nepoželjno instaliran Poshuhach

1

nepoželjno instaliran Poshuhach

offline
  • Pridružio: 27 Jan 2022
  • Poruke: 6

Pre otprilike 7 dana sam primetio dami google podrazumevani pretraživač već se sam menja u pou Poshuhach. Pored toga haovani su mi nalozi pa nemogu da se ulogujem na Facebook.


Izveštaj skeniranja od Farbar Recovery Scan Tool (FRST) (x64) Verzija: 26-01-2022
Pokrenuo Korisnik (administrator) na DESKTOP-BODVLOB (Hewlett-Packard HP ENVY 17 Notebook PC) (27-01-2022 13:28:58)
Pokrenuto sa C:\Users\Korisnik\Desktop
Učitani Profili: Korisnik
Platform: Microsoft Windows 10 Pro Verzija 20H2 19042.1466 (X64) Jezik: engleski (SAD) -> srpski (latinica, Srbija)
Podrazumevani pregledač: FF
Režim pokretanja sistema: Normal

==================== Procesi (Na Beloj Listi) =================

(Ukoliko je stavka unešena u fixlist, proces ce biti zatvoren. Datoteka nece biti premešten.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\BitTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\BitTorrent\updates\7.10.5_46097\bittorrentie.exe <2>
(Corel Corporation -> Corel Corporation) C:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\CorelDRW.exe
(Corel Corporation -> Corel Corporation) C:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\InterprocessController.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
(Lavasoft Software Canada Inc. -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(Mozilla Corporation -> Mozilla Corporation) C:\Users\Korisnik\AppData\Local\Mozilla Firefox\firefox.exe <13>
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Viber Media S.à r.l. -> Viber Media S.à r.l.) C:\Users\Korisnik\AppData\Local\Viber\Viber.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registar (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, registru stavka ce biti vraćena na podrazumevanu vrednost ili uklonjena. Datoteka neće biti premeštena.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nema Datoteke)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409936 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [BitTorrent] => C:\Users\Korisnik\AppData\Roaming\BitTorrent\BitTorrent.exe [2279976 2021-09-15] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [9250224 2021-11-21] (Lavasoft Software Canada Inc. -> Lavasoft)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [Viber] => C:\Users\Korisnik\AppData\Local\Viber\Viber.exe [51151120 2021-12-16] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [bt] => C:\Users\Korisnik\AppData\Roaming\BitTorrent\BitTorrent.exe [2279976 2021-09-15] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2150848 2022-01-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Korisnik\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Korisnik\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\RunOnce: [Uninstall 21.245.1128.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Korisnik\AppData\Local\Microsoft\OneDrive\21.245.1128.0002"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
InternetURL: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NkeGMKDHuN.url -> URL: "file:///C:\ProgramData\GNUQlUqfKY\dll.exe"

==================== Planirani Zadaci (Na Beloj Listi) ============

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

Task: {11FDF7FC-0086-43DA-A54F-C58DC5240984} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {13A7DD64-80FA-4762-AFB1-BEC195AB61E8} - System32\Tasks\Mozilla\Firefox Default Browser Agent E5307D7A67AE0E06 => C:\Users\Korisnik\AppData\Local\Mozilla Firefox\default-browser-agent.exe do-task "E5307D7A67AE0E06"
Task: {20351004-ACC7-4467-B77B-734AA3AC7FC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-14] (Google LLC -> Google LLC)
Task: {3F519F84-FF47-4189-AC46-8CA3A8FDA161} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6E387D12-29E9-458A-B97B-BDACF111F2B5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {7A0FDBE7-6A04-4FDE-A42D-F08A5061BD38} - System32\Tasks\CorelUpdateHelperTask-FBBF1CB630BDB13C4F692CCE0CEF98A3 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1662200 2019-02-27] (Corel Corporation -> Corel Corporation)
Task: {8CB7ED9A-9688-4614-912E-3C75E1A2439C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {9F5E195D-BA1B-4A34-B5B0-296B102B0ED0} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1662200 2019-02-27] (Corel Corporation -> Corel Corporation)
Task: {EED51E2B-3D4F-45F6-96B4-66A67AAB798B} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-07-08] () [Datoteka nije potpisana]
Task: {F12A71DB-C923-4A74-8B80-B2773CDFF7A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-14] (Google LLC -> Google LLC)

(Ukoliko je stavka unešena u fixlist, planirani zadaci (.job) datoteke će biti premeštene. Datoteka koju zadatak izvršava neće biti uklonjena.)


==================== Internet (Na Beloj Listi) ====================

(Ukoliko je stavka unešena u fixlist, ako je to registru stavka, biće uklonjena ili vraćena na podrazumevanu vrednost.)

Hosts: Postoji više od jednog unosa u Hosts. Pogledati Hosts sekciju iz Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{0dc19ceb-bae3-46f5-a1d0-6b41205dd880}: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{74508fef-8fd2-47d3-a8d4-27e44cb5f70c}: [DhcpNameServer] 89.216.1.30 89.216.1.50

Edge:
=======
DownloadDir: C:\Users\Korisnik\Downloads
Edge Extension: (Nema Imena) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nije pronađena]
Edge Extension: (Nema Imena) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nije pronađena]
Edge Extension: (Nema Imena) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nije pronađena]
Edge Extension: (Nema Imena) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nije pronađena]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Korisnik\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-25]
Edge HomePage: Default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
Edge StartupUrls: Default -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1"
Edge DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
Edge DefaultSearchKeyword: Default -> poshukach engin search
Edge DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: wl8pbczq.default
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 [2022-01-27]
FF NewTab: Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 -> hxxps://en.savefrom.net; hxxps://www.instagram.com; hxxps://www.creativefabrica.com; hxxps://www.telegraf.rs; hxxps://ytmp3.cc; hxxps://www.dailystar.co.uk; hxxps://www.fashion.hr; hxxps://ytop1.com; hxxps://filmstock.wondershare.com; hxxps://www.facebook.com
FF Extension: (српски (sr) Language Pack) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\langpack-sr@firefox.mozilla.org.xpi [2022-01-20]
FF Extension: (Српски речник - Serbian Dictionary) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\sr-RS@dictionaries.addons.mozilla.org.xpi [2021-08-09]
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wl8pbczq.default [2022-01-25]
FF Homepage: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 [2022-01-27]
FF DownloadDir: C:\Users\Korisnik\Desktop\sacuvaj
FF Homepage: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> google
FF NewTab: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> hxxps://www.computer-pdf.com; hxxps://creativetacos.com; hxxps://www.nssmag.com; hxxps://thepiratebay.org; hxxps://www.kurir.rs; hxxps://badoo.com; hxxps://www.pinterest.com; hxxps://www.dreamstime.com; hxxps://www.instagram.com; hxxps://ytmp3.cc; hxxps://glossy.espreso.co.rs; hxxps://direktno.rs
FF Extension: (TubeBuddy) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2022-01-27]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-01-27]
FF Extension: (Fairytale Of Nature) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{6804879d-8801-473a-b13d-605b902a5e4f}.xpi [2021-06-03]
FF Extension: (Purpling bubbles) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{69ab6730-1a1a-4d27-8aa4-f27a0e5f2de8}.xpi [2021-06-17]
FF Extension: (Dark display mode) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{837f1b64-2478-40ef-9ce6-ee2303544a1d}.xpi [2021-08-08]
FF Extension: (Beach chairs - Jen) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{d131036c-f86e-42b1-8386-9a4f47596b24}.xpi [2021-08-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default [2022-01-27]
CHR HomePage: Default -> hxxp://www.google.rs/
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Презентације) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-14]
CHR Extension: (Документи) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-14]
CHR Extension: (Google диск) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-23]
CHR Extension: (YouTube) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-14]
CHR Extension: (Табеле) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-14]
CHR Extension: (Google документи офлајн) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23]
CHR Extension: (Gmail) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-23]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]

==================== Servisi (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Datoteka nije potpisana]
R2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2021-11-21] (Lavasoft Software Canada Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-27] (Malwarebytes Inc -> Malwarebytes)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109776 2020-07-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [100384 2016-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [22960 2021-11-21] (Lavasoft Software Canada Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drajveri (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-11-21] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datoteka nije potpisana]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datoteka nije potpisana]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-01-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194480 2022-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-01-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156792 2022-01-27] (Malwarebytes Inc -> Malwarebytes)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19032 2012-08-20] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12384 2012-08-20] (MiniTool Solution Ltd -> )
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-12-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2021-12-26] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-26] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)


==================== Mesec dana (kreirane) (Na Beloj Listi) =========

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2022-01-27 13:28 - 2022-01-27 13:29 - 000026622 _____ C:\Users\Korisnik\Desktop\FRST.txt
2022-01-27 13:28 - 2022-01-27 13:29 - 000000000 ____D C:\FRST
2022-01-27 13:26 - 2022-01-27 13:26 - 002311680 _____ (Farbar) C:\Users\Korisnik\Desktop\FRST64.exe
2022-01-27 13:02 - 2022-01-27 13:02 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000220568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000194480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000156792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-27 13:02 - 2022-01-27 13:02 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-27 13:02 - 2022-01-27 13:02 - 000000000 ____D C:\Users\Korisnik\AppData\Local\mbam
2022-01-27 13:01 - 2022-01-27 13:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-27 13:01 - 2022-01-27 13:01 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-27 12:39 - 2022-01-27 12:39 - 002086424 _____ (Malwarebytes) C:\Users\Korisnik\Desktop\MBSetup-076886.076886-Consumer.exe
2022-01-27 02:58 - 2022-01-27 02:58 - 002685778 _____ C:\Users\Korisnik\Desktop\zzzzzz.zip
2022-01-26 23:13 - 2022-01-26 23:13 - 003826350 _____ C:\Users\Korisnik\Desktop\set-vintage-beer-brewery-emblems-labels-logos-badges-designed-elements-monochrome-style-isolated-white-background.zip
2022-01-25 15:28 - 2022-01-25 15:28 - 000001069 _____ C:\Users\Public\Desktop\Wondershare Filmora9.lnk
2022-01-25 15:27 - 2022-01-25 15:31 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2022-01-25 15:24 - 2022-01-25 15:25 - 283315142 _____ C:\Users\Korisnik\Downloads\Wondershare Filmora 9.2.7.13 Full [4REALTORRENTZ.COM].ZIP
2022-01-25 15:18 - 2022-01-25 15:27 - 000000000 ____D C:\Program Files\Wondershare
2022-01-25 15:01 - 2022-01-25 15:08 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Microsoft SDK10
2022-01-25 04:18 - 2022-01-27 06:30 - 1215208830 _____ C:\Users\Korisnik\Downloads\Penelope Cross - Influencing The Influencer 090921.mp4
2022-01-25 02:03 - 2022-01-25 02:03 - 000000000 ____D C:\Users\Korisnik\Downloads\Money Making Money For Beginners Online Business Youtube Fiverr Craigslist
2022-01-23 00:12 - 2022-01-23 00:13 - 000000000 ____D C:\Users\Korisnik\Desktop\Nova fascikla (2)
2022-01-22 16:01 - 2022-01-19 11:13 - 009336320 _____ C:\Users\Korisnik\Desktop\ZOOM0006.WAV
2022-01-22 15:54 - 2022-01-19 10:46 - 126134066 _____ C:\Users\Korisnik\Desktop\GH010808.MP4
2022-01-21 18:59 - 2022-01-21 18:59 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Mozilla Firefox
2022-01-20 22:35 - 2022-01-25 01:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-20 11:31 - 2022-01-20 11:31 - 000000000 ____D C:\Users\Korisnik\AppData\Local\UXP
2022-01-18 18:41 - 2022-01-18 19:02 - 453789012 _____ C:\Users\Korisnik\Desktop\ŽIGOLO SMOOTHIE 🔥 good health immunity and sex 🔥 healthy tasty powerful 🔥 best for winter ❄.mp4
2022-01-18 16:13 - 2022-01-18 13:07 - 207249152 _____ C:\Users\Korisnik\Desktop\ZOOM0001.WAV
2022-01-18 16:05 - 2022-01-18 12:40 - 2707889865 _____ C:\Users\Korisnik\Desktop\GH010801.MP4
2022-01-17 20:27 - 2022-01-17 20:27 - 002176610 _____ C:\Users\Korisnik\Desktop\aktuelan valst.wfp
2022-01-17 20:27 - 2022-01-17 20:27 - 000020903 _____ C:\Users\Korisnik\Desktop\aktuelan valst.fsthumb
2022-01-17 14:13 - 2022-01-18 02:24 - 000000000 ____D C:\Users\Korisnik\Desktop\Nova fascikla
2022-01-17 12:11 - 2022-01-17 12:11 - 000000000 ____D C:\ProgramData\Wondershare
2022-01-17 12:08 - 2022-01-17 11:53 - 020026112 _____ C:\Users\Korisnik\Desktop\ZOOM0004.WAV
2022-01-17 12:08 - 2022-01-17 11:44 - 024431360 _____ C:\Users\Korisnik\Desktop\ZOOM0003.WAV
2022-01-17 12:08 - 2022-01-17 11:31 - 098841344 _____ C:\Users\Korisnik\Desktop\ZOOM0002.WAV
2022-01-16 16:54 - 2022-01-15 03:57 - 600004576 ____N (Document) C:\Users\Korisnik\Desktop\Explanation of our pricing policy(mk).scr.scr
2022-01-16 16:49 - 2022-01-16 16:49 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Yandex
2022-01-16 13:20 - 2022-01-16 13:20 - 000160031 _____ C:\Users\Korisnik\Desktop\File with options for work.pdf
2022-01-16 13:20 - 2022-01-16 13:20 - 000000000 ____D C:\Users\Korisnik\Desktop\sacuvaj
2022-01-16 10:04 - 2022-01-16 10:04 - 000000016 _____ C:\ProgramData\mntemp
2022-01-16 09:43 - 2022-01-25 15:00 - 000000000 ____D C:\Users\Korisnik\Downloads\Wondershare Filmora X 10.1.21.0 incl Activator [(zabranjeno)ingPatching]
2022-01-16 09:19 - 2022-01-16 10:02 - 000000000 ____D C:\Users\Korisnik\Documents\Wondershare
2022-01-16 09:07 - 2022-01-16 09:15 - 250784942 _____ C:\Users\Korisnik\Downloads\Wondershare Filmora 10.0.7.0 (x64) Repack.rar
2022-01-16 09:03 - 2022-01-16 09:05 - 000000000 ____D C:\Users\Korisnik\Downloads\Wondershare Filmora X 10.7.7.9 (x64) Multilingual.Fix
2022-01-16 08:56 - 2022-01-16 08:58 - 000000000 ____D C:\Users\Korisnik\Documents\FilmoraScreen
2022-01-16 08:55 - 2022-01-25 14:43 - 000000000 ____D C:\ProgramData\Wondershare Filmora Scrn
2022-01-16 08:44 - 2022-01-16 08:45 - 000000000 ____D C:\Users\Korisnik\Downloads\Wondershare Filmora 10.0.0.91 (Repack & Portable) {B4tman}
2022-01-13 18:52 - 2022-01-13 18:52 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 18:52 - 2022-01-13 18:52 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 18:52 - 2022-01-13 18:52 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 18:45 - 2022-01-13 18:45 - 000000000 ___HD C:\$WinREAgent
2022-01-02 20:46 - 2022-01-02 20:47 - 021236796 _____ C:\Users\Korisnik\Downloads\eps_reader.zip
2021-12-31 01:52 - 2021-12-31 02:18 - 007291858 _____ C:\Users\Korisnik\Downloads\The Educated Person's Thumbnail Introduction to the Bible.pdf
2021-12-29 23:37 - 2018-08-18 10:06 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
2021-12-29 23:10 - 2021-12-29 23:35 - 2680037867 _____ C:\Users\Korisnik\Downloads\Wondershare Filmora 8.7.1.4 (x64) + 1300 Effects.7z
2021-12-29 21:43 - 2021-12-29 21:43 - 000000000 ____D C:\Users\Korisnik\Downloads\[(zabranjeno)zsoft.net]Wondershare.Filmora.Scrn.v1.0.1.Multilingual

==================== Mesec dana (modifikovane) ==================

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2022-01-27 13:30 - 2020-09-05 22:22 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\BitTorrent
2022-01-27 13:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-27 13:14 - 2020-07-14 12:02 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-27 13:02 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-27 12:52 - 2021-04-14 16:09 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\ViberPC
2022-01-27 12:49 - 2021-11-22 23:35 - 000000000 ____D C:\Users\Korisnik\Desktop\Camera
2022-01-27 11:51 - 2021-02-09 02:14 - 000000000 ____D C:\Users\Korisnik\AppData\Local\BitTorrentHelper
2022-01-27 11:28 - 2021-04-04 01:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-27 10:47 - 2021-04-14 16:09 - 000000000 ____D C:\Users\Korisnik\Documents\ViberDownloads
2022-01-27 09:23 - 2020-07-14 12:20 - 000000000 ____D C:\Users\Korisnik\AppData\LocalLow\Mozilla
2022-01-26 18:04 - 2021-12-12 17:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2854175078-3885979775-3097901551-1002
2022-01-26 18:04 - 2021-04-04 01:06 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2854175078-3885979775-3097901551-1002
2022-01-26 18:04 - 2021-04-04 01:02 - 000002400 _____ C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-26 11:33 - 2021-05-29 04:47 - 000004180 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C3F1E325-79BD-4A4B-BA1F-7B9F1AF91283}
2022-01-26 11:33 - 2020-08-06 14:39 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-01-26 11:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-25 22:48 - 2021-04-12 21:33 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d728e6391c4fd1
2022-01-25 22:48 - 2021-04-04 01:06 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-25 15:29 - 2020-07-25 10:52 - 000000000 ____D C:\Users\Korisnik\Documents\Wondershare Filmora 9
2022-01-25 15:28 - 2020-09-07 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-01-25 13:17 - 2020-07-14 12:02 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 13:17 - 2020-07-14 12:02 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-25 02:07 - 2021-04-04 01:10 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-25 02:07 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-25 02:03 - 2021-06-13 23:31 - 000000000 ____D C:\Users\Korisnik\AppData\LocalLow\BitTorrent
2022-01-25 02:02 - 2020-09-05 22:22 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Lavasoft
2022-01-25 02:02 - 2020-09-05 22:22 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Lavasoft
2022-01-25 02:02 - 2020-09-05 22:22 - 000000000 ____D C:\ProgramData\Lavasoft
2022-01-25 02:00 - 2021-08-09 21:29 - 000001286 _____ C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-25 02:00 - 2021-08-09 21:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-25 02:00 - 2021-03-20 09:12 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-01-25 02:00 - 2021-03-20 09:12 - 000000000 __SHD C:\Users\Korisnik\IntelGraphicsProfiles
2022-01-25 01:59 - 2021-04-04 01:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-25 01:59 - 2021-04-04 01:00 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-25 01:59 - 2021-03-20 09:10 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-25 01:59 - 2020-07-14 12:55 - 000000000 ____D C:\ProgramData\Synaptics
2022-01-25 01:59 - 2020-07-14 12:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-01-25 01:51 - 2020-07-14 11:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-24 12:52 - 2021-06-11 10:21 - 000000000 ____D C:\WINDOWS\Minidump
2022-01-24 01:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-01-24 01:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-23 00:19 - 2020-09-05 22:33 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\vlc
2022-01-22 18:50 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-22 11:02 - 2020-09-06 01:45 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-22 11:02 - 2020-09-06 01:45 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-21 05:09 - 2021-04-04 01:06 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 05:09 - 2021-04-04 01:06 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-20 23:23 - 2020-09-07 10:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-17 09:31 - 2021-04-04 01:02 - 000000000 ____D C:\Users\Korisnik
2022-01-17 09:31 - 2021-04-04 01:00 - 000538568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-16 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-16 10:05 - 2020-07-25 10:46 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2022-01-14 01:00 - 2020-07-14 12:02 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Adobe
2022-01-14 00:53 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-14 00:52 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-13 14:21 - 2020-07-31 15:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-13 14:19 - 2020-07-31 15:45 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-13 01:58 - 2021-04-04 01:06 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-13 01:58 - 2020-07-14 12:28 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-01-07 09:52 - 2018-11-14 18:12 - 000000000 ____D C:\ProgramData\Packages

==================== Datoteke u korenu nekih direktorijuma ========

2021-10-14 15:24 - 2021-10-14 21:23 - 000005120 _____ () C:\Users\Korisnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-07 01:04 - 2021-03-20 09:11 - 000000205 _____ () C:\Users\Korisnik\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(Ne postoji automatizovan popravak za datoteke koji nisu prošle verifikaciju.)

==================== Kraj od FRST.txt ========================
mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8616
  • Gde živiš: Novi Beograd

Zdravo,

Preuzmi AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
Klikni na dugme Scan Now i sačekaj da se završi skeniranje.
Ako ti javi da postoji novija verzija, postaraj se da je preuzmeš.

Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Pojavit će se poruka da računar treba restartovati. Klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[S00].txt) sa izveštajem.
Sačuvaj taj izveštaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

offline
  • Pridružio: 27 Jan 2022
  • Poruke: 6

nakon skeniranja racunara adwcleanerom nudi mi samo opciju "karantin". ne zatvara ostale programe, niti trazi restart racunara, i ne pokazuje izvestaj u notepad-u. sta da uradim?

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8616
  • Gde živiš: Novi Beograd

Stavi u karantin i potrazi izvestaj u C:\Adwcleaner

offline
  • Pridružio: 27 Jan 2022
  • Poruke: 6

uspeo sam
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-28-2022
# Duration: 00:00:04
# OS: Windows 10 Pro
# Cleaned: 20
# Failed: 0


***** [ Services ] *****

Deleted WCAssistantService

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Korisnik\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_MRPQ523XMEO0CM2M0N5VJ25Z3NZKGEP4
Deleted C:\Users\Korisnik\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{d59376bb-a9ba-4963-a2a7-ce12e681d149}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{d59376bb-a9ba-4963-a2a7-ce12e681d149}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{d59376bb-a9ba-4963-a2a7-ce12e681d149}|UninstallString
Deleted HKLM\System\Setup\FirstBoot\Services\WCAssistantService
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3479 octets] - [27/01/2022 17:52:43]
AdwCleaner[S01].txt - [3540 octets] - [27/01/2022 17:57:01]
AdwCleaner[S02].txt - [3601 octets] - [27/01/2022 17:58:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8616
  • Gde živiš: Novi Beograd

Postavi mi novi FRST log i Addition log.

offline
  • Pridružio: 27 Jan 2022
  • Poruke: 6

firefox jos uvek radi na ruskom i ne znam da li je li virus odstranjen
Izveštaj skeniranja od Farbar Recovery Scan Tool (FRST) (x64) Verzija: 26-01-2022
Pokrenuo Korisnik (administrator) na DESKTOP-BODVLOB (Hewlett-Packard HP ENVY 17 Notebook PC) (28-01-2022 21:00:10)
Pokrenuto sa C:\Users\Korisnik\Desktop
Učitani Profili: Korisnik
Platform: Microsoft Windows 10 Pro Verzija 20H2 19042.1466 (X64) Jezik: engleski (SAD) -> srpski (latinica, Srbija)
Podrazumevani pregledač: FF
Režim pokretanja sistema: Normal

==================== Procesi (Na Beloj Listi) =================

(Ukoliko je stavka unešena u fixlist, proces ce biti zatvoren. Datoteka nece biti premešten.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\BitTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\BitTorrent\updates\7.10.5_46097\bittorrentie.exe <2>
(Corel Corporation -> Corel Corporation) C:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\CorelDRW.exe
(Corel Corporation -> Corel Corporation) C:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\InterprocessController.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\Korisnik\AppData\Local\Mozilla Firefox\firefox.exe <14>
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Viber Media S.à r.l. -> Viber Media S.à r.l.) C:\Users\Korisnik\AppData\Local\Viber\Viber.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

==================== Registar (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, registru stavka ce biti vraćena na podrazumevanu vrednost ili uklonjena. Datoteka neće biti premeštena.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nema Datoteke)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409936 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [BitTorrent] => C:\Users\Korisnik\AppData\Roaming\BitTorrent\BitTorrent.exe [2279976 2021-09-15] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [Viber] => C:\Users\Korisnik\AppData\Local\Viber\Viber.exe [51397392 2022-01-26] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [bt] => C:\Users\Korisnik\AppData\Roaming\BitTorrent\BitTorrent.exe [2279976 2021-09-15] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2150848 2022-01-25] (Wargaming.net Limited -> Wargaming.net)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
InternetURL: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NkeGMKDHuN.url -> URL: "file:///C:\ProgramData\GNUQlUqfKY\dll.exe"

==================== Planirani Zadaci (Na Beloj Listi) ============

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

Task: {11FDF7FC-0086-43DA-A54F-C58DC5240984} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {20351004-ACC7-4467-B77B-734AA3AC7FC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-14] (Google LLC -> Google LLC)
Task: {30F9D352-96AE-45E4-97BF-591DB87633BF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {3F519F84-FF47-4189-AC46-8CA3A8FDA161} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4E4F086B-38BA-4AAB-8A1B-051D94EE68ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4E4F3F24-A5B5-49C0-9E23-8315D132069F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4FD10A3D-54CC-42F2-9927-A09D64065F73} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A0FDBE7-6A04-4FDE-A42D-F08A5061BD38} - System32\Tasks\CorelUpdateHelperTask-FBBF1CB630BDB13C4F692CCE0CEF98A3 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1662200 2019-02-27] (Corel Corporation -> Corel Corporation)
Task: {8CB7ED9A-9688-4614-912E-3C75E1A2439C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {9F5E195D-BA1B-4A34-B5B0-296B102B0ED0} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1662200 2019-02-27] (Corel Corporation -> Corel Corporation)
Task: {D783D15A-4EDA-4BD8-B47D-D2E234EE131D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EC1BCD34-DBE2-4370-8F60-CF7D64FC78E2} - System32\Tasks\Mozilla\Firefox Default Browser Agent E5307D7A67AE0E06 => C:\Users\Korisnik\AppData\Local\Mozilla Firefox\default-browser-agent.exe do-task "E5307D7A67AE0E06"
Task: {EED51E2B-3D4F-45F6-96B4-66A67AAB798B} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-07-08] () [Datoteka nije potpisana]
Task: {F12A71DB-C923-4A74-8B80-B2773CDFF7A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-14] (Google LLC -> Google LLC)

(Ukoliko je stavka unešena u fixlist, planirani zadaci (.job) datoteke će biti premeštene. Datoteka koju zadatak izvršava neće biti uklonjena.)


==================== Internet (Na Beloj Listi) ====================

(Ukoliko je stavka unešena u fixlist, ako je to registru stavka, biće uklonjena ili vraćena na podrazumevanu vrednost.)

Hosts: Postoji više od jednog unosa u Hosts. Pogledati Hosts sekciju iz Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{0dc19ceb-bae3-46f5-a1d0-6b41205dd880}: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{74508fef-8fd2-47d3-a8d4-27e44cb5f70c}: [DhcpNameServer] 89.216.1.30 89.216.1.50

Edge:
=======
DownloadDir: C:\Users\Korisnik\Downloads
Edge Extension: (Nema Imena) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nije pronađena]
Edge Extension: (Nema Imena) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nije pronađena]
Edge Extension: (Nema Imena) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nije pronađena]
Edge Extension: (Nema Imena) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nije pronađena]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Korisnik\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-25]
Edge HomePage: Default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
Edge StartupUrls: Default -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1"
Edge DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
Edge DefaultSearchKeyword: Default -> poshukach engin search
Edge DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: wl8pbczq.default
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 [2022-01-28]
FF NewTab: Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 -> hxxps://en.savefrom.net; hxxps://www.instagram.com; hxxps://www.creativefabrica.com; hxxps://www.telegraf.rs; hxxps://ytmp3.cc; hxxps://www.dailystar.co.uk; hxxps://www.fashion.hr; hxxps://ytop1.com; hxxps://filmstock.wondershare.com; hxxps://www.facebook.com
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\firefox@ghostery.com.xpi [2022-01-28]
FF Extension: (HTTPS Svuda) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\https-everywhere@eff.org.xpi [2022-01-28]
FF Extension: (Privacy Badger) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2022-01-28]
FF Extension: (српски (sr) Language Pack) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\langpack-sr@firefox.mozilla.org.xpi [2022-01-27]
FF Extension: (Српски речник - Serbian Dictionary) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\sr-RS@dictionaries.addons.mozilla.org.xpi [2021-08-09]
FF Extension: (uBlock Origin) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\uBlock0@raymondhill.net.xpi [2022-01-28]
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wl8pbczq.default [2022-01-25]
FF Homepage: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 [2022-01-28]
FF DownloadDir: C:\Users\Korisnik\Desktop\sacuvaj
FF Homepage: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> google
FF NewTab: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> hxxps://www.computer-pdf.com; hxxps://creativetacos.com; hxxps://www.nssmag.com; hxxps://thepiratebay.org; hxxps://www.kurir.rs; hxxps://badoo.com; hxxps://www.pinterest.com; hxxps://www.dreamstime.com; hxxps://www.instagram.com; hxxps://ytmp3.cc; hxxps://glossy.espreso.co.rs; hxxps://direktno.rs
FF Extension: (TubeBuddy) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2022-01-28]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-01-28]
FF Extension: (Fairytale Of Nature) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{6804879d-8801-473a-b13d-605b902a5e4f}.xpi [2021-06-03]
FF Extension: (Purpling bubbles) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{69ab6730-1a1a-4d27-8aa4-f27a0e5f2de8}.xpi [2021-06-17]
FF Extension: (Dark display mode) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{837f1b64-2478-40ef-9ce6-ee2303544a1d}.xpi [2021-08-08]
FF Extension: (Beach chairs - Jen) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{d131036c-f86e-42b1-8386-9a4f47596b24}.xpi [2021-08-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default [2022-01-28]
CHR HomePage: Default -> hxxp://www.google.rs/
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Презентације) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-14]
CHR Extension: (Документи) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-14]
CHR Extension: (Google диск) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-23]
CHR Extension: (YouTube) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-14]
CHR Extension: (Табеле) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-14]
CHR Extension: (Google документи офлајн) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-28]
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23]
CHR Extension: (Gmail) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-23]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]

==================== Servisi (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Datoteka nije potpisana]
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109776 2020-07-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [100384 2016-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [X]

===================== Drajveri (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-11-21] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datoteka nije potpisana]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datoteka nije potpisana]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R3 MpKsl07380d60; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B06B50FF-EDD8-4605-8B25-D30467A3D502}\MpKslDrv.sys [134376 2022-01-28] (Microsoft Windows -> Microsoft Corporation)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19032 2012-08-20] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12384 2012-08-20] (MiniTool Solution Ltd -> )
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-26] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)


==================== Mesec dana (kreirane) (Na Beloj Listi) =========

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2022-01-28 21:00 - 2022-01-28 21:00 - 000025874 _____ C:\Users\Korisnik\Desktop\FRST.txt
2022-01-28 01:22 - 2022-01-28 01:22 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Mozilla Firefox
2022-01-28 01:16 - 2022-01-28 01:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-28 01:13 - 2022-01-28 01:13 - 000003425 _____ C:\Users\Korisnik\Desktop\AdwCleaner[C02].txt
2022-01-27 17:52 - 2022-01-28 01:11 - 000000000 ____D C:\AdwCleaner
2022-01-27 17:51 - 2022-01-27 17:51 - 008540344 _____ (Malwarebytes) C:\Users\Korisnik\Desktop\adwcleaner_8.3.1.exe
2022-01-27 13:28 - 2022-01-28 21:00 - 000000000 ____D C:\FRST
2022-01-27 13:26 - 2022-01-27 13:26 - 002311680 _____ (Farbar) C:\Users\Korisnik\Desktop\FRST64.exe
2022-01-27 13:02 - 2022-01-27 13:02 - 000000000 ____D C:\Users\Korisnik\AppData\Local\mbam
2022-01-27 12:52 - 2022-01-27 12:53 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Viber
2022-01-27 12:39 - 2022-01-27 12:39 - 002086424 _____ (Malwarebytes) C:\Users\Korisnik\Desktop\MBSetup-076886.076886-Consumer.exe
2022-01-27 02:58 - 2022-01-27 02:58 - 002685778 _____ C:\Users\Korisnik\Desktop\zzzzzz.zip
2022-01-26 23:13 - 2022-01-26 23:13 - 003826350 _____ C:\Users\Korisnik\Desktop\set-vintage-beer-brewery-emblems-labels-logos-badges-designed-elements-monochrome-style-isolated-white-background.zip
2022-01-25 15:28 - 2022-01-25 15:28 - 000001069 _____ C:\Users\Public\Desktop\Wondershare Filmora9.lnk
2022-01-25 15:27 - 2022-01-25 15:31 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2022-01-25 15:24 - 2022-01-25 15:25 - 283315142 _____ C:\Users\Korisnik\Downloads\Wondershare Filmora 9.2.7.13 Full [4REALTORRENTZ.COM].ZIP
2022-01-25 15:18 - 2022-01-25 15:27 - 000000000 ____D C:\Program Files\Wondershare
2022-01-25 15:01 - 2022-01-25 15:08 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Microsoft SDK10
2022-01-25 04:18 - 2022-01-28 06:29 - 1215208830 _____ C:\Users\Korisnik\Downloads\Penelope Cross - Influencing The Influencer 090921.mp4
2022-01-25 02:03 - 2022-01-25 02:03 - 000000000 ____D C:\Users\Korisnik\Downloads\Money Making Money For Beginners Online Business Youtube Fiverr Craigslist
2022-01-23 00:12 - 2022-01-23 00:13 - 000000000 ____D C:\Users\Korisnik\Desktop\Nova fascikla (2)
2022-01-22 16:01 - 2022-01-19 11:13 - 009336320 _____ C:\Users\Korisnik\Desktop\ZOOM0006.WAV
2022-01-22 15:54 - 2022-01-19 10:46 - 126134066 _____ C:\Users\Korisnik\Desktop\GH010808.MP4
2022-01-20 11:31 - 2022-01-20 11:31 - 000000000 ____D C:\Users\Korisnik\AppData\Local\UXP
2022-01-18 18:41 - 2022-01-18 19:02 - 453789012 _____ C:\Users\Korisnik\Desktop\ŽIGOLO SMOOTHIE 🔥 good health immunity and sex 🔥 healthy tasty powerful 🔥 best for winter ❄.mp4
2022-01-18 16:13 - 2022-01-18 13:07 - 207249152 _____ C:\Users\Korisnik\Desktop\ZOOM0001.WAV
2022-01-18 16:05 - 2022-01-18 12:40 - 2707889865 _____ C:\Users\Korisnik\Desktop\GH010801.MP4
2022-01-17 20:27 - 2022-01-17 20:27 - 002176610 _____ C:\Users\Korisnik\Desktop\aktuelan valst.wfp
2022-01-17 20:27 - 2022-01-17 20:27 - 000020903 _____ C:\Users\Korisnik\Desktop\aktuelan valst.fsthumb
2022-01-17 14:13 - 2022-01-18 02:24 - 000000000 ____D C:\Users\Korisnik\Desktop\Nova fascikla
2022-01-17 12:11 - 2022-01-17 12:11 - 000000000 ____D C:\ProgramData\Wondershare
2022-01-17 12:08 - 2022-01-17 11:53 - 020026112 _____ C:\Users\Korisnik\Desktop\ZOOM0004.WAV
2022-01-17 12:08 - 2022-01-17 11:44 - 024431360 _____ C:\Users\Korisnik\Desktop\ZOOM0003.WAV
2022-01-17 12:08 - 2022-01-17 11:31 - 098841344 _____ C:\Users\Korisnik\Desktop\ZOOM0002.WAV
2022-01-16 16:54 - 2022-01-15 03:57 - 600004576 ____N (Document) C:\Users\Korisnik\Desktop\Explanation of our pricing policy(mk).scr.scr
2022-01-16 16:49 - 2022-01-16 16:49 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Yandex
2022-01-16 13:20 - 2022-01-16 13:20 - 000160031 _____ C:\Users\Korisnik\Desktop\File with options for work.pdf
2022-01-16 13:20 - 2022-01-16 13:20 - 000000000 ____D C:\Users\Korisnik\Desktop\sacuvaj
2022-01-16 10:04 - 2022-01-16 10:04 - 000000016 _____ C:\ProgramData\mntemp
2022-01-16 09:43 - 2022-01-25 15:00 - 000000000 ____D C:\Users\Korisnik\Downloads\Wondershare Filmora X 10.1.21.0 incl Activator [(zabranjeno)ingPatching]
2022-01-16 09:19 - 2022-01-16 10:02 - 000000000 ____D C:\Users\Korisnik\Documents\Wondershare
2022-01-16 09:07 - 2022-01-16 09:15 - 250784942 _____ C:\Users\Korisnik\Downloads\Wondershare Filmora 10.0.7.0 (x64) Repack.rar
2022-01-16 09:03 - 2022-01-16 09:05 - 000000000 ____D C:\Users\Korisnik\Downloads\Wondershare Filmora X 10.7.7.9 (x64) Multilingual.Fix
2022-01-16 08:56 - 2022-01-16 08:58 - 000000000 ____D C:\Users\Korisnik\Documents\FilmoraScreen
2022-01-16 08:55 - 2022-01-25 14:43 - 000000000 ____D C:\ProgramData\Wondershare Filmora Scrn
2022-01-16 08:44 - 2022-01-16 08:45 - 000000000 ____D C:\Users\Korisnik\Downloads\Wondershare Filmora 10.0.0.91 (Repack & Portable) {B4tman}
2022-01-13 18:52 - 2022-01-13 18:52 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 18:52 - 2022-01-13 18:52 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 18:52 - 2022-01-13 18:52 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 18:45 - 2022-01-13 18:45 - 000000000 ___HD C:\$WinREAgent
2022-01-02 20:46 - 2022-01-02 20:47 - 021236796 _____ C:\Users\Korisnik\Downloads\eps_reader.zip
2021-12-31 01:52 - 2021-12-31 02:18 - 007291858 _____ C:\Users\Korisnik\Downloads\The Educated Person's Thumbnail Introduction to the Bible.pdf
2021-12-29 23:37 - 2018-08-18 10:06 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
2021-12-29 23:10 - 2021-12-29 23:35 - 2680037867 _____ C:\Users\Korisnik\Downloads\Wondershare Filmora 8.7.1.4 (x64) + 1300 Effects.7z
2021-12-29 21:43 - 2021-12-29 21:43 - 000000000 ____D C:\Users\Korisnik\Downloads\[(zabranjeno)zsoft.net]Wondershare.Filmora.Scrn.v1.0.1.Multilingual

==================== Mesec dana (modifikovane) ==================

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2022-01-28 21:01 - 2020-09-05 22:22 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\BitTorrent
2022-01-28 20:57 - 2021-04-04 01:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-28 20:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-28 20:54 - 2021-04-14 16:09 - 000000000 ____D C:\Users\Korisnik\Documents\ViberDownloads
2022-01-28 20:39 - 2020-07-14 12:20 - 000000000 ____D C:\Users\Korisnik\AppData\LocalLow\Mozilla
2022-01-28 20:36 - 2020-07-14 12:02 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-28 17:41 - 2021-05-29 04:47 - 000004180 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C3F1E325-79BD-4A4B-BA1F-7B9F1AF91283}
2022-01-28 17:23 - 2021-02-09 02:14 - 000000000 ____D C:\Users\Korisnik\AppData\Local\BitTorrentHelper
2022-01-28 02:01 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-28 02:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-28 01:39 - 2021-08-09 21:29 - 000001286 _____ C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-28 01:39 - 2021-08-09 21:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-28 01:39 - 2020-09-07 10:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-28 01:39 - 2020-07-14 11:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-28 01:37 - 2020-08-06 14:39 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-01-28 01:33 - 2021-04-04 01:10 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-28 01:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-28 01:26 - 2021-06-13 23:31 - 000000000 ____D C:\Users\Korisnik\AppData\LocalLow\BitTorrent
2022-01-28 01:26 - 2021-04-14 16:09 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\ViberPC
2022-01-28 01:25 - 2021-04-04 01:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-28 01:25 - 2021-04-04 01:02 - 000000000 ____D C:\Users\Korisnik
2022-01-28 01:25 - 2021-04-04 01:00 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-28 01:25 - 2021-03-20 09:12 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-01-28 01:25 - 2021-03-20 09:12 - 000000000 __SHD C:\Users\Korisnik\IntelGraphicsProfiles
2022-01-28 01:25 - 2021-03-20 09:10 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-28 01:25 - 2020-07-14 12:55 - 000000000 ____D C:\ProgramData\Synaptics
2022-01-28 01:25 - 2020-07-14 12:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-01-28 01:25 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-28 01:11 - 2020-09-05 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2022-01-28 01:11 - 2020-09-05 22:22 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Lavasoft
2022-01-28 01:11 - 2020-09-05 22:22 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Lavasoft
2022-01-28 01:11 - 2020-09-05 22:22 - 000000000 ____D C:\ProgramData\Lavasoft
2022-01-28 01:11 - 2020-09-05 22:22 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2022-01-27 17:56 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-27 12:49 - 2021-11-22 23:35 - 000000000 ____D C:\Users\Korisnik\Desktop\Camera
2022-01-26 18:04 - 2021-12-12 17:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2854175078-3885979775-3097901551-1002
2022-01-26 18:04 - 2021-04-04 01:06 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2854175078-3885979775-3097901551-1002
2022-01-26 18:04 - 2021-04-04 01:02 - 000002400 _____ C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-25 22:48 - 2021-04-12 21:33 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d728e6391c4fd1
2022-01-25 22:48 - 2021-04-04 01:06 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-25 15:29 - 2020-07-25 10:52 - 000000000 ____D C:\Users\Korisnik\Documents\Wondershare Filmora 9
2022-01-25 15:28 - 2020-09-07 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-01-25 13:17 - 2020-07-14 12:02 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 13:17 - 2020-07-14 12:02 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-24 12:52 - 2021-06-11 10:21 - 000000000 ____D C:\WINDOWS\Minidump
2022-01-24 01:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-01-24 01:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-23 00:19 - 2020-09-05 22:33 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\vlc
2022-01-22 11:02 - 2020-09-06 01:45 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-22 11:02 - 2020-09-06 01:45 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-21 05:09 - 2021-04-04 01:06 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 05:09 - 2021-04-04 01:06 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-17 09:31 - 2021-04-04 01:00 - 000538568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-16 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-16 10:05 - 2020-07-25 10:46 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2022-01-14 01:00 - 2020-07-14 12:02 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Adobe
2022-01-14 00:52 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-13 14:21 - 2020-07-31 15:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-13 14:19 - 2020-07-31 15:45 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-13 01:58 - 2021-04-04 01:06 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-13 01:58 - 2020-07-14 12:28 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-01-07 09:52 - 2018-11-14 18:12 - 000000000 ____D C:\ProgramData\Packages

==================== Datoteke u korenu nekih direktorijuma ========

2021-10-14 15:24 - 2021-10-14 21:23 - 000005120 _____ () C:\Users\Korisnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-07 01:04 - 2021-03-20 09:11 - 000000205 _____ () C:\Users\Korisnik\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(Ne postoji automatizovan popravak za datoteke koji nisu prošle verifikaciju.)

==================== Kraj od FRST.txt ========================

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8616
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nema Datoteke)
InternetURL: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NkeGMKDHuN.url -> URL: "file:///C:\ProgramData\GNUQlUqfKY\dll.exe"
Edge Extension: (Nema Imena) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nije pronađena]
Edge Extension: (Nema Imena) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nije pronađena]
Edge Extension: (Nema Imena) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nije pronađena]
Edge Extension: (Nema Imena) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nije pronađena]
Edge HomePage: Default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
Edge StartupUrls: Default -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1"
Edge DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
Edge DefaultSearchKeyword: Default -> poshukach engin search
Edge DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]
FF NewTab: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wl8pbczq.default [2022-01-25]
FF Homepage: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 27 Jan 2022
  • Poruke: 6

Izveštaj ispravaka od Farbar Recovery Scan Tool (x64) Verzija: 26-01-2022
Pokrenuo Korisnik (29-01-2022 16:35:04) Run:1
Pokrenuto sa C:\Users\Korisnik\Desktop
Učitani Profili: Korisnik
Režim pokretanja sistema: Normal
==============================================

fixlist sadržaj:
*****************
CreateRestorePoint:
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nema Datoteke)
InternetURL: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NkeGMKDHuN.url -> URL: "file:///C:\ProgramData\GNUQlUqfKY\dll.exe"
Edge Extension: (Nema Imena) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nije pronađena]
Edge Extension: (Nema Imena) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nije pronađena]
Edge Extension: (Nema Imena) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nije pronađena]
Edge Extension: (Nema Imena) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nije pronađena]
Edge HomePage: Default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
Edge StartupUrls: Default -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1"
Edge DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
Edge DefaultSearchKeyword: Default -> poshukach engin search
Edge DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]
FF NewTab: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wl8pbczq.default [2022-01-25]
FF Homepage: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
EmptyTemp:
*****************

Tačka vraćanja je uspešno kreirana.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => uspešno uklonjeno
C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NkeGMKDHuN.url => uspešno premešteno
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => uspešno uklonjeno
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => uspešno uklonjeno
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => uspešno uklonjeno
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => uspešno uklonjeno
"Edge HomePage" => uspešno uklonjeno
"Edge StartupUrls" => uspešno uklonjeno
"Edge DefaultSearchURL" => uspešno uklonjeno
"Edge DefaultSearchKeyword" => uspešno uklonjeno
"Edge DefaultSuggestURL" => uspešno uklonjeno
"Chrome DefaultSearchURL" => uspešno uklonjeno
"Chrome DefaultSearchKeyword" => uspešno uklonjeno
"Chrome DefaultSuggestURL" => uspešno uklonjeno
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\makcojoppodhcgmmchohadhpkicoafka => uspešno uklonjeno
"Firefox newtab" => uspešno uklonjeno
C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wl8pbczq.default => uspešno premešteno
C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wl8pbczq.default => pitanja uspešno uklonjeno
"FF Homepage: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1" => nije pronađena
"FF NewTab: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1" => nije pronađena
"Firefox newtab" => uspešno uklonjeno

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 642983089 B
Java, Flash, Steam htmlcache => 1123 B
Windows/system/drivers => 7938468 B
Edge => 929930 B
Chrome => 70829376 B
Firefox => 2549456537 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7262 B
NetworkService => 902686 B
Korisnik => 9183944651 B

RecycleBin => 84452 B
EmptyTemp: => 11.6 GB privremeni podaci Uklonjeni.

================================


Sistemu je potreban ponovno pokretanje.

==== Kraj od Fixlog 16:43:31 ====



firefox i sada otvara nekakva upozorenja na ruskom

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8616
  • Gde živiš: Novi Beograd

Postavi mi novi FRST log i Addition log. Da li je stanje malo bolje?

Ko je trenutno na forumu
 

Ukupno su 798 korisnika na forumu :: 40 registrovanih, 6 sakrivenih i 752 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, 9k38, A.R.Chafee.Jr., aleksmajstor, Apok, babaroga, BraneS, ccoogg123, darkangel, draganl, dragoljub11987, galerija, Kubovac, laurusri, ljuba, ljubacv, mačković, mikrimaus, MiroslavD, Misirac, nemkea71, nenad81, panzerwaffe, pein, pera bager, procesor, rovac, royst33, sasa87, Srle993, stegonosa, Trpe Grozni, voja64, wizzardone, wolverined4, x9, ZetaMan, zuxbg, |_MeD_|, 79693