google chrom new tab

K

kapital

New Member
When I try to open new tab in Google chrome, I get the page in the attachment. Is this okay? Do I have any other browser than I do not know? Can I change this, or I have to uninstall something?

Thanx for answer.
 

Attachments

  • Brez naslova.jpg
    Brez naslova.jpg
    8.8 KB · Views: 51
G

GaryCantley

New Member
I would guess that you have to uninstall the virus/malware you have collected first.

Have you run MalwareBytes?

Run that and post the results, JohnB will be along later with more detailed instructions.
 
spirit

spirit

Moderator
Staff member
Yeah you are definitely infected with some sort of adware or malware. Download and install Malwarebytes and run a full scan as a starting point.
 
K

kapital

New Member
I did run MalwareBytes and delete the files that he found, and when I now try to open new tab in google chrome, it says the program has blocked it, so I it does not open the page that it did before, but it does not open any other. And when I try to open new tab and MalwareBytes is disabled the same page from my first post opens.
 
johnb35

johnb35

Administrator
Staff member
Here do the following.

1.

Please download AdwCleaner by Xplode onto your Desktop.



•Please close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Scan.
•After the scan you will need to click on clean for it to delete the adware.
•Your computer will be rebooted automatically. A text file will open after the restart.
•Please post the content of that logfile in your reply.
•You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

2.

Please download Junkware Removal Tool to your desktop.

•Shutdown your antivirus to avoid any conflicts.
•Very important that you run the tool in this manner:
Right-mouse click JRT.exe and select Run as administrator
Do NOT just double-click it.
•The tool will open and start scanning your system.
•Please be patient as this can take a while to complete.
•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
•Post the contents of JRT.txt in your next message.


3.

Download OTL to your Desktop


•Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
•Click on Minimal Output at the top
•Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
◦When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Just post the OTL.txt file in your reply.

So in your original thread asking for help, please give us a short description of what the problem is and then post the logs from the following 4 programs.

1. Adwcleaner
2. Junkware removal tool
3. OTL

Can you also post the malwarebytes log that you had.
 
K

kapital

New Member
The problem is like I said that I have an additional browser that is not wanted and it did not go away even after this procedures.
 
K

kapital

New Member
Here are files(I do not found the one from malwarebyte)
 

Attachments

  • JRT.txt
    1,015 bytes · Views: 42
  • AdwCleaner[S1].txt
    1.1 KB · Views: 20
johnb35

johnb35

Administrator
Staff member
That little windows is not a browser, its an advertisement. Run and post the otl log please.
 
K

kapital

New Member
If it is advertisement is it good to have that kind of advertisement on computer?
I think it is not to good. Like I said, when I have MalwareBytes, it did not allow to go on that web? For that file it say its to big(for 19.5 KB) to upload it here.
 
K

kapital

New Member
OTL logfile created on: 27.1.2014 2:31:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gorazd\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000424 | Country: Slovinsko | Language: SLV | Date Format: d.M.yyyy

7,95 Gb Total Physical Memory | 6,60 Gb Available Physical Memory | 83,02% Memory free
9,13 Gb Paging File | 5,05 Gb Available in Paging File | 55,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,45 Gb Total Space | 67,03 Gb Free Space | 60,15% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 929,91 Gb Free Space | 99,83% Space Free | Partition Type: NTFS
Drive F: | 2,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: DNEVNA | User Name: Gorazd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Gorazd\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\IObit\Start Menu 8\NTFSScan.dll ()
MOD - C:\Program Files (x86)\IObit\Start Menu 8\pri.dll ()
MOD - C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl ()
MOD - C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl ()
MOD - C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl ()
MOD - C:\PROGRA~2\MICROS~1\Office15\1033\GrooveIntlResource.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (4b46e14a) -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (StartMenuService) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\Drivers\eamonm.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\Drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\Drivers\epfwwfpr.sys (ESET)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.winapphub.si [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.winapphub.si [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.gooogle.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.01.25 10:48:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014.01.19 11:47:09 | 000,000,000 | ---D | M]

[2014.01.18 11:53:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gorazd\AppData\Roaming\mozilla\Extensions
[2014.01.18 16:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gorazd\AppData\Roaming\mozilla\Firefox\Profiles\mu9805ij.default\extensions
[2014.01.18 11:52:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.01.18 11:52:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.11.15 03:32:00 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:eek:mniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: SNT = C:\Users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\
CHR - Extension: Google Denarnica = C:\Users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\

O1 HOSTS File: ([2012.07.26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Users\Gorazd\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.255.209.79 84.255.210.79
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5EB5C307-DE14-422D-BAA9-8C51934F6A26}: DhcpNameServer = 84.255.209.79 84.255.210.79
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SS-SUP~1\ASSIST~2.DLL) - C:\PROGRA~2\SS-SUP~1\ASSIST~2.DLL ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.11.07 11:23:00 | 000,000,129 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{282d1af8-85bf-11e3-be81-d43d7ef29821}\Shell - "" = AutoRun
O33 - MountPoints2\{282d1af8-85bf-11e3-be81-d43d7ef29821}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2013.11.07 11:23:00 | 000,353,688 | R--- | M] (ChessBase GmbH)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.01.27 02:20:30 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014.01.27 00:32:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView
[2014.01.27 00:32:02 | 000,000,000 | ---D | C] -- C:\Program Files\WinDjView
[2014.01.26 22:38:57 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\Documents\ChessBase
[2014.01.26 22:38:57 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\ChessBase
[2014.01.26 22:38:57 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\ChessBase
[2014.01.26 22:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ChessBase
[2014.01.26 22:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ChessBase
[2014.01.26 22:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChessBase
[2014.01.26 22:30:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ChessBase
[2014.01.26 22:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ChessBase
[2014.01.26 22:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\ChessBase
[2014.01.26 21:43:03 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\Malwarebytes
[2014.01.26 21:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.01.26 00:11:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014.01.26 00:11:45 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014.01.26 00:11:44 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\DAEMON Tools Lite
[2014.01.26 00:11:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2014.01.26 00:11:13 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014.01.25 01:58:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2014.01.25 01:50:40 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\Microsoft Toolkit
[2014.01.25 01:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014.01.25 01:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014.01.21 18:11:04 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014.01.21 18:11:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetGames
[2014.01.21 18:11:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chess.net for Windows
[2014.01.21 18:10:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014.01.21 15:09:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014.01.21 15:09:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014.01.21 15:09:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.01.21 15:09:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.01.21 15:09:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014.01.20 00:29:18 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\PDF Writer
[2014.01.20 00:18:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
[2014.01.20 00:18:24 | 000,103,424 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzDCT.dll
[2014.01.20 00:18:23 | 000,227,840 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzFlRdr.dll
[2014.01.20 00:18:23 | 000,147,456 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzpdfc.dll
[2014.01.20 00:18:23 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\PDF Writer
[2014.01.20 00:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\PDF Writer
[2014.01.20 00:17:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bullzip
[2014.01.20 00:17:22 | 000,000,000 | ---D | C] -- C:\Program Files\Bullzip
[2014.01.19 23:11:40 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\Adobe_Systems_Incorporate
[2014.01.19 23:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2014.01.19 23:08:00 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\Documents\My Digital Editions
[2014.01.19 17:34:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014.01.19 17:34:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014.01.19 17:30:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014.01.19 12:37:16 | 000,000,000 | R--D | C] -- C:\Windows\BrowserChoice
[2014.01.19 11:54:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014.01.19 11:49:53 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\ESET
[2014.01.19 11:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2014.01.19 11:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014.01.19 11:47:09 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014.01.19 11:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014.01.18 23:03:07 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\Documents\Custom Office Templates
[2014.01.18 16:27:48 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.01.18 16:17:17 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014.01.18 16:01:56 | 000,000,000 | ---D | C] -- C:\ProgramData\House Of Soft
[2014.01.18 16:01:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ss-Supporter
[2014.01.18 16:01:20 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\Comodo
[2014.01.18 16:01:20 | 000,000,000 | ---D | C] -- C:\ProgramData\27f12daf895ba0f2
[2014.01.18 16:01:14 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\Programs
[2014.01.18 16:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2014.01.18 15:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014.01.18 15:59:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2014.01.18 15:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2014.01.18 15:55:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2014.01.18 15:55:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2014.01.18 15:55:54 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\Microsoft Help
[2014.01.18 15:55:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014.01.18 15:55:45 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014.01.18 13:49:19 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\Macromedia
[2014.01.18 13:49:19 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\Macromedia
[2014.01.18 13:47:25 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\Adobe
[2014.01.18 13:13:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2014.01.18 12:54:15 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\uTorrent
[2014.01.18 12:50:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\sk-SK
[2014.01.18 12:50:25 | 000,000,000 | ---D | C] -- C:\Windows\sk-SK
[2014.01.18 12:50:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sk
[2014.01.18 12:50:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sk-SK
[2014.01.18 12:33:57 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2014.01.18 12:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
[2014.01.18 12:33:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2014.01.18 12:29:25 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\WinRAR
[2014.01.18 12:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.01.18 12:29:24 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.01.18 12:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014.01.18 12:27:54 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\NVIDIA
[2014.01.18 12:21:24 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\OpenOffice.org
[2014.01.18 12:21:08 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2014.01.18 12:20:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2014.01.18 12:09:41 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\NVIDIA
[2014.01.18 12:09:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ClintwoodGames
[2014.01.18 12:08:42 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Up
[2014.01.18 12:08:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jewel Up
[2014.01.18 12:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jewel Up
[2014.01.18 11:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014.01.18 11:54:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014.01.18 11:54:24 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\Google
[2014.01.18 11:52:46 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\Mozilla
[2014.01.18 11:52:46 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\Mozilla
[2014.01.18 11:52:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014.01.18 11:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014.01.18 11:52:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.01.18 10:37:10 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014.01.18 10:37:10 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\Searches
[2014.01.18 10:37:10 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\Contacts
[2014.01.18 10:37:10 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014.01.18 10:37:09 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\Adobe
[2014.01.18 10:36:58 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\VirtualStore
[2014.01.18 10:36:57 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\Packages
[2014.01.18 10:36:56 | 000,000,000 | --SD | C] -- C:\Users\Gorazd\AppData\Roaming\Microsoft
[2014.01.18 10:36:56 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\Videos
[2014.01.18 10:36:56 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014.01.18 10:36:56 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\Saved Games
[2014.01.18 10:36:56 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\Pictures
[2014.01.18 10:36:56 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\Music
[2014.01.18 10:36:56 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\Links
[2014.01.18 10:36:56 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\Favorites
[2014.01.18 10:36:56 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\Downloads
[2014.01.18 10:36:56 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\Documents
[2014.01.18 10:36:56 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\Desktop
[2014.01.18 10:36:56 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014.01.18 10:36:56 | 000,000,000 | R--D | C] -- C:\Users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014.01.18 10:36:56 | 000,000,000 | -H-D | C] -- C:\Users\Gorazd\AppData
[2014.01.18 10:36:56 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\Temp
[2014.01.18 10:36:56 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Local\Microsoft
[2014.01.18 10:36:56 | 000,000,000 | ---D | C] -- C:\Users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

========== Files - Modified Within 30 Days ==========

[2014.01.27 02:29:47 | 000,168,111 | ---- | M] () -- C:\MyXML.xml
[2014.01.27 02:23:09 | 000,891,824 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.27 02:23:09 | 000,710,046 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.27 02:23:09 | 000,132,416 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.27 02:23:09 | 000,047,512 | ---- | M] () -- C:\Windows\SysNative\perfh024.dat
[2014.01.27 02:23:09 | 000,011,800 | ---- | M] () -- C:\Windows\SysNative\perfc024.dat
[2014.01.27 02:17:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.27 02:16:02 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.27 02:15:57 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.01.27 02:15:55 | 2530,062,335 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.27 02:07:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.27 02:04:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.26 22:35:15 | 000,002,107 | ---- | M] () -- C:\Users\Public\Desktop\Deep Fritz 14 32Bit.lnk
[2014.01.26 22:31:02 | 000,002,065 | ---- | M] () -- C:\Users\Public\Desktop\Deep Fritz 14 64Bit.lnk
[2014.01.26 11:55:18 | 000,467,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.01.26 00:11:45 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014.01.23 10:56:34 | 000,173,658 | ---- | M] () -- C:\Users\Gorazd\Documents\unnamed.jpg
[2014.01.21 22:57:12 | 000,082,108 | ---- | M] () -- C:\Users\Gorazd\Documents\image2_w.jpg
[2014.01.18 15:18:40 | 000,493,939 | ---- | M] () -- C:\Users\Gorazd\Desktop\document.pdf
[2014.01.18 12:21:40 | 000,001,239 | ---- | M] () -- C:\Users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2014.01.18 12:21:08 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2014.01.18 12:08:42 | 000,001,004 | ---- | M] () -- C:\Users\Gorazd\Desktop\Jewel Up.lnk
[2014.01.09 09:37:42 | 000,147,456 | ---- | M] (Bullzip) -- C:\Windows\SysWow64\bzpdfc.dll

========== Files Created - No Company Name ==========

[2014.01.26 22:35:15 | 000,002,107 | ---- | C] () -- C:\Users\Public\Desktop\Deep Fritz 14 32Bit.lnk
[2014.01.26 22:31:02 | 000,002,065 | ---- | C] () -- C:\Users\Public\Desktop\Deep Fritz 14 64Bit.lnk
[2014.01.20 13:43:57 | 000,467,328 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.01.20 00:17:23 | 001,103,872 | ---- | C] () -- C:\Windows\SysWow64\CBLCtlsU.ocx
[2014.01.20 00:17:23 | 001,061,888 | ---- | C] () -- C:\Windows\SysWow64\ExLvwU.ocx
[2014.01.20 00:17:23 | 000,805,376 | ---- | C] () -- C:\Windows\SysWow64\EditCtlsU.ocx
[2014.01.20 00:17:23 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\BtnCtlsU.ocx
[2014.01.20 00:17:23 | 000,539,648 | ---- | C] () -- C:\Windows\SysWow64\LblCtlsU.ocx
[2014.01.20 00:17:23 | 000,476,160 | ---- | C] () -- C:\Windows\SysWow64\TabStripCtlU.ocx
[2014.01.19 23:08:08 | 000,002,190 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 2.0.lnk
[2014.01.19 17:34:39 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014.01.19 12:53:42 | 000,385,528 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014.01.18 16:13:23 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014.01.18 16:13:21 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2014.01.18 15:18:40 | 000,493,939 | ---- | C] () -- C:\Users\Gorazd\Desktop\document.pdf
[2014.01.18 13:47:56 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.18 13:13:22 | 000,012,800 | ---- | C] () -- C:\Windows\SysWow64\CNC1746D.TBL
[2014.01.18 12:33:46 | 000,168,111 | ---- | C] () -- C:\MyXML.xml
[2014.01.18 12:21:40 | 000,001,239 | ---- | C] () -- C:\Users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2014.01.18 12:21:08 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2014.01.18 12:08:42 | 000,001,004 | ---- | C] () -- C:\Users\Gorazd\Desktop\Jewel Up.lnk
[2014.01.18 11:54:29 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.18 11:54:29 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.18 11:52:39 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014.01.18 10:37:09 | 000,001,430 | ---- | C] () -- C:\Users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014.01.18 10:36:56 | 000,002,110 | ---- | C] () -- C:\Users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
[2012.07.26 09:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 09:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 08:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 02:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 21:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 21:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.07.25 21:22:56 | 000,267,284 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.07.25 21:22:54 | 000,963,376 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.06.02 15:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.08.02 07:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.08.02 06:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.01.26 22:45:19 | 000,000,000 | ---D | M] -- C:\Users\Gorazd\AppData\Roaming\ChessBase
[2014.01.26 22:21:01 | 000,000,000 | ---D | M] -- C:\Users\Gorazd\AppData\Roaming\DAEMON Tools Lite
[2014.01.18 12:21:24 | 000,000,000 | ---D | M] -- C:\Users\Gorazd\AppData\Roaming\OpenOffice.org
[2014.01.20 00:18:23 | 000,000,000 | ---D | M] -- C:\Users\Gorazd\AppData\Roaming\PDF Writer
[2014.01.27 02:19:16 | 000,000,000 | ---D | M] -- C:\Users\Gorazd\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >
 
johnb35

johnb35

Administrator
Staff member
Looks like you may have a chrome extension installed that could be causing this. Download adblock plus and see if they stop.

https://adblockplus.org/en/chrome

Please open OTL and copy and paste the following into the custom scan/fixes box at the bottom.

Code: 
:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O30 - LSA: Security Packages - (livessp) - File not found

Then click on run fix button up top.
 
johnb35

johnb35

Administrator
Staff member
Ok. Do this then.

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
  • Download this file here :

    Combofix

  • When the page loads click on the blue combofix download link next to the BleepingComputer Mirror.
  • Save the file to your windows desktop. The combofix icon will look like this when it has downloaded to your desktop.

    cf-icon.jpg
  • We are almost ready to start ComboFix, but before we do so, we need to take some preventative measures so that there are no conflicts with other programs when running ComboFix. At this point you should do the following:

  • Close all open Windows including this one.
  • Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix. Instructions on disabling these type of programs can be found here.
    Once these two steps have been completed, double-click on the ComboFix icon found on your desktop. Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all. The scan could take a while, so please be patient.
  • Please click on I agree on the disclaimer window.
  • ComboFix will now install itself on to your computer. When it is done, a blue screen will appear as shown below.

    cf-preparing.jpg

  • ComboFix is now preparing to run. When it has finished ComboFix will automatically attempt to create a System Restore point so that if any problems occur while using the program you can restore back to your previous configuration. When ComboFix has finished creating the restore point, it will then backup your Windows Registry as shown in the image below.

    erunt.jpg

  • Once the Windows Registry has finished being backed up, ComboFix will attempt to detect if you have the Windows Recovery Console installed. If you already have it installed, you can skip to this section and continue reading. Otherwise you will see the following message as shown below:

    recovery-console-prompt.jpg

  • At the above message box, please click on the Yes button in order for ComboFix to continue. Please follow the steps and instructions given by ComboFix in order to finish the installation of the Recovery Console.
  • Please click on yes in the next window to continue scanning for malware.
  • ComboFix will now disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
  • ComboFix will now start scanning your computer for known infections. This procedure can take some time, so please be patient.
  • While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings. You will also see the text in the ComboFix window being updated as it goes through the various stages of its scan. An example of this can be seen below.

    still-scanning-clockchanges.jpg

  • When ComboFix has finished running, you will see a screen stating that it is preparing the log report.
  • This can take a while, so please be patient. If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
  • When ComboFix has finished, it will automatically close the program and change your clock back to its original format. It will then display the log file automatically for you.
  • Now you just click on the edit menu and click on select all, then click on the edit menu again and click on copy. Then come to the forum in your reply and right click on your mouse and click on paste.

If for some reason, if you try to run a program or open a file and you get an error message saying "illegal operation attempted on a registry key that has been marked for deletion", please just reboot your pc and you'll be fine.


In your next reply please post:
  • The ComboFix log
  • An update on how your computer is running
 
K

kapital

New Member
ComboFix 14-01-27.02 - Gorazd 28.01.2014 16:07:39.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.386.1060.18.8136.6603 [GMT 1:00]
Running from: c:\users\Gorazd\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\kbd2GX3J.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\dy_VN0e1dCn.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\icon48.png
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\hFDPIz2i7.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\newtab.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\zGcgtr3.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\oWBrlW.js
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\background.html
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\content.js
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\lsdb.js
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\manifest.json
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\newtab.html
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\zGcgtr3.js
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkejjmekbklppmbibgdobeeillfdlepp
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkejjmekbklppmbibgdobeeillfdlepp\000071.log
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkejjmekbklppmbibgdobeeillfdlepp\000072.ldb
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkejjmekbklppmbibgdobeeillfdlepp\CURRENT
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkejjmekbklppmbibgdobeeillfdlepp\LOCK
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkejjmekbklppmbibgdobeeillfdlepp\LOG
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkejjmekbklppmbibgdobeeillfdlepp\LOG.old
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkejjmekbklppmbibgdobeeillfdlepp\MANIFEST-000069
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mkejjmekbklppmbibgdobeeillfdlepp_0.localstorage-journal
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mkejjmekbklppmbibgdobeeillfdlepp_0.localstorage
c:\users\Gorazd\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Gorazd\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\kbd2GX3J.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\dy_VN0e1dCn.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\icon48.png
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\hFDPIz2i7.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\newtab.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\zGcgtr3.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\oWBrlW.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\kbd2GX3J.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\dy_VN0e1dCn.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\icon48.png
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\hFDPIz2i7.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\newtab.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\zGcgtr3.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\oWBrlW.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\kbd2GX3J.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidbpadkhefkklicccbhiimmkefkinae\2.7\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\dy_VN0e1dCn.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\icon48.png
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\locjapgijjpknenomfnbfpiknkgccala\1.1\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\hFDPIz2i7.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\medbkmkajchopehcnflhaddhhaklbmfc\1.0\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\newtab.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkejjmekbklppmbibgdobeeillfdlepp\2.1\zGcgtr3.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\197\oWBrlW.js
E:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-12-28 to 2014-01-28 )))))))))))))))))))))))))))))))
.
.
2014-01-27 19:49 . 2014-01-27 19:49 -------- d-----w- C:\_OTL
2014-01-27 17:16 . 2014-01-27 22:20 -------- d-----w- c:\program files (x86)\Test Generator
2014-01-27 01:20 . 2014-01-27 01:20 -------- d-----w- c:\windows\ERUNT
2014-01-26 23:32 . 2014-01-26 23:32 -------- d-----w- c:\program files\WinDjView
2014-01-26 21:34 . 2014-01-26 21:35 -------- d-----w- c:\program files (x86)\Common Files\ChessBase
2014-01-26 21:34 . 2014-01-26 21:35 -------- d-----w- c:\program files (x86)\ChessBase
2014-01-26 21:30 . 2014-01-28 14:35 -------- d-----w- c:\program files\ChessBase
2014-01-26 21:30 . 2014-01-26 21:40 -------- d-----w- c:\programdata\ChessBase
2014-01-26 21:30 . 2014-01-26 21:31 -------- d-----w- c:\program files\Common Files\ChessBase
2014-01-26 20:42 . 2014-01-26 20:42 -------- d-----w- c:\programdata\Malwarebytes
2014-01-25 23:18 . 2009-03-09 14:27 520544 ----a-w- c:\windows\system32\d3dx10_41.dll
2014-01-25 23:18 . 2009-03-09 14:27 2430312 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2014-01-25 23:18 . 2009-03-09 14:27 5425496 ----a-w- c:\windows\system32\D3DX9_41.dll
2014-01-25 23:18 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2014-01-25 23:18 . 2005-07-22 18:59 3807440 ----a-w- c:\windows\system32\d3dx9_27.dll
2014-01-25 23:11 . 2014-01-25 23:11 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-01-25 23:11 . 2014-01-25 23:11 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-01-25 23:11 . 2014-01-26 21:21 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-01-25 00:58 . 2014-01-25 00:58 -------- d-----w- c:\program files (x86)\MSECache
2014-01-25 00:44 . 2014-01-25 00:47 -------- d-----w- c:\program files\Microsoft Office
2014-01-24 19:23 . 2014-01-24 19:23 246960 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10231.bin
2014-01-21 17:11 . 2014-01-21 17:11 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2014-01-21 17:11 . 2014-01-21 17:11 -------- d-----w- c:\program files (x86)\NetGames
2014-01-21 17:10 . 2014-01-21 17:10 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2014-01-21 14:09 . 2014-01-21 14:09 -------- d-----w- c:\programdata\Oracle
2014-01-21 14:09 . 2014-01-21 14:09 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-01-21 14:09 . 2014-01-21 14:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-21 14:09 . 2014-01-21 14:09 -------- d-----w- c:\program files (x86)\Java
2014-01-19 23:18 . 2008-07-09 08:37 103424 ----a-w- c:\windows\SysWow64\bzDCT.dll
2014-01-19 23:18 . 2014-01-19 23:18 -------- d-----w- c:\programdata\PDF Writer
2014-01-19 23:18 . 2014-01-09 08:37 147456 ----a-w- c:\windows\SysWow64\bzpdfc.dll
2014-01-19 23:18 . 2008-10-30 08:37 227840 ----a-w- c:\windows\SysWow64\bzFlRdr.dll
2014-01-19 23:17 . 2014-01-19 23:18 -------- d-----w- c:\program files\Common Files\Bullzip
2014-01-19 23:17 . 2013-09-01 10:59 1103872 ----a-w- c:\windows\SysWow64\CBLCtlsU.ocx
2014-01-19 23:17 . 2013-07-13 10:15 805376 ----a-w- c:\windows\SysWow64\EditCtlsU.ocx
2014-01-19 23:17 . 2013-07-12 20:57 539648 ----a-w- c:\windows\SysWow64\LblCtlsU.ocx
2014-01-19 23:17 . 2013-04-05 11:55 476160 ----a-w- c:\windows\SysWow64\TabStripCtlU.ocx
2014-01-19 23:17 . 2013-03-28 21:13 645632 ----a-w- c:\windows\SysWow64\BtnCtlsU.ocx
2014-01-19 23:17 . 2013-03-03 12:37 1061888 ----a-w- c:\windows\SysWow64\ExLvwU.ocx
2014-01-19 23:17 . 2014-01-19 23:17 -------- d-----w- c:\program files\Bullzip
2014-01-19 16:34 . 2014-01-19 16:34 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-01-19 11:55 . 2013-08-10 05:21 448512 ----a-w- c:\windows\system32\SettingSync.dll
2014-01-19 11:54 . 2012-09-20 06:32 112128 ----a-w- c:\windows\system32\PackageStateRoaming.dll
2014-01-19 11:53 . 2013-09-13 22:33 328192 ----a-w- c:\windows\system32\ubpm.dll
2014-01-19 11:50 . 2013-10-31 05:56 915968 ----a-w- c:\windows\system32\MPSSVC.dll
2014-01-19 11:37 . 2014-01-19 11:39 -------- d-----r- c:\windows\BrowserChoice
2014-01-19 10:54 . 2014-01-19 10:54 -------- d-----w- c:\program files\Microsoft.NET
2014-01-19 10:50 . 2013-11-19 10:21 267936 ------w- c:\windows\system32\MpSigStub.exe
2014-01-19 10:47 . 2014-01-19 10:47 -------- d-----w- c:\program files\ESET
2014-01-19 10:27 . 2014-01-19 10:27 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-01-19 10:26 . 2014-01-19 10:26 -------- d-----w- c:\windows\system32\MRT
2014-01-19 10:19 . 2012-06-23 23:24 9013136 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{67E9302C-F0BE-4600-BC2B-A1CFCF3F7EC9}\mpengine.dll
2014-01-19 10:13 . 2014-01-19 10:13 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-01-19 10:13 . 2014-01-19 10:13 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-01-18 15:27 . 2014-01-27 01:15 -------- d-----w- C:\AdwCleaner
2014-01-18 15:16 . 2013-03-02 08:23 1338880 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-01-18 15:16 . 2013-03-02 08:23 100864 ----a-w- c:\windows\SysWow64\SettingSyncInfo.dll
2014-01-18 15:16 . 2013-03-02 08:22 357888 ----a-w- c:\windows\SysWow64\netcfgx.dll
2014-01-18 15:16 . 2013-03-02 08:22 5091840 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-01-18 15:16 . 2013-03-02 08:21 550912 ----a-w- c:\windows\SysWow64\drvstore.dll
2014-01-18 15:16 . 2013-03-02 08:21 145408 ----a-w- c:\windows\SysWow64\powercfg.cpl
2014-01-18 15:16 . 2013-03-02 08:24 4298240 ----a-w- c:\program files (x86)\Windows NT\Accessories\wordpad.exe
2014-01-18 15:16 . 2013-03-02 08:23 195072 ----a-w- c:\program files (x86)\Windows NT\Accessories\WordpadFilter.dll
2014-01-18 15:16 . 2013-03-02 08:23 893952 ----a-w- c:\windows\SysWow64\winmde.dll
2014-01-18 15:16 . 2013-03-02 08:23 601088 ----a-w- c:\windows\SysWow64\Windows.Globalization.dll
2014-01-18 15:16 . 2013-03-02 08:23 504320 ----a-w- c:\windows\SysWow64\Windows.Security.Authentication.OnlineId.dll
2014-01-18 15:16 . 2013-03-02 08:21 36352 ----a-w- c:\windows\SysWow64\DevDispItemProvider.dll
2014-01-18 15:13 . 2013-07-01 22:08 438944 ----a-w- c:\program files\Windows Defender\MsMpRes.dll
2014-01-18 15:10 . 2013-10-01 23:37 1569280 ----a-w- c:\windows\SysWow64\crypt32.dll
2014-01-18 15:10 . 2013-10-01 23:26 1890816 ----a-w- c:\windows\system32\crypt32.dll
2014-01-18 15:08 . 2013-03-06 07:10 112872 ----a-w- c:\windows\system32\consent.exe
2014-01-18 15:08 . 2013-03-06 06:29 70144 ----a-w- c:\windows\system32\appinfo.dll
2014-01-18 15:06 . 2013-04-09 04:52 126464 ----a-w- c:\windows\system32\Robocopy.exe
2014-01-18 15:01 . 2014-01-18 15:02 -------- d-----w- c:\programdata\House Of Soft
2014-01-18 15:01 . 2014-01-19 11:37 -------- d-----w- c:\program files (x86)\Ss-Supporter
2014-01-18 15:01 . 2014-01-18 15:27 -------- d-----w- c:\programdata\27f12daf895ba0f2
2014-01-18 15:01 . 2014-01-18 15:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\Google
2014-01-18 15:01 . 2014-01-18 15:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\Comodo
2014-01-18 15:01 . 2014-01-18 15:01 -------- d-----w- c:\users\HomeGroupUser$
2014-01-18 15:01 . 2014-01-18 15:01 -------- d-----w- c:\users\Guest
2014-01-18 15:01 . 2014-01-18 15:01 -------- d-----w- c:\users\Administrator
2014-01-18 15:00 . 2014-01-18 15:02 -------- d-----w- c:\programdata\InstallMate
2014-01-18 14:59 . 2014-01-18 14:59 -------- d-----w- c:\program files\Common Files\DESIGNER
2014-01-18 14:59 . 2014-01-18 14:59 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2014-01-18 14:58 . 2014-01-18 14:59 -------- d-----w- c:\program files\Microsoft SQL Server
2014-01-18 14:55 . 2014-01-18 14:55 -------- d-----w- c:\program files\Microsoft Analysis Services
2014-01-18 14:55 . 2014-01-18 14:55 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2014-01-18 14:55 . 2014-01-25 00:48 -------- d-----w- c:\programdata\Microsoft Help
2014-01-18 14:55 . 2014-01-18 14:55 -------- d-----r- C:\MSOCache
2014-01-18 12:13 . 2012-07-04 10:55 1354240 ----a-w- c:\windows\system32\CNC280C.dll
2014-01-18 12:13 . 2012-07-04 10:55 112128 ----a-w- c:\windows\system32\CNC280I.dll
2014-01-18 12:13 . 2012-07-04 10:29 106496 ----a-w- c:\windows\SysWow64\CNC280U.dll
2014-01-18 12:13 . 2010-03-18 18:26 348672 ----a-w- c:\windows\system32\CNC280L.dll
2014-01-18 12:13 . 2010-03-18 18:25 307200 ----a-w- c:\windows\SysWow64\CNC280L.dll
2014-01-18 12:13 . 2008-08-25 17:02 17920 ----a-w- c:\windows\system32\CNHMCA6.dll
2014-01-18 12:13 . 2008-08-25 17:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2014-01-18 12:13 . 2014-01-18 12:13 -------- d--h--w- c:\programdata\CanonBJ
2014-01-18 12:13 . 2012-03-14 04:00 99840 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAA.DLL
2014-01-18 12:13 . 2012-03-14 04:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAA.DLL
2014-01-18 12:13 . 2012-03-14 04:00 385024 ----a-w- c:\windows\system32\CNMLMAA.DLL
2014-01-18 11:50 . 2014-01-18 11:50 -------- d-----w- c:\windows\SysWow64\wbem\sk-SK
2014-01-18 11:50 . 2014-01-18 11:50 -------- d-----w- c:\windows\SysWow64\drivers\sk-SK
2014-01-18 11:50 . 2014-01-18 11:50 -------- d-----w- c:\windows\system32\sk
2014-01-18 11:50 . 2014-01-18 11:50 -------- d-----w- c:\windows\sk-SK
2014-01-18 11:50 . 2014-01-18 11:50 -------- d-----w- c:\windows\system32\drivers\sk-SK
2014-01-18 11:50 . 2014-01-18 11:50 -------- d-----w- c:\windows\system32\wbem\sk-SK
2014-01-18 11:33 . 2014-01-18 11:36 -------- d-----w- c:\programdata\IObit
2014-01-18 11:33 . 2014-01-18 11:33 -------- d-----w- c:\program files (x86)\IObit
2014-01-18 11:29 . 2013-05-15 02:25 888320 ----a-w- c:\windows\system32\autochk.exe
2014-01-18 11:29 . 2013-05-15 02:25 542208 ----a-w- c:\windows\system32\untfs.dll
2014-01-18 11:29 . 2013-05-15 02:24 793088 ----a-w- c:\windows\SysWow64\autochk.exe
2014-01-18 11:29 . 2013-05-15 02:24 482816 ----a-w- c:\windows\SysWow64\untfs.dll
2014-01-18 11:29 . 2014-01-18 11:29 -------- d-----w- c:\program files\WinRAR
2014-01-18 11:29 . 2013-05-30 23:24 1257472 ----a-w- c:\windows\system32\kernel32.dll
2014-01-18 11:29 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2014-01-18 11:29 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2014-01-18 11:29 . 2013-10-25 06:18 19271168 ----a-w- c:\windows\system32\mshtml.dll
2014-01-18 11:27 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-01-18 11:26 . 2013-10-10 11:53 96600 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2014-01-18 11:25 . 2013-07-19 22:13 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-18 11:24 . 2013-09-28 03:35 288768 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-01-18 11:23 . 2013-08-23 07:22 2062848 ----a-w- c:\windows\system32\d3d11.dll
2014-01-18 11:20 . 2014-01-18 11:20 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2014-01-18 11:09 . 2014-01-18 11:09 -------- d-----w- c:\programdata\ClintwoodGames
2014-01-18 11:08 . 2014-01-18 11:18 -------- d-----w- c:\program files (x86)\Jewel Up
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-18 09:47 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-01-09 08:02 . 2012-07-26 08:14 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-09 08:02 . 2012-07-26 08:14 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\Gorazd\AppData\Roaming\uTorrent\uTorrent.exe" [2014-01-18 1307736]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\Gorazd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 4b46e14a;GS-Supporter;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 StartMenuService;StartMenu8 Service;c:\program files (x86)\IObit\Start Menu 8\StartMenuServices.exe;c:\program files (x86)\IObit\Start Menu 8\StartMenuServices.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-18 10:55 1211672 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18 12:47]
.
2014-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-18 10:54]
.
2014-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-18 10:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2918656]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 84.255.209.79 84.255.210.79
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Gorazd\AppData\Roaming\Mozilla\Firefox\Profiles\mu9805ij.default\
FF - prefs.js: browser.startup.homepage - www.gooogle.com
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{4b46e14a} - c:\progra~2\SS-SUP~1\ASSIST~1.DLL
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2014-01-28 16:10:52
ComboFix-quarantined-files.txt 2014-01-28 15:10
.
Pre-Run: 70.156.410.880 bytes free
Post-Run: 69.826.048.000 bytes free
.
- - End Of File - - 75C9FCC35DC0B7CFC0EFA761A1C0742E
5C616939100B85E558DA92B899A0FC36



Ok, now after the last procedure the addon is gone and chrome open normal.
Thanx for answers.
 
johnb35

johnb35

Administrator
Staff member
Yeah, you had some bad chrome extensions. One more thing for you to do.

I need you to post a logfile that combofix produces but doesn't automatically show you. Please navigate to C:\Qoobox and in that folder will be a file named add-remove programs.txt. Open that file and copy and paste the contents back here.
 
K

kapital

New Member
Here it is:

Adobe Digital Editions 2.0
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06) - Slovenian
µTorrent
Chess.net for Windows
D3DX10
DAEMON Tools Lite
Deep Fritz 14
Fotogalerija
Google Chrome
Google Update Helper
GS-Supporter 1.80
Java 7 Update 51
Java Auto Updater
Jewel Up 1.1
Junk Mail filter update
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft XML Parser
Movie Maker
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenOffice.org 3.3
Photo Common
Photo Gallery
Pošta Windows Live
Start Menu 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
 
johnb35

johnb35

Administrator
Staff member
Ok, this entry here is what i'm concerned about.

GS-Supporter 1.80

I highly recommend uninstalling this as its adware/malware. Not sure why it wasn't caught by other programs. Did you install it? Do you know what its for?

Also, noticed you have utorrent installed. Hopefully you aren't downloading pirated software with it as that is bad for your system. Will get you infected easily.
 
K

kapital

New Member
I do not know what it is, but it does not allow me to remove it either. If I go to
control panel and try to remove it I get answer in attachment.
 

Attachments

  • Brez naslova.jpg
    Brez naslova.jpg
    6 KB · Views: 38
You must log in or register to reply here.
Top