MyCity » Ambulanta » Browser brljavi, i mozda jos nesto... nz

Browser brljavi, i mozda jos nesto... nz

Napisano na dan: 28.1.2021

Strana:
1
2

Browser brljavi, i mozda jos nesto... nz

Sledeća strana

Pagination

Odgovori

Strana:
1
2

drmrdz Poslao: 28 Jan 2021 10:11 Idi na vrh
offline drmrdz Novi MyCity građanin Pridružio: 28 Jan 2021 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 28 Jan 2021 8:22 Krenuo sam da skinem torrent i popio mošu. Za sad samo browser brljavi. Nz da li je problem jos nešto. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021 Ran by mertz-win10 (administrator) on DESKTOP-RC349HN (Hewlett-Packard 500-420nc) (28-01-2021 08:17:08) Running from C:\Users\mertz-win10\Desktop Loaded Profiles: mertz-win10 Platform: Windows 10 Pro Version 1909 18363.1316 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe (Comodo Security Solutions, Inc. -> Comodo Inc.) C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe (Integrated Device Technology Inc. -> Hewlett-Packard) [File not signed] C:\Program Files\IDT\WDM\Beats64.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\NVDisplay.Container.exe <2> (remotemouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (Viber Media S.à r.l. -> Viber Media S.Ã r.l.) C:\Users\mertz-win10\AppData\Local\Viber\Viber.exe (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\Nexus.exe (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.) [File not signed] HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-01-05] (Integrated Device Technology Inc. -> Hewlett-Packard) [File not signed] HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-02-09] (Power Software Limited -> Power Software Ltd) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> ) HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [Viber] => C:\Users\mertz-win10\AppData\Local\Viber\Viber.exe [46949592 2021-01-11] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.) HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [RocketDock] => "C:\Program Files (x86)\RocketDock\RocketDock.exe" HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [Nexus] => C:\Program Files (x86)\Winstep\Nexus.exe [18012288 2020-10-28] (Winstep Software Technologies) [File not signed] HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [Opera Browser Assistant] => C:\Users\mertz-win10\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software) HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [utweb] => "C:\Users\mertz-win10\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize Startup: C:\Users\mertz-win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2021-01-06] ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION HKU\S-1-5-21-39625150-317594477-3264285943-1002\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {070AC270-EE4C-4C55-A9E5-2A430DC87BDC} - System32\Tasks\update-S-1-5-21-39625150-317594477-3264285943-1002 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>) Task: {1C9ACAEF-7DD2-4D05-91EE-2C97B66A0B5F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {287342EC-503C-4390-B4FC-49F2EAB329FC} - System32\Tasks\Opera scheduled Autoupdate 1600979346 => C:\Users\mertz-win10\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software) Task: {365C3AC9-3780-4E1F-A05F-AD5DA2A7D51E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3891365D-212C-4866-9428-A685A3864BA3} - System32\Tasks\Opera scheduled assistant Autoupdate 1600979357 => C:\Users\mertz-win10\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\mertz-win10\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {398864C8-F14F-43BE-B2FA-D7DC3A05C1AB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5332904 2021-01-24] (Microsoft Corporation -> Microsoft Corporation) Task: {3FA29F60-57C2-4111-ADC9-279F59B2DBE8} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {4A7E5DCF-161A-4B45-A435-66A459923DB6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5332904 2021-01-24] (Microsoft Corporation -> Microsoft Corporation) Task: {58FA798E-19FE-49C2-9F6B-D4B525C28680} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5CDF7405-8192-4A8C-9DB6-64C528DE089B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {7D9835E1-B135-4AF5-A0A0-A83B185EB5E5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation) Task: {809CD016-B8FC-4CB5-A274-DD2026130C4A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation) Task: {93881C80-D3D3-4EB7-A4F3-C29F7E3E29E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A048474D-732B-47BA-9AEC-49407C24AD96} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AA393CF1-B429-4154-BEA7-D6B1272D90B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B4AE9DF1-42FB-4C64-9807-53DA718A14F2} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BB091DCF-303C-4D01-B61B-EF53E2EB6D17} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation) Task: {C0021F52-A9C7-4CA2-AC75-089FB7282B7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C2A406E6-6B1A-4973-B898-A68EA295B1C4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-24] (Microsoft Corporation -> Microsoft Corporation) Task: {C4CFA00D-EBA2-4916-9382-9B0B03104F05} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CB019AC6-3B0B-4091-B464-1E431B8B8BB0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {CC40EAA0-063A-4C2A-9A43-BBB6868E6941} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>) Task: {D5E0B025-C1C1-4433-A121-77465C5A49A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DB132812-B166-4047-A9D5-66A7D8976EC4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-01-27] (Mozilla Corporation -> Mozilla Foundation) Task: {E0D58637-33EF-44CA-8C77-9A5854AFB3BC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation) Task: {F6D1B856-89E1-4948-A9DB-22F255E66A3B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FAD3938F-ACE9-4BF2-B2BD-349D345AF628} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-24] (Microsoft Corporation -> Microsoft Corporation) Task: {FF492FCF-7807-4809-BAF5-ACE75182B012} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FF595D3F-C1AA-4EB4-86BF-EC9E000A1BC1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\update-S-1-5-21-39625150-317594477-3264285943-1002.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 217.144.16.199 Tcpip\..\Interfaces\{42aaef9f-79fe-4d61-b30c-21053a214862}: [DhcpNameServer] 217.144.16.199 192.168.0.1 Tcpip\..\Interfaces\{a64bccdf-3d92-4d2e-8cf2-48601086b324}: [DhcpNameServer] 192.168.1.1 217.144.16.199 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION FireFox: ======== FF DefaultProfile: jv50ier2.default FF DefaultProfile: 7x69lkhi.default FF ProfilePath: C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\jv50ier2.default [2021-01-28] FF NewTab: Mozilla\Firefox\Profiles\jv50ier2.default -> [Link mogu videti samo ulogovani korisnici] 06:43:46&iid=7d6e534e-5efb-49c4-85e0-ac6f2c16354c&bName= FF ProfilePath: C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release [2021-01-28] FF NewTab: Mozilla\Firefox\Profiles\n2ks7cy9.default-release -> [Link mogu videti samo ulogovani korisnici] 06:43:46&iid=7d6e534e-5efb-49c4-85e0-ac6f2c16354c&bName= FF Notifications: Mozilla\Firefox\Profiles\n2ks7cy9.default-release -> [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] FF Extension: (Facebook Container) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\@contain-facebook.xpi [2020-10-19] FF Extension: (Google Container) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\@contain-google.xpi [2020-12-09] FF Extension: (WebRTC Leak Shield) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\@webrtc-leak-shield.xpi [2020-10-27] FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\@windscribeff.xpi [2020-12-24] FF Extension: (Dark Reader) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\addon@darkreader.org.xpi [2021-01-22] FF Extension: (F.B Purity - Cleans up Facebook (WX)) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\fbpElectroWebExt@fbpurity.com.xpi [2021-01-28] [UpdateUrl:hxxps://www.fbpurity.com/FF-FBP-Ext-Updates.json] FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\firefox@ghostery.com.xpi [2020-12-20] FF Extension: (HTTPS Svuda) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\https-everywhere@eff.org.xpi [2020-11-17] FF Extension: (Wikiwand: Wikipedia Modernized) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\jid1-D7momAzRw417Ag@jetpack.xpi [2020-12-19] FF Extension: (Privacy Badger) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-12-19] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-01-11] FF Extension: (Grammar and Spell Checker — LanguageTool) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\languagetool-webextension@languagetool.org.xpi [2021-01-27] FF Extension: (Linux Mint-Y Dark (Blue)) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\linuxmint-y-dark@krafting.net.xpi [2020-09-21] FF Extension: (uBlock Origin) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-01-05] FF Extension: (Mac Os Mojave Night) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{086662ae-6205-4e16-b88e-d5e68c39033e}.xpi [2020-09-21] FF Extension: (Indigo gradient) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{126256f7-871d-408d-ba42-857122040826}.xpi [2020-09-21] FF Extension: (Share Backported) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{1bab54e2-6c60-4ee1-88f7-52b1df77924f}.xpi [2021-01-11] FF Extension: (Unseen) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{230ed5ec-936c-4ad1-b3d4-e2bb251bd1c3}.xpi [2021-01-09] FF Extension: (Linux Mint-Y-dark background) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{384bb391-6475-447f-bc9b-43b0113b53a7}.xpi [2020-09-21] FF Extension: (RiteTag) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{3f58c30e-756b-40f4-a94b-7aef17bfbaf6}.xpi [2020-09-25] FF Extension: (abstract 58) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{49f89ee5-3f35-4bbf-9913-6c9d77978cde}.xpi [2020-09-21] FF Extension: (Pinterest Downloader) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{57bc827b-0b82-46a5-9a20-cde76a7903f1}.xpi [2020-10-17] FF Extension: (macOS Mojave Light Adaptive) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{5c31252b-091e-4e02-89b8-ad41b123f044}.xpi [2020-09-21] FF Extension: (Mac OS Sierra Blur High Light) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{6ec020c9-9973-412d-a400-60164700566b}.xpi [2020-09-21] FF Extension: (macOS Mojave Safari Dark ) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{8189d924-9b0f-46c2-8ba9-4219dc45f9fa}.xpi [2020-09-21] FF Extension: (Media Helper) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{85603edc-044f-4391-9a95-a94682f449b4}.xpi [2020-12-19] FF Extension: (Pixel Fox FFColourMod) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{9e9a10b2-70ab-4a9c-8aa0-ea150b18af15}.xpi [2020-08-23] FF Extension: (ANIMATED Blue Plexus by candelora) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{abca071b-3177-4a86-84b9-c9a712c2268b}.xpi [2020-09-21] FF Extension: (macOS Catalina - Theme) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{b1f936f8-e532-414f-a195-ab2a8717baaf}.xpi [2020-09-21] FF Extension: (Popup blocker for FF: Poper Blocker) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{bee8b1f2-823a-424c-959c-f8f76c8b2306}.xpi [2020-05-29] FF Extension: (macOS Mojave Light Blue) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{c19ecb13-0dfb-4845-8f9e-fad17959ef77}.xpi [2020-09-21] FF Extension: (600% Sound Volume) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{c4b582ec-4343-438c-bda2-2f691c16c262}.xpi [2020-12-23] FF Extension: (Volume Booster) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{ceced21a-f0d8-4b52-b147-20761bb00abe}.xpi [2020-12-23] FF Extension: (No Name) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-12-19] FF Extension: (MacOS) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{d31c12dc-0dc1-4cd8-95c6-467a40931cd0}.xpi [2020-09-21] FF Extension: (Dark Fox) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2020-09-21] FF Extension: (Ubuntu Yaru Dark Matte) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{eca5abdd-d8d6-4156-9515-b8e683703fba}.xpi [2020-09-21] FF Extension: (Northern Lake by MaDonna) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{fcebb804-5eb9-43d9-a12a-30f6ca1b9b1b}.xpi [2020-09-21] FF ProfilePath: C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default [2020-12-20] FF Session Restore: Comodo\IceDragon\Profiles\7x69lkhi.default -> is enabled. FF Extension: (Facebook Container) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\@contain-facebook.xpi [2020-10-24] FF Extension: (Google Container) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\@contain-google.xpi [2020-10-19] FF Extension: (Hoxx VPN Proxy) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\@hoxx-vpn.xpi [2020-10-19] FF Extension: (WebRTC Leak Shield) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\@webrtc-leak-shield.xpi [2020-10-19] FF Extension: (Dark Reader) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\addon@darkreader.org.xpi [2020-10-19] FF Extension: (Online Security Pro) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\cos@comodo.com.xpi [2020-10-19] FF Extension: (HTTPS Svuda) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\https-everywhere@eff.org.xpi [2020-10-19] FF Extension: (Https Enforcement) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\https@comodo.com.xpi [2019-03-15] FF Extension: (Wikiwand: Wikipedia Modernized) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\jid1-D7momAzRw417Ag@jetpack.xpi [2020-10-19] FF Extension: (Privacy Badger) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-10-19] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-10-19] FF Extension: (Linux Mint-Y Dark (Blue)) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\linuxmint-y-dark@krafting.net.xpi [2020-10-19] FF Extension: (uBlock Origin) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\uBlock0@raymondhill.net.xpi [2020-10-19] FF Extension: (Mac Os Mojave Night) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{086662ae-6205-4e16-b88e-d5e68c39033e}.xpi [2020-10-19] FF Extension: (Indigo gradient) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{126256f7-871d-408d-ba42-857122040826}.xpi [2020-10-19] FF Extension: (Share Backported) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{1bab54e2-6c60-4ee1-88f7-52b1df77924f}.xpi [2020-10-19] FF Extension: (Linux Mint-Y-dark background) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{384bb391-6475-447f-bc9b-43b0113b53a7}.xpi [2020-10-19] FF Extension: (RiteTag) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{3f58c30e-756b-40f4-a94b-7aef17bfbaf6}.xpi [2020-10-19] FF Extension: (abstract 58) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{49f89ee5-3f35-4bbf-9913-6c9d77978cde}.xpi [2020-10-19] FF Extension: (Pinterest Downloader) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{57bc827b-0b82-46a5-9a20-cde76a7903f1}.xpi [2020-10-19] FF Extension: (macOS Mojave Light Adaptive) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{5c31252b-091e-4e02-89b8-ad41b123f044}.xpi [2020-10-19] FF Extension: (Media Downloader) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{5e9eca63-6e0d-47ce-9862-07d938121575}.xpi [2019-03-15] [Legacy] FF Extension: (Mac OS Sierra Blur High Light) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{6ec020c9-9973-412d-a400-60164700566b}.xpi [2020-10-19] FF Extension: (macOS Mojave Safari Dark ) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{8189d924-9b0f-46c2-8ba9-4219dc45f9fa}.xpi [2020-10-19] FF Extension: (Media Helper) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{85603edc-044f-4391-9a95-a94682f449b4}.xpi [2020-10-19] FF Extension: (Old Layout for Facebook) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{8792af17-0df8-40ab-81d3-6cc777171564}.xpi [2020-10-24] FF Extension: (Pixel Fox FFColourMod) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{9e9a10b2-70ab-4a9c-8aa0-ea150b18af15}.xpi [2020-10-19] FF Extension: (ANIMATED Blue Plexus by candelora) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{abca071b-3177-4a86-84b9-c9a712c2268b}.xpi [2020-10-19] FF Extension: (macOS Catalina - Theme) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{b1f936f8-e532-414f-a195-ab2a8717baaf}.xpi [2020-10-19] FF Extension: (Popup blocker for FF: Poper Blocker) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{bee8b1f2-823a-424c-959c-f8f76c8b2306}.xpi [2020-10-19] FF Extension: (macOS Mojave Light Blue) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{c19ecb13-0dfb-4845-8f9e-fad17959ef77}.xpi [2020-10-19] FF Extension: (No Name) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-10-19] FF Extension: (MacOS) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{d31c12dc-0dc1-4cd8-95c6-467a40931cd0}.xpi [2020-10-19] FF Extension: (Dark Fox) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2020-10-19] FF Extension: (Ubuntu Yaru Dark Matte) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{eca5abdd-d8d6-4156-9515-b8e683703fba}.xpi [2020-10-19] FF Extension: (Northern Lake by MaDonna) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{fcebb804-5eb9-43d9-a12a-30f6ca1b9b1b}.xpi [2020-10-19] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-01-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-01-03] (Microsoft Corporation -> Microsoft Corporation) Opera: ======= OPR Profile: C:\Users\mertz-win10\AppData\Roaming\Opera Software\Opera Stable [2021-01-26] OPR Notifications: Opera Stable -> [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] OPR DefaultSuggestURL: Opera Stable -> [Link mogu videti samo ulogovani korisnici]{searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Translator) - C:\Users\mertz-win10\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2020-09-24] OPR Extension: (Rich Hints Agent) - C:\Users\mertz-win10\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-22] OPR Extension: (Sidebar for YouTube™) - C:\Users\mertz-win10\AppData\Roaming\Opera Software\Opera Stable\Extensions\ljkgfkfopogmclcinephnaeekjiikibd [2020-09-24] OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\mertz-win10\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2020-12-22] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-19] (Microsoft Corporation -> Microsoft Corporation) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [2616800 2019-05-29] (Comodo Security Solutions, Inc. -> Comodo Inc.) R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2020-09-23] () [File not signed] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6264144 2021-01-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [File not signed] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService.exe [777216 2019-10-29] (Winstep Software Technologies) [File not signed] R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S2 Previous Versions Library; C:\Windows\Logs\cmd.exe /c powershell.exe -windowstyle Hidden -noninteractive -executionpolicy bypass -file C:\Windows\INF\PNRPSvc\0409\0301\PNRP.ps1 ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [551936 2014-01-05] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) S3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2020-11-03] (TunnelBear, Inc. -> The OpenVPN Project) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation) U4 DiagTrack; no ImagePath U4 dmwappushservice; no ImagePath S3 hsstap; \SystemRoot\System32\drivers\hsstap.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-01-28 08:17 - 2021-01-28 08:17 - 000036174 _____ C:\Users\mertz-win10\Desktop\FRST.txt 2021-01-28 08:16 - 2021-01-28 08:17 - 000000000 ____D C:\FRST 2021-01-28 08:13 - 2021-01-28 08:13 - 002297856 _____ (Farbar) C:\Users\mertz-win10\Desktop\FRST64.exe 2021-01-28 07:55 - 2021-01-28 07:57 - 000000000 ____D C:\Users\mertz-win10\Downloads\Nanjing.Swansoft.CNC.Simulator.v6.45.Multilang-BEAN { [Link mogu videti samo ulogovani korisnici] } 2021-01-28 07:49 - 2021-01-28 07:49 - 026571028 _____ (The qBittorrent project) C:\Users\mertz-win10\qbittorrent_4.3.3_x64_setup.exe 2021-01-28 07:49 - 2021-01-28 07:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2021-01-28 07:43 - 2021-01-28 07:43 - 000001895 _____ C:\Users\mertz-win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk 2021-01-28 07:43 - 2021-01-28 07:43 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\BitTorrentHelper 2021-01-27 12:14 - 2021-01-27 12:14 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2021-01-27 10:18 - 2021-01-27 12:14 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-01-24 08:11 - 2021-01-24 08:11 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools 2021-01-24 08:03 - 2021-01-24 08:03 - 001072556 _____ C:\Windows\Minidump\012421-3843-01.dmp 2021-01-24 02:11 - 2021-01-24 02:11 - 001149652 _____ C:\Windows\Minidump\012421-3937-01.dmp 2021-01-23 19:33 - 2021-01-23 19:33 - 000001434 _____ C:\Windows\system32\default_error_stack-000015-000000.txt 2021-01-23 11:20 - 2021-01-23 11:20 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\TunnelBear 2021-01-23 11:20 - 2021-01-23 11:20 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\TunnelBear 2021-01-23 11:00 - 2021-01-23 11:00 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\IsolatedStorage 2021-01-23 09:35 - 2021-01-23 11:01 - 000000000 ____D C:\ProgramData\ProgDVB 2021-01-23 09:35 - 2021-01-23 11:01 - 000000000 ____D C:\Program Files\ProgDVB x64 2021-01-22 21:19 - 2021-01-22 21:19 - 000001426 _____ C:\Windows\system32\default_error_stack-000014-000000.txt 2021-01-22 21:18 - 2021-01-24 23:42 - 000000544 _____ C:\Users\mertz-win10\Desktop\vikend.txt 2021-01-21 05:13 - 2021-01-21 05:13 - 001002716 _____ C:\Windows\Minidump\012121-15859-01.dmp 2021-01-19 06:51 - 2021-01-19 06:51 - 000001435 _____ C:\Windows\system32\default_error_stack-000013-000000.txt 2021-01-18 00:27 - 2021-01-18 00:27 - 000919740 _____ C:\Windows\Minidump\011821-4953-01.dmp 2021-01-17 23:27 - 2021-01-17 23:27 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\Viber 2021-01-16 23:58 - 2021-01-20 03:46 - 000000989 _____ C:\Users\mertz-win10\Desktop\sub.txt 2021-01-16 11:47 - 2021-01-16 11:47 - 000001433 _____ C:\Windows\system32\default_error_stack-000012-000000.txt 2021-01-15 07:44 - 2021-01-15 23:00 - 000000567 _____ C:\Users\mertz-win10\Desktop\pet.txt 2021-01-14 04:32 - 2021-01-14 04:32 - 000930868 _____ C:\Windows\Minidump\011421-4328-01.dmp 2021-01-14 01:34 - 2021-01-24 16:47 - 000000000 ____D C:\Users\mertz-win10\Desktop\klajdza 2021-01-14 00:29 - 2021-01-14 00:29 - 000696832 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2021-01-14 00:29 - 2021-01-14 00:29 - 000576512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2021-01-14 00:29 - 2021-01-14 00:29 - 000568320 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2021-01-14 00:29 - 2021-01-14 00:29 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2021-01-14 00:29 - 2021-01-14 00:29 - 000502784 _____ C:\Windows\system32\AssignedAccessCsp.dll 2021-01-14 00:29 - 2021-01-14 00:29 - 000500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr 2021-01-14 00:29 - 2021-01-14 00:29 - 000455680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl 2021-01-14 00:29 - 2021-01-14 00:29 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2021-01-14 00:29 - 2021-01-14 00:29 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2021-01-14 00:29 - 2021-01-14 00:29 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax 2021-01-14 00:29 - 2021-01-14 00:29 - 000151040 _____ C:\Windows\system32\uwfcsp.dll 2021-01-14 00:29 - 2021-01-14 00:29 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax 2021-01-14 00:29 - 2021-01-14 00:29 - 000094720 _____ C:\Windows\system32\VirtualMonitorManager.dll 2021-01-14 00:29 - 2021-01-14 00:29 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2021-01-14 00:29 - 2021-01-14 00:29 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl 2021-01-14 00:29 - 2021-01-14 00:29 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2021-01-14 00:29 - 2021-01-14 00:29 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl 2021-01-14 00:29 - 2021-01-14 00:29 - 000067072 _____ C:\Windows\system32\BWContextHandler.dll 2021-01-14 00:29 - 2021-01-14 00:29 - 000053248 _____ C:\Windows\SysWOW64\BWContextHandler.dll 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin 2021-01-14 00:28 - 2021-01-14 00:28 - 002590720 _____ C:\Windows\system32\dwmscene.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 001841152 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 001101312 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 000549888 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl 2021-01-14 00:28 - 2021-01-14 00:28 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2021-01-14 00:28 - 2021-01-14 00:28 - 000458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl 2021-01-14 00:28 - 2021-01-14 00:28 - 000453632 _____ C:\Windows\system32\ssdm.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2021-01-14 00:28 - 2021-01-14 00:28 - 000331264 _____ C:\Windows\SysWOW64\ssdm.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 000266752 _____ C:\Windows\system32\HeatCore.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl 2021-01-14 00:28 - 2021-01-14 00:28 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl 2021-01-14 00:28 - 2021-01-14 00:28 - 000208384 _____ C:\Windows\SysWOW64\HeatCore.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 000186368 _____ C:\Windows\system32\BthpanContextHandler.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl 2021-01-14 00:28 - 2021-01-14 00:28 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl 2021-01-14 00:28 - 2021-01-14 00:28 - 000164864 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2021-01-14 00:28 - 2021-01-14 00:28 - 000061440 _____ C:\Windows\system32\rdsxvmaudio.dll 2021-01-13 19:28 - 2021-01-15 07:46 - 000000812 _____ C:\Users\mertz-win10\Desktop\sre.txt 2021-01-09 20:01 - 2021-01-10 03:05 - 000000000 ____D C:\Users\mertz-win10\Desktop\advokat 2021-01-07 17:14 - 2021-01-07 17:14 - 000001435 _____ C:\Windows\system32\default_error_stack-000011-000000.txt 2021-01-06 14:24 - 2021-01-06 14:24 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\4kdownload.com 2021-01-06 02:06 - 2021-01-06 02:06 - 000000000 ____D C:\Users\mertz-win10\Documents\OneNote Notebooks 2021-01-06 01:58 - 2021-01-06 01:58 - 000002456 _____ C:\Users\mertz-win10\Desktop\Skype for Business 2016.lnk 2021-01-06 01:57 - 2021-01-06 01:57 - 000002451 _____ C:\Users\mertz-win10\Desktop\Word 2016.lnk 2021-01-05 18:32 - 2021-01-05 18:32 - 000000000 ____D C:\Windows\system32\appmgmt 2021-01-05 18:29 - 2021-01-05 18:29 - 000001420 _____ C:\Users\Public\Desktop\Foxit Reader.lnk 2021-01-05 18:29 - 2021-01-05 18:29 - 000001420 _____ C:\ProgramData\Desktop\Foxit Reader.lnk 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\Users\Public\Foxit Software 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\Foxit Software 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\Foxit AgentInformation 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\Users\mertz-win10\AppData\LocalLow\Foxit 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\ProgramData\Foxit Software 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\Program Files (x86)\Foxit Software 2021-01-05 18:26 - 2021-01-05 18:26 - 073945696 _____ (Foxit Software Inc. ) C:\Users\mertz-win10\Downloads\FoxitReader1011_enu_Setup_Prom.exe 2021-01-05 07:41 - 2020-12-15 14:37 - 000041816 _____ C:\Windows\system32\Drivers\semav6msr64.sys 2021-01-05 07:40 - 2021-01-05 07:41 - 000002678 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2021-01-05 06:29 - 2021-01-12 10:51 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software 2021-01-05 06:29 - 2021-01-05 06:46 - 000000000 ____D C:\ProgramData\NCH Software 2021-01-05 06:29 - 2021-01-05 06:46 - 000000000 ____D C:\Program Files (x86)\NCH Software 2021-01-05 06:29 - 2021-01-05 06:41 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\NCH Software 2021-01-05 06:29 - 2021-01-05 06:29 - 000001369 _____ C:\Users\Public\Desktop\NCH Suite.lnk 2021-01-05 06:29 - 2021-01-05 06:29 - 000001369 _____ C:\ProgramData\Desktop\NCH Suite.lnk 2021-01-05 06:29 - 2021-01-05 06:29 - 000001247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CardWorks Business Card Software.lnk 2021-01-05 06:29 - 2021-01-05 06:29 - 000001235 _____ C:\Users\Public\Desktop\CardWorks Business Card Software.lnk 2021-01-05 06:29 - 2021-01-05 06:29 - 000001235 _____ C:\ProgramData\Desktop\CardWorks Business Card Software.lnk 2021-01-04 19:39 - 2021-01-04 19:39 - 000001434 _____ C:\Windows\system32\default_error_stack-000010-000000.txt 2021-01-03 03:27 - 2021-01-03 03:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2021-01-03 02:12 - 2021-01-24 08:11 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2021-01-03 02:12 - 2021-01-03 02:12 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2021-01-03 02:12 - 2021-01-03 02:12 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2021-01-02 08:31 - 2021-01-02 08:31 - 000000000 ____D C:\Users\mertz-win10\Documents\Custom Office Templates 2021-01-02 07:35 - 2021-01-28 07:50 - 000000000 ____D C:\Users\mertz-win10\Downloads\KMSAuto Net 2015 v1.4.0 Portable by Ratiborus 2021-01-02 07:35 - 2021-01-02 07:35 - 000005180 _____ C:\Users\mertz-win10\Downloads\KMSAuto_Net_2015_v1.4.0_Portable_by_Ratiborus.torrent 2021-01-02 07:27 - 2021-01-02 07:27 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2021-01-02 07:27 - 2021-01-02 07:27 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2021-01-02 07:27 - 2021-01-02 07:27 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2021-01-02 07:27 - 2021-01-02 07:27 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2021-01-02 07:27 - 2021-01-02 07:27 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2021-01-02 07:27 - 2021-01-02 07:27 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2021-01-02 07:27 - 2021-01-02 07:27 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2021-01-02 07:25 - 2021-01-02 07:25 - 000000000 ____D C:\Program Files\Microsoft Office 15 2021-01-02 07:23 - 2021-01-02 07:23 - 000000000 ____D C:\Users\mertz-win10\Downloads\New folder 2021-01-02 07:09 - 2021-01-02 07:10 - 000000000 ____D C:\Users\mertz-win10\Downloads\Microsoft.Office.2016.Pro.Plus.2016.6962141.Final.Incl.SLO.Language 2021-01-02 07:09 - 2021-01-02 07:09 - 000012583 _____ C:\Users\mertz-win10\Downloads\Microsoft.Office.2016.Pro.Plus.2016.6962141.Final.Incl.SLO.Language.torrent 2021-01-01 17:03 - 2021-01-04 00:58 - 000000000 ____D C:\Users\mertz-win10\Desktop\gymbeam 2020-12-31 14:39 - 2020-12-31 14:39 - 000001434 _____ C:\Windows\system32\default_error_stack-000009-000000.txt 2020-12-29 16:30 - 2020-12-29 16:31 - 000000000 ____D C:\Users\mertz-win10\Desktop\cizme 2020-12-29 00:11 - 2020-12-29 00:11 - 000001434 _____ C:\Windows\system32\default_error_stack-000008-000000.txt ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-01-28 07:59 - 2020-06-02 00:18 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\qBittorrent 2021-01-28 07:59 - 2020-04-10 05:34 - 000000000 ____D C:\Users\mertz-win10\AppData\LocalLow\Mozilla 2021-01-28 07:49 - 2020-12-24 20:49 - 000000000 ____D C:\Program Files\qBittorrent 2021-01-28 07:49 - 2020-04-10 05:00 - 000000000 ____D C:\Users\mertz-win10 2021-01-28 07:44 - 2020-10-03 08:58 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\CrashDumps 2021-01-28 07:44 - 2020-04-10 05:34 - 000000000 ____D C:\ProgramData\Mozilla 2021-01-28 06:31 - 2019-07-18 22:07 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-01-28 05:14 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-01-27 23:22 - 2020-04-17 21:18 - 000000000 ____D C:\Users\mertz-win10\Documents\ViberDownloads 2021-01-27 21:12 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2021-01-27 21:12 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness 2021-01-27 12:54 - 2020-06-05 21:10 - 000000000 ____D C:\Users\Public\Documents\Winstep 2021-01-27 12:54 - 2020-06-05 21:10 - 000000000 ____D C:\ProgramData\Documents\Winstep 2021-01-27 12:29 - 2020-04-10 05:15 - 000004174 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{CAE0CB1C-BCBB-43DC-A5A4-4A720C4B154E} 2021-01-27 12:25 - 2020-04-10 05:32 - 000000000 ____D C:\ProgramData\NVIDIA 2021-01-27 12:14 - 2020-04-10 05:34 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-01-27 12:14 - 2020-04-10 05:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-01-27 08:37 - 2020-04-17 21:18 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\ViberPC 2021-01-26 08:44 - 2020-04-10 05:00 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\Packages 2021-01-26 04:46 - 2020-09-21 17:34 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-01-26 04:46 - 2020-09-21 17:34 - 000000000 __SHD C:\Users\mertz-win10\IntelGraphicsProfiles 2021-01-25 12:31 - 2019-08-17 06:05 - 000796056 _____ C:\Windows\system32\PerfStringBackup.INI 2021-01-25 12:31 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF 2021-01-25 12:26 - 2019-07-18 22:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-01-25 08:07 - 2020-09-22 02:42 - 000012949 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1 2021-01-25 08:07 - 2020-04-10 05:31 - 000013905 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1 2021-01-24 23:42 - 2020-04-10 05:31 - 000010726 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1 2021-01-24 10:04 - 2020-09-24 16:14 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\ElevatedDiagnostics 2021-01-24 08:11 - 2020-06-01 17:51 - 000000000 ____D C:\Program Files\Microsoft Office 2021-01-24 08:04 - 2020-04-10 05:43 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1 2021-01-24 08:04 - 2020-04-10 05:31 - 000047908 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1 2021-01-24 08:04 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI 2021-01-24 08:03 - 2020-09-22 15:18 - 746976194 _____ C:\Windows\MEMORY.DMP 2021-01-24 08:03 - 2019-07-18 22:09 - 000000000 ____D C:\Windows\minidump 2021-01-24 05:18 - 2020-10-10 21:12 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\vlc 2021-01-23 11:21 - 2020-04-10 05:43 - 000000000 ____D C:\ProgramData\Package Cache 2021-01-22 10:42 - 2020-04-10 05:40 - 000799104 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2021-01-21 02:55 - 2020-09-23 02:30 - 000011519 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1 2021-01-18 15:20 - 2020-09-24 21:29 - 000004272 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1600979346 2021-01-18 15:20 - 2020-09-24 21:29 - 000001489 _____ C:\Users\mertz-win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Прегледач Opera.lnk 2021-01-18 06:11 - 2020-12-24 22:37 - 000000000 ____D C:\Users\mertz-win10\Desktop\radna nedelja 2021-01-14 00:40 - 2020-04-10 05:00 - 000000000 ___RD C:\Users\mertz-win10\3D Objects 2021-01-14 00:40 - 2019-07-18 22:10 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-01-14 00:40 - 2019-07-18 22:07 - 000453280 _____ C:\Windows\system32\FNTCACHE.DAT 2021-01-14 00:40 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2021-01-14 00:39 - 2019-03-19 07:22 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-01-14 00:39 - 2019-03-19 07:22 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-01-14 00:39 - 2019-03-19 07:22 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\SysWOW64\F12 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\UNP 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\F12 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\PrintDialog 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\setup 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Com 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\setup 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\migwiz 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Dism 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Com 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellComponents 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\Provisioning 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\IME 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender 2021-01-14 00:34 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp 2021-01-14 00:33 - 2020-04-19 02:37 - 000000000 ____D C:\Windows\system32\MRT 2021-01-14 00:31 - 2020-04-19 02:37 - 135062968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-01-14 00:28 - 2019-08-17 06:02 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2021-01-10 21:18 - 2020-11-16 14:41 - 000000000 ____D C:\Users\mertz-win10\Desktop\lola 2021-01-05 19:10 - 2020-10-08 01:34 - 000003834 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2021-01-05 18:32 - 2020-06-05 14:13 - 000000000 ____D C:\Program Files (x86)\Adobe 2021-01-05 07:41 - 2020-10-08 01:23 - 000003762 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2021-01-05 07:41 - 2020-10-08 01:23 - 000003528 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2021-01-03 02:25 - 2020-10-10 13:40 - 000007597 _____ C:\Users\mertz-win10\AppData\Local\Resmon.ResmonCfg 2021-01-03 02:12 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared ==================== Files in the root of some directories ======== 2020-10-19 00:12 - 2020-10-19 00:12 - 081009168 _____ (COMODO) C:\Users\mertz-win10\icedragonsetup.exe 2020-10-08 01:22 - 2020-10-08 01:22 - 002507624 _____ (Intel) C:\Users\mertz-win10\Intel-Driver-and-Support-Assistant-Installer.exe 2020-10-01 00:11 - 2020-10-01 00:11 - 001342218 _____ () C:\Users\mertz-win10\iZotope_Ozone.exe 2020-12-24 20:19 - 2020-12-24 20:19 - 058106720 _____ (Amazon.com) C:\Users\mertz-win10\KindleForPC-installer-1.30.59056.exe 2020-12-24 20:46 - 2020-12-24 20:46 - 026204717 _____ (The qBittorrent project) C:\Users\mertz-win10\qbittorrent_4.3.1_x64_setup.exe 2021-01-28 07:49 - 2021-01-28 07:49 - 026571028 _____ (The qBittorrent project) C:\Users\mertz-win10\qbittorrent_4.3.3_x64_setup.exe 2020-10-20 15:02 - 2020-10-20 15:02 - 047521768 _____ (Clarobet AB) C:\Users\mertz-win10\RebelBettingSetup.exe 2020-10-16 22:57 - 2020-10-16 22:57 - 001229697 _____ (Remote Mouse ) C:\Users\mertz-win10\RemoteMouse.exe 2020-10-01 23:03 - 2020-10-01 23:03 - 002786328 _____ (Skillbrains ) C:\Users\mertz-win10\setup-lightshot.exe 2020-12-20 15:05 - 2020-12-20 15:05 - 008234296 _____ (Piriform Software Ltd) C:\Users\mertz-win10\spsetup132.exe 2020-10-01 00:08 - 2020-10-01 00:08 - 017412576 _____ (Nullsoft, Inc.) C:\Users\mertz-win10\winamp566_full_all.exe 2020-10-10 13:40 - 2021-01-03 02:25 - 000007597 _____ () C:\Users\mertz-win10\AppData\Local\Resmon.ResmonCfg 2020-10-01 23:03 - 2020-10-01 23:03 - 000000003 _____ () C:\Users\mertz-win10\AppData\Local\updater.log 2020-10-01 23:03 - 2020-10-01 23:03 - 000000424 _____ () C:\Users\mertz-win10\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== [Link mogu videti samo ulogovani korisnici] Dopuna: 28 Jan 2021 9:42 Zaboravih... Pozrdav! Odavde je krenuo problem: 2021-01-28 07:43 - 2021-01-28 07:43 - 000001895 _____ C:\Users\mertz-win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk 2021-01-28 07:43 - 2021-01-28 07:43 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\BitTorrentHelper Dopuna: 28 Jan 2021 10:11 2x mi je nakon instalacije iskljucio browser. Sada u searche-u ide ovako: [Link mogu videti samo ulogovani korisnici] Zna da izbaci i znatno duze linkove, ali uvek ista matrica: [Link mogu videti samo ulogovani korisnici]

Profil

L3g1oN Poslao: 28 Jan 2021 14:32 Idi na vrh
offline L3g1oN AMF pripravnik Pridružio: 23 Maj 2020 Poruke: 139	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, Ja cu ti pomagati oko problema prouzrokovani malicioznim programima. Odmah da ti kazem da nisi nista ozbiljno zarazen, par stvarcica samo da resimo. 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION HKU\S-1-5-21-39625150-317594477-3264285943-1002\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION FF NewTab: Mozilla\Firefox\Profiles\jv50ier2.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2021-01-28 06:43:46&iid=7d6e534e-5efb-49c4-85e0-ac6f2c16354c&bName= FF NewTab: Mozilla\Firefox\Profiles\n2ks7cy9.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2021-01-28 06:43:46&iid=7d6e534e-5efb-49c4-85e0-ac6f2c16354c&bName= HKU\S-1-5-21-39625150-317594477-3264285943-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2021-01-28 06:43:46&iid=7d6e534e-5efb-49c4-85e0-ac6f2c16354c&bName= SearchScopes: HKU\S-1-5-21-39625150-317594477-3264285943-1002 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms} EmptyTemp: 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

drmrdz Poslao: 28 Jan 2021 14:45 Idi na vrh
offline drmrdz Novi MyCity građanin Pridružio: 28 Jan 2021 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Super ako nije nista strasno. Evo rezulatata: Fix result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021 Ran by mertz-win10 (28-01-2021 14:39:36) Run:1 Running from C:\Users\mertz-win10\Desktop Loaded Profiles: mertz-win10 Boot Mode: Normal ============================================== fixlist content: *************** HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION HKU\S-1-5-21-39625150-317594477-3264285943-1002\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION FF NewTab: Mozilla\Firefox\Profiles\jv50ier2.default -> [Link mogu videti samo ulogovani korisnici] 06:43:46&iid=7d6e534e-5efb-49c4-85e0-ac6f2c16354c&bName= FF NewTab: Mozilla\Firefox\Profiles\n2ks7cy9.default-release -> [Link mogu videti samo ulogovani korisnici] 06:43:46&iid=7d6e534e-5efb-49c4-85e0-ac6f2c16354c&bName= HKU\S-1-5-21-39625150-317594477-3264285943-1002\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] 06:43:46&iid=7d6e534e-5efb-49c4-85e0-ac6f2c16354c&bName= SearchScopes: HKU\S-1-5-21-39625150-317594477-3264285943-1002 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} EmptyTemp: *************** HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully HKU\S-1-5-21-39625150-317594477-3264285943-1002\SOFTWARE\Policies\Microsoft\Edge => removed successfully HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully "Firefox newtab" => removed successfully "Firefox newtab" => removed successfully HKU\S-1-5-21-39625150-317594477-3264285943-1002\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully HKU\S-1-5-21-39625150-317594477-3264285943-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B} => removed successfully =========== EmptyTemp: ========== BITS transfer queue => 8937472 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1091168643 B Java, Flash, Steam htmlcache => 397 B Windows/system/drivers => 16420898 B Edge => 2008753 B Firefox => 1420876765 B Opera => 472940344 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 32427 B LocalService => 32427 B NetworkService => 6077187 B mertz-win10 => 31525327 B RecycleBin => 0 B EmptyTemp: => 2.8 GB temporary data Removed. ================================ The system needed a reboot. ==== End 2 Fixlog 14:41:29 ====

Profil

L3g1oN Poslao: 28 Jan 2021 15:11 Idi na vrh
offline L3g1oN AMF pripravnik Pridružio: 23 Maj 2020 Poruke: 139	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sad stanje?

Profil

drmrdz Poslao: 28 Jan 2021 15:16 Idi na vrh
offline drmrdz Novi MyCity građanin Pridružio: 28 Jan 2021 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ista priča što se tiče searcha

Profil

L3g1oN Poslao: 28 Jan 2021 15:17 Idi na vrh
offline L3g1oN AMF pripravnik Pridružio: 23 Maj 2020 Poruke: 139	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odradi nov FRST sken kao na pocetku i dostavi mi nove izvestaje.

Profil

drmrdz Poslao: 28 Jan 2021 15:24 Idi na vrh
offline drmrdz Novi MyCity građanin Pridružio: 28 Jan 2021 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021 Ran by mertz-win10 (administrator) on DESKTOP-RC349HN (Hewlett-Packard 500-420nc) (28-01-2021 15:18:27) Running from C:\Users\mertz-win10\Desktop Loaded Profiles: mertz-win10 Platform: Windows 10 Pro Version 1909 18363.1316 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe (Comodo Security Solutions, Inc. -> Comodo Inc.) C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe (Integrated Device Technology Inc. -> Hewlett-Packard) [File not signed] C:\Program Files\IDT\WDM\Beats64.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\NVDisplay.Container.exe <2> (remotemouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (Viber Media S.Ã r.l. -> Viber Media S.ÃƒÂ r.l.) C:\Users\mertz-win10\AppData\Local\Viber\Viber.exe (Winstep Software Technologies) [File not signed] [File is in use] C:\Program Files (x86)\Winstep\Nexus.exe (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.) [File not signed] HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-01-05] (Integrated Device Technology Inc. -> Hewlett-Packard) [File not signed] HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-02-09] (Power Software Limited -> Power Software Ltd) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> ) HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [Viber] => C:\Users\mertz-win10\AppData\Local\Viber\Viber.exe [46949592 2021-01-11] (Viber Media S.Ã r.l. -> Viber Media S.ÃƒÂ r.l.) HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [RocketDock] => "C:\Program Files (x86)\RocketDock\RocketDock.exe" HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [Nexus] => C:\Program Files (x86)\Winstep\Nexus.exe [18012288 2020-10-28] (Winstep Software Technologies) [File not signed] [File is in use] HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [Opera Browser Assistant] => C:\Users\mertz-win10\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software) HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [utweb] => "C:\Users\mertz-win10\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize Startup: C:\Users\mertz-win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2021-01-06] ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {070AC270-EE4C-4C55-A9E5-2A430DC87BDC} - System32\Tasks\update-S-1-5-21-39625150-317594477-3264285943-1002 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>) Task: {1C9ACAEF-7DD2-4D05-91EE-2C97B66A0B5F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {287342EC-503C-4390-B4FC-49F2EAB329FC} - System32\Tasks\Opera scheduled Autoupdate 1600979346 => C:\Users\mertz-win10\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software) Task: {365C3AC9-3780-4E1F-A05F-AD5DA2A7D51E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3891365D-212C-4866-9428-A685A3864BA3} - System32\Tasks\Opera scheduled assistant Autoupdate 1600979357 => C:\Users\mertz-win10\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\mertz-win10\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {398864C8-F14F-43BE-B2FA-D7DC3A05C1AB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5332904 2021-01-24] (Microsoft Corporation -> Microsoft Corporation) Task: {3FA29F60-57C2-4111-ADC9-279F59B2DBE8} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {4A7E5DCF-161A-4B45-A435-66A459923DB6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5332904 2021-01-24] (Microsoft Corporation -> Microsoft Corporation) Task: {58FA798E-19FE-49C2-9F6B-D4B525C28680} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5CDF7405-8192-4A8C-9DB6-64C528DE089B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {7D9835E1-B135-4AF5-A0A0-A83B185EB5E5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation) Task: {809CD016-B8FC-4CB5-A274-DD2026130C4A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation) Task: {93881C80-D3D3-4EB7-A4F3-C29F7E3E29E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A048474D-732B-47BA-9AEC-49407C24AD96} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AA393CF1-B429-4154-BEA7-D6B1272D90B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B4AE9DF1-42FB-4C64-9807-53DA718A14F2} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BB091DCF-303C-4D01-B61B-EF53E2EB6D17} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation) Task: {C0021F52-A9C7-4CA2-AC75-089FB7282B7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C2A406E6-6B1A-4973-B898-A68EA295B1C4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-24] (Microsoft Corporation -> Microsoft Corporation) Task: {C4CFA00D-EBA2-4916-9382-9B0B03104F05} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CB019AC6-3B0B-4091-B464-1E431B8B8BB0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {CC40EAA0-063A-4C2A-9A43-BBB6868E6941} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>) Task: {D5E0B025-C1C1-4433-A121-77465C5A49A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DB132812-B166-4047-A9D5-66A7D8976EC4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-01-27] (Mozilla Corporation -> Mozilla Foundation) Task: {E0D58637-33EF-44CA-8C77-9A5854AFB3BC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation) Task: {F6D1B856-89E1-4948-A9DB-22F255E66A3B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FAD3938F-ACE9-4BF2-B2BD-349D345AF628} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-24] (Microsoft Corporation -> Microsoft Corporation) Task: {FF492FCF-7807-4809-BAF5-ACE75182B012} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FF595D3F-C1AA-4EB4-86BF-EC9E000A1BC1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\update-S-1-5-21-39625150-317594477-3264285943-1002.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 217.144.16.199 Tcpip\..\Interfaces\{42aaef9f-79fe-4d61-b30c-21053a214862}: [DhcpNameServer] 217.144.16.199 192.168.0.1 Tcpip\..\Interfaces\{a64bccdf-3d92-4d2e-8cf2-48601086b324}: [DhcpNameServer] 192.168.1.1 217.144.16.199 FireFox: ======== FF DefaultProfile: jv50ier2.default FF DefaultProfile: 7x69lkhi.default FF ProfilePath: C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\jv50ier2.default [2021-01-28] FF NewTab: Mozilla\Firefox\Profiles\jv50ier2.default -> [Link mogu videti samo ulogovani korisnici] 06:43:46&iid=7d6e534e-5efb-49c4-85e0-ac6f2c16354c&bName= FF ProfilePath: C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release [2021-01-28] FF Notifications: Mozilla\Firefox\Profiles\n2ks7cy9.default-release -> [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] FF Extension: (Facebook Container) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\@contain-facebook.xpi [2020-10-19] FF Extension: (Google Container) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\@contain-google.xpi [2020-12-09] FF Extension: (WebRTC Leak Shield) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\@webrtc-leak-shield.xpi [2020-10-27] FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\@windscribeff.xpi [2020-12-24] FF Extension: (Dark Reader) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\addon@darkreader.org.xpi [2021-01-22] FF Extension: (F.B Purity - Cleans up Facebook (WX)) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\fbpElectroWebExt@fbpurity.com.xpi [2021-01-28] [UpdateUrl:hxxps://www.fbpurity.com/FF-FBP-Ext-Updates.json] FF Extension: (Ghostery â€“ Privacy Ad Blocker) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\firefox@ghostery.com.xpi [2020-12-20] FF Extension: (HTTPS Svuda) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\https-everywhere@eff.org.xpi [2020-11-17] FF Extension: (Wikiwand: Wikipedia Modernized) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\jid1-D7momAzRw417Ag@jetpack.xpi [2020-12-19] FF Extension: (Privacy Badger) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-12-19] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-01-11] FF Extension: (Grammar and Spell Checker â€” LanguageTool) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\languagetool-webextension@languagetool.org.xpi [2021-01-27] FF Extension: (Linux Mint-Y Dark (Blue)) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\linuxmint-y-dark@krafting.net.xpi [2020-09-21] FF Extension: (uBlock Origin) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-01-05] FF Extension: (Mac Os Mojave Night) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{086662ae-6205-4e16-b88e-d5e68c39033e}.xpi [2020-09-21] FF Extension: (Indigo gradient) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{126256f7-871d-408d-ba42-857122040826}.xpi [2020-09-21] FF Extension: (Share Backported) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{1bab54e2-6c60-4ee1-88f7-52b1df77924f}.xpi [2021-01-11] FF Extension: (Unseen) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{230ed5ec-936c-4ad1-b3d4-e2bb251bd1c3}.xpi [2021-01-09] FF Extension: (Linux Mint-Y-dark background) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{384bb391-6475-447f-bc9b-43b0113b53a7}.xpi [2020-09-21] FF Extension: (RiteTag) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{3f58c30e-756b-40f4-a94b-7aef17bfbaf6}.xpi [2020-09-25] FF Extension: (abstract 58) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{49f89ee5-3f35-4bbf-9913-6c9d77978cde}.xpi [2020-09-21] FF Extension: (Pinterest Downloader) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{57bc827b-0b82-46a5-9a20-cde76a7903f1}.xpi [2020-10-17] FF Extension: (macOS Mojave Light Adaptive) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{5c31252b-091e-4e02-89b8-ad41b123f044}.xpi [2020-09-21] FF Extension: (Mac OS Sierra Blur High Light) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{6ec020c9-9973-412d-a400-60164700566b}.xpi [2020-09-21] FF Extension: (macOS Mojave Safari Dark ) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{8189d924-9b0f-46c2-8ba9-4219dc45f9fa}.xpi [2020-09-21] FF Extension: (Media Helper) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{85603edc-044f-4391-9a95-a94682f449b4}.xpi [2020-12-19] FF Extension: (Pixel Fox FFColourMod) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{9e9a10b2-70ab-4a9c-8aa0-ea150b18af15}.xpi [2020-08-23] FF Extension: (ANIMATED Blue Plexus by candelora) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{abca071b-3177-4a86-84b9-c9a712c2268b}.xpi [2020-09-21] FF Extension: (macOS Catalina - Theme) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{b1f936f8-e532-414f-a195-ab2a8717baaf}.xpi [2020-09-21] FF Extension: (Popup blocker for FF: Poper Blocker) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{bee8b1f2-823a-424c-959c-f8f76c8b2306}.xpi [2020-05-29] FF Extension: (macOS Mojave Light Blue) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{c19ecb13-0dfb-4845-8f9e-fad17959ef77}.xpi [2020-09-21] FF Extension: (600% Sound Volume) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{c4b582ec-4343-438c-bda2-2f691c16c262}.xpi [2020-12-23] FF Extension: (Volume Booster) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{ceced21a-f0d8-4b52-b147-20761bb00abe}.xpi [2020-12-23] FF Extension: (No Name) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-12-19] FF Extension: (MacOS) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{d31c12dc-0dc1-4cd8-95c6-467a40931cd0}.xpi [2020-09-21] FF Extension: (Dark Fox) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2020-09-21] FF Extension: (Ubuntu Yaru Dark Matte) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{eca5abdd-d8d6-4156-9515-b8e683703fba}.xpi [2020-09-21] FF Extension: (Northern Lake by MaDonna) - C:\Users\mertz-win10\AppData\Roaming\Mozilla\Firefox\Profiles\n2ks7cy9.default-release\Extensions\{fcebb804-5eb9-43d9-a12a-30f6ca1b9b1b}.xpi [2020-09-21] FF ProfilePath: C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default [2020-12-20] FF Session Restore: Comodo\IceDragon\Profiles\7x69lkhi.default -> is enabled. FF Extension: (Facebook Container) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\@contain-facebook.xpi [2020-10-24] FF Extension: (Google Container) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\@contain-google.xpi [2020-10-19] FF Extension: (Hoxx VPN Proxy) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\@hoxx-vpn.xpi [2020-10-19] FF Extension: (WebRTC Leak Shield) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\@webrtc-leak-shield.xpi [2020-10-19] FF Extension: (Dark Reader) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\addon@darkreader.org.xpi [2020-10-19] FF Extension: (Online Security Pro) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\cos@comodo.com.xpi [2020-10-19] FF Extension: (HTTPS Svuda) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\https-everywhere@eff.org.xpi [2020-10-19] FF Extension: (Https Enforcement) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\https@comodo.com.xpi [2019-03-15] FF Extension: (Wikiwand: Wikipedia Modernized) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\jid1-D7momAzRw417Ag@jetpack.xpi [2020-10-19] FF Extension: (Privacy Badger) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-10-19] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-10-19] FF Extension: (Linux Mint-Y Dark (Blue)) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\linuxmint-y-dark@krafting.net.xpi [2020-10-19] FF Extension: (uBlock Origin) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\uBlock0@raymondhill.net.xpi [2020-10-19] FF Extension: (Mac Os Mojave Night) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{086662ae-6205-4e16-b88e-d5e68c39033e}.xpi [2020-10-19] FF Extension: (Indigo gradient) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{126256f7-871d-408d-ba42-857122040826}.xpi [2020-10-19] FF Extension: (Share Backported) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{1bab54e2-6c60-4ee1-88f7-52b1df77924f}.xpi [2020-10-19] FF Extension: (Linux Mint-Y-dark background) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{384bb391-6475-447f-bc9b-43b0113b53a7}.xpi [2020-10-19] FF Extension: (RiteTag) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{3f58c30e-756b-40f4-a94b-7aef17bfbaf6}.xpi [2020-10-19] FF Extension: (abstract 58) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{49f89ee5-3f35-4bbf-9913-6c9d77978cde}.xpi [2020-10-19] FF Extension: (Pinterest Downloader) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{57bc827b-0b82-46a5-9a20-cde76a7903f1}.xpi [2020-10-19] FF Extension: (macOS Mojave Light Adaptive) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{5c31252b-091e-4e02-89b8-ad41b123f044}.xpi [2020-10-19] FF Extension: (Media Downloader) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{5e9eca63-6e0d-47ce-9862-07d938121575}.xpi [2019-03-15] [Legacy] FF Extension: (Mac OS Sierra Blur High Light) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{6ec020c9-9973-412d-a400-60164700566b}.xpi [2020-10-19] FF Extension: (macOS Mojave Safari Dark ) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{8189d924-9b0f-46c2-8ba9-4219dc45f9fa}.xpi [2020-10-19] FF Extension: (Media Helper) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{85603edc-044f-4391-9a95-a94682f449b4}.xpi [2020-10-19] FF Extension: (Old Layout for Facebook) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{8792af17-0df8-40ab-81d3-6cc777171564}.xpi [2020-10-24] FF Extension: (Pixel Fox FFColourMod) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{9e9a10b2-70ab-4a9c-8aa0-ea150b18af15}.xpi [2020-10-19] FF Extension: (ANIMATED Blue Plexus by candelora) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{abca071b-3177-4a86-84b9-c9a712c2268b}.xpi [2020-10-19] FF Extension: (macOS Catalina - Theme) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{b1f936f8-e532-414f-a195-ab2a8717baaf}.xpi [2020-10-19] FF Extension: (Popup blocker for FF: Poper Blocker) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{bee8b1f2-823a-424c-959c-f8f76c8b2306}.xpi [2020-10-19] FF Extension: (macOS Mojave Light Blue) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{c19ecb13-0dfb-4845-8f9e-fad17959ef77}.xpi [2020-10-19] FF Extension: (No Name) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-10-19] FF Extension: (MacOS) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{d31c12dc-0dc1-4cd8-95c6-467a40931cd0}.xpi [2020-10-19] FF Extension: (Dark Fox) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2020-10-19] FF Extension: (Ubuntu Yaru Dark Matte) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{eca5abdd-d8d6-4156-9515-b8e683703fba}.xpi [2020-10-19] FF Extension: (Northern Lake by MaDonna) - C:\Users\mertz-win10\AppData\Roaming\Comodo\IceDragon\Profiles\7x69lkhi.default\Extensions\{fcebb804-5eb9-43d9-a12a-30f6ca1b9b1b}.xpi [2020-10-19] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-01-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-01-03] (Microsoft Corporation -> Microsoft Corporation) Opera: ======= OPR Profile: C:\Users\mertz-win10\AppData\Roaming\Opera Software\Opera Stable [2021-01-28] OPR Notifications: Opera Stable -> [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] OPR DefaultSuggestURL: Opera Stable -> [Link mogu videti samo ulogovani korisnici]{searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Translator) - C:\Users\mertz-win10\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2020-09-24] OPR Extension: (Rich Hints Agent) - C:\Users\mertz-win10\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-22] OPR Extension: (Sidebar for YouTubeâ„¢) - C:\Users\mertz-win10\AppData\Roaming\Opera Software\Opera Stable\Extensions\ljkgfkfopogmclcinephnaeekjiikibd [2020-09-24] OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\mertz-win10\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2020-12-22] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-19] (Microsoft Corporation -> Microsoft Corporation) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [2616800 2019-05-29] (Comodo Security Solutions, Inc. -> Comodo Inc.) R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2020-09-23] () [File not signed] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6264144 2021-01-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [File not signed] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService.exe [777216 2019-10-29] (Winstep Software Technologies) [File not signed] R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S2 Previous Versions Library; C:\Windows\Logs\cmd.exe /c powershell.exe -windowstyle Hidden -noninteractive -executionpolicy bypass -file C:\Windows\INF\PNRPSvc\0409\0301\PNRP.ps1 ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [551936 2014-01-05] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) S3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2020-11-03] (TunnelBear, Inc. -> The OpenVPN Project) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation) U4 DiagTrack; no ImagePath U4 dmwappushservice; no ImagePath S3 hsstap; \SystemRoot\System32\drivers\hsstap.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-01-28 14:39 - 2021-01-28 14:41 - 000002734 _____ C:\Users\mertz-win10\Desktop\Fixlog.txt 2021-01-28 10:46 - 2021-01-28 10:47 - 000000000 ____D C:\Users\mertz-win10\Downloads\m. office & verificattion 2021-01-28 08:19 - 2021-01-28 08:20 - 000034285 _____ C:\Users\mertz-win10\Desktop\Addition.txt 2021-01-28 08:17 - 2021-01-28 15:19 - 000035743 _____ C:\Users\mertz-win10\Desktop\FRST.txt 2021-01-28 08:16 - 2021-01-28 15:18 - 000000000 ____D C:\FRST 2021-01-28 08:13 - 2021-01-28 08:13 - 002297856 _____ (Farbar) C:\Users\mertz-win10\Desktop\FRST64.exe 2021-01-28 07:55 - 2021-01-28 07:57 - 000000000 ____D C:\Users\mertz-win10\Downloads\Nanjing.Swansoft.CNC.Simulator.v6.45.Multilang-BEAN { [Link mogu videti samo ulogovani korisnici] } 2021-01-28 07:49 - 2021-01-28 07:49 - 026571028 _____ (The qBittorrent project) C:\Users\mertz-win10\qbittorrent_4.3.3_x64_setup.exe 2021-01-28 07:49 - 2021-01-28 07:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2021-01-28 07:43 - 2021-01-28 07:43 - 000001895 _____ C:\Users\mertz-win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk 2021-01-28 07:43 - 2021-01-28 07:43 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\BitTorrentHelper 2021-01-27 12:14 - 2021-01-27 12:14 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2021-01-27 10:18 - 2021-01-28 14:42 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-01-24 08:11 - 2021-01-24 08:11 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2021-01-24 08:11 - 2021-01-24 08:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools 2021-01-24 08:03 - 2021-01-24 08:03 - 001072556 _____ C:\Windows\Minidump\012421-3843-01.dmp 2021-01-24 02:11 - 2021-01-24 02:11 - 001149652 _____ C:\Windows\Minidump\012421-3937-01.dmp 2021-01-23 19:33 - 2021-01-23 19:33 - 000001434 _____ C:\Windows\system32\default_error_stack-000015-000000.txt 2021-01-23 11:20 - 2021-01-23 11:20 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\TunnelBear 2021-01-23 11:20 - 2021-01-23 11:20 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\TunnelBear 2021-01-23 11:00 - 2021-01-23 11:00 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\IsolatedStorage 2021-01-23 09:35 - 2021-01-23 11:01 - 000000000 ____D C:\ProgramData\ProgDVB 2021-01-23 09:35 - 2021-01-23 11:01 - 000000000 ____D C:\Program Files\ProgDVB x64 2021-01-22 21:19 - 2021-01-22 21:19 - 000001426 _____ C:\Windows\system32\default_error_stack-000014-000000.txt 2021-01-22 21:18 - 2021-01-24 23:42 - 000000544 _____ C:\Users\mertz-win10\Desktop\vikend.txt 2021-01-21 05:13 - 2021-01-21 05:13 - 001002716 _____ C:\Windows\Minidump\012121-15859-01.dmp 2021-01-19 06:51 - 2021-01-19 06:51 - 000001435 _____ C:\Windows\system32\default_error_stack-000013-000000.txt 2021-01-18 00:27 - 2021-01-18 00:27 - 000919740 _____ C:\Windows\Minidump\011821-4953-01.dmp 2021-01-17 23:27 - 2021-01-17 23:27 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\Viber 2021-01-16 23:58 - 2021-01-20 03:46 - 000000989 _____ C:\Users\mertz-win10\Desktop\sub.txt 2021-01-16 11:47 - 2021-01-16 11:47 - 000001433 _____ C:\Windows\system32\default_error_stack-000012-000000.txt 2021-01-15 07:44 - 2021-01-15 23:00 - 000000567 _____ C:\Users\mertz-win10\Desktop\pet.txt 2021-01-14 04:32 - 2021-01-14 04:32 - 000930868 _____ C:\Windows\Minidump\011421-4328-01.dmp 2021-01-14 01:34 - 2021-01-24 16:47 - 000000000 ____D C:\Users\mertz-win10\Desktop\klajdza 2021-01-14 00:29 - 2021-01-14 00:29 - 000696832 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2021-01-14 00:29 - 2021-01-14 00:29 - 000576512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2021-01-14 00:29 - 2021-01-14 00:29 - 000568320 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2021-01-14 00:29 - 2021-01-14 00:29 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2021-01-14 00:29 - 2021-01-14 00:29 - 000502784 _____ C:\Windows\system32\AssignedAccessCsp.dll 2021-01-14 00:29 - 2021-01-14 00:29 - 000500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr 2021-01-14 00:29 - 2021-01-14 00:29 - 000455680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl 2021-01-14 00:29 - 2021-01-14 00:29 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2021-01-14 00:29 - 2021-01-14 00:29 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2021-01-14 00:29 - 2021-01-14 00:29 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax 2021-01-14 00:29 - 2021-01-14 00:29 - 000151040 _____ C:\Windows\system32\uwfcsp.dll 2021-01-14 00:29 - 2021-01-14 00:29 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax 2021-01-14 00:29 - 2021-01-14 00:29 - 000094720 _____ C:\Windows\system32\VirtualMonitorManager.dll 2021-01-14 00:29 - 2021-01-14 00:29 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2021-01-14 00:29 - 2021-01-14 00:29 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl 2021-01-14 00:29 - 2021-01-14 00:29 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2021-01-14 00:29 - 2021-01-14 00:29 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl 2021-01-14 00:29 - 2021-01-14 00:29 - 000067072 _____ C:\Windows\system32\BWContextHandler.dll 2021-01-14 00:29 - 2021-01-14 00:29 - 000053248 _____ C:\Windows\SysWOW64\BWContextHandler.dll 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin 2021-01-14 00:29 - 2021-01-14 00:29 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin 2021-01-14 00:28 - 2021-01-14 00:28 - 002590720 _____ C:\Windows\system32\dwmscene.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 001841152 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 001101312 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 000549888 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl 2021-01-14 00:28 - 2021-01-14 00:28 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2021-01-14 00:28 - 2021-01-14 00:28 - 000458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl 2021-01-14 00:28 - 2021-01-14 00:28 - 000453632 _____ C:\Windows\system32\ssdm.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2021-01-14 00:28 - 2021-01-14 00:28 - 000331264 _____ C:\Windows\SysWOW64\ssdm.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 000266752 _____ C:\Windows\system32\HeatCore.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl 2021-01-14 00:28 - 2021-01-14 00:28 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl 2021-01-14 00:28 - 2021-01-14 00:28 - 000208384 _____ C:\Windows\SysWOW64\HeatCore.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 000186368 _____ C:\Windows\system32\BthpanContextHandler.dll 2021-01-14 00:28 - 2021-01-14 00:28 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl 2021-01-14 00:28 - 2021-01-14 00:28 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl 2021-01-14 00:28 - 2021-01-14 00:28 - 000164864 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2021-01-14 00:28 - 2021-01-14 00:28 - 000061440 _____ C:\Windows\system32\rdsxvmaudio.dll 2021-01-13 19:28 - 2021-01-15 07:46 - 000000812 _____ C:\Users\mertz-win10\Desktop\sre.txt 2021-01-09 20:01 - 2021-01-10 03:05 - 000000000 ____D C:\Users\mertz-win10\Desktop\advokat 2021-01-07 17:14 - 2021-01-07 17:14 - 000001435 _____ C:\Windows\system32\default_error_stack-000011-000000.txt 2021-01-06 14:24 - 2021-01-06 14:24 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\4kdownload.com 2021-01-06 02:06 - 2021-01-06 02:06 - 000000000 ____D C:\Users\mertz-win10\Documents\OneNote Notebooks 2021-01-06 01:58 - 2021-01-06 01:58 - 000002456 _____ C:\Users\mertz-win10\Desktop\Skype for Business 2016.lnk 2021-01-06 01:57 - 2021-01-06 01:57 - 000002451 _____ C:\Users\mertz-win10\Desktop\Word 2016.lnk 2021-01-05 18:32 - 2021-01-05 18:32 - 000000000 ____D C:\Windows\system32\appmgmt 2021-01-05 18:29 - 2021-01-05 18:29 - 000001420 _____ C:\Users\Public\Desktop\Foxit Reader.lnk 2021-01-05 18:29 - 2021-01-05 18:29 - 000001420 _____ C:\ProgramData\Desktop\Foxit Reader.lnk 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\Users\Public\Foxit Software 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\Foxit Software 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\Foxit AgentInformation 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\Users\mertz-win10\AppData\LocalLow\Foxit 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\ProgramData\Foxit Software 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform 2021-01-05 18:29 - 2021-01-05 18:29 - 000000000 ____D C:\Program Files (x86)\Foxit Software 2021-01-05 18:26 - 2021-01-05 18:26 - 073945696 _____ (Foxit Software Inc. ) C:\Users\mertz-win10\Downloads\FoxitReader1011_enu_Setup_Prom.exe 2021-01-05 07:41 - 2020-12-15 14:37 - 000041816 _____ C:\Windows\system32\Drivers\semav6msr64.sys 2021-01-05 07:40 - 2021-01-05 07:41 - 000002678 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2021-01-05 06:29 - 2021-01-12 10:51 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software 2021-01-05 06:29 - 2021-01-05 06:46 - 000000000 ____D C:\ProgramData\NCH Software 2021-01-05 06:29 - 2021-01-05 06:46 - 000000000 ____D C:\Program Files (x86)\NCH Software 2021-01-05 06:29 - 2021-01-05 06:41 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\NCH Software 2021-01-05 06:29 - 2021-01-05 06:29 - 000001369 _____ C:\Users\Public\Desktop\NCH Suite.lnk 2021-01-05 06:29 - 2021-01-05 06:29 - 000001369 _____ C:\ProgramData\Desktop\NCH Suite.lnk 2021-01-05 06:29 - 2021-01-05 06:29 - 000001247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CardWorks Business Card Software.lnk 2021-01-05 06:29 - 2021-01-05 06:29 - 000001235 _____ C:\Users\Public\Desktop\CardWorks Business Card Software.lnk 2021-01-05 06:29 - 2021-01-05 06:29 - 000001235 _____ C:\ProgramData\Desktop\CardWorks Business Card Software.lnk 2021-01-04 19:39 - 2021-01-04 19:39 - 000001434 _____ C:\Windows\system32\default_error_stack-000010-000000.txt 2021-01-03 03:27 - 2021-01-03 03:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2021-01-03 02:12 - 2021-01-24 08:11 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2021-01-03 02:12 - 2021-01-03 02:12 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2021-01-03 02:12 - 2021-01-03 02:12 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2021-01-02 08:31 - 2021-01-02 08:31 - 000000000 ____D C:\Users\mertz-win10\Documents\Custom Office Templates 2021-01-02 07:27 - 2021-01-02 07:27 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2021-01-02 07:27 - 2021-01-02 07:27 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2021-01-02 07:27 - 2021-01-02 07:27 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2021-01-02 07:27 - 2021-01-02 07:27 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2021-01-02 07:27 - 2021-01-02 07:27 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2021-01-02 07:27 - 2021-01-02 07:27 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2021-01-02 07:27 - 2021-01-02 07:27 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2021-01-02 07:25 - 2021-01-02 07:25 - 000000000 ____D C:\Program Files\Microsoft Office 15 2021-01-01 17:03 - 2021-01-04 00:58 - 000000000 ____D C:\Users\mertz-win10\Desktop\gymbeam 2020-12-31 14:39 - 2020-12-31 14:39 - 000001434 _____ C:\Windows\system32\default_error_stack-000009-000000.txt 2020-12-29 16:30 - 2020-12-29 16:31 - 000000000 ____D C:\Users\mertz-win10\Desktop\cizme 2020-12-29 00:11 - 2020-12-29 00:11 - 000001434 _____ C:\Windows\system32\default_error_stack-000008-000000.txt ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-01-28 15:18 - 2020-04-10 05:34 - 000000000 ____D C:\Users\mertz-win10\AppData\LocalLow\Mozilla 2021-01-28 15:12 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-01-28 14:46 - 2019-08-17 06:05 - 000796056 _____ C:\Windows\system32\PerfStringBackup.INI 2021-01-28 14:46 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF 2021-01-28 14:44 - 2020-04-10 05:32 - 000000000 ____D C:\ProgramData\NVIDIA 2021-01-28 14:42 - 2020-09-21 17:34 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-01-28 14:42 - 2020-09-21 17:34 - 000000000 __SHD C:\Users\mertz-win10\IntelGraphicsProfiles 2021-01-28 14:42 - 2020-04-17 21:18 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\ViberPC 2021-01-28 14:42 - 2020-04-10 05:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-01-28 14:42 - 2020-04-10 05:31 - 000056259 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1 2021-01-28 14:42 - 2020-04-10 05:31 - 000020216 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1 2021-01-28 14:42 - 2019-07-18 22:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-01-28 14:42 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI 2021-01-28 14:15 - 2020-04-10 05:15 - 000004174 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{CAE0CB1C-BCBB-43DC-A5A4-4A720C4B154E} 2021-01-28 10:27 - 2020-04-17 21:18 - 000000000 ____D C:\Users\mertz-win10\Documents\ViberDownloads 2021-01-28 07:59 - 2020-06-02 00:18 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\qBittorrent 2021-01-28 07:49 - 2020-12-24 20:49 - 000000000 ____D C:\Program Files\qBittorrent 2021-01-28 07:49 - 2020-04-10 05:00 - 000000000 ____D C:\Users\mertz-win10 2021-01-28 07:44 - 2020-10-03 08:58 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\CrashDumps 2021-01-28 07:44 - 2020-04-10 05:34 - 000000000 ____D C:\ProgramData\Mozilla 2021-01-28 06:31 - 2019-07-18 22:07 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-01-27 21:12 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2021-01-27 21:12 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness 2021-01-27 12:54 - 2020-06-05 21:10 - 000000000 ____D C:\Users\Public\Documents\Winstep 2021-01-27 12:54 - 2020-06-05 21:10 - 000000000 ____D C:\ProgramData\Documents\Winstep 2021-01-27 12:14 - 2020-04-10 05:34 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-01-26 08:44 - 2020-04-10 05:00 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\Packages 2021-01-26 03:47 - 2020-04-10 05:31 - 000010657 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1 2021-01-25 12:26 - 2020-04-10 05:43 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1 2021-01-25 08:07 - 2020-09-22 02:42 - 000012949 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1 2021-01-24 10:04 - 2020-09-24 16:14 - 000000000 ____D C:\Users\mertz-win10\AppData\Local\ElevatedDiagnostics 2021-01-24 08:11 - 2020-06-01 17:51 - 000000000 ____D C:\Program Files\Microsoft Office 2021-01-24 08:03 - 2020-09-22 15:18 - 746976194 _____ C:\Windows\MEMORY.DMP 2021-01-24 08:03 - 2019-07-18 22:09 - 000000000 ____D C:\Windows\minidump 2021-01-24 05:18 - 2020-10-10 21:12 - 000000000 ____D C:\Users\mertz-win10\AppData\Roaming\vlc 2021-01-23 11:21 - 2020-04-10 05:43 - 000000000 ____D C:\ProgramData\Package Cache 2021-01-22 10:42 - 2020-04-10 05:40 - 000799104 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2021-01-21 02:55 - 2020-09-23 02:30 - 000011519 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1 2021-01-18 15:20 - 2020-09-24 21:29 - 000004272 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1600979346 2021-01-18 15:20 - 2020-09-24 21:29 - 000001489 _____ C:\Users\mertz-win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ÐŸÑ€ÐµÐ³Ð»ÐµÐ´Ð°Ñ‡ Opera.lnk 2021-01-18 06:11 - 2020-12-24 22:37 - 000000000 ____D C:\Users\mertz-win10\Desktop\radna nedelja 2021-01-14 00:40 - 2020-04-10 05:00 - 000000000 ___RD C:\Users\mertz-win10\3D Objects 2021-01-14 00:40 - 2019-07-18 22:10 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-01-14 00:40 - 2019-07-18 22:07 - 000453280 _____ C:\Windows\system32\FNTCACHE.DAT 2021-01-14 00:40 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2021-01-14 00:39 - 2019-03-19 07:22 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-01-14 00:39 - 2019-03-19 07:22 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-01-14 00:39 - 2019-03-19 07:22 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\SysWOW64\F12 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\UNP 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\F12 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\PrintDialog 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\setup 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Com 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\setup 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\migwiz 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Dism 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Com 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellComponents 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\Provisioning 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\IME 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr 2021-01-14 00:39 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender 2021-01-14 00:34 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp 2021-01-14 00:33 - 2020-04-19 02:37 - 000000000 ____D C:\Windows\system32\MRT 2021-01-14 00:31 - 2020-04-19 02:37 - 135062968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-01-14 00:28 - 2019-08-17 06:02 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2021-01-10 21:18 - 2020-11-16 14:41 - 000000000 ____D C:\Users\mertz-win10\Desktop\lola 2021-01-05 19:10 - 2020-10-08 01:34 - 000003834 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2021-01-05 18:32 - 2020-06-05 14:13 - 000000000 ____D C:\Program Files (x86)\Adobe 2021-01-05 07:41 - 2020-10-08 01:23 - 000003762 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2021-01-05 07:41 - 2020-10-08 01:23 - 000003528 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2021-01-03 02:25 - 2020-10-10 13:40 - 000007597 _____ C:\Users\mertz-win10\AppData\Local\Resmon.ResmonCfg 2021-01-03 02:12 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared ==================== Files in the root of some directories ======== 2020-10-19 00:12 - 2020-10-19 00:12 - 081009168 _____ (COMODO) C:\Users\mertz-win10\icedragonsetup.exe 2020-10-08 01:22 - 2020-10-08 01:22 - 002507624 _____ (Intel) C:\Users\mertz-win10\Intel-Driver-and-Support-Assistant-Installer.exe 2020-10-01 00:11 - 2020-10-01 00:11 - 001342218 _____ () C:\Users\mertz-win10\iZotope_Ozone.exe 2020-12-24 20:19 - 2020-12-24 20:19 - 058106720 _____ (Amazon.com) C:\Users\mertz-win10\KindleForPC-installer-1.30.59056.exe 2020-12-24 20:46 - 2020-12-24 20:46 - 026204717 _____ (The qBittorrent project) C:\Users\mertz-win10\qbittorrent_4.3.1_x64_setup.exe 2021-01-28 07:49 - 2021-01-28 07:49 - 026571028 _____ (The qBittorrent project) C:\Users\mertz-win10\qbittorrent_4.3.3_x64_setup.exe 2020-10-20 15:02 - 2020-10-20 15:02 - 047521768 _____ (Clarobet AB) C:\Users\mertz-win10\RebelBettingSetup.exe 2020-10-16 22:57 - 2020-10-16 22:57 - 001229697 _____ (Remote Mouse ) C:\Users\mertz-win10\RemoteMouse.exe 2020-10-01 23:03 - 2020-10-01 23:03 - 002786328 _____ (Skillbrains ) C:\Users\mertz-win10\setup-lightshot.exe 2020-12-20 15:05 - 2020-12-20 15:05 - 008234296 _____ (Piriform Software Ltd) C:\Users\mertz-win10\spsetup132.exe 2020-10-01 00:08 - 2020-10-01 00:08 - 017412576 _____ (Nullsoft, Inc.) C:\Users\mertz-win10\winamp566_full_all.exe 2020-10-10 13:40 - 2021-01-03 02:25 - 000007597 _____ () C:\Users\mertz-win10\AppData\Local\Resmon.ResmonCfg 2020-10-01 23:03 - 2020-10-01 23:03 - 000000003 _____ () C:\Users\mertz-win10\AppData\Local\updater.log 2020-10-01 23:03 - 2020-10-01 23:03 - 000000424 _____ () C:\Users\mertz-win10\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici]

Profil

L3g1oN Poslao: 29 Jan 2021 14:42 Idi na vrh
offline L3g1oN AMF pripravnik Pridružio: 23 Maj 2020 Poruke: 139	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start CreateRestorePoint: IE trusted site: HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\webcompanion.com -> hxxp://webcompanion.com HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize FF NewTab: Mozilla\Firefox\Profiles\jv50ier2.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2021-01-28 06:43:46&iid=7d6e534e-5efb-49c4-85e0-ac6f2c16354c&bName= CloseProcesses: S2 Previous Versions Library; C:\Windows\Logs\cmd.exe /c powershell.exe -windowstyle Hidden -noninteractive -executionpolicy bypass -file C:\Windows\INF\PNRPSvc\0409\0301\PNRP.ps1 EmptyTemp: C:\Program Files (x86)\Lavasoft C:\Windows\INF\PNRPSvc\0409\0301\PNRP.ps1 End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. Kakvo je stanje posle fixa?

Profil

drmrdz Poslao: 29 Jan 2021 15:05 Idi na vrh
offline drmrdz Novi MyCity građanin Pridružio: 28 Jan 2021 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Isto kao i pre toga. Pobrisao je temporary files, ali je search u browseru neupotrebljiv. Fix result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021 Ran by mertz-win10 (29-01-2021 15:00:46) Run:2 Running from C:\Users\mertz-win10\Desktop Loaded Profiles: mertz-win10 Boot Mode: Normal ============================================== fixlist content: *************** Start CreateRestorePoint: IE trusted site: HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\webcompanion.com -> [Link mogu videti samo ulogovani korisnici] HKU\S-1-5-21-39625150-317594477-3264285943-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize FF NewTab: Mozilla\Firefox\Profiles\jv50ier2.default -> [Link mogu videti samo ulogovani korisnici] 06:43:46&iid=7d6e534e-5efb-49c4-85e0-ac6f2c16354c&bName= CloseProcesses: S2 Previous Versions Library; C:\Windows\Logs\cmd.exe /c powershell.exe -windowstyle Hidden -noninteractive -executionpolicy bypass -file C:\Windows\INF\PNRPSvc\0409\0301\PNRP.ps1 EmptyTemp: C:\Program Files (x86)\Lavasoft C:\Windows\INF\PNRPSvc\0409\0301\PNRP.ps1 End *************** Restore point was successfully created. HKU\S-1-5-21-39625150-317594477-3264285943-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => removed successfully "HKU\S-1-5-21-39625150-317594477-3264285943-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion" => not found "Firefox newtab" => removed successfully Processes closed successfully. Previous Versions Library => service not found. "C:\Program Files (x86)\Lavasoft" => not found C:\Windows\INF\PNRPSvc\0409\0301\PNRP.ps1 => moved successfully =========== EmptyTemp: ========== BITS transfer queue => 8937472 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13872524 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 1752168 B Edge => 459024 B Firefox => 746704228 B Opera => 5512598 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 361 B LocalService => 361 B NetworkService => 2235 B mertz-win10 => 238240 B RecycleBin => 0 B EmptyTemp: => 741.5 MB temporary data Removed. ================================ The system needed a reboot. ==== End 2 Fixlog 15:01:08 ====

Profil

L3g1oN Poslao: 29 Jan 2021 15:21 Idi na vrh
offline L3g1oN AMF pripravnik Pridružio: 23 Maj 2020 Poruke: 139	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Posalji mi nov FRST izvestaj da vidim da li se nesto promenilo u medjuvremenu pa cu ti dati dalje instrukcije.

Profil

MyCity » Ambulanta » Browser brljavi, i mozda jos nesto... nz

Ko je trenutno na forumu

Ukupno su 1806 korisnika na forumu :: 396 registrovanih, 30 sakrivenih i 1380 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 4channer, _stipa_, A.R.Chafee.Jr., acov34, Agape, Akiro, aleksandar1888, aleksandarbl, ALEXV, amaterSRB, Antoni S, Arahne, ArchaBasha, Arshavin, Aster Blistok, atmel, avijacija, babaroga, bankulen, Batinas, Batko.VD.65, BB, bbogdan, belov, berste23, bluesky, Bob.Rock, bobo85, Bobrock1, Bodin86, Bojan198527, bojan_t, Bojke549, bokicacar, Bombo, boracbl1389, Boris90, boromir, Boroš, Borski1977, BORUTUS, bounty hunters, brufen, Bubili, Bubimir, bufanje, Burovnyak, Burundi, BZ, cafa0412, CCCP, ceman, cemix, CHARLIE JA., chichabg, Cicumile, Clouseau, coaa, cojapop, Corto_Maltese_038, crnogorac, cuvarkuca, darcaud, darkojbn, Darth Malak, Dd41d41, dejan1972, dejandr, DejanSt, dejina811, DejvTroter, dekan.m, Dekanovic, Denaya, DENIRO, Dežurni pod palubom, Dimitrije Paunovic, Dioniss, dj.ape, Djole3621, DjomlaHomer, djonsule, djordjemiklusev, djukapfc, DJUNTA, Djuro2000, dnr, Dogma21, doktor097, dolinalima, draganca, draganl, draganst, DragoslavS, DrNeoCortex, Duce, Dukelander, dule10savic, dusan.l, dushan, Electron, ElvisP, Enigma Nobody, Ercomero, Faki-Valjevo, Feller, Filip1, filip1326, Fog of War, Folkstar, francis begbie, Fructo, Frunze, Fulcrum, g0xy, gajasvi, GazdaDjoka, Georgius, Gforce_6, Gheljda, Giro77, goran.vvv, Great White, GUARIN, halkin gol, Herman Terrance Aubrey, Holy Saber, hyla, Ice, igorpet, Igritelj, Ir, Istman, ivan1973, ivanhoe31, Jablan, Jakonjveliki, Jan, JaV, jimi_agf, jodzula, JohnDoe, Jomini, JOntra, Jozo74, K-1A, kaisarevic1, Kajzer Soze, Kawasaki1000, Kazablankasrb, KimiMR, kirucar, KizJ, Knovakov, komplikator, komsija1, kondenzator, koneks, Koridor, Koser, Kredit, kreker, kripo, Kubovac, Kum Ruzvelt, kybonacci, lacko, lafa008, lakson001, laurusri, Lazarus, Lep1na, Levi, littlebunny, livada123, ljubsz, loon123, lord_80, Lucky 6, ludvig 78, luja, luka35, magyar, maiden6657, mainstream, Makarid, Maki1981, maksi007, Malahit, malimedo01, Manesaur, MarijaC84, Markan90, marki231, marko.markovic, marsi, Mastrum Ridkali, mat, Matija, matrix_1, mean_machine, medaTT, Mi lao shu, micke83, Mig 29, Might is Right, Miki 84, Miki281, MIKI63, mikrimaus, Milan 84, milanpb, mile33, milenko crazy north, MILJEVINAC, Milometer, milos.cbr, milos97, Milun24, mir, MiroslavD, Mitogna, mixkax, Miškić, Mićko, mm1811, moldway, morava_01, mr.lucas, MrG, mrm, mrzimregistraciju, Murko, N.e.m.a.nj.a., narandzasti, Natuzzi, nebkv, neko iz mase, nelezele, NemanjaCG, Neutral-M, neutrino, nevjerna beba, Nikolajevic, nisamBot, nixos, Njubara, NklJov123, Nmr, nnovakis, novator, obsc, OnforSadunac, OREMUS, orfanel, Orlova, ostoja, ozzy, paja69, paladin71, Paško, Pegggio, Pekman, pera bager, Permaldar, Pero Petković, petar0301, Petrusci, Piani Jazzer, pisac12, Posluzilac, posmatrac300, Posmatrac77OKB, Prečanin30, prikolica, Primus17, PrincipL, Privrednik, procesor, promajauglavi, Qvazimodo, Radogost, radovanstojkov023, raster12, RD84, reader, rebro1974, redstar72, Ripanjac, RiV, Rocky I, rodoljub, RS28, samo_citam, SamoGledam, sap, Sass Drake, Schepan, sekula80, Semberija, sickmouse, silikon, Sirius, sistem22, skylab1111, Slingshot, Smajser, Smiljkovich, Solunac na steroidima, spektorsky, Sr.Stat., ssekir75, StalniPromatrač, stegonosa, strelac07, strn, Su 57, svnedelja, tachinni, Tandrčak, taomaster, Tas011, taz1cl, The_new_Statesman, TheBeastOfMG, theBorer, Tomo988, Topaz9, TRZH92, TTN, tubular, tuf, tuja, Tunguska55, tvlada, UAV operator, Underwood, Uridium, urosbg, uruk, US_Rank_0, vaci, Valter071, VanZan, VaRvArI 85, Vasilije Budović, vazduh, Velizar Laro, vensla, Vica1958, Viceroy, vidra boy, vija, Viktor Petrenko, vlad84, vladaa012, vladas87, VladimirV, vladivostok, vlahale, vlajkox, vobo, Vojo06, Volkhov-M, VPV, vrlenija, Vujkeu, Vuk1919, vuk77, Wehicle, Welky, Witcher, wizzardone, x011, x9, xAlex2, XBMC, yorov, Zastava, Zdenko, zeka013, Zeka_Peka, ZetaMan, zivojin32, ZlatniRez, zmajognjeniivan, zombicar153, zoran-ruma, Zoran_Partizan, Zorge, Zvone, |_MeD_|, Žoržo, Žrnov, Đurđevdan, 1453

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by