-17 12:29 - 2015-07-12 19:23 - 00000000 ____D C:\Users\Milos\Documents\Wondershare MediaServer 2015-09-17 12:29 - 2015-06-30 20:24 - 00000000 ____D C:\Users\Milos\Documents\FLiNGTrainer 2015-09-17 12:29 - 2015-04-16 15:50 - 00000000 ____D C:\Users\Milos\AppData\Roaming\MK10 2015-09-17 12:29 - 2015-04-04 13:31 - 00000000 ____D C:\Users\Milos\AppData\Local\CAPCOM 2015-09-17 12:29 - 2015-03-30 17:17 - 00000000 ____D C:\Users\Milos\AppData\Roaming\phpDesigner 2015-09-17 12:29 - 2014-12-23 16:47 - 00000000 ____D C:\Users\Milos\AppData\Local\Eclipse 2015-09-17 12:29 - 2014-11-06 19:20 - 00000000 ____D C:\Users\Milos\AppData\Local\Futuremark 2015-09-17 12:29 - 2014-11-06 19:10 - 00000000 ____D C:\Users\Milos\AppData\Local\Futuremark_Corporation 2015-09-17 12:29 - 2014-10-09 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-09-17 12:29 - 2014-10-08 16:27 - 00000000 ___RD C:\Users\Milos\Google Drive 2015-09-17 12:29 - 2014-07-10 13:41 - 00000000 ____D C:\Users\Milos\AppData\Roaming\FairStars CD Ripper 2015-09-17 12:29 - 2014-05-12 21:24 - 00000000 ____D C:\Users\Milos\.android 2015-09-17 12:29 - 2014-05-12 19:23 - 00000000 ____D C:\Users\Milos\AppData\Roaming\LG Electronics 2015-09-17 12:29 - 2014-03-05 16:37 - 00000000 ____D C:\Users\Milos\AppData\Roaming\EasyDuplicateFinder 2015-09-17 12:29 - 2014-03-03 19:16 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-09-17 12:29 - 2013-10-21 16:56 - 00000000 ____D C:\Users\Milos\Documents\Brace Kovac 2015-09-17 12:29 - 2013-08-16 17:12 - 00000000 ____D C:\Users\Milos\AppData\Roaming\2K Sports 2015-09-17 12:29 - 2013-07-04 22:22 - 00000000 ____D C:\Users\Milos\AppData\Roaming\MKKE 2015-09-17 12:29 - 2013-06-05 19:40 - 00000000 ____D C:\Users\Milos\AppData\Roaming\XnSketch 2015-09-17 12:29 - 2013-03-18 20:30 - 00000000 ____D C:\Windows\AutoKMS 2015-09-17 12:29 - 2013-02-05 23:18 - 00000000 ____D C:\Users\Milos\AppData\Roaming\ActiveX 2015-09-17 12:29 - 2012-11-24 14:38 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Digital_Paper_Products,_I 2015-09-17 12:29 - 2012-11-24 14:37 - 00000000 ____D C:\Users\Milos\AppData\Local\Digital_Paper_Products,_I 2015-09-17 12:29 - 2012-11-20 16:20 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-09-17 12:29 - 2012-10-30 18:35 - 00000000 ____D C:\Users\Milos\AppData\Local\SniperV2 2015-09-17 12:29 - 2012-07-17 00:54 - 00000000 ____D C:\Users\Milos\AppData\Local\liQeNSoft 2015-09-17 12:29 - 2012-06-23 17:23 - 00000000 ____D C:\Users\Milos\AppData\Local\PunkBuster 2015-09-17 12:29 - 2012-06-21 00:15 - 00000000 ____D C:\Users\Milos\AppData\Local\Downloaded Installations 2015-09-17 12:29 - 2012-05-21 18:33 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-09-17 12:29 - 2012-02-25 17:25 - 00000000 ____D C:\Users\Milos\AppData\Roaming\U3 2015-09-17 12:29 - 2012-02-08 00:42 - 00000000 ____D C:\Users\Milos\AppData\Roaming\DarknessII 2015-09-17 12:29 - 2012-01-15 15:58 - 00000000 ____D C:\Users\Milos\AppData\Local\OfficeDrop 2015-09-17 12:29 - 2011-12-27 18:25 - 00000000 ____D C:\Users\Milos\AppData\Roaming\PunkBuster 2015-09-17 12:29 - 2011-12-08 18:12 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps 2015-09-17 12:29 - 2011-10-26 16:01 - 00000000 ____D C:\Users\Milos\AppData\Local\PCSX2 2015-09-17 12:29 - 2011-10-01 13:23 - 00000000 ____D C:\Users\Milos\AppData\Roaming\GetRightToGo 2015-09-17 12:29 - 2011-09-30 17:03 - 00000000 ____D C:\Users\Milos\AppData\Roaming\ArcSoft 2015-09-17 12:29 - 2011-07-25 22:35 - 00000000 ____D C:\Users\Milos\AppData\Roaming\MAGIX 2015-09-17 12:29 - 2011-07-15 23:16 - 00000000 ____D C:\Users\Milos\Documents\Xilisoft Corporation 2015-09-17 12:29 - 2011-06-30 23:01 - 00000000 ____D C:\Users\Milos\AppData\Local\http___www.julien-manici 2015-09-17 12:29 - 2011-06-19 11:05 - 00000000 ____D C:\Users\Milos\AppData\Local\Microsoft Help 2015-09-17 12:29 - 2011-06-06 16:43 - 00000000 ____D C:\Users\Milos\AppData\Local\PDF-TIFF-Tools.com 2015-09-17 12:29 - 2011-05-16 15:57 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Sony 2015-09-17 12:29 - 2011-05-14 17:24 - 00000000 ____D C:\Users\Milos\AppData\Roaming\LimeWire 2015-09-17 12:29 - 2011-05-08 15:16 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Ubisoft 2015-09-17 12:29 - 2011-05-05 22:44 - 00000000 ____D C:\Users\Milos\AppData\Roaming\SystemRequirementsLab 2015-09-17 12:29 - 2011-04-18 10:08 - 00000000 ____D C:\Users\Milos\AppData\Local\Autodesk 2015-09-17 12:29 - 2011-04-17 14:31 - 00000000 ____D C:\Users\Milos\FrostWire 2015-09-17 12:29 - 2011-04-17 14:31 - 00000000 ____D C:\Users\Milos\AppData\Roaming\FrostWire 2015-09-17 12:29 - 2011-04-17 14:07 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webteh 2015-09-17 12:29 - 2011-04-16 17:01 - 00000000 ____D C:\Users\Milos\AppData\Local\Apps\2.0 2015-09-17 12:29 - 2011-04-15 19:18 - 00000000 ___RD C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-09-17 12:29 - 2011-04-15 19:18 - 00000000 ___RD C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-09-17 12:28 - 2015-07-27 17:57 - 00000000 ____D C:\Users\Milos\Documents\Unreal Projects 2015-09-17 12:28 - 2015-07-27 17:22 - 00000000 ____D C:\Users\Milos\AppData\Local\UnrealEngine 2015-09-17 12:28 - 2015-06-30 16:14 - 00000000 ____D C:\Users\Milos\Documents\CPY_SAVES 2015-09-17 12:28 - 2015-06-28 17:40 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Wondershare 2015-09-17 12:28 - 2014-11-06 17:52 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Mozilla 2015-09-17 12:28 - 2014-10-06 18:57 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Steam 2015-09-17 12:28 - 2014-09-03 22:06 - 00000000 ____D C:\Users\Milos\workspace 2015-09-17 12:28 - 2014-04-21 13:44 - 00000000 ____D C:\Users\Milos\Documents\Visual Studio 2010 2015-09-17 12:28 - 2013-10-03 20:29 - 00000000 ____D C:\Users\Milos\AppData\Roaming\AVG 2015-09-17 12:28 - 2013-03-02 15:42 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Doublefine 2015-09-17 12:28 - 2013-02-27 15:58 - 00000000 ____D C:\Users\Milos\Documents\Zoran USB 2015-09-17 12:28 - 2013-02-21 21:50 - 00000000 ____D C:\Users\Milos\AppData\Roaming\qualys 2015-09-17 12:28 - 2012-10-22 16:23 - 00000000 ____D C:\Users\Milos\AppData\Roaming\.minecraft 2015-09-17 12:28 - 2012-07-17 00:54 - 00000000 ____D C:\Users\Milos\AppData\Roaming\liQeNSoft 2015-09-17 12:28 - 2011-12-13 17:57 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Xilisoft 2015-09-17 12:28 - 2011-12-13 17:32 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Thinstall 2015-09-17 12:28 - 2011-07-27 23:23 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Nokia Ovi Suite 2015-09-17 12:28 - 2011-06-20 16:50 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Nokia 2015-09-17 12:28 - 2011-06-15 12:41 - 00000000 ____D C:\Users\Milos\AppData\Local\VirtualStore 2015-09-17 12:28 - 2011-04-18 19:52 - 00000000 ____D C:\Users\Milos\AppData\Roaming\URSoft 2015-09-17 12:28 - 2011-04-18 10:02 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Autodesk 2015-09-17 12:28 - 2011-04-17 14:07 - 00000000 ____D C:\Users\Milos\AppData\Roaming\BSplayer PRO 2015-09-17 12:28 - 2011-04-16 16:30 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Macromedia 2015-09-17 12:28 - 2011-04-16 16:30 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Adobe 2015-09-17 12:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2015-09-17 12:27 - 2015-07-27 17:22 - 00000000 ____D C:\Users\Milos\AppData\Local\CrashReportClient 2015-09-17 12:27 - 2015-07-16 19:50 - 00000000 ____D C:\Users\Milos\AppData\Local\EpicGamesLauncher 2015-09-17 12:27 - 2014-12-23 16:44 - 00000000 ____D C:\Users\Milos\.eclipse 2015-09-17 12:27 - 2014-06-17 16:13 - 00000000 ____D C:\Users\Milos\AppData\Local\ChemTable Software 2015-09-17 12:27 - 2014-06-07 17:07 - 00000000 ____D C:\Users\Milos\AppData\Local\Logitech® Webcam Software 2015-09-17 12:27 - 2014-05-12 19:21 - 00000000 ____D C:\Users\Milos\AppData\Local\LG Electronics 2015-09-17 12:27 - 2014-03-06 15:50 - 00000000 ____D C:\Users\Milos\AppData\Local\Skype 2015-09-17 12:27 - 2012-09-24 14:24 - 00000000 ____D C:\Users\Milos\AppData\Local\Last.fm 2015-09-17 12:27 - 2012-01-05 14:30 - 00000000 ____D C:\Users\Milos\AppData\Local\Oberon Games 2015-09-17 12:27 - 2011-07-03 21:56 - 00000000 ____D C:\Users\Milos\AppData\Local\SKIDROW 2015-09-17 12:27 - 2011-06-20 16:47 - 00000000 ____D C:\Users\Milos\AppData\Local\Nokia 2015-09-17 12:27 - 2011-05-16 15:57 - 00000000 ____D C:\Users\Milos\AppData\Local\Sony 2015-09-17 12:27 - 2011-04-17 18:11 - 00000000 ____D C:\Users\Milos\AppData\Local\Microsoft Games 2015-09-17 12:27 - 2011-04-16 17:01 - 00000000 ____D C:\Users\Milos\AppData\Local\Google 2015-09-17 12:26 - 2011-11-06 14:38 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-17 11:01 - 2011-04-19 12:49 - 00000000 ____D C:\Users\Milos\AppData\Local\Adobe 2015-09-15 11:21 - 2011-06-18 13:53 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{93B7F352-CBA5-463F-8652-77B93D9B5ACA} 2015-09-14 20:51 - 2015-05-19 20:52 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d09264fa8b6792 2015-09-14 20:51 - 2015-05-19 20:52 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d09264f9c1129b 2015-09-09 11:49 - 2013-11-15 14:50 - 00000000 ____D C:\ProgramData\Package Cache 2015-09-09 11:49 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-09-09 11:30 - 2012-02-17 17:07 - 00000000 ____D C:\Users\Milos\AppData\Roaming\Origin 2015-09-02 15:55 - 2013-04-15 13:14 - 00271360 ___SH C:\Users\Milos\Documents\Thumbs.db 2015-09-02 11:17 - 2012-02-25 19:01 - 00000000 ____D C:\Users\Milos\Documents\Milos Marunic - CV 2015-09-02 08:50 - 2012-05-09 12:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-09-02 08:50 - 2012-05-09 12:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-09-01 19:22 - 2012-05-09 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-09-01 17:10 - 2011-04-17 16:27 - 00000000 ____D C:\ProgramData\Skype 2015-08-31 20:12 - 2015-07-16 19:49 - 00001509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2015-08-31 10:19 - 2015-07-13 12:25 - 00000000 ____D C:\Users\Milos\AppData\Roaming\HandBrake 2015-08-28 20:04 - 2011-05-05 22:50 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab 2015-08-26 22:46 - 2013-10-21 15:53 - 00000000 ____D C:\ProgramData\Oracle 2015-08-26 22:45 - 2014-08-18 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-26 22:45 - 2013-02-07 18:06 - 00000000 ____D C:\Program Files\Java 2015-08-26 22:45 - 2011-04-17 13:07 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-26 22:44 - 2014-09-03 22:06 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll ==================== Files in the root of some directories ======= 2013-02-17 05:27 - 2013-02-17 05:27 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll 2012-11-28 21:11 - 2013-05-26 14:39 - 0000545 _____ () C:\Users\Milos\AppData\Roaming\All CPU MeterV3_Settings.ini 2012-11-28 21:08 - 2014-09-19 17:56 - 0000282 _____ () C:\Users\Milos\AppData\Roaming\GPU MeterV2_Settings.ini 2012-11-28 21:12 - 2012-11-28 21:12 - 0000384 _____ () C:\Users\Milos\AppData\Roaming\Network Meter_Settings.ini 2012-05-15 12:47 - 2012-05-15 18:46 - 0007859 _____ () C:\Users\Milos\AppData\Roaming\pcouffin.cat 2012-05-15 12:47 - 2012-05-15 18:46 - 0001167 _____ () C:\Users\Milos\AppData\Roaming\pcouffin.inf 2012-05-15 12:48 - 2012-05-15 18:46 - 0000033 _____ () C:\Users\Milos\AppData\Roaming\pcouffin.log 2012-05-15 12:47 - 2012-05-15 18:46 - 0082816 _____ (VSO Software) C:\Users\Milos\AppData\Roaming\pcouffin.sys 2015-03-30 17:19 - 2015-03-30 18:11 - 0028082 _____ () C:\Users\Milos\AppData\Roaming\phpdesigner.xml 2015-07-10 13:22 - 2015-07-10 13:22 - 0000000 _____ () C:\Users\Milos\AppData\Local\{232D338A-58FD-4206-9F27-95F56B724A3C} 2015-07-10 13:22 - 2015-07-10 13:22 - 0000000 _____ () C:\Users\Milos\AppData\Local\{4EFFC8CC-52D9-4563-8A1E-198E4A08245D} 2015-07-10 13:22 - 2015-07-10 13:22 - 0000000 _____ () C:\Users\Milos\AppData\Local\{D3CBD2AE-5751-443A-B220-D379E6C824D8} 2011-06-18 19:45 - 2011-06-18 19:45 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2011-09-06 17:18 - 2012-01-15 16:39 - 0000702 _____ () C:\ProgramData\hpzinstall.log ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-09-11 00:59 ==================== End of FRST.txt ============================

Profil

magna86 Poslao: 18 Sep 2015 14:58 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Iz normal moda otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: `Start CreateRestorePoint: Unlock: C:\Windows\System32\Drivers\a6f84nok.sys CloseProcesses: U3 a6f84nok; C:\Windows\System32\Drivers\a6f84nok.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder) Hosts: C:\Windows\System32\Drivers\a6f84nok.sys EmptyTemp: End` 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64 (iz Normal Moda), klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

ajzaklija Poslao: 18 Sep 2015 17:30 Idi na vrh
offline ajzaklija Građanin Pridružio: 14 Dec 2009 Poruke: 154	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 18 Sep 2015 16:37 mycity.rs/must-login.png Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015 Ran by Milos (2015-09-18 15:21:24) Run:1 Running from C:\Users\Milos\Desktop Loaded Profiles: Milos (Available Profiles: Milos) Boot Mode: Normal ============================================== fixlist content: *************** Start CreateRestorePoint: Unlock: C:\Windows\System32\Drivers\a6f84nok.sys CloseProcesses: U3 a6f84nok; C:\Windows\System32\Drivers\a6f84nok.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder) Hosts: C:\ProgramData\ezsidmv.dat C:\Windows\System32\Drivers\a6f84nok.sys EmptyTemp: End *************** Restore point was successfully created. "C:\Windows\System32\Drivers\a6f84nok.sys" => not found. Processes closed successfully. a6f84nok => service not found. C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. C:\ProgramData\ezsidmv.dat => moved successfully "C:\Windows\System32\Drivers\a6f84nok.sys" => File/Folder not found. EmptyTemp: => 242.3 MB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 15:21:59 ==== Dopuna: 18 Sep 2015 17:30 Inace i ovo mi sad stoji stalno, a sto se tice "hroma" svaki put moram da se ulogujem i uvek mi pise "Oops, Sync has stopped working. "

Profil

magna86 Poslao: 18 Sep 2015 17:44 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sto se tice browsera, potrebno je Internet Explorer 10 i Google Chrome da postavis nazad na podrazumevana podesavanja (defaults). Evo uputstva; IE10: http://windows.microsoft.com/en-us/internet-explorer/reset-ie-settings#ie=ie-10 Chrome: https://support.google.com/chrome/answer/3296214?hl=en Sto se tice ActionCentar, podesavanje uzbuna mozes da manipulises preko Control Panel > AllControl Panel Items > Security and Maintenance pa sa leve strane lociraj Change Security and Maintenance settings. Osim AC-a, kada odradis reset internet pregledaca, reci mi kakvo je sada stanje racunara. I za AMF evidenciju, mozes li sada da postavis MalwareBytes izvestaj?

Profil

ajzaklija Poslao: 18 Sep 2015 18:19 Idi na vrh
offline ajzaklija Građanin Pridružio: 14 Dec 2009 Poruke: 154	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ne vredi, isto je (za hrom), ali i za vecinu ostalih programa sa racunara. Kad pokrenem neke koje sam stalno koristio uvek bude not responding, a neke su mi i nestale (aplikacije od graficke karte npr.) AC ne reaguje na klik kad mu stavim da mi ne izbacuje poruke vezane za antivirus i ostalo. Sad cu da krenem da reinstaliram jedno po jedno, ako ne i ceo win, jer je ocigledno obrisano pola stvari pri pokretanju malwerbyte prvi put. On inace radi sad, ali nisam sacuvao log jer je sve bilo ok sa 0 zarazenih fajlova.

Profil

magna86 Poslao: 18 Sep 2015 18:47 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da, pa pazi, sto se tice Chrome poruke "Oops, Sync has stopped working" to ne mozes povezivati sa infekcijom. Ukloni Chrome extenziju -BB Search a potom obrisi ovaj folder pa restartuj Windows i vidi kako se sada ponasa Chrome; C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfeeplagpidgdgceaicggccompdgcon Isto tako, prelistaj i ostale extenzije u Chrome koje ne koristis; Ne prouzrokuje bas svaku gresku ili upozorenje malware. Na primer, da bi razumeo pogledaj samo na sta tebi lici browser Chrome; + Chrome unosi Ako malo bolje obratis na log, videces da imas brdo pluginova koji se startuju sa Windowsom (sa Chrome browserom) pa zatim imas gomilu raznoraznih extenzija koje sigurno pola od toga i ne koristis. I tako dalje. Znaci za tu Chrome gresku moras sam da vidis koji app ti pravi problem. Zato sam ti i dao instrukcije da resetujes browser u nadi da ce stvar biti resena. Po poruci rekao bih da Chrome ne moze da sinhronizuje data sa Google nalogom, sto nije malware related pitanje. Sto se tice 'not responding' stetu je mogao da uradi i Windows Repair (by Tweaking.com). Taj alat je veoma mocan ali takodje zbog prirode svog da kazem posla moze izazvati probleme. I to ozbiljne. U uputstvu za taj alat na MyCity forumu se navodi i upozorenje za samostalno koriscene tog programa. Sto se tice graficke, proveri Device Manager ili prosto preuzmi sveze drajvere i softver pa azuriraj grafiku. AC moze a ne mora da reaguje na AV program. Bitno je da sam AV program (ESET) operativan. I ne znam ima li nesto da sam zaboravio. Imao si infekciju i ja sam je uklonio, nje vise nema. Odradjena je i sanacija same infekcije. To bi bilo to sto se mene tice. Ako imas dodatnih dilema, otvori temu u Windows forumu. Tebi ostaje da odradis jos ovo; • Sledeća procedura će implementirati završno čišćenje. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) - Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix - DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem prouzrokovan (zabranjeno)-om

Ko je trenutno na forumu

Ukupno su 990 korisnika na forumu :: 37 registrovanih, 4 sakrivenih i 949 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Rade, A.R.Chafee.Jr., Avalon015, avijacija, Belac91, dijica, Dogma21, FOX, Frunze, Georgius, goxin, Haris, Jeremiah, koom0001, Krusarac, Kubovac, kybonacci, mercedesamg, Motocar, Niko Bitan, NMNJ, Parker, pein, Penzula, proka89, RJ, rovac, Sir Budimir, Stanlio, Steeeefan, suton, wizzardone, x9, yrraf, YugoSlav, zbazin, zillbg

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by